last executing test programs: 6.150908063s ago: executing program 2 (id=5771): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x104, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@empty, 0x3502}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x6c}, 0x0, @in=@broadcast, 0x0, 0x1}]}]}, 0x1bc}}, 0x0) 5.882456915s ago: executing program 2 (id=5775): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x5}, 0xa) 5.644231857s ago: executing program 2 (id=5779): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)={[{@commit}, {@heartbeat_none}, {@err_ro}, {@coherency_full}, {@coherency_full}, {@localalloc={'localalloc', 0x3d, 0x10000}}, {@nointr}, {@acl}, {@localflocks}]}, 0x2, 0x442c, &(0x7f00000088c0)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMu7I2LNjm80nKMO/37nfn7Zsmw4sTlZtzS7m5pVxhIVeeub50MvdZubQ8XwzxHtnv/mlPJ+Ik9vvn0plzH1w9GcJPs788XF9fXw9V3aGpoS2///nH7Zmtx4Y4U6fabvPWdsvHIYRj28ZV1RVC+OjHEKIQwukkbTQ59oYQjoR63tXbX17L7dJo7j0onso/mrqzNnxicvXuWuvXHoXwbenFN2/M//ZK1/Cvr+9S9wAAAAAAAAAAAAAAAAAAPOHGL1+68v7gULgfhe7VaPvzuuPJsdXzseu75uXOv1gAAAAAAAAAAAAAAAAAAAD4n9p8/j8XHW3y/P9YchxpUX/93c6Pkc6ZeO/S2NnBoWT/92hb/ltJ0u+nu0J/k33fs/u/n87Ub77/+/Z+HldjfI1++0IUD6TO43hgIITvk43fj0cH41J5qfLG9fLywuyuDeOJlY5/fff+VHSSDf3bjf9opv3O7///wrZPU/X82u59xJ5q6fh3tSz3wxdRW/E/k6m3F/Gve6az3Tyl0vHvrqX1bi0wUp8AqvH/qnvn+I9l2u9U/I+EEHJRday51AxQXcNU0zfWKz4W/yod//qblZo6kzey1fX/Vyb+ZzPtN+LfuTA0n/9Xsl9ENJWO/7O1tJ5Uic3rvz/e+fo/l2l/P77/q+Nf8f3flnT8D9QTu1NFau9ku/P/eKb9TsX/SpyM80iU+gSsRvX0Vn+vjrR0/Hu25W/e/8Vtrf/OZ+rv1f1fo9/G/V9j+n8tqt//0Vw6/r0ty7V7/U9k6nV6/h+prf94XOn4H6ylpf+vr6/2s934T2ba71T8a6uSnkb8N+eTvw/U07+z/mtLOv7P1RPjrSVWaj9r679o5/X/hUz7+7H+q45/Je5sr0+LdPwPtSxXjf/PbXz/X8zU63z8Qxi01n9s6fgfblmudv337Bz/qUy9Tsf/1U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAEGE2OfSGKB1LncTwwEMKZ5Px4OBhNF2bz06XyzKdLIYwl6blwNLpRKk8XSvm5hfJsMV8olcozIZxN8o+FnmipVK7k5wu3zm201RvdLBYWK9PFQiWEMJ6kvxQON9qanqvMF26FEM5v5D0flxdv3Sws5GfnFt8ZHBwcDBMbY+iPip9XiguVeu/13BAmN+r2RVsGV8u+sDGWQ9En5eXFhUKpln5xS51SeaZQ2lJnKsn7OvRHlcXlhZlCpZgvlW80+ttPI8lxbOLyh5cvDm3LvxbVj6N7OywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/qP7w29/E0Lorp/FIYRclPwSJf9S7j0onso/mrqzNnxicvXu2sNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiHHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSO27CQBAA0PVGUdocI5Vld2kdJYqSIo6QOAEcg8PAUbgEd6CgoKVCMmsk/JHcQPVeY8+MdmekHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDpvmf1/L8ow3OKt8vdvvl5ucS/Kb/+GD7/9IAZuZ+fv/rzqyjTu2e9+ntKHarYVE/H1SIMfFubzp5c9+lGv0/X2L6Nzdf2fQ1ZzEMIVaq/ZTHm+bS7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbR9G3AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CsAAP//aQIeXw==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x130) 3.677595117s ago: executing program 3 (id=5805): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000000c0)={0x2, 'nr0\x00', 0x4}, 0x18) 3.483218673s ago: executing program 5 (id=5808): r0 = inotify_init() fsetxattr$security_ima(r0, &(0x7f0000000080), 0x0, 0x0, 0x3) 3.373555327s ago: executing program 3 (id=5810): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2000000020008107090f9becdb4cb96b02000020fd0000010064000000000000", 0x20}], 0x1, 0x0, 0x0, 0x81000000}, 0x4000004) 3.22158812s ago: executing program 5 (id=5812): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_sfeatures={0x3b, 0x2, [{0xfe, 0x80000000}, {0xfffffff9}]}}) 3.049933812s ago: executing program 3 (id=5816): getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) syz_usb_connect(0x0, 0x10a, &(0x7f00000022c0)=ANY=[@ANYBLOB="12010000f58a3c103d1000010d68010203010902f800015102b01e09048d"], 0x0) 3.042587234s ago: executing program 2 (id=5817): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000147c0)={&(0x7f0000000040)=@allocspi={0x148, 0x16, 0x209, 0x70bd22, 0x25dfdbff, {{{@in6=@empty, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x3, 0x2, 0x20, 0xa0, 0x3a}, {@in6=@private1, 0x4d5, 0x32}, @in=@empty, {0x1, 0xf, 0x4, 0x8001, 0x8, 0x7f9, 0xaaec, 0x2}, {0x500020, 0x4, 0x7fffffff, 0x2}, {0xc90a, 0x1, 0x8}, 0x70bd2b, 0x3507, 0xa, 0x0, 0x4, 0x10}, 0xff, 0x80000002}, [@migrate={0x50, 0x11, [{@in=@rand_addr=0x64010100, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@multicast1, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x33, 0x2, 0x0, 0x3501, 0xa, 0x2}]}]}, 0x148}}, 0x48000) 2.902368281s ago: executing program 5 (id=5818): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f00000000c0)={'wlan1\x00'}) 2.65844616s ago: executing program 5 (id=5823): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, &(0x7f0000000340)) 2.316111785s ago: executing program 5 (id=5827): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x7ffeffff, 0x1, 0x3, {0xa, @sdr={0x34363248, 0x6}}, 0x1}) 2.063461212s ago: executing program 0 (id=5829): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deda8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1b2ef4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f53d709959d7bd2f5cc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36fb0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4a7bce853249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8012392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccaca8154b8601213ee2296d2a27798c8ce2a305c0c8d1acf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c04701563816514f868a2b95319abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdff7f0000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977e37df17a321d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2c6aea1d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb89243a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a01040000a35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92de6b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250054f84b0fccd4f810bce02322b489b79aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d4b8123de6516737be55c06d9cdcfb1e20280e14700eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b19128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dceedb2ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9c35f4259e3452b2f53ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788a25b5a6003b579b8f0e20d78be3d885557292971e65f4f1daefad2c5ccbca608b46406ffff25610c3cbae9f56cd47678f482e2c1f7cdfc5ce2a67c1545c1192f2ac3990f9c850788401469fbca801e73cd9efbcc6e44b2f414cdff5c49e706d699b5bfa75526f700c4e32611b826b2787f99532c02262a9c60e4b07a09377c38747c7f05e38b6db5d8cc625873af8fc5a7d362334c509f6bb4e36e1c9e08949679e0ed9f84e668588b9f1b21069bd5ffe263b1e6860c305d1faca4d6e4680ab6a6d491ecc97a904cc9c643e489d1a5f7d8a359bea93ba2d95bd3341d98d4918118e5f7b6fa6f603274c561f63ee337ad8d0017bbd1e17b5ce71a18c8572810029fe5d0ac2a661d8b346240c46f0223981cd53c067b65b579c144a4c918504888132a19a6a1702afb8646cf8fbcc5a4f5fbc072388f7bd7955138fc4919d78cfc5f2fd7dccf3a20896045698d2b6770773412029db69c099fda38be5f37adc5bd48f7f11b5632bb63fa18718c1a24e0bad8d21f51f6bf3fbd3786a00c4e8f8536f6af28c9b8cd210bc0e82112f9943fc0fa81c08e456983cbdd8d08053c128e122da8b7583cb1"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2f, 0xffffff99, &(0x7f0000000100)="b9ff03316844268cb89e14f086dd65e0ffff00122c00631177fbac14030a44079f03fe8000ff80000000000000000008ffff3a050b038da1880b251810a59d943be3f4aed50ea5a6b8686731cb89ef77523c899b699eeaa0eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000380)="b101000000353b", &(0x7f0000000000), 0x0, 0x700}, 0x2c) 2.052417407s ago: executing program 5 (id=5830): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=none,usrquota,barrier=000000000\x000000000007,heartbeat=none,nointr,\x00'], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 1.980232076s ago: executing program 2 (id=5832): r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') lseek(r0, 0x3, 0x3) 1.701351634s ago: executing program 2 (id=5834): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d00010000000009040000030b08000009058d67c8002a000009050502000000000009058b6e", @ANYRESOCT], 0x0) syz_usb_ep_write(r0, 0x8d, 0x0, 0x0) 1.620145922s ago: executing program 4 (id=5835): r0 = fanotify_init(0x8, 0x400) write$binfmt_elf64(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="7f454c4622000005"], 0x40) 1.565165737s ago: executing program 0 (id=5836): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000008000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000000000000000000000000000002a0900000000ffffff59118f2297013e36102557ff00"/192]}, 0x138) 1.246481314s ago: executing program 0 (id=5838): mkdir(&(0x7f00000000c0)='./bus\x00', 0x16f) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@redirect_dir_nofollow}, {@userxattr}, {@nfs_export_on}]}) 1.246256373s ago: executing program 4 (id=5839): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x301, 0x0, 0x0, {0x2}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xf}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xb0}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) 1.22002638s ago: executing program 3 (id=5840): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000100)={[{@gid_ignore}, {@gid_forget}, {@utf8}, {@mode={'mode', 0x3d, 0x7}}, {@uid_ignore}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@gid}, {@dmode={'dmode', 0x3d, 0x4}}, {@adinicb}, {@gid_forget}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@uid_ignore}]}, 0x1, 0xc67, &(0x7f0000001dc0)="$eJzs3U9sHNd9B/DfG5LiSm5rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVoEW8zsW3FFkZYskiIlfz429d2deW/mvZnxjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xj13/ETaZEXfHjQGAHgoLox99fjJzZ7/AMBj69JW//8PAAAAAAAAAAAAAADsFymKeCpSzF1YSxPV947a+dbAjZvjI6ObVzuYqpp9Vfnyp3bi5KnTX35h+Ew3z7dmPqT+TvtsvD526Vz9ldnrc/NTCwtTk/XxmdaV2cmp+97CdutvdLQ6APXrb9yYvHp1oX7y+VN3rL459MHgE4eHzg4/e+yZbtnxkdHRsfUitd7y/Q/ckI6tRngciCKORYrnvvuT1IyIIrZ/LGoP99xvdLDqxNGqE+Mjo1VHplvNmcVy5cXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+WnZvbK4537w8PVW/2JxfbC22Zmcupk5ry/7Uo4gzKWI5IlYH797cQBTRHym+/eRaupzf+lEdhy9VA4O3bkexi328D2U76wMRy8UjcM72scEo4rVI8dN3j8SVfJ+p7jVfjHitzO9H3Crz5YhUXhinI97f5Dri0dQfRfxZef7PrqXJ6n7Qva+c/1r9KzNXZ3vKdu8rH/H5cNedYo+eDwc35MOxz+9NtSiiWd3x19KD/2YHAAAAAAAAAAAAAAAAgJ12MIr4TKR49V//oBpXHNW49CfPDv/u0C/2jhl/+h7bKcs+HxFLxf2NyT2QBwZeTBdT2uOxxB9ntSjiD/P4v2/udWMAAAAAAAAAAAAAAAAAAAA+1or4caR46b0jaTl65xRvzVyrX2penu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Z+2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfw8UnzrG2spUkQ0IiaikyuDe906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0mIr4XqSo/17j9rL+iEjVvx1Hyl9OR+NAmZ+MxnCZL0fjXM5mlf2Nb+5B+9megVTEjyLFYO2d2yc8n/+Bzrfbl0Hcenv922f7O9nXXTn0weATh588Ozz6+ae3+pw2a8DR862ZGzfr4yOjo2M9i/vz3j/Zs2wo77fYma4TEQtvvvVGc3p6av7BP5SXwANW757Jbez9YX5I/Y9MU33YiQ/Rvy+asTd9v0NtL25O7Lry+f9+pPjN9/6t+8DvPP9r8Qudb7ef8PGzP1p//r+0cUP3+fzv31gvP//LJ8Fmz/+nepa9lH83MtAfUVu8PjdwOKK28OZbx1rXm9emrk3NnD5+/MXh4RdPHR84EFG72pqe6vm0I4cLAAAAAAAAAAAAAAAA4OFJRfx2pGj+aC3VI+JmNV5r6Ozws8ee6Yu+arzVHeO2Xx+7dK7+yuz1ufmphYWpyfr4TOvK7OTU/e6uVg33Gh8Z3ZXO3NPBXW7/wdors3Nvzreu/f7ipusP1c5dXlicb17ZfHUcjCKi0bvkaNXg8ZHRqtHTreZMVfXipoPpP7qBVMS/R4orp+vpC3lZHv+/cYR/3Hr7xdvXwtLGDe3g+P/PH1of//eJnqLlPlMq4meR4jf+/On4QtXOQ3HXMcvl/jpSHD3zuVwuDpTlum3ovFegMzKwLPvfkeLvf35n2e54yKfWy574SAf3EVCe/ycjxff+9Dvxq3nZne9/6D3/68fv0MYN7dL7Hz7Vs+zQHe8r2HbXyef/WKR4+al34teqJf/7oe//6L6x4Uin8Pr7OXbp/P9yz7KhvN9f36nOAwAAAAAAAAAAPMIGUhF/Eyl+MNqfXsjL7ufv/01u3NAu/f2vT/csm9yZ+Yru+WHbBxUAAAAA9omBVMSPI8W1xXduj6G+c/x3z/jP31of/zmSNqyt/pzvl6r3Buzkn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBfSamIF/J86hPVeP7JLedTX4kUr/7nc7lcOlyW684DP1T9WrswO3Ps3PT0bC0Wm5enp+pjc80rU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2IE2XZT0SK//i7O8vmqanz3NHVdk+WZf8yUnz9Hzcve3i97Kmy7HcixQ+/Xu+WPVSW7b4f9dPrZZ+/MlvswlkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri/fHsuf5/8f6PlaufV2z3z/G9ys5vkfqub/3+rzg8z/X71XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRYq5C2tpZbD83lE735q5cXN8ZHTzagdTVbOvKl/+1E6cPHX6yy8Mn+nmh9ffaZ+J18cunau/Mnt9bn5qYWFqsj4+07oyOzl131vYbv2NjlYHoH79jRuTV68u1E8+f+qO1TeHPhh84vDQ2eFnjz3TLTs+Mjo61lOmf+CB936XtMXyA1HEX0SK5777k/SDwYgitn8s7nHt7LaDVSeOVp0YHxmtOjLdas4slisvdg9EEVHvqdToHqN7nov/a7fbD6srm2hELJXNLxt8tOze2Fxzvnl5eqp+sTm/2Fpszc5cTJ3Wlv2pRxFnUsRyRKwO3r25gSjijUjx7SfX0j8NRvR1j8OXLox99fjJrdtR7GIf70PZzvpAxHJxP+eMrQxGEf8QKX767pH458GI/uj8xBcjXivz+xG3onO+U3lhnI54f5PriEdTfxTxP+X5P7uW3h0s7wfd+8r5r9W/MnN1tqds976yzedDu93+4zL37vnwMO3ze1MtivhhdcdfS//iv2sAAAAAAAAAAAAAAACAfaSIX4kUL713JFXjg2+PKW7NXKtfal6e7gzr6479646Zbrfb7XrqZCPnRM6lnMs5V3Ku5owi18/ZKLPWbk/k70s5l3Ou5FzNGX25fl81XLHdyN8nci7lXM65knM1Z/Tn+jkbOSdyLuVczrmSczVn7JOxewAAAAAAAAAAAAAAAAAAwOOlqP5J8a1vrKX2YGd+6Yno5Ir5QB97/x8AAP//Jhb4VQ==") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) 1.176279718s ago: executing program 1 (id=5841): r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000280)={0x6, @sdr={0x32314247, 0x38}}) 1.062412609s ago: executing program 0 (id=5842): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x558, 0x3b8, 0x1b0, 0x3b8, 0x0, 0x3b8, 0x488, 0x488, 0x488, 0x488, 0x488, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000010000000}}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [0x0, 0x0, 0x0, 0xffffffff], 'veth1_macvtap\x00', 'veth1_vlan\x00', {}, {}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0x0, 0x0, 0xff000000], [0xffffff00], '\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x118, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x1, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x1], 0x6}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@broadcast, @ipv4=@loopback}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b8) 1.000597288s ago: executing program 4 (id=5843): r0 = fsopen(&(0x7f0000000100)='fuseblk\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 990.984748ms ago: executing program 1 (id=5844): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 747.938488ms ago: executing program 1 (id=5845): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x8, 0x7fe2, 0x1, 0x9}, 0x50) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)=@o_path={0x0, r0, 0x4000, r0}, 0x18) 746.933382ms ago: executing program 4 (id=5846): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffefff, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800002}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 653.872671ms ago: executing program 0 (id=5847): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x1, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x60110, 0x183}, [@IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}, @IFLA_IFNAME={0x14, 0x3, 'ip6gretap0\x00'}, @IFLA_LINKMODE={0x5, 0x11, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) 652.761871ms ago: executing program 3 (id=5848): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtaction={0x44, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}, 0x1, 0x500, 0x0, 0x841}, 0x0) 448.482608ms ago: executing program 4 (id=5849): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x9, 0x3, 0x2e0, 0x100, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x1c8, 0xffffffff, 0xffffffff, 0x1c8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast1, [0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xff000000, 0xff, 0xffffff00], 'pimreg\x00', 'ip6tnl0\x00', {}, {0xff}, 0x8, 0x7, 0x4, 0x50}, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@srh={{}, {0x32, 0x2c, 0x4, 0x7, 0xbf, 0x228, 0x2000}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x346) 426.196965ms ago: executing program 1 (id=5850): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f0000000300)={0x28, 0x0, 0x0, 0x0, 0x0}) 318.467843ms ago: executing program 1 (id=5851): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000021000304000200800000000002000004000000000000000008000a00380b0000140011"], 0x38}}, 0x20004080) 188.594987ms ago: executing program 0 (id=5852): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x40091) 167.815392ms ago: executing program 3 (id=5853): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40e8662e, &(0x7f0000000000)={0x3f33, 0x40000000000001, 0x0, 0xb, 0x40000000, 0x905}) 116.759353ms ago: executing program 4 (id=5854): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0x1, 0x70bd25, 0x21dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40810, 0x7}, [@IFLA_GROUP={0x8, 0x1b, 0x3}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TX_RATE={0xc, 0x3, {0x80000001, 0x800}}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x40010) 0s ago: executing program 1 (id=5855): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000200)={0x2, 0x3, 0x0, 0x1000, 0x0, 0xfffffffe, 0x0}) kernel console output (not intermixed with test programs): to 128 [ 488.943285][T15160] loop1: detected capacity change from 0 to 8192 [ 489.095483][T15162] loop5: detected capacity change from 0 to 4096 [ 489.116449][T15162] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 489.138126][T15163] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 489.539154][T15157] loop0: detected capacity change from 0 to 32768 [ 489.898908][T15154] loop2: detected capacity change from 0 to 40427 [ 490.272403][T15154] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 490.347193][T15154] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 490.668582][T15165] loop1: detected capacity change from 0 to 32768 [ 490.719927][T15165] (syz.1.4219,15165,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 490.746658][T15165] (syz.1.4219,15165,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 490.796509][T15167] loop5: detected