last executing test programs: 2m31.921406788s ago: executing program 3 (id=9250): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0x2, 0x5}, {0xffffffffffffffff, 0x3, 0x1}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'veth0_virt_wifi\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}, {0xfffffffffffffffe}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x5, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x9, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) 2m31.554279444s ago: executing program 3 (id=9256): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00') ftruncate(r0, 0x8000000000) 2m31.293734667s ago: executing program 3 (id=9260): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@empty, 0x0, 0x32}, @in6=@empty, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'cbc-serpent-avx\x00'}}}]}, 0x138}}, 0x0) 2m31.039108341s ago: executing program 3 (id=9264): syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file0\x00', 0x1600008, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6465636f6d706f73652c63726561746f723d3e8bef9c2c666f7263652c747970653d726965722c747970653d05f2875e2c6e6c733d6370313235352c00"/73], 0x3, 0x646, &(0x7f0000000900)="$eJzs3U1sI1cdAPD/OI4Tp2g3bbPtgioRdaWCiNjNh1IIFxaoUA4VqsqBc7Trbaz1plXiorRCKHyJAxcOFedyyI0TUu+RyhkuaK85rgTaCweUm9F82HHiJOt8rR3291uN33t+b9785297ZuxVNAG8sJZnorwTSSzPvLuZtne3Fxq72wtjRXcjItJ6KaKcF5GsRSRf5t1304evpk8W45PjtvNZfen9x//ZfZK3yu2Vk0paGz9+vWfJV9wqlpiOiJGi7DXa76wH5rt37HxH+fcf8vKlQ0Hmgab7fKudOBi0Vo+t06x+5s8tMDyS/LzZYzJiIjtD59cBURwdSs83uot3qqMcAAAAXFHX92Jvq9VqDToOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuEqK+/8nxVJq16cjad//v9I1vDLAUC/EzqADAAAAAAAAAIAzaY10t76+F3uxGdc6vUn2f/5vZo2p7PGl+Dg2ohbrcTs2YyWa0Yz1mEsHX9+fqLK50myuz/Wx5nxETMbhNecvd68BAAAAAAAA4P/cr2N5////AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgGCQRI3mRLVPt+mSUyhExHhGVdNxWxD/a9atsZ9ABAAAAwHNwfS/2YjOutdutJPvO/1r2vX88Po61aEY9mtGIWtzPfgvIv/WXdrcXGrvbC4/SpXfeP/23lekzjGzGyH97OHrLN7MR1XgQ9eyZ23EvPoxGtXuWm+14jo7rV0/Tub9f6DOy+0WZ7vkfi3I4TGYZGe1kZLaILc3jyydn4gdPz7WluSh1fvmZuoScTxRlcqgcvMOZmI9Slu/UaydnIuIbX/zlZ6uNtYerDzZmhmeXzijPRKuVZ2Isa7Uz8foLlYnZbN9vdNrL8eP4aczEdLwX61GPn8dKNKMW0/FOVlsp3s/p4+ShTJUOTn33QOu9g50jPZFUitcl7zldTG9m616LevwkPoz7UYu3s3/zMRfficVYjKWuV/hGH5/60uk+9be+WVTSQ/rvi3I4pHl9uSuv3cfcyayv+5n9LL1y8cfG8teKSrqN30TEjy5wP8/ncCbSs8QXX8n7Xj05E3/OrhM2GmsP11dXPupze28VZfo5+t1QnSXS98sr6YuVtQ6+O9K+V4/sm8v6pjp9pZ6+G52+Z31SK8U1XO9M81nf60f2LWR9N7v6eq63OtdDAAyxiW9NVKr/qv69+nn1t9XV6rvjPxz77tgblRj92+j3yrMjb5XeSP4an8cv97//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZ7fxyacPVxqN2vozK0l28/+IvgZ3Vdq3czp5cFLcyOc0M6s0GrXxGIowTlVp/DOi65lk0PEMQ2XsAt/84xHR0zX3zunmGexxCbh8d5qPPrqz8cmn364/Wvmg9kFtbXRxcWl2afHthTsP6o2RSB9rs4OOErgM+yf9QUcCAAAAAAAAAAAA9OvkPwMYLUad788SBryLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBW3PBPlnUhibvb2bNre3V5opEu7vj+yHBGliEh+EZF8GXE38iUmu6ZLjtvOZ/Wl9x+P7z7Zn6vcHl86ab3+bBVLTEfESFFe1Hz3zj1f0tnDNGG3KucLDi7M/wIAAP//rYYGwA==") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 2m30.638844367s ago: executing program 3 (id=9269): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000040)) 2m30.041309816s ago: executing program 3 (id=9278): r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x7, &(0x7f0000003480), &(0x7f0000000080)=0xffffffffffffff14) 2m29.445825824s ago: executing program 32 (id=9278): r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x7, &(0x7f0000003480), &(0x7f0000000080)=0xffffffffffffff14) 2.593553711s ago: executing program 1 (id=11256): r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, 0x0, 0x0) 2.310643826s ago: executing program 1 (id=11261): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@mpls_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0xa, "f5d6a6c4b0639b11374230874419"}}]}, 0x30}}, 0x0) 2.04643217s ago: executing program 1 (id=11266): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4) 1.870576373s ago: executing program 5 (id=11269): r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000100), 0x0, 0x0, 0x0) 1.777320294s ago: executing program 2 (id=11271): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x9) 1.755592524s ago: executing program 1 (id=11273): prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) timer_create(0x0, 0x0, 0x0) 1.512753438s ago: executing program 2 (id=11274): r0 = syz_open_dev$media(&(0x7f0000000040), 0x43, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000024c0)=[{}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.512007528s ago: executing program 5 (id=11284): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x9) 1.38111176s ago: executing program 1 (id=11275): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000240)=@raw={'raw\x00', 0x4001, 0x3, 0x258, 0x128, 0x700001b, 0x148, 0x128, 0x148, 0x128, 0x206, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'tunl0\x00', 'sit0\x00'}, 0x1ea, 0xc0, 0x128, 0x0, {0x390, 0x8f00}, [@common=@inet=@socket1={{0x28}}, @common=@inet=@socket3={{0x28}, 0x6}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1f, 0x8000, 0x0, 0x2, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x128}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b8) 1.37870303s ago: executing program 4 (id=11276): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@mpls_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0xa, "f5d6a6c4b0639b11374230874419"}}]}, 0x30}}, 0x0) 1.33604136s ago: executing program 2 (id=11277): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) 1.231105542s ago: executing program 5 (id=11278): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x12a6, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480ef42b000081e3bd6efb010511000b0003000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) 1.138369054s ago: executing program 4 (id=11279): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, 0x0) 1.089913844s ago: executing program 1 (id=11280): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 919.484636ms ago: executing program 5 (id=11281): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000700000500000000fcffffff8500000027000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 918.692537ms ago: executing program 2 (id=11294): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000100)={0x10, 