capacity change from 0 to 32768 [ 490.875275][T15167] (syz.5.4220,15167,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 490.939919][T15167] (syz.5.4220,15167,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 490.993922][T15169] loop0: detected capacity change from 0 to 32768 [ 491.052704][T15169] (syz.0.4221,15169,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 491.091335][T15169] (syz.0.4221,15169,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 491.871040][T15175] loop3: detected capacity change from 0 to 32768 [ 491.950757][T15175] (syz.3.4222,15175,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 491.999331][T15175] (syz.3.4222,15175,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 492.443050][T15182] loop5: detected capacity change from 0 to 32768 [ 492.538766][T15182] (syz.5.4225,15182,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 492.583011][T15182] (syz.5.4225,15182,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 493.039021][T15186] loop2: detected capacity change from 0 to 32768 [ 493.088546][T15186] (syz.2.4223,15186,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 493.145834][T15186] (syz.2.4223,15186,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 493.175536][T15180] loop1: detected capacity change from 0 to 65536 [ 493.215559][T15180] (syz.1.4224,15180,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 493.273029][T15180] (syz.1.4224,15180,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 493.490271][T15189] loop3: detected capacity change from 0 to 32768 [ 493.511063][T15198] loop2: detected capacity change from 0 to 3 [ 493.542099][T15198] syz.2.4230: attempt to access beyond end of device [ 493.542099][T15198] loop2: rw=2048, sector=0, nr_sectors = 8 limit=3 [ 493.588917][T15189] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4228 (15189) [ 493.663348][T15198] SQUASHFS error: Failed to read block 0x0: -5 [ 493.670556][T15189] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 493.685416][T15200] loop1: detected capacity change from 0 to 128 [ 493.698566][T15184] loop0: detected capacity change from 0 to 65536 [ 493.705330][T15198] unable to read squashfs_super_block [ 493.711663][T15189] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 493.897285][T15184] (syz.0.4226,15184,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 494.008200][T15184] (syz.0.4226,15184,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 494.153302][T15189] BTRFS info (device loop3): enabling ssd optimizations [ 494.172163][T15218] loop2: detected capacity change from 0 to 1024 [ 494.180648][T15220] loop1: detected capacity change from 0 to 256 [ 494.202485][T15189] BTRFS info (device loop3): turning on async discard [ 494.236087][T15220] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 494.254631][T15189] BTRFS info (device loop3): enabling free space tree [ 494.299662][T15220] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 494.342000][T15218] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 494.381927][T15220] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 494.389604][T15220] UDF-fs: Scanning with blocksize 512 failed [ 494.501717][T15220] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 494.534235][T15225] loop0: detected capacity change from 0 to 512 [ 494.572970][T15220] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 494.588187][ T6225] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 494.643365][T15225] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 494.661830][T15225] UDF-fs: Scanning with blocksize 512 failed [ 494.678708][ T6239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 494.728889][T15225] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 494.749209][T15225] UDF-fs: Scanning with blocksize 1024 failed [ 494.794270][T15225] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 494.801687][T15225] UDF-fs: Scanning with blocksize 2048 failed [ 494.883921][T15191] loop4: detected capacity change from 0 to 65536 [ 494.888297][T15225] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 494.978402][T15191] (syz.4.4227,15191,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 495.012109][T15225] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 495.025182][T15227] loop2: detected capacity change from 0 to 512 [ 495.102899][T15191] (syz.4.4227,15191,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 495.118912][T15227] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 495.200780][T15227] UDF-fs: Scanning with blocksize 512 failed [ 495.281348][T15227] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 495.318949][T15227] UDF-fs: Scanning with blocksize 1024 failed [ 495.392147][T15227] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 495.399582][T15227] UDF-fs: Scanning with blocksize 2048 failed [ 495.513286][T15227] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 495.622265][T15227] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 495.721391][T15239] loop0: detected capacity change from 0 to 512 [ 496.133188][T15245] loop0: detected capacity change from 0 to 256 [ 496.200895][T15243] loop2: detected capacity change from 0 to 2048 [ 496.345956][T15243] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 496.672263][T15247] loop0: detected capacity change from 0 to 2048 [ 496.831196][T15251] loop5: detected capacity change from 0 to 128 [ 496.864201][T15251] zonefs (loop5) ERROR: Not a zoned block device [ 497.089053][T15249] loop2: detected capacity change from 0 to 8192 [ 497.113800][T15237] loop4: detected capacity change from 0 to 32768 [ 497.136098][T15237] BTRFS: device fsid a4d06b90-61a4-49cd-bf5f-2183c3574322 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4238 (15237) [ 497.247708][T15237] BTRFS info (device loop4): first mount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322 [ 497.266285][T15237] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 497.547730][T15237] BTRFS info (device loop4): enabling ssd optimizations [ 497.589584][T15237] BTRFS info (device loop4): turning on async discard [ 497.596397][T15237] BTRFS info (device loop4): enabling free space tree [ 497.844799][ T6240] BTRFS info (device loop4): last unmount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322 [ 498.606605][T15255] loop0: detected capacity change from 0 to 32768 [ 498.749781][T15255] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 498.855133][T15255] XFS (loop0): Ending clean mount [ 499.181760][ T6228] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 499.532486][T15253] loop5: detected capacity change from 0 to 65536 [ 499.673961][T15253] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 499.812220][T15253] XFS (loop5): Ending clean mount [ 499.856502][T15261] loop2: detected capacity change from 0 to 65536 [ 499.875186][ T6241] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 499.883662][T15300] netlink: 256 bytes leftover after parsing attributes in process `syz.3.4255'. [ 499.945293][T15261] XFS (loop2): Deprecated V4 format (crc=0) not supported by kernel. [ 500.202910][T15311] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4257'. [ 500.327553][T15290] loop1: detected capacity change from 0 to 32768 [ 500.619087][T15320] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 500.665780][ T6307] usb 6-1: new high-speed USB device number 95 using dummy_hcd [ 500.813168][T15319] loop3: detected capacity change from 0 to 4096 [ 500.861282][T15319] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 500.907479][ T6307] usb 6-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 500.936582][ T6307] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.947388][ T6307] usb 6-1: Product: syz [ 500.951566][ T6307] usb 6-1: Manufacturer: syz [ 500.967123][ T6307] usb 6-1: SerialNumber: syz [ 500.988708][ T6307] usb 6-1: config 0 descriptor?? [ 501.244704][ T6307] int51x1 6-1:0.0: probe with driver int51x1 failed with error -22 [ 501.428429][T15310] loop0: detected capacity change from 0 to 32768 [ 501.464171][ T6307] usb 6-1: USB disconnect, device number 95 [ 501.491707][T15310] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4254 (15310) [ 501.548816][T15310] BTRFS info (device loop0): first mount of filesystem 17bca515-437c-4bbd-9eb0-5eb74df1971f [ 501.582208][T15310] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 501.839698][T15310] BTRFS info (device loop0): enabling ssd optimizations [ 501.887546][T15310] BTRFS info (device loop0): turning on async discard [ 501.894564][T15310] BTRFS info (device loop0): enabling free space tree [ 501.906233][ T30] audit: type=1400 audit(2000524631.635:17): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=":/" pid=15350 comm="syz.1.4270" [ 501.920087][T15355] loop3: detected capacity change from 0 to 128 [ 501.975944][T15355] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 502.032121][T15355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 502.130741][ T6228] BTRFS info (device loop0): last unmount of filesystem 17bca515-437c-4bbd-9eb0-5eb74df1971f [ 502.520928][T15368] loop1: detected capacity change from 0 to 2048 [ 503.244582][T15375] loop3: detected capacity change from 0 to 32768 [ 503.342107][ T6857] loop3: p1 p3 < p5 p6 > [ 503.398055][T15375] loop3: p1 p3 < p5 p6 > [ 503.487131][T15398] netlink: 'syz.2.4291': attribute type 12 has an invalid length. [ 503.581686][T15402] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 503.603180][T15401] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4292'. [ 503.796894][ T6232] Bluetooth: hci1: unexpected event for opcode 0x041b [ 504.105795][T15414] bond1: entered promiscuous mode [ 504.155823][T15414] bond1: entered allmulticast mode [ 504.187398][T15414] 8021q: adding VLAN 0 to HW filter on device bond1 [ 504.215322][T15426] Unsupported ieee802154 address type: 0 [ 504.528691][T15438] netlink: 'syz.0.4313': attribute type 11 has an invalid length. [ 504.582386][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 504.585146][ T6237] udevd[6237]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 504.611370][ T6396] udevd[6396]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 504.639489][ T8763] udevd[8763]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 504.701486][T15449] loop3: detected capacity change from 0 to 64 [ 504.770501][ T30] audit: type=1800 audit(2000524634.275:18): pid=15449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4315" name="bus" dev="loop3" ino=22 res=0 errno=0 [ 504.917735][ T6236] udevd[6236]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 504.920901][ T7411] udevd[7411]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 504.948782][ T7260] udevd[7260]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 504.963769][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 505.058036][T15458] netlink: 'syz.1.4319': attribute type 8 has an invalid length. [ 505.202220][T15468] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4320'. [ 505.398410][T15473] Cannot find add_set index 0 as target [ 505.419778][T15476] comedi comedi4: bad chanlist[0]=0x000000e3 chan=227 range length=2 [ 505.780027][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 505.786355][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.007041][T15499] loop5: detected capacity change from 0 to 1024 [ 506.064852][T15499] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 506.109203][T15505] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4342'. [ 506.258541][ T6241] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.774125][T15536] xt_recent: Unsupported userspace flags (000000b1) [ 507.150624][T15549] loop0: detected capacity change from 0 to 256 [ 507.201336][T15529] loop4: detected capacity change from 0 to 32768 [ 507.244964][T15549] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 507.366807][ T8763] loop4: p9 p11 p16 [ 507.412253][T15529] loop4: p9 p11 p16 [ 507.813716][T15566] loop0: detected capacity change from 0 to 2048 [ 507.856089][T15566] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 507.919673][ T6857] udevd[6857]: incorrect nilfs2 checksum on /dev/loop0 [ 507.958654][T15575] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 508.361257][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop4p9, 10) failed: No such file or directory [ 508.417871][T15587] loop2: detected capacity change from 0 to 512 [ 508.473347][T15587] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 508.549934][T15594] loop0: detected capacity change from 0 to 764 [ 508.552419][T15587] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 508.675405][T15587] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec128, mo2=0002] [ 508.716513][T15587] EXT4-fs (loop2): orphan cleanup on readonly fs [ 508.750808][T15587] EXT4-fs error (device loop2): ext4_quota_enable:7132: comm syz.2.4380: Bad quota inum: 4294967291, type: 0 [ 508.812467][T15587] EXT4-fs (loop2): Remounting filesystem read-only [ 508.851952][T15587] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix. [ 508.927090][T15587] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 508.961826][T15587] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 508.993966][T15613] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4389'. [ 509.028074][T15613] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4389'. [ 509.211277][T15621] loop1: detected capacity change from 0 to 64 [ 509.301267][ T6239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.381988][T15626] loop5: detected capacity change from 0 to 64 [ 509.641349][T15633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4402'. [ 509.997022][T15649] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 510.028930][T15649] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 510.232443][ T6314] usb 1-1: new high-speed USB device number 98 using dummy_hcd [ 510.408039][ T6314] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 510.429505][ T6314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.529443][ T6314] usb 1-1: config 0 descriptor?? [ 510.540385][T15671] loop1: detected capacity change from 0 to 1024 [ 510.559592][T15671] EXT4-fs: Ignoring removed oldalloc option [ 510.574137][T15671] EXT4-fs: Ignoring removed bh option [ 510.644714][T15682] netlink: 'syz.5.4422': attribute type 16 has an invalid length. [ 510.645690][T15671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.652699][T15682] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.4422'. [ 510.745917][T15671] cgroup: release_agent respecified [ 510.973532][ T6231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.016922][ T6314] ath6kl: Failed to read usb control message: -71 [ 511.045827][ T6314] ath6kl: Unable to read the bmi data from the device: -71 [ 511.079650][ T6314] ath6kl: Unable to recv target info: -71 [ 511.133440][ T6314] ath6kl: Failed to init ath6kl core: -71 [ 511.175198][ T6314] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 511.250061][ T6314] usb 1-1: USB disconnect, device number 98 [ 511.303547][T15704] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4432'. [ 511.347220][T15704] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4432'. [ 511.392694][T15704] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4432'. [ 511.492154][T15706] netlink: 11 bytes leftover after parsing attributes in process `syz.2.4433'. [ 511.522032][T15708] netlink: 4268 bytes leftover after parsing attributes in process `syz.3.4436'. [ 511.553097][T15708] netlink: 4268 bytes leftover after parsing attributes in process `syz.3.4436'. [ 511.809751][T15720] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 511.865041][T15720] overlayfs: missing 'lowerdir' [ 511.872085][T15714] loop5: detected capacity change from 0 to 4096 [ 512.199609][T15734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4447'. [ 512.235514][T15736] loop2: detected capacity change from 0 to 256 [ 512.400864][T15736] FAT-fs (loop2): Directory bread(block 64) failed [ 512.407469][T15736] FAT-fs (loop2): Directory bread(block 65) failed [ 512.474780][T15736] FAT-fs (loop2): Directory bread(block 66) failed [ 512.513975][T15736] FAT-fs (loop2): Directory bread(block 67) failed [ 512.572673][T15736] FAT-fs (loop2): Directory bread(block 68) failed [ 512.579244][T15736] FAT-fs (loop2): Directory bread(block 69) failed [ 512.648475][T15736] FAT-fs (loop2): Directory bread(block 70) failed [ 512.655067][T15736] FAT-fs (loop2): Directory bread(block 71) failed [ 512.708430][T15752] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4456'. [ 512.724329][T15736] FAT-fs (loop2): Directory bread(block 72) failed [ 512.730896][T15736] FAT-fs (loop2): Directory bread(block 73) failed [ 512.762600][T15754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4457'. [ 512.847264][T15756] netlink: 'syz.3.4458': attribute type 8 has an invalid length. [ 513.792804][T15751] loop1: detected capacity change from 0 to 32768 [ 513.937933][T15790] loop5: detected capacity change from 0 to 256 [ 513.964063][T15751] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4454 (15751) [ 513.998063][T15792] geneve2: entered promiscuous mode [ 514.012164][T15751] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 514.029315][ T49] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 514.035003][T15751] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 