0x30, 0x3, {0x0, 0x0, {0x1b, 0x0, 0x0, @empty}}}, 0x38) 870.536347ms ago: executing program 0 (id=11282): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pidfd_send_signal(r0, 0x0, &(0x7f0000000540)={0x7, 0xfffffffe, 0x1}, 0x0) 860.888267ms ago: executing program 4 (id=11283): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4) 748.996559ms ago: executing program 2 (id=11286): r0 = io_uring_setup(0x4cd7, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, 0xffffffffffffffff, 0x1) 697.17412ms ago: executing program 5 (id=11287): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0xfffffd00, &(0x7f0000000000)='}\x00') prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 659.18232ms ago: executing program 0 (id=11288): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb0100180000000000000018000000180000000400000002000000000000070000000000000000000000020100000000002e"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xb, 0x6, 0x4, 0x3a7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 571.408192ms ago: executing program 4 (id=11289): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x40003, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x1a, 0x1, 0x0, "6906007722366ccee4ba568eb4f80102f5372f2c74f6024305f11fd3454ad23d", 0x3436324d}) 539.847202ms ago: executing program 2 (id=11291): syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x28008c4, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x0, 0x4436, &(0x7f0000004480)="$eJzs3c9rm+cdAPDnfe0sdpZkdpZDBoMJFtjYhrFz2ubAHMeJYyeeR9aE0osi20riVraCLZcecnBvgZ4KPZQeQguFUnwKPvSa/gm99JieA+2hl0Ih1EXSK1vvawmrxrKb8PlA9Oh9fitfvY8eHeQnTlTuL67mFldzheVcef7u6oXc2+XS2lIxxIfkqMenM92Ik9gfndnLV/9/+0IIXy58/Xxra2srVPWGlkaanv/w/cP55rQhzrSp9tu6t4PyRgjh7K55VfWEEF7/IoQohHApyRtP0v4QwulQL7v98L07uQOazZNnxYv5FzOPNkfPT2883mz/2qMQPir94R/3lr79c8/oN387oOEBAAAAAAAAAAAAAAAAAHjJTd6cvfW/4ZHwNAq9G9Hu3+tOJmmL38fOfl5Ptw7Gnw7j5QIAAAAAAAAAAAAAAAAAAMCv0s7v/3PRmRa//59I0rE27bf+0/050j1T/52duDI8kpz/Hu0q/2eS9d2lnjDY4tz37PnvlzLtW5//vnuc/WrMrzHuQIjiodR1HA8NhfBJcvD7uehEXCqvVv5+t7y2vHBg03hppeNfP70/FZ3kQP9O4z+e6b/75///fte7qXp95+DeYq+0dPx72tb79N2oo/hfzrQ7jPizf+n499by+psrjNUXgGr83+/dO/4Tmf67Ff/TIYRcVJ1rLrUCVPcw1fx2+xXS0vE/VstLLZ3Jf2S7+//HTPyvZPo/qvV/PftBREvp+P+mlteXqrFz/w/Ge93/feHq9vP6G+co4l+d/7rP/46k43+8ntnb9JgsB52u/5OZ/rsV/1txMsPTUeodsBHV81v8vTpaSMe/b1f5zve/uKP937VM+8P6/tcYt/H9r7H8/zWqf/+jtXT8+9vW6/T+n8q06/b6P1bb/7Ff6fifqOWl984DtcdO4z+d6b9b8a/tSvoa8d9ZT346Xs//2P6vI+n4/7aeGTfXWK891vZ/0d77/+uZ/o9i/1ed/3rc3VFfFen4n2xb77PFKHzVwef/jUy7ar/HujP1bcP2+vuWjv+ptvVq93/f3vGfybTr9v3/l252DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASGE/SgRDFQ6nrOB4aCuFycn0unIjmCgv5uVJ5/q3VECaS/Fw4E90rlecKpfzicnmhmC+USuX5EK4k5WdDX7RaKlfyS4UHV7f76o/uFwsrlblioRJCmEzy/xhONfqaW6wsFR6EEK5tl/0uLq88uF9Yzi8srvx7eHh4OExtz2EwKr5TKS5X6qPXS0OY3m47EDVNrlZ8fXsuJ6M3y2sry4VSLf9GU5tSeb5Qamozk5R9EAajysra8nyhUsyXyvca4x2lsSSdmLr52s0bI7vK70T1dPxwpwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL/R09F8fhhB661dxCCEXJU+i5F/Kk2fFi/kXM482R89PbzzefN6qDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RilgSAKA/CbAdHSY1gtu53tiiJauCJ4Aj2Gh9GjeAnvYJEibYoQSGYh7E6xTVJ9X/Ngfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/D+2vbRaS42l5G/H7+/R/nz6V+31UuX5xnRk7n6WW4f2i78u9plt+Wo1Wf9+lm/fURlTr6mezJdJ8O5n2mqvtWMc439r2OlJuI6Et+k3JummVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//6KfHYs=") setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) 470.001863ms ago: executing program 5 (id=11292): setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021b00010000000009044400012eafb2000905815bff"], 0x0) 469.323203ms ago: executing program 0 (id=11303): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, 0x0) 295.185026ms ago: executing program 0 (id=11293): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@mpls_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0xa, "f5d6a6c4b0639b11374230874419"}}]}, 0x30}}, 0x0) 295.040176ms ago: executing program 4 (id=11295): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000000)=0x8) 131.102918ms ago: executing program 0 (id=11296): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x601, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x33) 744.67µs ago: executing program 0 (id=11297): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, 0x0) 0s ago: executing program 4 (id=11308): r0 = socket(0x40000000015, 0x5, 0x0) connect$can_j1939(r0, &(0x7f0000000380), 0x18) kernel console output (not intermixed with test programs): isconnect, device number 28 [ 811.997407][T25098] loop0: detected capacity change from 0 to 4096 [ 812.027991][T25098] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 812.139599][T25098] ntfs3: loop0: failed to convert "c46c" to cp437 [ 812.183803][T25108] loop3: detected capacity change from 0 to 512 [ 812.290932][T25108] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 812.409617][ T4377] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 812.426676][T25108] EXT4-fs error (device loop3): ext4_lookup:1858: inode #14: comm syz.3.9199: unexpected EA_INODE flag [ 812.437021][ T4377] ath9k_htc: Failed to initialize the device [ 812.479103][ T4309] usb 5-1: ath9k_htc: USB layer deinitialized [ 812.606926][T25118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9203'. [ 812.639603][T25118] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9203'. [ 812.700681][ T4264] EXT4-fs (loop3): unmounting filesystem. [ 812.706816][T25102] loop1: detected capacity change from 0 to 40427 [ 812.767824][T25102] F2FS-fs (loop1): Wrong segment_count / block_count (64 > 16384) [ 812.817080][T25102] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 812.872543][T25102] F2FS-fs (loop1): Found nat_bits in checkpoint [ 813.080373][T25102] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 813.087479][T25102] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 813.871407][T25127] loop3: detected capacity change from 0 to 32768 [ 813.908136][ T4257] syz-executor: attempt to access beyond end of device [ 813.908136][ T4257] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 813.953092][T25127] __jfs_setxattr: xattr_size = 74, new_size = 12053 [ 814.301041][T25152] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9220'. [ 