514.090606][ T3016] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 514.129428][ T3016] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 514.188888][ T3016] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 514.313261][T15751] BTRFS info (device loop1): enabling ssd optimizations [ 514.316337][T15812] netlink: 'syz.2.4479': attribute type 1 has an invalid length. [ 514.338996][T15751] BTRFS info (device loop1): turning on async discard [ 514.345986][T15751] BTRFS info (device loop1): enabling free space tree [ 514.633315][ T6231] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 515.297788][T15848] loop1: detected capacity change from 0 to 256 [ 515.339773][ T6307] usb 6-1: new high-speed USB device number 96 using dummy_hcd [ 515.397775][T15848] exfat: Deprecated parameter 'utf8' [ 515.479187][T15848] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 515.543726][ T6307] usb 6-1: config 0 has too many interfaces: 202, using maximum allowed: 32 [ 515.562776][ T6307] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 515.573031][ T6307] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 202 [ 515.638073][ T6307] usb 6-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 515.681979][ T6307] usb 6-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3 [ 515.690096][ T6307] usb 6-1: Product: syz [ 515.764389][ T6307] usb 6-1: Manufacturer: syz [ 515.775545][ T6307] usb 6-1: SerialNumber: syz [ 515.823992][ T6307] usb 6-1: config 0 descriptor?? [ 515.867806][ T6307] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 516.093753][ T6307] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 516.209671][ T6857] udevd[6857]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 516.273112][ T6307] usb 6-1: USB disconnect, device number 96 [ 516.296471][T15874] loop4: detected capacity change from 0 to 512 [ 516.329785][T15874] EXT4-fs: Ignoring removed nomblk_io_submit option [ 516.395002][T15874] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 516.462074][T15874] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002] [ 516.470168][T15874] System zones: 0-1, 15-15, 18-18, 34-34 [ 516.509530][T15844] loop2: detected capacity change from 0 to 32768 [ 516.529718][T15874] EXT4-fs (loop4): orphan cleanup on readonly fs [ 516.547927][T15844] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4495 (15844) [ 516.567385][T15874] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #16: comm syz.4.4509: inode has both inline data and extents flags [ 516.593679][T15844] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 516.611597][T15844] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 516.648216][T15883] bond1: option arp_validate: invalid value (18446744073709551614) [ 516.657563][T15874] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4509: couldn't read orphan inode 16 (err -117) [ 516.678546][T15883] bond1 (unregistering): Released all slaves [ 516.682833][T15897] netlink: 'syz.3.4515': attribute type 2 has an invalid length. [ 516.697483][T15874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 516.789682][T15844] BTRFS info (device loop2): enabling ssd optimizations [ 516.799297][T15844] BTRFS info (device loop2): turning on async discard [ 516.851159][T15844] BTRFS info (device loop2): enabling free space tree [ 516.873801][T15874] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 516.912968][T15874] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c018, mo2=0002] [ 517.171451][ T6240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.171730][T15917] netlink: 'syz.3.4521': attribute type 10 has an invalid length. [ 517.204519][ T6239] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 517.939623][T15941] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.4532' sets config #0 [ 518.256253][T15951] loop1: detected capacity change from 0 to 512 [ 518.350864][T15951] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 518.383831][T15953] loop4: detected capacity change from 0 to 2048 [ 518.396444][T15951] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.4536: No space for directory leaf checksum. Please run e2fsck -D. [ 518.492494][ T6396] loop4: p1 < > p4 [ 518.492494][ T6396] p4: [ 518.496739][T15951] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.4536: checksumming directory block 0 [ 518.514232][ T6396] loop4: p4 size 722688 extends beyond EOD, truncated [ 518.571381][T15953] loop4: p1 < > p4 [ 518.571381][T15953] p4: [ 518.618260][T15964] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 518.635085][T15953] loop4: p4 size 722688 extends beyond EOD, truncated [ 518.720628][ T6231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 518.782822][T15929] loop2: detected capacity change from 0 to 32768 [ 518.834883][T15929] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4523 (15929) [ 518.897249][T15929] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 518.940565][T15929] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 518.975220][ T6237] udevd[6237]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 518.979746][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 518.995914][T15976] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 519.210487][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 519.258262][T15973] loop4: detected capacity change from 0 to 4096 [ 519.266183][T15973] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 519.266561][T15929] BTRFS info (device loop2): enabling ssd optimizations [ 519.279428][ T6237] udevd[6237]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 519.325848][T15929] BTRFS info (device loop2): turning on async discard [ 519.332672][T15929] BTRFS info (device loop2): enabling free space tree [ 519.568549][T15973] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 519.603125][T15973] ntfs3(loop4): ino=1f, "file2" failed to open parent directory r=5 to update [ 519.682185][ T6239] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 519.711040][T16010] loop5: detected capacity change from 0 to 1024 [ 519.768855][ T78] ntfs3(loop4): ino=1f, failed to open parent directory r=5 to update [ 519.847913][T16010] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 520.018877][T16010] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 520.227372][ T6241] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.304609][T16030] xt_CT: You must specify a L4 protocol and not use inversions on it [ 520.608353][T16038] overlayfs: conflicting options: nfs_export=on,index=off [ 520.814620][T16046] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4574'. [ 521.040530][T16009] loop3: detected capacity change from 0 to 32768 [ 521.050186][T16009] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4557 (16009) [ 521.121403][T16009] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 521.143109][T16009] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 521.215159][ T6321] usb 5-1: new high-speed USB device number 89 using dummy_hcd [ 521.301260][T16056] loop1: detected capacity change from 0 to 4096 [ 521.342896][T16009] BTRFS info (device loop3): enabling ssd optimizations [ 521.380509][T16009] BTRFS info (device loop3): turning off barriers [ 521.393584][T16056] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 521.445925][ T6321] usb 5-1: Using ep0 maxpacket: 32 [ 521.454037][ T6321] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 521.464796][T16009] BTRFS info (device loop3): enabling free space tree [ 521.484323][ T6321] usb 5-1: config 0 has no interface number 0 [ 521.523172][ T6321] usb 5-1: config 0 interface 12 has no altsetting 0 [ 521.563878][T16056] ntfs3(loop1): ino=19, mi_enum_attr [ 521.581325][ T6321] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 521.601608][T16056] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 521.619465][ T6321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 521.651038][ T6321] usb 5-1: Product: syz [ 521.684959][ T6321] usb 5-1: Manufacturer: syz [ 521.689605][ T6321] usb 5-1: SerialNumber: syz [ 521.696572][T16056] ntfs3(loop1): failed to convert "c46c" to cp855 [ 521.726862][T16056] ntfs3(loop1): ino=20, mi_enum_attr [ 521.739740][ T6321] usb 5-1: config 0 descriptor?? [ 521.768586][ T6225] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 522.202211][ T6321] f81534 5-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 522.231777][ T6321] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71 [ 522.258301][ T6321] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 522.299628][ T6321] f81534 5-1:0.12: probe with driver f81534 failed with error -71 [ 522.359037][ T6321] usb 5-1: USB disconnect, device number 89 [ 522.454473][T16103] loop3: detected capacity change from 0 to 1024 [ 522.507159][T16103] hfsplus: Filesystem is marked locked, mounting read-only. [ 522.881401][T16115] loop2: detected capacity change from 0 to 256 [ 522.897057][T16116] warning: `syz.3.4597' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 522.989433][T16115] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 523.078909][T16085] loop0: detected capacity change from 0 to 32768 [ 523.113477][T16121] netlink: 'syz.4.4600': attribute type 16 has an invalid length. [ 523.148691][T16121] netlink: 'syz.4.4600': attribute type 17 has an invalid length. [ 523.219935][T16085] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 523.497866][T16085] XFS (loop0): Ending clean mount [ 523.691352][T16121] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.698873][T16121] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.728967][ T6228] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 524.225127][T16150] loop1: detected capacity change from 0 to 1024 [ 524.249645][T16150] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 524.281304][T16150] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 524.301787][T16150] EXT4-fs (loop1): orphan cleanup on readonly fs [ 524.312387][T16121] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 524.324710][T16150] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.4612: Invalid inode table block 0 in block_group 0 [ 524.341817][T16150] EXT4-fs (loop1): Remounting filesystem read-only [ 524.348209][T16121] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 524.358685][T16150] Quota error (device loop1): write_blk: dquota write failed [ 524.382902][ T30] audit: type=1326 audit(2000524652.393:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16153 comm="syz.0.4608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 524.384831][T16150] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 524.424855][ T30] audit: type=1326 audit(2000524652.393:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16153 comm="syz.0.4608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 524.454354][T16150] EXT4-fs (loop1): 1 truncate cleaned up [ 524.461012][ T30] audit: type=1326 audit(2000524652.430:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16153 comm="syz.0.4608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 524.489470][ T30] audit: type=1326 audit(2000524652.439:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16153 comm="syz.0.4608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 524.496628][T16150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 524.516216][ T30] audit: type=1326 audit(2000524652.439:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16153 comm="syz.0.4608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 524.652259][T16137] netlink: 6 bytes leftover after parsing attributes in process `syz.2.4602'. [ 524.666000][T16137] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 524.718661][ T1146] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 524.728813][ T1146] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 524.771454][ T1146] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 524.798192][ T1146] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 524.856370][ T6231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.091506][T16166] loop2: detected capacity change from 0 to 2048 [ 525.160040][T16166] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 525.183066][T16166] UDF-fs: Scanning with blocksize 512 failed [ 525.235644][T16166] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 525.437872][T16180] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 525.694552][T16191] IPVS: length: 4096 != 24 [ 525.765603][T16195] vlan1: entered allmulticast mode [ 525.780243][T16195] veth0_vlan: entered allmulticast mode [ 525.961391][T16204] loop2: detected capacity change from 0 to 128 [ 526.058210][T16204] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 526.072607][T16204] ext4 filesystem being mounted at /766/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 526.220594][T16218] loop0: detected capacity change from 0 to 736 [ 526.355612][ T6239] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 526.530593][T16227] loop5: detected capacity change from 0 to 4096 [ 526.787193][T16243] capability: warning: `syz.0.4653' uses 32-bit capabilities (legacy support in use) [ 526.823580][T16241] openvswitch: netlink: IP tunnel dst address not specified [ 527.479082][T16267] libceph: resolve '400' (ret=-3): failed [ 527.792390][T16278] loop2: detected capacity change from 0 to 2048 [ 527.841791][T16278] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 527.858645][T16282] loop5: detected capacity change from 0 to 1024 [ 527.887853][T16285] netlink: 'syz.1.4673': attribute type 1 has an invalid length. [ 527.904009][T16282] EXT4-fs: inline encryption not supported [ 527.934074][T16282] EXT4-fs: Ignoring removed i_version option [ 528.000684][T16282] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 528.024246][T16288] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4675'. [ 528.072754][T16282] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.4672: lblock 2 mapped to illegal pblock 2 (length 1) [ 528.126713][T16282] Quota error (device loop5): qtree_write_dquot: dquota write failed [ 528.163979][T16282] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.4672: lblock 0 mapped to illegal pblock 48 (length 1) [ 528.236706][T16282] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 528.284289][T16282] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.4672: Failed to acquire dquot type 0 [ 528.304680][T16282] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 528.354371][T16282] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.4672: mark_inode_dirty error [ 528.392828][T16282] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 528.412211][T16282] EXT4-fs (loop5): 1 orphan inode deleted [ 528.434603][ T49] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 528.455285][T16282] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 528.501088][ T49] Quota error (device loop5): remove_tree: Can't read quota data block 1 [ 528.531232][ T49] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:3: Failed to release dquot type 0 [ 528.605701][T16282] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.641858][T16282] EXT4-fs error (device loop5): __ext4_get_inode_loc:4832: comm syz.5.4672: Invalid inode table block 1 in block_group 0 [ 528.667210][T16282] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6313: Corrupt filesystem [ 528.704558][T16282] EXT4-fs error (device loop5): ext4_quota_off:7229: inode #3: comm syz.5.4672: mark_inode_dirty error [ 528.840076][T16313] vlan0: entered promiscuous mode [ 528.953985][ T6389] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 529.181467][ T6389] usb 4-1: Using ep0 maxpacket: 32 [ 529.194575][ T6389] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 529.222443][ T6389] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 529.256750][ T6389] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.276426][ T6389] usb 4-1: Product: syz [ 529.300622][ T6389] usb 4-1: Manufacturer: syz [ 529.303013][T16331] lo speed is unknown, defaulting to 1000 [ 529.305253][ T6389] usb 4-1: SerialNumber: syz [ 529.335390][ T6389] usb 4-1: config 0 descriptor?? [ 529.356559][ T6389] usb 4-1: bad CDC descriptors [ 529.362234][ T6389] usb 4-1: unsupported MDLM descriptors [ 529.365973][T16331] lo speed is unknown, defaulting to 1000 [ 529.408799][T16331] lo speed is unknown, defaulting to 1000 [ 529.451400][T16331] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 529.518308][T16331] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 529.580967][ T6389] usb 4-1: USB disconnect, device number 99 [ 529.670168][T16331] lo speed is unknown, defaulting to 1000 [ 529.707903][T16331] lo speed is unknown, defaulting to 1000 [ 529.745781][T16331] lo speed is unknown, defaulting to 1000 [ 529.781773][T16331] lo speed is unknown, defaulting to 1000 [ 529.811621][T16331] lo speed is unknown, defaulting to 1000 [ 529.819318][T16331] lo speed is unknown, defaulting to 1000 [ 530.503391][T16375] netlink: 'syz.5.4717': attribute type 10 has an invalid length. [ 530.596571][T16380] loop2: detected capacity change from 0 to 256 [ 530.636269][T16375] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 530.783432][T16380] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d) [ 530.872761][ T30] audit: type=1326 audit(2000524658.356:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.4724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf0258f6c9 code=0x7ffc0000 [ 530.895064][ C0] vkms_vblank_simulate: vblank timer overrun [ 530.997100][ T30] audit: type=1326 audit(2000524658.384:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.4724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf0258f6c9 code=0x7ffc0000 [ 531.019389][ C0] vkms_vblank_simulate: vblank timer overrun [ 531.132000][ T30] audit: type=1326 audit(2000524658.384:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.4724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fcf0258f6c9 code=0x7ffc0000 [ 531.240729][ T30] audit: type=1326 audit(2000524658.384:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.4724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf0258f6c9 code=0x7ffc0000 [ 531.348456][ T30] audit: type=1326 audit(2000524658.384:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16388 comm="syz.3.4724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf0258f6c9 code=0x7ffc0000 [ 531.386389][T16405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4732'. [ 531.411472][T16405] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4732'. [ 531.421490][T16362] loop1: detected capacity change from 0 to 32768 [ 531.465956][T16362] JBD2: Ignoring recovery information on journal [ 531.645150][T16362] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 531.773822][T16362] (syz.1.4711,16362,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10 [ 531.833170][T16362] (syz.1.4711,16362,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2 [ 531.854173][T16362] (syz.1.4711,16362,0):ocfs2_mknod:301 ERROR: status = -2 [ 531.894638][T16362] (syz.1.4711,16362,0):ocfs2_mknod:505 ERROR: status = -2 [ 531.902265][T16362] (syz.1.4711,16362,0):ocfs2_create:678 ERROR: status = -2 [ 532.015227][T16430] vlan0: entered promiscuous mode [ 532.025136][ T6231] ocfs2: Unmounting device (7,1) on (node local) [ 532.097131][ T6314] usb 1-1: new high-speed USB device number 99 using dummy_hcd [ 532.294891][T16439] netlink: 180 bytes leftover after parsing attributes in process `syz.4.4747'. [ 532.323529][ T6314] usb 1-1: Using ep0 maxpacket: 8 [ 532.345177][ T6314] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 532.389957][ T6314] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 532.420853][ T6314] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 532.464392][ T6314] usb 1-1: Product: syz [ 532.468602][ T6314] usb 1-1: Manufacturer: syz [ 532.473199][ T6314] usb 1-1: SerialNumber: syz [ 532.771932][ T6314] usb 1-1: Handspring Visor / Palm OS: No valid connect info available [ 532.810975][ T6314] usb 1-1: Handspring Visor / Palm OS: port 100, is for unknown use [ 532.819039][ T6314] usb 1-1: Handspring Visor / Palm OS: port 96, is for Remote File System use [ 532.879596][T16456] loop2: detected capacity change from 0 to 4096 [ 532.879680][ T6314] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2 [ 532.921074][T16456] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 532.999292][ T6314] usb 1-1: palm_os_3_probe - error -71 getting bytes available request [ 533.027882][ T6314] visor 1-1:1.0: Handspring Visor / Palm OS converter detected [ 533.075609][ T6314] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 533.125752][ T6314] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 533.136140][T16456] ntfs3(loop2): ino=19, mi_enum_attr [ 533.141454][T16456] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 533.169428][ T6314] usb 1-1: USB disconnect, device number 99 [ 533.201895][ T6314] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 533.235235][ T6314] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 533.245181][T16456] ntfs3(loop2): failed to convert "c46c" to koi8-u [ 533.261215][T16456] ntfs3(loop2): ino=20, mi_enum_attr [ 533.272822][ T6314] visor 1-1:1.0: device disconnected [ 533.584447][T16474] loop4: detected capacity change from 0 to 8192 [ 533.642246][T16474] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 533.737587][T16474] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 533.780310][T16474] FAT-fs (loop4): Filesystem has been set read-only [ 533.821010][T16474] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 533.879850][T16474] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 533.981108][T16490] netlink: 'syz.2.4772': attribute type 1 has an invalid length. [ 534.218267][T16472] loop5: detected capacity change from 0 to 32768 [ 534.321917][T16472] ERROR: (device loop5): diAllocAG: nfreeinos = 0, but iag on freelist [ 534.321917][T16472] [ 534.388343][T16472] ERROR: (device loop5): remounting filesystem as read-only [ 534.421647][T16472] ialloc: diAlloc returned -5! [ 534.430891][T16499] loop3: detected capacity change from 0 to 2048 [ 534.518915][T16505] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 534.567803][T16499] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5 [ 534.662147][T16499] Remounting filesystem read-only [ 534.842972][T16480] loop1: detected capacity change from 0 to 40427 [ 534.901224][T16480] F2FS-fs (loop1): build fault injection rate: 690 [ 534.940872][T16480] F2FS-fs (loop1): invalid crc value [ 535.077060][T16521] loop5: detected capacity change from 0 to 8 [ 535.097932][T16521] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 535.370623][T16480] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 535.439390][T16480] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 535.712691][T16540] loop4: detected capacity change from 0 to 1024 [ 535.790494][ T30] audit: type=1800 audit(2000524662.897:29): pid=16540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4795" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 535.903949][T16548] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4801'. [ 535.921894][ T1146] hfsplus: b-tree write err: -5, ino 4 [ 536.493185][T16568] ubi31: attaching mtd0 [ 536.527971][T16568] ubi31: scanning is finished [ 536.534818][T16568] ubi31: empty MTD device detected [ 536.741351][T16577] netlink: 'syz.2.4814': attribute type 5 has an invalid length. [ 536.750349][T16578] SET target dimension over the limit! [ 536.791833][T16582] loop1: detected capacity change from 0 to 512 [ 536.800583][T16568] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 536.808322][T16568] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 536.852051][T16568] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 536.864726][T16582] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.884567][T16568] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 536.885057][T16582] ext4 filesystem being mounted at /728/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 536.892268][T16568] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 536.935249][T16568] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 536.943719][T16568] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2131818924 [ 536.953910][T16568] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 536.975688][T16582] EXT4-fs error (device loop1): ext4_xattr_block_get:597: inode #15: comm syz.1.4797: corrupted xattr block 33: invalid ea_ino [ 536.994811][T16583] ubi31: background thread "ubi_bgt31d" started, PID 16583 [ 537.002495][T16582] EXT4-fs (loop1): Remounting filesystem read-only [ 537.094473][T16590] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4817'. [ 537.153207][T16590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4817'. [ 537.277501][ T6231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.299143][ T78] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 537.371929][ T78] Quota error (device loop1): write_blk: dquota write failed [ 537.409538][ T78] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries [ 537.447970][ T78] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 537.458686][ T78] Quota error (device loop1): write_blk: dquota write failed [ 537.488635][ T78] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list [ 537.572828][ T78] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 537.608263][ T78] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 537.914119][ T6389] usb 5-1: new high-speed USB device number 90 using dummy_hcd [ 538.139157][ T6389] usb 5-1: Using ep0 maxpacket: 8 [ 538.166311][ T6389] usb 5-1: config 2 has an invalid interface number: 31 but max is 0 [ 538.176132][ T6389] usb 5-1: config 2 has no interface number 0 [ 538.197216][ T6389] usb 5-1: config 2 interface 31 has no altsetting 0 [ 538.224475][ T6389] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 538.239842][ T6389] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 538.267061][ T6389] usb 5-1: Product: syz [ 538.275729][ T6389] usb 5-1: Manufacturer: syz [ 538.287030][ T6389] usb 5-1: SerialNumber: syz [ 538.461857][T16640] netlink: 'syz.2.4839': attribute type 1 has an invalid length. [ 538.607052][T16642] netlink: 'syz.5.4840': attribute type 10 has an invalid length. [ 538.678641][T16642] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 538.785859][ T6389] ch9200 5-1:2.31: probe with driver ch9200 failed with error -22 [ 538.810508][T16644] bond0: (slave bond_slave_0): Releasing backup interface [ 538.841202][ T6389] usb 5-1: USB disconnect, device number 90 [ 538.902675][T16614] loop3: detected capacity change from 0 to 32768 [ 538.934706][ T6232] Bluetooth: hci1: unexpected cc 0x0402 length: 61 > 1 [ 538.941623][ T6232] Bluetooth: hci1: Ignoring error of Inquiry Cancel command [ 538.947893][T16654] loop0: detected capacity change from 0 to 64 [ 538.949503][ T6232] Bluetooth: hci1: unexpected event for opcode 0x0402 [ 538.966778][T16614] jfs_mount: Failed to read AGGREGATE_I [ 538.992654][T16614] Mount JFS Failure: -5 [ 539.195231][T16658] loop2: detected capacity change from 0 to 256 [ 539.262165][T16658] exfat: Deprecated parameter 'utf8' [ 539.346326][T16658] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 539.600448][T16673] (syz.3.4853,16673,1):ocfs2_get_sector:1714 ERROR: status = -5 [ 539.637772][T16673] (syz.3.4853,16673,0):ocfs2_sb_probe:753 ERROR: status = -5 [ 539.667350][T16673] (syz.3.4853,16673,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 539.778540][T16673] (syz.3.4853,16673,0):ocfs2_fill_super:1177 ERROR: status = -5 [ 540.084603][T16691] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 540.132686][T16695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4866'. [ 540.503227][ T6389] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 540.647265][T16714] loop5: detected capacity change from 0 to 256 [ 540.702737][ T6389] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 540.741515][ T6389] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.785909][ T6389] usb 5-1: Product: syz [ 540.790101][ T6389] usb 5-1: Manufacturer: syz [ 540.810563][T16720] loop2: detected capacity change from 0 to 512 [ 540.835628][ T6389] usb 5-1: SerialNumber: syz [ 540.904318][ T6389] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 540.955421][ T6321] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 540.955604][T16688] loop1: detected capacity change from 0 to 32768 [ 540.975068][T16726] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4881'. [ 540.991192][T16688] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4862 (16688) [ 540.998281][T16720] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 541.058459][T16688] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 541.080736][T16720] ext4 filesystem being mounted at /816/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 541.109526][T16688] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 541.349182][T16688] BTRFS info (device loop1): enabling ssd optimizations [ 541.370889][T16742] loop0: detected capacity change from 0 to 2043 [ 541.379684][T16688] BTRFS info (device loop1): turning on async discard [ 541.404846][T16688] BTRFS info (device loop1): enabling free space tree [ 541.406937][ T6239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.457924][ T6383] usb 5-1: USB disconnect, device number 91 [ 541.536259][ T6857] Alternate GPT is invalid, using primary GPT. [ 541.555269][ T6857] loop0: p1 p2 p3 [ 541.564661][ T30] audit: type=1326 audit(2000524668.241:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16751 comm="syz.2.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9738f6c9 code=0x7ffc0000 [ 541.587008][ C0] vkms_vblank_simulate: vblank timer overrun [ 541.660985][T16742] Alternate GPT is invalid, using primary GPT. [ 541.667457][T16742] loop0: p1 p2 p3 [ 541.725288][ T30] audit: type=1326 audit(2000524668.241:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16751 comm="syz.2.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f9e9738f6c9 code=0x7ffc0000 [ 541.748060][ C0] vkms_vblank_simulate: vblank timer overrun [ 541.834374][ T30] audit: type=1326 audit(2000524668.241:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16751 comm="syz.2.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9738f6c9 code=0x7ffc0000 [ 541.856693][ C0] vkms_vblank_simulate: vblank timer overrun [ 541.885756][ T6231] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 541.910287][ T8763] udevd[8763]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 541.922491][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 541.923737][ T6396] udevd[6396]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 542.020162][ T30] audit: type=1326 audit(2000524668.241:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16751 comm="syz.2.4885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9738f6c9 code=0x7ffc0000 [ 542.058298][ T6396] udevd[6396]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 542.067509][ T8763] udevd[8763]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 542.081964][ T6857] udevd[6857]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 542.163135][ T6321] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 542.195054][ T6321] ath9k_htc: Failed to initialize the device [ 542.240645][ T6383] usb 5-1: ath9k_htc: USB layer deinitialized [ 542.351803][T16722] loop3: detected capacity change from 0 to 32768 [ 542.420475][T16722] (syz.3.4880,16722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 542.505102][T16722] (syz.3.4880,16722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 542.587594][T16722] JBD2: Ignoring recovery information on journal [ 542.757130][T16722] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 542.940939][ T6321] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 543.068794][ T6225] ocfs2: Unmounting device (7,3) on (node local) [ 543.126005][ T6321] usb 5-1: Using ep0 maxpacket: 8 [ 543.144393][ T6321] usb 5-1: config 0 has an invalid interface number: 150 but max is 0 [ 543.175132][ T6321] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 543.201010][ T6321] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 543.255064][ T6321] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 543.286401][ T6321] usb 5-1: config 0 has no interface number 0 [ 543.328393][ T6321] usb 5-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 543.331051][T16791] PM: Enabling pm_trace changes system date and time during resume. [ 543.331051][T16791] PM: Correct system time has to be restored manually after resume. [ 543.385090][ T6321] usb 5-1: config 0 interface 150 has no altsetting 0 [ 543.415197][ T6321] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 543.450738][ T6321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 543.482493][ T6321] usb 5-1: config 0 descriptor?? [ 543.580616][T16797] cgroup: none used incorrectly [ 543.660489][T16771] loop0: detected capacity change from 0 to 32768 [ 543.766577][T16771] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 543.838555][T16771] XFS (loop0): Ending clean mount [ 543.885645][T16771] XFS (loop0): Quotacheck needed: Please wait. [ 544.004909][ T6314] usb 5-1: USB disconnect, device number 92 [ 544.056868][T16771] XFS (loop0): Quotacheck: Done. [ 544.234195][ T6228] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 544.963119][T16853] loop0: detected capacity change from 0 to 64 [ 545.057688][T16853] hfs: unable to read tree header [ 545.062928][T16853] hfs: unable to open catalog tree [ 545.094348][T16853] hfs: can't find a HFS filesystem on dev loop0 [ 545.126599][T16857] comedi comedi2: Minor 3 could not be opened [ 545.346334][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4938'. [ 545.409071][T16869] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 545.673303][T16877] rtc_cmos 00:00: Alarms can be up to one day in the future [ 545.871668][T16879] loop0: detected capacity change from 0 to 4096 [ 545.904596][T16843] loop2: detected capacity change from 0 to 32768 [ 545.936800][T16879] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 545.971813][T16843] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4927 (16843) [ 546.000547][T16879] ntfs3(loop0): ino=3, mi_enum_attr [ 546.078573][T16843] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 546.122477][T16843] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 546.353160][T16908] loop4: detected capacity change from 0 to 512 [ 546.398613][T16908] EXT4-fs (loop4): orphan cleanup on readonly fs [ 546.457787][T16843] BTRFS info (device loop2): setting nodatasum [ 546.468700][T16908] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.4951: corrupted in-inode xattr: invalid