814.349613][T25152] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9220'. [ 814.738748][T25164] loop0: detected capacity change from 0 to 1024 [ 814.795430][T25164] EXT4-fs: Ignoring removed nobh option [ 814.833074][T25164] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 814.879567][ T4377] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 814.960504][T25164] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 815.079632][ T4377] usb 4-1: Using ep0 maxpacket: 8 [ 815.096868][ T4377] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 815.125779][ T4377] usb 4-1: config 179 has no interface number 0 [ 815.179925][ T4377] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 815.209653][ T4377] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 815.230655][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 815.266945][ T4377] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 815.305755][ T4377] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 815.369445][ T4377] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 815.439571][ T4377] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 815.479130][ T4377] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.487920][T25185] loop1: detected capacity change from 0 to 256 [ 815.513992][T25161] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 815.848012][T25161] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 815.855536][T25161] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 815.972372][T25161] vhci_hcd vhci_hcd.0: Device attached [ 816.024908][T25195] vhci_hcd: connection closed [ 816.029077][ T9] vhci_hcd: stop threads [ 816.032327][ T4304] usb 4-1: USB disconnect, device number 44 [ 816.033821][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 816.033863][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 816.043671][T25200] loop1: detected capacity change from 0 to 64 [ 816.069487][ T9] vhci_hcd: release socket [ 816.073993][ T9] vhci_hcd: disconnect device [ 816.143166][T25205] netlink: 72 bytes leftover after parsing attributes in process `syz.2.9239'. [ 816.507658][T25213] loop2: detected capacity change from 0 to 4096 [ 816.527113][T25213] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 816.613751][T25213] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 816.748067][T25222] netlink: 144 bytes leftover after parsing attributes in process `syz.4.9249'. [ 816.792291][T25224] xt_hashlimit: overflow, try lower: 5/0 [ 817.609174][T25248] loop2: detected capacity change from 0 to 1024 [ 817.712005][T25254] loop3: detected capacity change from 0 to 1024 [ 817.782654][ T56] hfsplus: b-tree write err: -5, ino 4 [ 817.888406][ T4264] hfsplus: bad catalog entry type [ 817.915566][ T4264] hfsplus: bad catalog entry type [ 818.279581][T25273] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9273'. [ 818.359475][ T4442] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 818.559530][ T4442] usb 2-1: Using ep0 maxpacket: 32 [ 818.566510][ T4442] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 818.609526][ T4442] usb 2-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0 [ 818.638964][ T4442] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 818.673384][ T4856] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 818.686980][ T4442] usb 2-1: config 0 descriptor?? [ 818.724478][ T4442] usb 2-1: bad CDC descriptors [ 818.726100][ T4856] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 818.941493][ T4304] usb 2-1: USB disconnect, device number 36 [ 819.031150][ T4856] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.085509][ T4856] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 819.186838][T25289] netlink: 'syz.4.9282': attribute type 1 has an invalid length. [ 819.205082][T25289] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.9282'. [ 819.233419][T25288] loop0: detected capacity change from 0 to 1024 [ 819.343317][T25288] hfsplus: failed to load root directory [ 819.351565][ T4856] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.429887][ T4856] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 819.669787][T25297] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 819.769646][T25297] overlayfs: missing 'lowerdir' [ 819.778205][ T4856] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.790531][T25299] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 819.829499][ T4856] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 19999 - 0 [ 820.277213][T25312] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 820.309682][T25312] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 820.320911][T25312] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 820.330407][T25312] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 820.339272][T25312] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 820.347218][T25312] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 820.418591][T25317] loop2: detected capacity change from 0 to 4096 [ 820.429607][ T4309] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 820.444071][T25317] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 820.483959][T25311] vxcan1 speed is unknown, defaulting to 1000 [ 820.530176][T25317] ntfs3: loop2: failed to convert "c46c" to iso8859-3 [ 820.620762][ T4309] usb 5-1: Using ep0 maxpacket: 16 [ 820.628358][ T4309] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 820.657036][T25315] loop1: detected capacity change from 0 to 4096 [ 820.684816][ T4309] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 820.757934][ T4309] usb 5-1: config 0 interface 0 has no altsetting 0 [ 820.818239][ T4309] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 820.858388][ T4309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.930103][ T4309] usb 5-1: Product: syz [ 820.964903][ T4309] usb 5-1: Manufacturer: syz [ 820.989445][ T4309] usb 5-1: SerialNumber: syz [ 820.993363][T25315] ntfs: (device loop1): parse_options(): NLS character set cp not found. Using previous one iso8859-14. [ 821.039123][ T4309] usb 5-1: config 0 descriptor?? [ 821.097110][T25315] ntfs: volume version 3.1. [ 821.183958][T25332] loop2: detected capacity change from 0 to 256 [ 821.300579][T25332] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 821.479022][ T4309] usb 5-1: USB disconnect, device number 29 [ 821.701726][T25342] SET target dimension over the limit! [ 821.979162][T25349] loop1: detected capacity change from 0 to 512 [ 822.161591][T25349] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.9303: Invalid block bitmap block 0 in block_group 0 [ 822.183221][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.209726][T25349] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 822.300038][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.310593][T25349] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.9303: attempt to clear invalid blocks 983260 len 1 [ 822.352453][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.374651][T25349] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.9303: invalid indirect mapped block 2683928664 (level 0) [ 822.409736][ T4267] Bluetooth: hci3: command 0x0409 tx timeout [ 822.436829][ T26] audit: type=1326 audit(822.392:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25365 comm="syz.0.9309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 822.461716][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.470982][T25349] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.9303: invalid indirect mapped block 1701603686 (level 1) [ 822.536521][ T26] audit: type=1326 audit(822.392:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25365 comm="syz.0.9309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 822.573174][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.599511][T25349] EXT4-fs error (device loop1): __ext4_get_inode_loc:4507: comm syz.1.9303: Invalid inode table block 0 in block_group 0 [ 822.650482][ T26] audit: type=1326 audit(822.422:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25365 comm="syz.0.9309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 822.689529][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.719742][T25349] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 822.753561][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.769491][ T26] audit: type=1326 audit(822.422:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25365 comm="syz.0.9309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 822.800107][T25349] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 822.846203][ T26] audit: type=1326 audit(822.422:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25365 comm="syz.0.9309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 822.872062][T25311] chnl_net:caif_netlink_parms(): no params data found [ 822.880134][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.886683][T25349] EXT4-fs error (device loop1): __ext4_get_inode_loc:4507: comm syz.1.9303: Invalid inode table block 0 in block_group 0 [ 822.940074][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 822.946641][T25349] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 822.995140][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 823.009894][T25349] EXT4-fs error (device loop1): ext4_truncate:4312: inode #13: comm syz.1.9303: mark_inode_dirty error [ 823.072190][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 823.099147][T25349] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 823.120146][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 823.127321][T25349] EXT4-fs (loop1): 1 truncate cleaned up [ 823.169904][T25349] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 823.339673][T25349] EXT4-fs error (device loop1): __ext4_get_inode_loc:4507: comm syz.1.9303: Invalid inode table block 0 in block_group 0 [ 823.412229][T25349] EXT4-fs (loop1): Remounting filesystem read-only [ 823.540142][T25311] bridge0: port 1(bridge_slave_0) entered blocking state [ 823.549789][T25311] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.558064][T25311] device bridge_slave_0 entered promiscuous mode [ 823.561162][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 823.623717][T25391] No such timeout policy "syz0" [ 823.744260][T25395] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9318'. [ 823.757501][T25393] binder: 25392:25393 ioctl 400c620e 0 returned -14 [ 823.996187][T25311] bridge0: port 2(bridge_slave_1) entered blocking state [ 824.030234][T25311] bridge0: port 2(bridge_slave_1) entered disabled state [ 824.060646][T25311] device bridge_slave_1 entered promiscuous mode [ 824.096191][T25397] loop2: detected capacity change from 0 to 4096 [ 824.158072][T25397] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 824.489560][ T4267] Bluetooth: hci3: command 0x041b tx timeout [ 824.532075][T25311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 824.624331][T25311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 824.795760][T25311] team0: Port device team_slave_0 added [ 824.857478][T25311] team0: Port device team_slave_1 added [ 825.091873][T25311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 825.098873][T25311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 825.199543][T25421] loop1: detected capacity change from 0 to 128 [ 825.244358][T25421] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 825.329767][T25311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 825.496591][ T4856] device hsr_slave_0 left promiscuous mode [ 825.516068][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 825.566618][ T4856] device hsr_slave_1 left promiscuous mode [ 825.679051][T25401] loop0: detected capacity change from 0 to 40427 [ 825.789658][T25401] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 825.797448][T25401] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 825.807248][ T4856] device veth0_macvtap left promiscuous mode [ 825.827004][T25401] F2FS-fs (loop0): invalid crc value [ 825.849241][ T4856] device veth1_vlan left promiscuous mode [ 825.864885][T25401] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 9809626597) [ 826.084446][T25401] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 826.109566][T25401] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 826.249160][T25401] fscrypt (loop0, inode 3): Error -61 getting encryption context [ 826.569514][ T4267] Bluetooth: hci3: command 0x040f tx timeout [ 826.718743][ T4856] bond4 (unregistering): Released all slaves [ 826.951214][T25448] loop1: detected capacity change from 0 to 32768 [ 827.046528][T25465] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9345'. [ 827.322323][T25469] loop0: detected capacity change from 0 to 512 [ 827.371475][T25469] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 827.455578][T25469] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 827.494095][ T4856] bond3 (unregistering): Released all slaves [ 827.583810][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 827.949677][ T4856] bond2 (unregistering): Released all slaves [ 828.179718][ T4856] bond1 (unregistering): Released all slaves [ 828.473959][ T4856] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 828.649781][ T4267] Bluetooth: hci3: command 0x0419 tx timeout [ 829.744389][ T4856] bond0 (unregistering): Released all slaves [ 829.837346][T25311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 829.844531][T25311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 829.870709][T25311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 829.909786][T25487] netlink: 'syz.0.9355': attribute type 3 has an invalid length. [ 830.213100][T25311] device hsr_slave_0 entered promiscuous mode [ 830.250976][T25311] device hsr_slave_1 entered promiscuous mode [ 830.329361][T25311] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 830.337092][T25311] Cannot create hsr debugfs directory [ 830.382771][T25499] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9361'. [ 830.514091][T25503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9363'. [ 830.818829][T25508] loop1: detected capacity change from 0 to 4096 [ 830.875940][T25508] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 831.013451][T25508] ntfs3: loop1: failed to convert "c46c" to cp869 [ 831.056576][T25311] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 831.096461][T25311] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 831.186209][T25514] IPv6: sit3: Disabled Multicast RS [ 831.204964][T25311] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 831.240610][T25311] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 831.496152][T25501] loop2: detected capacity change from 0 to 32768 [ 831.611809][T25501] [ 831.611809][T25501] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 831.611809][T25501] [ 831.726368][T25311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 831.749475][ T4386] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 831.801757][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 831.821195][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 831.854203][T25311] 8021q: adding VLAN 0 to HW filter on device team0 [ 831.895568][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 831.904435][ T4856] [ 831.904435][ T4856] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 831.904435][ T4856] [ 831.911160][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 831.931503][ T4856] [ 831.931503][ T4856] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 831.931503][ T4856] [ 831.944218][ T4386] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 831.954196][T25323] bridge0: port 1(bridge_slave_0) entered blocking state [ 831.961398][T25323] bridge0: port 1(bridge_slave_0) entered forwarding state [ 831.965940][ T4386] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 832.020343][ T108] [ 832.020343][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 832.020343][ T108] [ 832.050209][ T4263] [ 832.050209][ T4263] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 832.050209][ T4263] [ 832.062004][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 832.068547][ T4386] usb 1-1: config 0 descriptor?? [ 832.086239][ T4386] cp210x 1-1:0.0: cp210x converter detected [ 832.097607][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 832.110260][ T4263] [ 832.110260][ T4263] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 832.110260][ T4263] [ 832.141854][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 832.175541][T25323] bridge0: port 2(bridge_slave_1) entered blocking state [ 832.182740][T25323] bridge0: port 2(bridge_slave_1) entered forwarding state [ 832.295534][ T4386] usb 1-1: cp210x converter now attached to ttyUSB0 [ 832.307834][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 832.360315][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 832.420357][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 832.461332][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 832.512197][ T4386] usb 1-1: USB disconnect, device number 46 [ 832.539039][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 832.557053][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 832.567033][ T4386] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 832.598131][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 832.621645][ T4386] cp210x 1-1:0.0: device disconnected [ 832.647886][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 832.690674][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 832.730078][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 832.779855][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 832.822943][T25311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 833.442452][T25533] loop2: detected capacity change from 0 to 32768 [ 833.481109][T25533] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 833.848900][ T4436] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 833.910500][ T4856] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 833.918018][ T4856] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 833.965996][T25311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 834.094227][ T4686] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 834.289819][ T4686] usb 3-1: Using ep0 maxpacket: 16 [ 834.297104][ T4686] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 834.311291][T25544] loop1: detected capacity change from 0 to 32768 [ 834.376523][ T4686] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 834.439592][ T4686] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 834.457912][ T4686] usb 3-1: Product: syz [ 834.468065][ T4686] usb 3-1: Manufacturer: syz [ 834.473039][ T4686] usb 3-1: SerialNumber: syz [ 834.482450][ T4686] usb 3-1: config 0 descriptor?? [ 