size in ea xattr [ 546.499239][T16843] BTRFS info (device loop2): setting nodatacow [ 546.525675][T16843] BTRFS info (device loop2): turning on async discard [ 546.550924][T16908] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4951: couldn't read orphan inode 15 (err -117) [ 546.581189][T16843] BTRFS info (device loop2): enabling free space tree [ 546.626841][T16908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 546.657072][T16843] BTRFS info (device loop2): force clearing of disk cache [ 546.664231][T16843] BTRFS info (device loop2): enabling auto defrag [ 546.711224][T16843] BTRFS info (device loop2): trying to use backup root at mount time [ 546.817009][ T6240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.065922][ T6239] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 547.180256][T16936] loop5: detected capacity change from 0 to 1024 [ 547.262189][T16939] netlink: 'syz.4.4966': attribute type 12 has an invalid length. [ 547.272265][T16939] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4966'. [ 547.320671][T16936] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 547.380298][ T30] audit: type=1326 audit(2000524673.613:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16945 comm="syz.0.4967" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x0 [ 547.386393][T16942] netlink: 'syz.1.4965': attribute type 16 has an invalid length. [ 547.545509][T16942] netlink: 'syz.1.4965': attribute type 17 has an invalid length. [ 547.673774][ T6241] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.704114][T16950] loop4: detected capacity change from 0 to 764 [ 547.754027][T16950] Symlink component flag not implemented [ 547.806349][T16950] Symlink component flag not implemented [ 547.816700][T16950] Symlink component flag not implemented (128) [ 547.868756][T16950] Symlink component flag not implemented (122) [ 547.888742][T16942] bridge0: port 2(bridge_slave_1) entered disabled state [ 547.896176][T16942] bridge0: port 1(bridge_slave_0) entered disabled state [ 547.982777][T16924] loop3: detected capacity change from 0 to 32768 [ 548.026444][T16924] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4956 (16924) [ 548.082005][T16924] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 548.109041][T16924] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 548.359593][T16924] BTRFS info (device loop3): enabling ssd optimizations [ 548.378273][T16924] BTRFS info (device loop3): turning on async discard [ 548.390726][T16924] BTRFS info (device loop3): enabling free space tree [ 548.629397][T16987] loop2: detected capacity change from 0 to 256 [ 548.689242][T16942] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.714336][ T6225] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 548.741312][T16987] FAT-fs (loop2): Directory bread(block 64) failed [ 548.771397][T16987] FAT-fs (loop2): Directory bread(block 65) failed [ 548.778216][T16987] FAT-fs (loop2): Directory bread(block 66) failed [ 548.782933][T16942] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 548.819118][T16987] FAT-fs (loop2): Directory bread(block 67) failed [ 548.825930][T16987] FAT-fs (loop2): Directory bread(block 68) failed [ 548.832455][T16987] FAT-fs (loop2): Directory bread(block 69) failed [ 548.843571][T16987] FAT-fs (loop2): Directory bread(block 70) failed [ 548.861420][T16987] FAT-fs (loop2): Directory bread(block 71) failed [ 548.877402][T16987] FAT-fs (loop2): Directory bread(block 72) failed [ 548.922766][T16994] loop0: detected capacity change from 0 to 512 [ 548.932273][T16987] FAT-fs (loop2): Directory bread(block 73) failed [ 548.976908][T16994] EXT4-fs: Ignoring removed oldalloc option [ 549.016045][T16994] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 549.089367][T17000] loop4: detected capacity change from 0 to 2048 [ 549.110659][T16994] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002] [ 549.132455][T16994] System zones: 1-3, 19-19, 35-38 [ 549.187043][T17000] UDF-fs: warning (device loop4): udf_fill_super: No fileset found [ 549.213149][T16994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.309778][T16994] ext4 filesystem being mounted at /763/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 549.573466][ T6228] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.036091][ T1151] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.069922][ T1151] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.078865][ T1151] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.163442][ T1151] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.639206][T17039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5003'. [ 550.882042][T17015] loop5: detected capacity change from 0 to 32768 [ 551.189446][T17022] loop0: detected capacity change from 0 to 32768 [ 551.241059][T17022] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4995 (17022) [ 551.326574][T17022] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 551.336022][T17024] loop2: detected capacity change from 0 to 32768 [ 551.357364][T17022] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 551.465701][T17024] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 551.520705][T17081] loop1: detected capacity change from 0 to 128 [ 551.544761][T17022] BTRFS info (device loop0): enabling ssd optimizations [ 551.562791][T17022] BTRFS info (device loop0): turning on async discard [ 551.578454][T17022] BTRFS info (device loop0): enabling free space tree [ 551.600170][T17024] XFS (loop2): Ending clean mount [ 551.619168][ T6314] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 551.661932][T17024] XFS (loop2): Quotacheck needed: Please wait. [ 551.760552][T17024] XFS (loop2): Quotacheck: Done. [ 551.787999][ T6314] usb 5-1: config 220 has too many interfaces: 184, using maximum allowed: 32 [ 551.825101][ T6314] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 184 [ 551.846772][ T6314] usb 5-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85 [ 551.892145][ T6314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.937888][ T6314] gspca_main: sn9c2028-2.14.0 probing 0c45:8008 [ 551.962967][ T6239] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 551.998848][T17093] dummy0: mtu less than device minimum [ 552.082380][T17095] loop1: detected capacity change from 0 to 64 [ 552.100477][ T6228] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 552.157084][T17095] syz.1.5019: attempt to access beyond end of device [ 552.157084][T17095] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 552.255898][T17095] Buffer I/O error on dev loop1, logical block 134217734, async page read [ 552.403503][ T6314] gspca_sn9c2028: read1 error -71 [ 552.430637][ T6314] gspca_sn9c2028: read1 error -71 [ 552.444868][ T6314] sn9c2028 5-1:220.0: probe with driver sn9c2028 failed with error -71 [ 552.522248][ T6314] usb 5-1: USB disconnect, device number 93 [ 553.028088][T17120] netlink: 'syz.5.5029': attribute type 2 has an invalid length. [ 553.035888][T17120] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5029'. [ 553.808464][T17141] loop3: detected capacity change from 0 to 4096 [ 553.857600][T17141] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 553.881369][T17141] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 553.940113][T17141] ntfs3(loop3): ino=1e, "file1" The size of extended attributes must not exceed 64KiB [ 554.096256][T17123] loop4: detected capacity change from 0 to 32768 [ 554.102295][T17157] loop2: detected capacity change from 0 to 256 [ 554.135062][T17123] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5033 (17123) [ 554.251957][T17123] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 554.262163][T17123] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 554.442191][T17123] BTRFS info (device loop4): enabling ssd optimizations [ 554.459925][T17181] netlink: 'syz.3.5055': attribute type 1 has an invalid length. [ 554.483738][T17123] BTRFS info (device loop4): turning on async discard [ 554.526338][T17123] BTRFS info (device loop4): enabling free space tree [ 554.813148][ T6240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 554.913186][T17196] loop5: detected capacity change from 0 to 256 [ 555.163965][T17204] syz.4.5062 uses obsolete (PF_INET,SOCK_PACKET) [ 555.662288][T17222] loop0: detected capacity change from 0 to 256 [ 555.797714][ T30] audit: type=1326 audit(2000524681.376:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.5.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d0b78f6c9 code=0x7ffc0000 [ 555.857768][T17222] FAT-fs (loop0): Directory bread(block 64) failed [ 555.864335][T17222] FAT-fs (loop0): Directory bread(block 65) failed [ 555.872438][ T30] audit: type=1326 audit(2000524681.376:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.5.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d0b78f6c9 code=0x7ffc0000 [ 555.953099][T17222] FAT-fs (loop0): Directory bread(block 66) failed [ 555.959915][ T30] audit: type=1326 audit(2000524681.385:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.5.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f0d0b78f6c9 code=0x7ffc0000 [ 556.028700][T17222] FAT-fs (loop0): Directory bread(block 67) failed [ 556.035663][T17222] FAT-fs (loop0): Directory bread(block 68) failed [ 556.050577][ T30] audit: type=1326 audit(2000524681.385:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.5.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d0b78f6c9 code=0x7ffc0000 [ 556.058985][T17222] FAT-fs (loop0): Directory bread(block 69) failed [ 556.073400][ T30] audit: type=1326 audit(2000524681.385:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.5.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d0b78f6c9 code=0x7ffc0000 [ 556.142169][T17222] FAT-fs (loop0): Directory bread(block 70) failed [ 556.192960][T17222] FAT-fs (loop0): Directory bread(block 71) failed [ 556.199623][T17222] FAT-fs (loop0): Directory bread(block 72) failed [ 556.225760][T17241] ieee802154 phy0 wpan0: encryption failed: -22 [ 556.267068][T17222] FAT-fs (loop0): Directory bread(block 73) failed [ 556.995602][ T30] audit: type=1326 audit(2000524682.483:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.0.5100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 557.096495][ T30] audit: type=1326 audit(2000524682.492:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.0.5100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 557.172226][ T30] audit: type=1326 audit(2000524682.511:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.0.5100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 557.265363][ T30] audit: type=1326 audit(2000524682.511:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.0.5100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 557.335242][T17288] IPv6: sit1: Disabled Multicast RS [ 557.341851][ T30] audit: type=1326 audit(2000524682.511:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.0.5100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 557.367166][T17288] sit1: entered allmulticast mode [ 557.617953][T17301] netlink: zone id is out of range [ 557.839715][T17310] loop1: detected capacity change from 0 to 128 [ 557.969998][T17313] netlink: 'syz.5.5120': attribute type 6 has an invalid length. [ 558.022232][ T6383] usb 1-1: new high-speed USB device number 100 using dummy_hcd [ 558.037570][T17313] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5120'. [ 558.094459][T17313] netlink: 'syz.5.5120': attribute type 6 has an invalid length. [ 558.190223][T17322] netlink: 'syz.4.5124': attribute type 1 has an invalid length. [ 558.190438][T17320] xt_hashlimit: max too large, truncated to 1048576 [ 558.206990][ T6383] usb 1-1: Using ep0 maxpacket: 16 [ 558.222557][ T6383] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 558.249817][ T6383] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.277015][ T6383] usb 1-1: Product: syz [ 558.298561][ T6383] usb 1-1: Manufacturer: syz [ 558.303217][ T6383] usb 1-1: SerialNumber: syz [ 558.344396][ T6383] r8152-cfgselector 1-1: Unknown version 0x0000 [ 558.366225][ T6383] r8152-cfgselector 1-1: config 0 descriptor?? [ 558.447933][T17331] loop4: detected capacity change from 0 to 512 [ 558.495429][T17331] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.5128: error while reading EA inode 32 err=-116 [ 558.533165][T17331] EXT4-fs (loop4): Remounting filesystem read-only [ 558.533328][T17331] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 558.533418][T17331] EXT4-fs (loop4): 1 orphan inode deleted [ 558.596434][ T6321] usb 6-1: new high-speed USB device number 97 using dummy_hcd [ 558.635192][T17331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 558.727830][ T6240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 558.759315][ T6321] usb 6-1: Using ep0 maxpacket: 32 [ 558.782641][ T6321] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 558.816503][ T6321] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 558.849772][ T6321] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 558.869954][ T6383] r8152-cfgselector 1-1: USB disconnect, device number 100 [ 558.898874][ T6321] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 558.919792][ T6321] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 558.956793][ T6321] usb 6-1: Product: syz [ 558.961008][ T6321] usb 6-1: Manufacturer: syz [ 558.984463][ T6321] usb 6-1: SerialNumber: syz [ 559.030215][T17328] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 559.046316][ T6321] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input52 [ 559.053918][T17349] Illegal XDP return value 4294967274 on prog (id 284) dev N/A, expect packet loss! [ 559.166560][T17338] loop2: detected capacity change from 0 to 32768 [ 559.268932][T17338] read_mapping_page failed! [ 559.273672][T17338] jfs_create: dtInsert returned -EIO [ 559.324256][T17338] ERROR: (device loop2): jfs_create: [ 559.324256][T17338] [ 559.348198][T17338] ERROR: (device loop2): remounting filesystem as read-only [ 559.369743][ T6321] usb 6-1: USB disconnect, device number 97 [ 559.460717][T17359] loop1: detected capacity change from 0 to 2048 [ 559.471817][ T6321] appletouch 6-1:1.0: input: appletouch disconnected [ 559.514428][T17359] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 560.086748][T17377] loop2: detected capacity change from 0 to 1764 [ 560.119652][T17370] loop3: detected capacity change from 0 to 4096 [ 560.191765][T17383] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 560.225841][T17370] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 560.296857][T17370] Remounting filesystem read-only [ 560.463315][T17390] loop2: detected capacity change from 0 to 128 [ 560.517037][T17390] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 560.583471][T17390] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 560.687390][ T6383] usb 1-1: new high-speed USB device number 101 using dummy_hcd [ 560.886845][ T6383] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 560.935328][ T6383] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 560.977600][ T6383] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 561.018333][ T6383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 561.071833][T17388] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 561.112187][ T6383] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 561.216873][T17405] loop2: detected capacity change from 0 to 4096 [ 561.317802][T17410] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 561.450506][T17380] loop5: detected capacity change from 0 to 32768 [ 561.562189][T17415] loop1: detected capacity change from 0 to 512 [ 561.573433][T17415] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 561.609716][ T6383] usb 1-1: USB disconnect, device number 101 [ 561.622535][T17380] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 561.766050][T17415] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 561.782043][T17415] ext4 filesystem being mounted at /791/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 561.809535][T17380] XFS (loop5): Ending clean mount [ 561.857149][T17380] XFS (loop5): Quotacheck needed: Please wait. [ 561.918279][T17424] netlink: 348 bytes leftover after parsing attributes in process `syz.2.5167'. [ 561.977875][T17380] XFS (loop5): Quotacheck: Done. [ 561.995478][ T6231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.052124][T17409] loop4: detected capacity change from 0 to 32768 [ 562.150914][T17426] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 562.200021][ T6241] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 562.266668][T17396] loop3: detected capacity change from 0 to 40427 [ 562.351444][T17396] F2FS-fs (loop3): invalid crc value [ 562.427159][T17433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5174'. [ 562.456522][T17433] netlink: 'syz.0.5174': attribute type 5 has an invalid length. [ 562.490426][T17433] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5174'. [ 562.583277][T17433] geneve2: entered promiscuous mode [ 562.597147][T17433] geneve2: entered allmulticast mode [ 562.629414][ T78] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 562.682625][ T78] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 562.713443][ T78] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 562.793823][T17396] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 562.794590][T17437] 8021q: adding VLAN 0 to HW filter on device bond0 [ 562.864708][T17437] bond0: (slave rose0): Enslaving as an active interface with an up link [ 562.875477][T17396] F2FS-fs (loop3): Start checkpoint disabled! [ 562.919437][ T78] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 562.972308][T17396] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0 [ 563.032405][T17396] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 563.432204][T17428] loop1: detected capacity change from 0 to 32768 [ 563.468156][T17455] loop5: detected capacity change from 0 to 1024 [ 563.506445][T17428] [ 563.506445][T17428] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 563.506445][T17428] [ 563.563373][T17428] ERROR: (device loop1): ea_get: invalid ea.flag [ 563.563373][T17428] [ 563.579515][T17458] loop0: detected capacity change from 0 to 64 [ 563.623457][T17428] ERROR: (device loop1): remounting filesystem as read-only [ 563.884549][T17464] netlink: 'syz.4.5182': attribute type 41 has an invalid length. [ 564.049747][T17467] netlink: 'syz.5.5183': attribute type 25 has an invalid length. [ 564.124440][T17467] IPv6: NLM_F_CREATE should be specified when creating new route [ 564.497951][T17483] netlink: 34 bytes leftover after parsing attributes in process `syz.5.5190'. [ 564.646411][T17451] loop2: detected capacity change from 0 to 32768 [ 564.700896][T17451] (syz.2.5178,17451,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 564.780716][T17451] (syz.2.5178,17451,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 564.888681][T17451] (syz.2.5178,17451,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 565.058200][T17451] JBD2: Ignoring recovery information on journal [ 565.092797][T17500] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5196'. [ 565.124150][T17500] unsupported nlmsg_type 40 [ 565.278817][T17451] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 565.327351][T17477] loop1: detected capacity change from 0 to 32768 [ 565.411775][T17477] ea_get: invalid extended attribute [ 565.702862][ T6239] ocfs2: Unmounting device (7,2) on (node local) [ 566.115608][T17526] loop5: detected capacity change from 0 to 4096 [ 566.159101][ T6389] usb 4-1: new high-speed USB device number 100 using dummy_hcd [ 566.217572][T17526] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 566.246293][T17526] ntfs3(loop5): Failed to initialize $Extend/$ObjId. [ 566.337607][ T6389] usb 4-1: Using ep0 maxpacket: 16 [ 566.342916][ T6321] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 566.368309][ T6389] usb 4-1: config 0 interface 0 altsetting 18 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 566.381593][ T6232] Bluetooth: hci3: unexpected event for opcode 0x0c38 [ 566.390502][ T6427] usb 2-1: new high-speed USB device number 89 using dummy_hcd [ 566.473341][ T6314] usb 1-1: new high-speed USB device number 102 using dummy_hcd [ 566.474553][ T6389] usb 4-1: config 0 interface 0 has no altsetting 0 [ 566.530602][ T6389] usb 4-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 566.542651][ T6321] usb 5-1: Using ep0 maxpacket: 16 [ 566.566017][ T6321] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 566.581246][ T6427] usb 2-1: Using ep0 maxpacket: 8 [ 566.586449][ T6389] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.595341][ T6321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.606270][ T6427] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 566.622779][ T6389] usb 4-1: Product: syz [ 566.627706][ T6321] usb 5-1: Product: syz [ 566.632151][ T6389] usb 4-1: Manufacturer: syz [ 566.635679][ T6314] usb 1-1: Using ep0 maxpacket: 16 [ 566.640142][ T6427] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 566.651649][ T6314] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 566.656522][ T6321] usb 5-1: Manufacturer: syz [ 566.665612][ T6389] usb 4-1: SerialNumber: syz [ 566.666280][ T6314] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.681356][ T6427] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 566.700408][ T6321] usb 5-1: SerialNumber: syz [ 566.709166][ T6427] usb 2-1: Product: syz [ 566.715548][ T6321] usb 5-1: config 0 descriptor?? [ 566.720789][ T6314] usb 1-1: Product: syz [ 566.725144][ T6427] usb 2-1: Manufacturer: syz [ 566.730163][ T6427] usb 2-1: SerialNumber: syz [ 566.738577][ T6321] visor 5-1:0.0: Sony Clie 3.5 converter detected [ 566.743856][ T6314] usb 1-1: Manufacturer: syz [ 566.746623][ T6389] usb 4-1: config 0 descriptor?? [ 566.761478][ T6314] usb 1-1: SerialNumber: syz [ 566.799624][ T6314] usb 1-1: config 0 descriptor?? [ 566.799966][ T6389] hub 4-1:0.0: bad descriptor, ignoring hub [ 566.813103][ T6314] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 566.827266][ T6314] usb 1-1: Detected FT232H [ 566.837741][ T6389] hub 4-1:0.0: probe with driver hub failed with error -5 [ 566.853703][ T6307] usb 3-1: new high-speed USB device number 102 using dummy_hcd [ 566.865724][ T6389] usb 4-1: selecting invalid altsetting 0 [ 566.871731][ T6389] usb 4-1: can't set first interface for hiFace device. [ 566.884564][ T6389] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -5 [ 567.005058][ T6427] usb 2-1: Handspring Visor / Palm OS: No valid connect info available [ 567.034254][ T6427] usb 2-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 567.041072][ T6314] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 567.055252][ T6307] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 567.071172][ T6427] usb 2-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 567.075949][ T6307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 567.087677][ T6314] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 567.097593][ T6427] usb 2-1: Handspring Visor / Palm OS: Number of ports: 2 [ 567.109301][ T6314] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71 [ 567.120364][ T6307] usb 3-1: Product: syz [ 567.134771][ T6307] usb 3-1: Manufacturer: syz [ 567.139400][ T6307] usb 3-1: SerialNumber: syz [ 567.152348][ T6314] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 567.178526][ T6321] usb 5-1: clie_3_5_startup: get interface number failed: -71 [ 567.188242][ T6307] usb 3-1: config 0 descriptor?? [ 567.193483][ T6321] visor 5-1:0.0: probe with driver visor failed with error -71 [ 567.201902][ T6359] usb 4-1: USB disconnect, device number 100 [ 567.209343][ T6314] usb 1-1: USB disconnect, device number 102 [ 567.229058][ T6427] usb 2-1: palm_os_3_probe - error -71 getting bytes available request [ 567.250876][ T6427] visor 2-1:1.0: Handspring Visor / Palm OS converter detected [ 567.270419][ T6314] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 567.282397][ T6321] usb 5-1: USB disconnect, device number 94 [ 567.303076][ T6314] ftdi_sio 1-1:0.0: device disconnected [ 567.339447][ T6427] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 567.377117][ T6427] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB2 [ 567.407437][ T6427] usb 2-1: USB disconnect, device number 89 [ 567.443097][ T6427] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 567.483366][ T6427] visor ttyUSB2: Handspring Visor / Palm OS converter now disconnected from ttyUSB2 [ 567.505162][ T6427] visor 2-1:1.0: device disconnected [ 567.661444][ T6307] usb 3-1: f81604_write: reg: 105 data: 99 failed: -EPROTO [ 567.688496][ T6307] f81604 3-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 567.706408][ T6307] f81604 3-1:0.0: probe with driver f81604 failed with error -71 [ 567.765432][ T6307] usb 3-1: USB disconnect, device number 102 [ 567.915336][T17575] ipt_REJECT: TCP_RESET invalid for non-tcp [ 568.436238][T17596] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5230'. [ 568.516389][T17601] loop0: detected capacity change from 0 to 512 [ 568.605204][T17601] EXT4-fs: Ignoring removed orlov option [ 568.639831][T17605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5235'. [ 568.640848][T17601] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 568.688665][T17605] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5235'. [ 568.710332][T17601] EXT4-fs (loop0): orphan cleanup on readonly fs [ 568.748198][T17601] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5232: bg 0: block 248: padding at end of block bitmap is not set [ 568.768614][T17601] Quota error (device loop0): write_blk: dquota write failed [ 568.780579][T17601] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 568.790656][T17601] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.5232: Failed to acquire dquot type 1 [ 568.806853][T17601] EXT4-fs (loop0): 1 truncate cleaned up [ 568.964769][ T6427] usb 6-1: new full-speed USB device number 98 using dummy_hcd [ 568.965441][T17601] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 569.106121][T17601] EXT4-fs: Ignoring removed orlov option [ 569.113545][T17601] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 569.164276][ T6427] usb 6-1: config 0 has an invalid interface number: 176 but max is 2 [ 569.184975][ T6427] usb 6-1: config 0 has no interface number 1 [ 569.194853][ T6427] usb 6-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 569.204293][T17601] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 569.216118][ T6427] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 569.251340][T17628] team0: Port device team_slave_0 removed [ 569.259418][T17601] EXT4-fs error (device loop0): __ext4_remount:6748: comm syz.0.5232: Abort forced by user [ 569.270962][T17628] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 569.272394][ T6427] usb 6-1: config 0 descriptor?? [ 569.288724][T17630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5245'. [ 569.301666][T17630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5245'. [ 569.310672][T17601] EXT4-fs (loop0): Remounting filesystem read-only [ 569.339521][T17601] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 569.370972][T17601] ext4 filesystem being remounted at /802/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 569.547677][ T6427] qcserial 6-1:0.2: Qualcomm USB modem converter detected [ 569.580714][ T6228] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.871746][ T6321] usb 6-1: USB disconnect, device number 98 [ 569.879925][ T6321] qcserial 6-1:0.2: device disconnected [ 570.384671][T17670] bond1: option fail_over_mac: invalid value (15) [ 570.441152][T17670] bond1 (unregistering): Released all slaves [ 570.613568][T17686] ip6t_rpfilter: unknown options [ 570.734646][T17687] bond2: option lp_interval: invalid value (0) [ 570.751361][T17687] bond2: option lp_interval: allowed values 1 - 2147483647 [ 570.773641][T17687] bond2 (unregistering): Released all slaves [ 570.951792][T17700] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5278'. [ 571.024993][T17702] loop3: detected capacity change from 0 to 128 [ 572.000706][T17739] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 572.217078][T17748] netlink: 830 bytes leftover after parsing attributes in process `syz.1.5302'. [ 572.329438][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.335829][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.724738][ T6427] usb 1-1: new high-speed USB device number 103 using dummy_hcd [ 572.913136][ T6427] usb 1-1: Using ep0 maxpacket: 8 [ 572.940191][ T6427] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 572.967224][ T6427] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.006786][ T6427] usb 1-1: Product: syz [ 573.011796][ T6427] usb 1-1: Manufacturer: syz [ 573.016502][ T6427] usb 1-1: SerialNumber: syz [ 573.072013][ T6427] usb 1-1: config 0 descriptor?? [ 573.096709][ T6427] radio-usb-si4713 1-1:0.0: Si4713 development board discovered: (10C4:8244) [ 573.406917][T17802] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5328'. [ 573.549131][ T6427] radio-usb-si4713 1-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 573.574107][ T6427] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 573.631607][ T6427] usb 1-1: USB disconnect, device number 103 [ 573.890139][T17822] loop4: detected capacity change from 0 to 16 [ 573.923564][T17826] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5340'. [ 573.942772][T17822] erofs (device loop4): mounted with root inode @ nid 36. [ 575.570619][T17834] loop1: detected capacity change from 0 to 32768 [ 575.709761][T17834] ERROR: (device loop1): diAllocBit: iag inconsistent [ 575.709761][T17834] [ 575.780333][T17834] ERROR: (device loop1): remounting filesystem as read-only [ 575.814312][T17834] ialloc: diAlloc returned -5! [ 575.851923][ T30] audit: type=1326 audit(2000524699.891:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.0.5369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 575.949391][ T30] audit: type=1326 audit(2000524699.919:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.0.5369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 576.055461][ T30] audit: type=1326 audit(2000524699.928:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.0.5369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 576.153032][ T30] audit: type=1326 audit(2000524699.928:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.0.5369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 576.199520][T17892] loop2: detected capacity change from 0 to 4096 [ 576.231761][T17901] netlink: 'syz.3.5377': attribute type 29 has an invalid length. [ 576.256996][T17892] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 576.267073][ T30] audit: type=1326 audit(2000524699.928:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17887 comm="syz.0.5369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a718f6c9 code=0x7ffc0000 [ 576.297625][T17901] netlink: 'syz.3.5377': attribute type 3 has an invalid length. [ 576.324854][T17901] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5377'. [ 576.370706][T17892] ntfs3(loop2): ino=19, mi_enum_attr [ 576.379938][T17904] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5378'. [ 576.400781][T17892] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 576.458773][T17892] ntfs3(loop2): failed to convert "c46c" to cp437 [ 576.475799][T17892] ntfs3(loop2): ino=20, mi_enum_attr [ 576.658374][T17911] bridge0: port 3(veth1_vlan) entered blocking state [ 576.711251][T17911] bridge0: port 3(veth1_vlan) entered disabled state [ 576.718176][T17911] veth1_vlan: entered allmulticast mode [ 576.802070][T17911] veth1_vlan: left allmulticast mode [ 576.808103][T17915] sit0: entered promiscuous mode [ 576.880552][T17915] netlink: 'syz.5.5384': attribute type 1 has an invalid length. [ 577.329396][T17942] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 578.170908][T17986] loop2: detected capacity change from 0 to 2048 [ 578.245150][T17986] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 578.361482][T17986] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 578.446555][T17986] UDF-fs: unknown compression code (0) [ 578.851301][T17998] loop1: detected capacity change from 0 to 4096 [ 578.884231][T17998] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 579.012619][T17998] ntfs3(loop1): ino=1a, mi_enum_attr [ 579.017961][T17998] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 579.287390][T18022] loop0: detected capacity change from 0 to 256 [ 579.403041][T18022] FAT-fs (loop0): Directory bread(block 64) failed [ 579.441829][T18022] FAT-fs (loop0): Directory bread(block 65) failed [ 579.476335][T18022] FAT-fs (loop0): Directory bread(block 66) failed [ 579.482906][T18022] FAT-fs (loop0): Directory bread(block 67) failed [ 579.552246][T18032] loop3: detected capacity change from 0 to 8 [ 579.560007][T18022] FAT-fs (loop0): Directory bread(block 68) failed [ 579.593455][T18022] FAT-fs (loop0): Directory bread(block 69) failed [ 579.615124][T18022] FAT-fs (loop0): Directory bread(block 70) failed [ 579.621679][T18022] FAT-fs (loop0): Directory bread(block 71) failed [ 579.656346][T18022] FAT-fs (loop0): Directory bread(block 72) failed [ 579.665905][T18032] SQUASHFS error: Failed to read block 0x34e: -5 [ 579.679540][T18022] FAT-fs (loop0): Directory bread(block 73) failed [ 579.712358][T18032] SQUASHFS error: Unable to read metadata cache entry [34c] [ 579.801560][ T30] audit: type=1800 audit(2000524703.537:50): pid=18032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5437" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 580.029489][T18049] netlink: 'syz.5.5443': attribute type 10 has an invalid length. [ 580.065535][T18044] loop1: detected capacity change from 0 to 4096 [ 580.111402][T18044] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 580.137459][T18049] macvlan0: entered promiscuous mode [ 580.184161][T18049] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 580.388833][T18044] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 581.317907][T18092] loop3: detected capacity change from 0 to 8 [ 581.430009][T18092] SQUASHFS error: Failed to read block 0x285: -5 [ 581.449832][T18100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5462'. [ 581.478691][T18092] SQUASHFS error: Unable to read metadata cache entry [283] [ 581.508095][T18092] SQUASHFS error: Unable to read symlink [8f:60] [ 581.786731][T18057] loop4: detected capacity change from 0 to 40427 [ 581.821927][ T30] audit: type=1400 audit(2000524705.392:51): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=18110 comm="syz.2.5469" [ 581.862878][T18057] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 