834.487956][T25544] XFS (loop1): Mounting V5 Filesystem [ 834.489017][ T4686] hub 3-1:0.0: bad descriptor, ignoring hub [ 834.518213][T25584] netlink: 1036 bytes leftover after parsing attributes in process `syz.4.9387'. [ 834.563995][ T4686] hub: probe of 3-1:0.0 failed with error -5 [ 834.573394][ T4686] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input29 [ 834.811419][T25544] XFS (loop1): Ending clean mount [ 834.841020][T25544] XFS (loop1): Quotacheck needed: Please wait. [ 834.983846][T25544] XFS (loop1): Quotacheck: Done. [ 835.235673][ T4257] XFS (loop1): Unmounting Filesystem [ 835.380120][T25605] device veth3 entered promiscuous mode [ 835.523669][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 835.565003][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 835.642152][T25311] device veth0_vlan entered promiscuous mode [ 835.648789][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 835.680344][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 835.732002][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 835.757230][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 835.815772][T25311] device veth1_vlan entered promiscuous mode [ 835.931520][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 835.964861][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 835.992250][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 836.040816][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 836.071608][T25311] device veth0_macvtap entered promiscuous mode [ 836.112870][T25311] device veth1_macvtap entered promiscuous mode [ 836.190800][T25615] loop0: detected capacity change from 0 to 4096 [ 836.215724][T25311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 836.233198][T25615] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 836.253474][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 836.290071][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 836.330237][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 836.361612][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 836.381751][T25615] ntfs3: loop0: failed to convert "c46c" to cp932 [ 836.408081][T25311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 836.453613][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 836.490435][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 836.541823][T25311] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.591538][T25311] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.632044][T25311] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 836.672536][T25311] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 837.021902][ T4316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 837.047537][ T4316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 837.131538][T25323] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 837.174220][T25323] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 837.199920][T25323] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 837.276787][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 837.409944][T25648] device bond2 entered promiscuous mode [ 837.415787][T25648] 8021q: adding VLAN 0 to HW filter on device bond2 [ 837.424429][T25653] netlink: 'syz.1.9413': attribute type 11 has an invalid length. [ 837.498113][T25656] loop0: detected capacity change from 0 to 8 [ 837.837958][T25665] loop5: detected capacity change from 0 to 1024 [ 838.004620][ T4304] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 838.043732][T25675] Option ' ' to dns_resolver key: bad/missing value [ 838.209512][ T4304] usb 2-1: Using ep0 maxpacket: 16 [ 838.232945][ T4304] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 838.260333][ T4304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 838.270543][ T4304] usb 2-1: Product: syz [ 838.274744][ T4304] usb 2-1: Manufacturer: syz [ 838.281399][T25680] loop5: detected capacity change from 0 to 64 [ 838.348857][ T4304] usb 2-1: SerialNumber: syz [ 838.391153][ T4304] usb 2-1: config 0 descriptor?? [ 838.430547][ T4304] ums-onetouch 2-1:0.0: USB Mass Storage device detected [ 838.664618][ T4377] usb 2-1: USB disconnect, device number 37 [ 838.801205][T25697] netlink: 'syz.2.9428': attribute type 28 has an invalid length. [ 838.836764][T25697] netlink: 'syz.2.9428': attribute type 3 has an invalid length. [ 838.888729][T25697] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9428'. [ 839.769669][ T3608] usb 3-1: reset high-speed USB device number 37 using dummy_hcd [ 839.800572][ T3608] usb 3-1: device reset changed ep0 maxpacket size! [ 839.849642][ T4309] usb 3-1: USB disconnect, device number 37 [ 840.039680][ T4309] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 840.044032][T25733] loop1: detected capacity change from 0 to 164 [ 840.233684][ T4309] usb 3-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 840.269458][ T4309] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 840.307425][ T4309] usb 3-1: Product: syz [ 840.319431][ T4309] usb 3-1: Manufacturer: syz [ 840.339510][ T4304] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 840.344564][ T4309] usb 3-1: SerialNumber: syz [ 840.379865][ T4309] usb 3-1: config 0 descriptor?? [ 840.425516][ T4309] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 840.539458][ T4304] usb 5-1: Using ep0 maxpacket: 16 [ 840.546521][ T4304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 840.589330][T25748] loop1: detected capacity change from 0 to 16 [ 840.611182][ T4304] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 840.632734][T25748] erofs: (device loop1): mounted with root inode @ nid 36. [ 840.668528][ T4304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 840.694748][ T4304] usb 5-1: Product: syz [ 840.719307][ T4304] usb 5-1: Manufacturer: syz [ 840.739462][ T4304] usb 5-1: SerialNumber: syz [ 840.751796][ T4304] usb 5-1: config 0 descriptor?? [ 840.778250][ T4304] hub 5-1:0.0: bad descriptor, ignoring hub [ 840.789896][T25754] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9451'. [ 840.805263][ T4304] hub: probe of 5-1:0.0 failed with error -5 [ 840.830442][ T4304] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input30 [ 840.839206][T25754] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9451'. [ 