581.888355][T18114] @ÿ: renamed from veth0_vlan (while UP) [ 581.901369][T18057] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 581.947855][T18057] F2FS-fs (loop4): invalid crc value [ 581.967376][T18116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5471'. [ 582.282711][T18057] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 582.312103][T18057] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 582.327610][T18133] loop3: detected capacity change from 0 to 512 [ 582.334166][T18057] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 582.415433][T18057] syz.4.5446: attempt to access beyond end of device [ 582.415433][T18057] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 582.421805][T18133] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 582.510981][T18133] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.5478: iget: bad i_size value: -67835469387268086 [ 582.540532][T18133] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5478: couldn't read orphan inode 15 (err -117) [ 582.629117][T18133] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.688145][T18133] ext2 filesystem being mounted at /847/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 582.767790][T18133] EXT4-fs error (device loop3): ext4_add_entry:2417: inode #2: comm syz.3.5478: Directory hole found for htree leaf block 0 [ 582.818963][T18146] netlink: 124 bytes leftover after parsing attributes in process `syz.1.5483'. [ 582.833913][T18148] netlink: 45 bytes leftover after parsing attributes in process `syz.0.5484'. [ 582.883072][ T6225] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 583.064849][T18125] loop2: detected capacity change from 0 to 32768 [ 583.091626][T18154] netlink: 'syz.3.5486': attribute type 11 has an invalid length. [ 583.124786][T18156] netlink: 'syz.5.5489': attribute type 4 has an invalid length. [ 583.143217][T18156] netlink: 'syz.5.5489': attribute type 4 has an invalid length. [ 583.151142][T18156] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5489'. [ 583.183105][T18125] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 583.373045][T18125] XFS (loop2): Ending clean mount [ 583.434826][T18125] XFS (loop2): Quotacheck needed: Please wait. [ 583.582382][T18125] XFS (loop2): Quotacheck: Done. [ 583.745255][ T6239] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 583.844536][T18186] overlayfs: cannot append lower layer [ 583.942909][T18180] bond1: option updelay: invalid value (18446744073709547520) [ 584.053288][T18180] bond1: option updelay: allowed values 0 - 2147483647 [ 584.106401][T18180] bond1 (unregistering): Released all slaves [ 584.245912][T18198] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 584.286131][T18198] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 584.765610][T18216] loop2: detected capacity change from 0 to 512 [ 584.807455][T18216] EXT4-fs: Ignoring removed nomblk_io_submit option [ 584.835770][T18216] EXT4-fs (loop2): filesystem is read-only [ 584.857531][T18216] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 584.907611][T18216] EXT4-fs (loop2): filesystem is read-only [ 584.942506][T18216] EXT4-fs (loop2): orphan cleanup on readonly fs [ 584.963768][T18216] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #16: comm syz.2.5513: iget: bad i_size value: 648518346341360424 [ 585.036740][T18216] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5513: couldn't read orphan inode 16 (err -117) [ 585.079295][T18216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 585.283987][ T6239] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.315795][T18235] loop3: detected capacity change from 0 to 16 [ 585.367862][T18235] erofs (device loop3): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 585.400458][T18235] erofs (device loop3): mounted with root inode @ nid 36. [ 585.472212][T18235] syz.3.5521: attempt to access beyond end of device [ 585.472212][T18235] loop3: rw=0, sector=0, nr_sectors = 257 limit=16 [ 585.536100][T18235] erofs (device loop3): read error -5 @ 0 of nid 36 [ 585.867418][T18218] loop1: detected capacity change from 0 to 32768 [ 585.920936][T18218] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 585.993800][T18218] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 586.052774][T18254] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5530'. [ 586.087351][T18218] (syz.1.5516,18218,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=9 [ 586.115360][T18254] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 586.162951][T18218] (syz.1.5516,18218,1):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2 [ 586.212970][T18218] (syz.1.5516,18218,0):ocfs2_mknod:301 ERROR: status = -2 [ 586.259571][T18218] (syz.1.5516,18218,0):ocfs2_mknod:505 ERROR: status = -2 [ 586.344061][T18260] bond1: Removing last arp target with arp_interval on [ 586.352256][T18218] (syz.1.5516,18218,0):ocfs2_mkdir:661 ERROR: status = -2 [ 586.374934][T18260] bond1: entered promiscuous mode [ 586.426742][T18260] bond1: entered allmulticast mode [ 586.473442][T18260] 8021q: adding VLAN 0 to HW filter on device bond1 [ 586.486658][ T6231] ocfs2: Unmounting device (7,1) on (node local) [ 586.511388][T18273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5538'. [ 586.915564][T18284] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5544'. [ 587.155739][ T6389] usb 2-1: new high-speed USB device number 90 using dummy_hcd [ 587.347865][T18309] overlayfs: conflicting options: userxattr,redirect_dir=on [ 587.383692][ T6389] usb 2-1: Using ep0 maxpacket: 32 [ 587.402560][ T6389] usb 2-1: unable to get BOS descriptor or descriptor too short [ 587.432721][ T6389] usb 2-1: config 7 has an invalid interface number: 187 but max is 0 [ 587.451395][ T6389] usb 2-1: config 7 has no interface number 0 [ 587.460929][T18313] xt_TPROXY: Can be used only with -p tcp or -p udp [ 587.472113][ T6389] usb 2-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 587.491475][ T6389] usb 2-1: config 7 interface 187 has no altsetting 0 [ 587.539116][ T6389] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 587.557847][ T6389] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.582430][ T6389] usb 2-1: Product: syz [ 587.586609][ T6389] usb 2-1: Manufacturer: syz [ 587.635880][ T6389] usb 2-1: SerialNumber: syz [ 587.916428][ T6389] usb 2-1: Unknown endpoint type found, address 0x07 [ 587.956003][ T6389] usb 2-1: Unknown endpoint type found, address 0x03 [ 587.985153][ T6389] usb 2-1: Not enough endpoints found in device, aborting! [ 588.106628][T18334] netlink: 264 bytes leftover after parsing attributes in process `syz.3.5569'. [ 588.185917][ T6389] usb 2-1: USB disconnect, device number 90 [ 588.348447][T18339] loop2: detected capacity change from 0 to 4096 [ 588.379757][T18339] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 588.502368][T18308] loop5: detected capacity change from 0 to 32768 [ 588.572618][T18339] ntfs3: Couldn't remount rw because journal is not replayed. Please umount/remount instead [ 588.572618][T18339] [ 588.600927][T18308] JBD2: Ignoring recovery information on journal [ 588.736012][T18352] loop0: detected capacity change from 0 to 4096 [ 588.757701][T18308] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 588.769099][T18352] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 588.789299][ T6383] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 589.044137][ T6383] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 589.053496][ T6383] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 589.088910][ T6383] usb 5-1: config 0 descriptor?? [ 589.145420][ T6241] ocfs2: Unmounting device (7,5) on (node local) [ 589.274986][T18359] bond1: option lacp_active: invalid value (8) [ 589.318812][ T6383] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 589.355091][T18366] netlink: 'syz.0.5583': attribute type 5 has an invalid length. [ 589.368043][T18359] bond1 (unregistering): Released all slaves [ 589.538297][ T6383] [drm:udl_init] *ERROR* Selecting channel failed [ 589.648995][ T6383] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 589.679098][ T6383] [drm] Initialized udl on minor 2 [ 589.705720][ T6383] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 589.754916][ T6383] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 589.784729][ T6314] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 589.834593][ T6314] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 589.845792][ T6383] usb 5-1: USB disconnect, device number 95 [ 589.864067][ T6307] usb 3-1: new high-speed USB device number 103 using dummy_hcd [ 589.897480][ T6314] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 590.027687][T18382] comedi comedi0: pcl730: I/O port conflict (0x7,4) [ 590.037358][ T6307] usb 3-1: Using ep0 maxpacket: 16 [ 590.070744][ T6307] usb 3-1: config index 0 descriptor too short (expected 16456, got 72) [ 590.101800][ T6307] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 590.156047][ T6307] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 590.193356][ T6307] usb 3-1: config 0 has an invalid interface number: 125 but max is 1 [ 590.224049][ T6307] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 590.265810][ T6307] usb 3-1: config 0 has no interface number 0 [ 590.286546][ T6307] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 590.328383][ T6307] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 590.361147][ T6307] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 590.395112][ T6307] usb 3-1: config 0 interface 125 has no altsetting 0 [ 590.402038][ T6307] usb 3-1: config 0 interface 125 has no altsetting 1 [ 590.436165][ T6307] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 590.456788][ T6307] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.467318][ T6307] usb 3-1: Product: syz [ 590.471881][ T6307] usb 3-1: Manufacturer: syz [ 590.476749][ T6307] usb 3-1: SerialNumber: syz [ 590.515714][ T6307] usb 3-1: config 0 descriptor?? [ 590.817566][T18410] netlink: 'syz.3.5606': attribute type 1 has an invalid length. [ 591.012218][ T6307] usb 3-1: USB disconnect, device number 103 [ 591.031616][T18418] loop3: detected capacity change from 0 to 64 [ 591.957667][T18408] loop1: detected capacity change from 0 to 32768 [ 591.998926][T18456] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 592.027862][T18408] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 592.231524][T18408] XFS (loop1): Ending clean mount [ 592.262859][T18408] XFS (loop1): Quotacheck needed: Please wait. [ 592.311199][T18469] loop3: detected capacity change from 0 to 2048 [ 592.396695][T18408] XFS (loop1): Quotacheck: Done. [ 592.405177][T18475] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 592.714866][ T6231] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 592.889626][T18485] loop5: detected capacity change from 0 to 1764 [ 593.440847][T18502] loop0: detected capacity change from 0 to 2048 [ 593.455518][T18506] loop3: detected capacity change from 0 to 256 [ 593.542253][T18502] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 593.569728][T18506] FAT-fs (loop3): Directory bread(block 64) failed [ 593.592510][T18506] FAT-fs (loop3): Directory bread(block 65) failed [ 593.610666][T18506] FAT-fs (loop3): Directory bread(block 66) failed [ 593.649332][T18506] FAT-fs (loop3): Directory bread(block 67) failed [ 593.688587][T18506] FAT-fs (loop3): Directory bread(block 68) failed [ 593.695174][T18506] FAT-fs (loop3): Directory bread(block 69) failed [ 593.721479][T18506] FAT-fs (loop3): Directory bread(block 70) failed [ 593.787199][T18506] FAT-fs (loop3): Directory bread(block 71) failed [ 593.795245][T18481] loop4: detected capacity change from 0 to 32768 [ 593.832253][T18506] FAT-fs (loop3): Directory bread(block 72) failed [ 593.839736][T18513] xt_TPROXY: Can be used only with -p tcp or -p udp [ 593.863242][T18481] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5636 (18481) [ 593.885055][T18506] FAT-fs (loop3): Directory bread(block 73) failed [ 593.946236][T18481] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 594.002824][T18481] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 594.044943][T18481] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 594.359365][T18481] BTRFS info (device loop4): rebuilding free space tree [ 594.404096][T18481] BTRFS info (device loop4): disabling free space tree [ 594.411020][T18481] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 594.491866][T18481] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 594.551171][T18481] BTRFS info (device loop4): setting nodatasum [ 594.578931][T18481] BTRFS info (device loop4): allowing degraded mounts [ 594.585742][T18481] BTRFS info (device loop4): turning on async discard [ 594.620216][T18481] BTRFS info (device loop4): enabling disk space caching [ 594.627835][T18549] loop3: detected capacity change from 0 to 1024 [ 594.628867][T18549] EXT4-fs: Ignoring removed oldalloc option [ 594.674665][T18481] BTRFS info (device loop4): force clearing of disk cache [ 594.717734][T18481] BTRFS info (device loop4): force zlib compression, level 3 [ 594.791078][T18549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 594.813046][T18509] loop1: detected capacity change from 0 to 32768 [ 594.936999][T18481] BTRFS info (device loop4): balance: start -susage=3,devid=0,vrange=1..3,limit=233 [ 594.953703][T18509] ea_get: invalid extended attribute [ 594.967715][T18481] BTRFS info (device loop4): balance: ended with status: 0 [ 594.976458][T18549] EXT4-fs error (device loop3): ext4_generic_delete_entry:2668: inode #2: block 16: comm syz.3.5661: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 595.103409][T18549] EXT4-fs error (device loop3) in ext4_delete_entry:2739: Corrupt filesystem [ 595.161574][T18549] EXT4-fs warning (device loop3): ext4_rename_delete:3731: inode #2: comm syz.3.5661: Deleting old file: nlink 4, error=-117 [ 595.197798][ T6240] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 595.371406][ T6225] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.459985][T18572] netlink: 272 bytes leftover after parsing attributes in process `syz.0.5673'. [ 596.424392][T18595] loop5: detected capacity change from 0 to 4096 [ 596.632178][T18573] loop2: detected capacity change from 0 to 32768 [ 596.670319][T18573] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5674 (18573) [ 596.778789][T18573] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 596.828185][T18573] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 597.005025][T18573] BTRFS info (device loop2): enabling ssd optimizations [ 597.068891][T18573] BTRFS info (device loop2): turning on async discard [ 597.076001][T18573] BTRFS info (device loop2): enabling free space tree [ 597.283478][T18646] xt_bpf: check failed: parse error [ 597.301782][ T6239] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 597.335786][T18645] loop5: detected capacity change from 0 to 1764 [ 597.355325][T18641] bond1: entered promiscuous mode [ 597.407364][T18641] 8021q: adding VLAN 0 to HW filter on device bond1 [ 597.742308][T18664] netlink: 7 bytes leftover after parsing attributes in process `syz.3.5709'. [ 597.872286][T18664] netlink: 7 bytes leftover after parsing attributes in process `syz.3.5709'. [ 598.698187][T18699] loop4: detected capacity change from 0 to 512 [ 598.811723][T18699] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 598.857811][T18699] ext4 filesystem being mounted at /872/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 598.964290][T18699] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.5728: corrupted xattr block 6: invalid header [ 599.021536][T18711] netlink: 'syz.0.5732': attribute type 7 has an invalid length. [ 599.051810][T18711] netlink: 'syz.0.5732': attribute type 8 has an invalid length. [ 599.070699][T18711] netlink: 'syz.0.5732': attribute type 13 has an invalid length. [ 599.104081][T18713] loop1: detected capacity change from 0 to 1764 [ 599.143067][ T6240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.424334][T18727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5736'. [ 599.429514][T18726] loop0: detected capacity change from 0 to 1764 [ 599.648951][ T6389] usb 3-1: new high-speed USB device number 104 using dummy_hcd [ 599.821108][T18742] openvswitch: netlink: IP tunnel dst address not specified [ 599.843347][ T6389] usb 3-1: Using ep0 maxpacket: 32 [ 599.856635][ T6389] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 599.881228][ T6389] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 599.916678][ T6389] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 599.946403][ T6389] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 599.965874][ T6389] usb 3-1: Product: syz [ 599.974964][ T6389] usb 3-1: Manufacturer: syz [ 600.023951][ T6389] hub 3-1:4.0: USB hub found [ 600.146747][T18753] kAFS: unable to lookup cell '.,' [ 600.245637][ T6389] hub 3-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 600.583826][ T6389] usb 3-1: USB disconnect, device number 104 [ 600.632683][T18766] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 600.899016][T18781] xt_hashlimit: max too large, truncated to 1048576 [ 600.941628][T18781] Cannot find del_set index 2 as target [ 602.398285][T18844] openvswitch: netlink: IP tunnel dst address not specified [ 