840.881506][ T4254] usb 3-1: USB disconnect, device number 38 [ 841.138031][T25762] netlink: 'syz.0.9454': attribute type 10 has an invalid length. [ 841.186953][T25762] device veth1_macvtap left promiscuous mode [ 841.216861][T25762] bond0: (slave macsec0): Error -34 calling dev_set_mtu [ 841.299998][ T4377] usb 5-1: USB disconnect, device number 30 [ 841.425315][T25770] loop5: detected capacity change from 0 to 64 [ 841.520529][T25770] hfs: request for non-existent node 16777216 in B*Tree [ 841.528542][T25770] hfs: request for non-existent node 16777216 in B*Tree [ 841.540032][ T4304] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 841.604628][T25770] hfs: request for non-existent node 16777216 in B*Tree [ 841.627049][T25770] hfs: request for non-existent node 16777216 in B*Tree [ 841.763891][ T4304] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 841.800231][ T4304] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 841.820155][ T4304] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 841.840294][ T4304] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 841.865324][ T4304] usb 2-1: config 0 descriptor?? [ 842.289309][ T4304] Bluetooth: Can't get version to change to load ram patch err [ 842.304725][ T4304] Bluetooth: Loading patch file failed [ 842.329991][ T4304] ath3k: probe of 2-1:0.0 failed with error -71 [ 842.358146][ T4304] usb 2-1: USB disconnect, device number 38 [ 843.140095][T25825] loop1: detected capacity change from 0 to 256 [ 843.489365][ T26] audit: type=1107 audit(843.442:2071): pid=25838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='L<5' [ 843.527825][T25841] netlink: 'syz.2.9486': attribute type 1 has an invalid length. [ 843.688928][T25846] xt_connbytes: Forcing CT accounting to be enabled [ 843.755250][T25846] xt_NFQUEUE: number of total queues is 0 [ 844.026945][T25856] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9491'. [ 844.055151][T25858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9492'. [ 844.078192][T25856] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9491'. [ 844.369827][T25868] loop0: detected capacity change from 0 to 64 [ 844.470688][ T26] audit: type=1800 audit(844.432:2072): pid=25868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9496" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 844.693319][T25877] netlink: 'syz.4.9501': attribute type 10 has an invalid length. [ 844.791741][T25877] device veth1_macvtap left promiscuous mode [ 844.842840][T25877] bond0: (slave macsec0): Error -34 calling dev_set_mtu [ 844.845116][T25883] loop2: detected capacity change from 0 to 256 [ 844.914549][T25883] FAT-fs (loop2): Directory bread(block 64) failed [ 844.980708][T25883] FAT-fs (loop2): Directory bread(block 65) failed [ 844.987426][T25883] FAT-fs (loop2): Directory bread(block 66) failed [ 845.029513][T25883] FAT-fs (loop2): Directory bread(block 67) failed [ 845.059802][T25883] FAT-fs (loop2): Directory bread(block 68) failed [ 845.066392][T25883] FAT-fs (loop2): Directory bread(block 69) failed [ 845.119791][T25883] FAT-fs (loop2): Directory bread(block 70) failed [ 845.146841][T25883] FAT-fs (loop2): Directory bread(block 71) failed [ 845.174349][T25883] FAT-fs (loop2): Directory bread(block 72) failed [ 845.211787][T25883] FAT-fs (loop2): Directory bread(block 73) failed [ 845.836999][ T26] audit: type=1326 audit(845.792:2073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25906 comm="syz.4.9512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 845.918723][T25872] loop5: detected capacity change from 0 to 32768 [ 845.946481][ T26] audit: type=1326 audit(845.792:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25906 comm="syz.4.9512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 846.022876][T25872] JBD2: Ignoring recovery information on journal [ 846.073433][ T26] audit: type=1326 audit(845.822:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25906 comm="syz.4.9512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 846.204763][T25919] netlink: 'syz.1.9516': attribute type 27 has an invalid length. [ 846.225717][ T26] audit: type=1326 audit(845.822:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25906 comm="syz.4.9512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 846.260846][T25872] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 846.372791][ T26] audit: type=1326 audit(845.822:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25906 comm="syz.4.9512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 846.437925][T25872] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 846.459168][T25923] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9517'. [ 846.499964][T25872] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 846.555173][T25872] OCFS2: File system is now read-only. [ 846.565316][T25872] (syz.5.9499,25872,0):ocfs2_search_chain:1785 ERROR: status = -30 [ 846.620222][T25872] (syz.5.9499,25872,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 846.633910][T25890] loop0: detected capacity change from 0 to 32768 [ 846.649629][T25872] (syz.5.9499,25872,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 846.658244][T25872] (syz.5.9499,25872,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 846.730461][T25872] (syz.5.9499,25872,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 846.759312][T25929] xt_hashlimit: overflow, try lower: 18446744073709551615/7 [ 846.761720][T25890] [ 846.761720][T25890] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 846.761720][T25890] [ 846.808235][T25872] (syz.5.9499,25872,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 846.889309][T25872] (syz.5.9499,25872,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 846.911357][T25872] (syz.5.9499,25872,1):ocfs2_mknod:385 ERROR: status = -30 [ 846.918748][T25872] (syz.5.9499,25872,1):ocfs2_mknod:502 ERROR: status = -30 [ 846.955134][ T4258] [ 846.955134][ T4258] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 846.955134][ T4258] [ 846.981638][ T4258] [ 846.981638][ T4258] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 846.981638][ T4258] [ 846.999577][T25872] (syz.5.9499,25872,0):ocfs2_create:676 ERROR: status = -30 [ 