602.482426][T18787] loop1: detected capacity change from 0 to 32768 [ 602.548789][T18848] sctp: [Deprecated]: syz.4.5788 (pid 18848) Use of struct sctp_assoc_value in delayed_ack socket option. [ 602.548789][T18848] Use struct sctp_sack_info instead [ 602.685915][T18853] loop5: detected capacity change from 0 to 256 [ 602.816796][T18853] FAT-fs (loop5): Directory bread(block 64) failed [ 602.847000][T18853] FAT-fs (loop5): Directory bread(block 65) failed [ 602.875629][T18853] FAT-fs (loop5): Directory bread(block 66) failed [ 602.886821][T18853] FAT-fs (loop5): Directory bread(block 67) failed [ 602.965205][T18853] FAT-fs (loop5): Directory bread(block 68) failed [ 603.004814][T18853] FAT-fs (loop5): Directory bread(block 69) failed [ 603.040065][T18853] FAT-fs (loop5): Directory bread(block 70) failed [ 603.046612][T18853] FAT-fs (loop5): Directory bread(block 71) failed [ 603.155970][T18853] FAT-fs (loop5): Directory bread(block 72) failed [ 603.216361][T18853] FAT-fs (loop5): Directory bread(block 73) failed [ 603.249388][T18830] loop2: detected capacity change from 0 to 32768 [ 603.326206][T18830] JBD2: Ignoring recovery information on journal [ 603.487667][T18830] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 603.690480][T18830] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 603.775817][T18830] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 603.832159][T18830] OCFS2: File system is now read-only. [ 603.867259][T18830] (syz.2.5779,18830,1):ocfs2_search_chain:1852 ERROR: status = -30 [ 603.934089][T18830] (syz.2.5779,18830,1):ocfs2_search_chain:1940 ERROR: status = -30 [ 603.970271][T18830] (syz.2.5779,18830,1):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30 [ 604.015749][T18830] (syz.2.5779,18830,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 604.078593][T18830] (syz.2.5779,18830,1):ocfs2_claim_new_inode:2298 ERROR: status = -30 [ 604.086790][T18830] (syz.2.5779,18830,1):ocfs2_claim_new_inode:2313 ERROR: status = -30 [ 604.154516][T18830] (syz.2.5779,18830,1):ocfs2_mknod_locked:641 ERROR: status = -30 [ 604.178367][T18904] x_tables: duplicate entry at hook 3 [ 604.190273][T18830] (syz.2.5779,18830,1):ocfs2_mknod:388 ERROR: status = -30 [ 604.228697][T18830] (syz.2.5779,18830,1):ocfs2_mknod:505 ERROR: status = -30 [ 604.259075][T18907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5810'. [ 604.282270][T18830] (syz.2.5779,18830,1):ocfs2_create:678 ERROR: status = -30 [ 604.419877][ T78] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 604.659573][ T6239] ocfs2: Unmounting device (7,2) on (node local) [ 604.793559][ T6359] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 604.848612][ T30] audit: type=1326 audit(2000524726.658:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18930 comm="syz.1.5821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e418f6c9 code=0x7ffc0000 [ 604.932157][ T30] audit: type=1326 audit(2000524726.658:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18930 comm="syz.1.5821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e418f6c9 code=0x7ffc0000 [ 604.988592][ T6359] usb 4-1: Using ep0 maxpacket: 16 [ 605.010543][ T6359] usb 4-1: config 81 has an invalid interface number: 141 but max is 0 [ 605.037505][ T6359] usb 4-1: config 81 has an invalid descriptor of length 0, skipping remainder of the config [ 605.090380][ T6359] usb 4-1: config 81 has no interface number 0 [ 605.096729][ T30] audit: type=1326 audit(2000524726.732:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18930 comm="syz.1.5821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f01e418f6c9 code=0x7ffc0000 [ 605.163950][ T6359] usb 4-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice=68.0d [ 605.176906][ T6359] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.200170][ T30] audit: type=1326 audit(2000524726.732:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18930 comm="syz.1.5821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e418f6c9 code=0x7ffc0000 [ 605.229060][ T6359] usb 4-1: Product: syz [ 605.233257][ T6359] usb 4-1: Manufacturer: syz [ 605.267570][ T6359] usb 4-1: SerialNumber: syz [ 605.341886][ T30] audit: type=1326 audit(2000524726.732:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18930 comm="syz.1.5821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e418f6c9 code=0x7ffc0000 [ 605.550402][T18951] loop1: detected capacity change from 0 to 164 [ 605.550924][ T6359] usb 4-1: cannot find UAC_HEADER [ 605.756680][ T6359] snd-usb-audio 4-1:81.141: probe with driver snd-usb-audio failed with error -22 [ 605.823036][ T6359] usb 4-1: USB disconnect, device number 101 [ 606.016280][ T6857] udevd[6857]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:81.141/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 606.271281][ T6307] usb 3-1: new high-speed USB device number 105 using dummy_hcd [ 606.295362][T18979] overlayfs: missing 'lowerdir' [ 606.494821][ T6307] usb 3-1: Using ep0 maxpacket: 8 [ 606.506880][ T6307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 606.540453][ T6307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 606.562359][T18984] loop3: detected capacity change from 0 to 2048 [ 606.582204][ T6307] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 606.591898][ T6307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 606.616010][T18990] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 606.638250][T18984] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 606.664383][T18990] SET target dimension over the limit! [ 606.683791][ T6307] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 606.728759][ T6307] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 606.776504][ T6307] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.793919][ T6307] usb 3-1: config 0 descriptor?? [ 606.826937][T18969] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 606.857472][T18954] loop5: detected capacity change from 0 to 32768 [ 606.913447][T18954] (syz.5.5830,18954,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 606.992439][T19000] ip6gretap0: entered promiscuous mode [ 607.004491][T18954] (syz.5.5830,18954,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 607.047108][T19000] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 607.152101][T18954] JBD2: Ignoring recovery information on journal [ 607.364117][T18954] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 607.428037][ T6232] Bluetooth: hci6: Opcode 0x0c03 failed: -71 [ 607.437883][ T6383] usb 3-1: USB disconnect, device number 105 [ 607.511839][T19018] loop3: detected capacity change from 0 to 128 [ 607.518186][T18954] [ 607.518199][T18954] ====================================================== [ 607.518210][T18954] WARNING: possible circular locking dependency detected [ 607.518223][T18954] syzkaller #0 Not tainted [ 607.518236][T18954] ------------------------------------------------------ [ 607.518247][T18954] syz.5.5830/18954 is trying to acquire lock: [ 607.518262][T18954] ffff88804fa33f60 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_lock_global_qf+0x1e8/0x270 [ 607.562829][T18954] [ 607.562829][T18954] but task is already holding lock: [ 607.570203][T18954] ffff88804fa342c0 (&ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_lock_global_qf+0x1ca/0x270 [ 607.582846][T18954] [ 607.582846][T18954] which lock already depends on the new lock. [ 607.582846][T18954] [ 607.593243][T18954] [ 607.593243][T18954] the existing dependency chain (in reverse order) is: [ 607.602333][T18954] [ 607.602333][T18954] -> #6 (&ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE]){+.+.}-{4:4}: [ 607.612950][T18954] lock_acquire+0x120/0x360 [ 607.618150][T18954] down_write+0x96/0x1f0 [ 607.622954][T18954] ocfs2_lock_global_qf+0x1ca/0x270 [ 607.628690][T18954] ocfs2_acquire_dquot+0x2b0/0xb30 [ 607.634332][T18954] dqget+0x7b1/0xf10 [ 607.638753][T18954] dquot_get_next_dqblk+0xb2/0x150 [ 607.644396][T18954] quota_getnextquota+0x2b9/0x4a0 [ 607.650115][T18954] __se_sys_quotactl+0x279/0x950 [ 607.655583][T18954] do_syscall_64+0xfa/0xfa0 [ 607.660607][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.667010][T18954] [ 607.667010][T18954] -> #5 (&dquot->dq_lock){+.+.}-{4:4}: [ 607.674656][T18954] lock_acquire+0x120/0x360 [ 607.679706][T18954] __mutex_lock+0x187/0x1350 [ 607.684816][T18954] dqget+0x72a/0xf10 [ 607.689224][T18954] dquot_transfer+0x2f8/0x6d0 [ 607.694417][T18954] ext4_setattr+0x865/0x1bc0 [ 607.699524][T18954] notify_change+0xc1a/0xf40 [ 607.704629][T18954] chown_common+0x40c/0x5c0 [ 607.709642][T18954] do_fchownat+0x161/0x270 [ 607.714655][T18954] __x64_sys_lchown+0x85/0xa0 [ 607.719841][T18954] do_syscall_64+0xfa/0xfa0 [ 607.724871][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.731362][T18954] [ 607.731362][T18954] -> #4 (&ei->xattr_sem){++++}-{4:4}: [ 607.738923][T18954] lock_acquire+0x120/0x360 [ 607.743938][T18954] down_read+0x46/0x2e0 [ 607.748601][T18954] ext4_setattr+0x855/0x1bc0 [ 607.753700][T18954] notify_change+0xc1a/0xf40 [ 607.758810][T18954] chown_common+0x40c/0x5c0 [ 607.763825][T18954] do_fchownat+0x161/0x270 [ 607.768757][T18954] __x64_sys_chown+0x82/0xa0 [ 607.773856][T18954] do_syscall_64+0xfa/0xfa0 [ 607.778880][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.785284][T18954] [ 607.785284][T18954] -> #3 (jbd2_handle){++++}-{0:0}: [ 607.792580][T18954] lock_acquire+0x120/0x360 [ 607.797591][T18954] start_this_handle+0x1fa7/0x21c0 [ 607.803228][T18954] jbd2__journal_start+0x2c1/0x5b0 [ 607.808860][T18954] jbd2_journal_start+0x2a/0x40 [ 607.814234][T18954] ocfs2_start_trans+0x376/0x6d0 [ 607.819687][T18954] ocfs2_modify_bh+0xe8/0x470 [ 607.824873][T18954] ocfs2_local_read_info+0x1465/0x17e0 [ 607.830842][T18954] dquot_load_quota_sb+0x791/0xbd0 [ 607.836466][T18954] dquot_load_quota_inode+0x2e1/0x5d0 [ 607.842354][T18954] ocfs2_enable_quotas+0x1c6/0x450 [ 607.847984][T18954] ocfs2_fill_super+0x50fe/0x63c0 [ 607.853522][T18954] get_tree_bdev_flags+0x40e/0x4d0 [ 607.859153][T18954] vfs_get_tree+0x92/0x2b0 [ 607.864086][T18954] do_new_mount+0x302/0xa10 [ 607.869107][T18954] __se_sys_mount+0x313/0x410 [ 607.874287][T18954] do_syscall_64+0xfa/0xfa0 [ 607.879305][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.885789][T18954] [ 607.885789][T18954] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 607.894308][T18954] lock_acquire+0x120/0x360 [ 607.899330][T18954] down_read+0x46/0x2e0 [ 607.904090][T18954] ocfs2_start_trans+0x36a/0x6d0 [ 607.909543][T18954] ocfs2_modify_bh+0xe8/0x470 [ 607.914732][T18954] ocfs2_local_read_info+0x1465/0x17e0 [ 607.920705][T18954] dquot_load_quota_sb+0x791/0xbd0 [ 607.926336][T18954] dquot_load_quota_inode+0x2e1/0x5d0 [ 607.932222][T18954] ocfs2_enable_quotas+0x1c6/0x450 [ 607.937857][T18954] ocfs2_fill_super+0x50fe/0x63c0 [ 607.943405][T18954] get_tree_bdev_flags+0x40e/0x4d0 [ 607.949034][T18954] vfs_get_tree+0x92/0x2b0 [ 607.953972][T18954] do_new_mount+0x302/0xa10 [ 607.958998][T18954] __se_sys_mount+0x313/0x410 [ 607.964187][T18954] do_syscall_64+0xfa/0xfa0 [ 607.969207][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.975610][T18954] [ 607.975610][T18954] -> #1 (sb_internal#2){.+.+}-{0:0}: [ 607.983088][T18954] lock_acquire+0x120/0x360 [ 607.988102][T18954] ocfs2_start_trans+0x26b/0x6d0 [ 607.993556][T18954] ocfs2_write_info+0x11d/0x350 [ 607.998931][T18954] quota_setinfo+0x2f9/0x310 [ 608.004037][T18954] __se_sys_quotactl+0x279/0x950 [ 608.009498][T18954] do_syscall_64+0xfa/0xfa0 [ 608.014520][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.020922][T18954] [ 608.020922][T18954] -> #0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}: [ 608.029783][T18954] validate_chain+0xb9b/0x2140 [ 608.035064][T18954] __lock_acquire+0xab9/0xd20 [ 608.040249][T18954] lock_acquire+0x120/0x360 [ 608.045257][T18954] down_write+0x96/0x1f0 [ 608.050010][T18954] ocfs2_lock_global_qf+0x1e8/0x270 [ 608.055724][T18954] ocfs2_acquire_dquot+0x2b0/0xb30 [ 608.061350][T18954] dqget+0x7b1/0xf10 [ 608.065756][T18954] dquot_get_next_dqblk+0xb2/0x150 [ 608.071382][T18954] quota_getnextquota+0x2b9/0x4a0 [ 608.076926][T18954] __se_sys_quotactl+0x279/0x950 [ 608.082388][T18954] do_syscall_64+0xfa/0xfa0 [ 608.087580][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.093983][T18954] [ 608.093983][T18954] other info that might help us debug this: [ 608.093983][T18954] [ 608.104191][T18954] Chain exists of: [ 608.104191][T18954] &ocfs2_quota_ip_alloc_sem_key --> &dquot->dq_lock --> &ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE] [ 608.104191][T18954] [ 608.121405][T18954] Possible unsafe locking scenario: [ 608.121405][T18954] [ 608.128882][T18954] CPU0 CPU1 [ 608.134234][T18954] ---- ---- [ 608.139577][T18954] lock(&ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE]); [ 608.146939][T18954] lock(&dquot->dq_lock); [ 608.153866][T18954] lock(&ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE]); [ 608.163752][T18954] lock(&ocfs2_quota_ip_alloc_sem_key); [ 608.169375][T18954] [ 608.169375][T18954] *** DEADLOCK *** [ 608.169375][T18954] [ 608.177497][T18954] 3 locks held by syz.5.5830/18954: [ 608.182672][T18954] #0: ffff8880464240e0 (&type->s_umount_key#72){++++}-{4:4}, at: super_lock+0x2a9/0x3b0 [ 608.192530][T18954] #1: ffff888054ff60a8 (&dquot->dq_lock){+.+.}-{4:4}, at: ocfs2_acquire_dquot+0x2a3/0xb30 [ 608.202554][T18954] #2: ffff88804fa342c0 (&ocfs2_sysfile_lock_key[GROUP_QUOTA_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_lock_global_qf+0x1ca/0x270 [ 608.215617][T18954] [ 608.215617][T18954] stack backtrace: [ 608.221492][T18954] CPU: 1 UID: 0 PID: 18954 Comm: syz.5.5830 Not tainted syzkaller #0 PREEMPT(full) [ 608.221517][T18954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 608.221531][T18954] Call Trace: [ 608.221541][T18954] [ 608.221550][T18954] dump_stack_lvl+0x189/0x250 [ 608.221586][T18954] ? __pfx_dump_stack_lvl+0x10/0x10 [ 608.221616][T18954] ? __pfx__printk+0x10/0x10 [ 608.221639][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.221665][T18954] ? print_lock_name+0xde/0x100 [ 608.221689][T18954] print_circular_bug+0x2ee/0x310 [ 608.221720][T18954] check_noncircular+0x134/0x160 [ 608.221750][T18954] validate_chain+0xb9b/0x2140 [ 608.221787][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.221815][T18954] __lock_acquire+0xab9/0xd20 [ 608.221840][T18954] ? ocfs2_lock_global_qf+0x1e8/0x270 [ 608.221866][T18954] lock_acquire+0x120/0x360 [ 608.221885][T18954] ? ocfs2_lock_global_qf+0x1e8/0x270 [ 608.221924][T18954] down_write+0x96/0x1f0 [ 608.221946][T18954] ? ocfs2_lock_global_qf+0x1e8/0x270 [ 608.221971][T18954] ? __pfx_down_write+0x10/0x10 [ 608.221991][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222019][T18954] ? do_raw_spin_unlock+0x122/0x240 [ 608.222052][T18954] ocfs2_lock_global_qf+0x1e8/0x270 [ 608.222080][T18954] ? __pfx_ocfs2_lock_global_qf+0x10/0x10 [ 608.222106][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222136][T18954] ocfs2_acquire_dquot+0x2b0/0xb30 [ 608.222167][T18954] ? from_kgid+0x1b0/0x650 [ 608.222189][T18954] ? __pfx_ocfs2_acquire_dquot+0x10/0x10 [ 608.222217][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222242][T18954] ? percpu_counter_add_batch+0xea/0x1e0 [ 608.222278][T18954] dqget+0x7b1/0xf10 [ 608.222308][T18954] dquot_get_next_dqblk+0xb2/0x150 [ 608.222339][T18954] quota_getnextquota+0x2b9/0x4a0 [ 608.222364][T18954] ? __pfx_quota_getnextquota+0x10/0x10 [ 608.222385][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222418][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222447][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222473][T18954] ? do_quotactl+0x4a6/0x860 [ 608.222496][T18954] __se_sys_quotactl+0x279/0x950 [ 608.222529][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222554][T18954] ? __se_sys_futex+0x36f/0x400 [ 608.222590][T18954] ? __pfx___se_sys_quotactl+0x10/0x10 [ 608.222623][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222653][T18954] ? do_syscall_64+0xbe/0xfa0 [ 608.222684][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222711][T18954] do_syscall_64+0xfa/0xfa0 [ 608.222742][T18954] ? lockdep_hardirqs_on+0x9c/0x150 [ 608.222773][T18954] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.222794][T18954] ? srso_alias_return_thunk+0x5/0xfbef5 [ 608.222820][T18954] ? exc_page_fault+0xab/0x100 [ 608.222851][T18954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.222873][T18954] RIP: 0033:0x7f0d0b78f6c9 [ 608.222892][T18954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.222916][T18954] RSP: 002b:00007f0d099f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 608.222939][T18954] RAX: ffffffffffffffda RBX: 00007f0d0b9e5fa0 RCX: 00007f0d0b78f6c9 [ 608.222956][T18954] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffff80000901 [ 608.222971][T18954] RBP: 00007f0d0b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 608.222986][T18954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.222999][T18954] R13: 00007f0d0b9e6038 R14: 00007f0d0b9e5fa0 R15: 00007fff7b059728 [ 608.223025][T18954] [ 608.621688][T19018] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 608.651571][T19018] ext4 filesystem being mounted at /917/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 608.693301][ T6241] ocfs2: Unmounting device (7,5) on (node local) [ 608.814251][ T6225] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.