847.157401][T25940] loop1: detected capacity change from 0 to 1024 [ 847.350472][ T26] audit: type=1800 audit(847.312:2078): pid=25940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9526" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 847.660353][T25311] ocfs2: Unmounting device (7,5) on (node local) [ 847.715212][T25952] loop0: detected capacity change from 0 to 1024 [ 847.861251][ T56] hfsplus: b-tree write err: -5, ino 4 [ 848.142933][T25960] netlink: 'syz.2.9534': attribute type 4 has an invalid length. [ 848.180625][ T4262] Bluetooth: hci1: command 0x0406 tx timeout [ 848.320311][T25966] netlink: 'syz.5.9527': attribute type 10 has an invalid length. [ 848.379019][T25968] xt_bpf: check failed: parse error [ 848.583735][T25966] device veth1_macvtap left promiscuous mode [ 848.629732][T25966] bond0: (slave macsec0): Error -34 calling dev_set_mtu [ 848.835005][T25976] loop1: detected capacity change from 0 to 4096 [ 848.894611][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 848.933186][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 848.983752][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 849.035657][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc0c00 [ 849.069607][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc1c00 [ 849.109891][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc2c00 [ 849.126862][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc4c00 [ 849.162953][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffc8c00 [ 849.196751][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffd0c00 [ 849.234342][T25976] ntfs3: loop1: try to read out of volume at offset 0x3fffffe0c00 [ 850.168937][T26017] openvswitch: netlink: Key type 29 is not supported [ 850.193343][T26019] loop2: detected capacity change from 0 to 256 [ 850.257075][T25986] loop5: detected capacity change from 0 to 32768 [ 850.286650][T26021] loop0: detected capacity change from 0 to 2048 [ 850.322417][T26019] FAT-fs (loop2): Directory bread(block 64) failed [ 850.337461][T25986] read_mapping_page failed! [ 850.360120][T26019] FAT-fs (loop2): Directory bread(block 65) failed [ 850.366965][T26019] FAT-fs (loop2): Directory bread(block 66) failed [ 850.389481][T26021] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 850.412244][T26019] FAT-fs (loop2): Directory bread(block 67) failed [ 850.418899][T26019] FAT-fs (loop2): Directory bread(block 68) failed [ 850.459325][T26019] FAT-fs (loop2): Directory bread(block 69) failed [ 850.520631][T26019] FAT-fs (loop2): Directory bread(block 70) failed [ 850.579515][T26019] FAT-fs (loop2): Directory bread(block 71) failed [ 850.591466][T26019] FAT-fs (loop2): Directory bread(block 72) failed [ 850.598140][T26019] FAT-fs (loop2): Directory bread(block 73) failed [ 850.863504][T26034] tmpfs: Bad value for 'mpol' [ 851.059565][ T4386] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 851.243737][ T4386] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 851.268942][ T4386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 851.294068][ T4386] usb 5-1: Product: syz [ 851.298305][ T4386] usb 5-1: Manufacturer: syz [ 851.319425][ T4386] usb 5-1: SerialNumber: syz [ 851.342782][ T4386] r8152-cfgselector 5-1: config 0 descriptor?? [ 851.782025][ T4386] r8152-cfgselector 5-1: Unknown version 0x0000 [ 851.808744][ T4386] r8152-cfgselector 5-1: USB disconnect, device number 31 [ 852.396586][T26088] dlm: Unknown command passed to DLM device : 0 [ 852.396586][T26088] [ 852.460113][ T4254] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 852.661313][ T4254] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 852.691922][ T4254] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 852.729879][ T4254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 852.771908][ T4254] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 853.019554][T26111] ERROR: device name not specified. [ 853.242431][T26119] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method [ 853.320808][T26121] loop1: detected capacity change from 0 to 1024 [ 853.536139][ T46] hfsplus: b-tree write err: -5, ino 4 [ 853.850267][ T4254] stv0680 3-1:4.0: STV(e): camera ping failed!! [ 854.052804][ T4254] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 854.069611][ T4254] stv0680 3-1:4.0: last error: 0, command = 0x0 [ 854.090395][ T4254] usb 3-1: USB disconnect, device number 39 [ 854.409805][ T4686] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 854.619473][ T4686] usb 6-1: Using ep0 maxpacket: 16 [ 854.624852][ T4254] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 854.640584][ T4686] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 854.649192][ T4686] usb 6-1: config 0 has no interface number 0 [ 854.652283][T26165] netlink: 68 bytes leftover after parsing attributes in process `syz.1.9626'. [ 854.669922][ T4686] usb 6-1: config 0 interface 55 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 1023 [ 854.703924][ T4686] usb 6-1: config 0 interface 55 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 854.725749][ T4686] usb 6-1: config 0 interface 55 has no altsetting 0 [ 854.769238][ T4686] usb 6-1: New USB device found, idVendor=0471, idProduct=081e, bcdDevice=b4.92 [ 854.789529][ T4686] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.803611][ T4686] usb 6-1: Product: syz [ 854.809854][ T4686] usb 6-1: Manufacturer: syz [ 854.814619][ T4686] usb 6-1: SerialNumber: syz [ 854.841643][ T4254] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 854.860328][ T4254] usb 5-1: config 0 interface 0 has no altsetting 0 [ 854.877232][ T4686] usb 6-1: config 0 descriptor?? [ 854.890786][T26147] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 854.898126][T26147] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 854.907563][ T4254] usb 5-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3 [ 854.937437][ T4254] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.947252][ T4686] spcp8x5 6-1:0.55: SPCP8x5 converter detected [ 854.959751][ T4686] usb 6-1: SPCP8x5 converter now attached to ttyUSB0 [ 854.969491][ T4254] usb 5-1: Product: syz [ 854.973900][ T4254] usb 5-1: Manufacturer: syz [ 854.989870][ T4254] usb 5-1: SerialNumber: syz [ 854.997082][ T4254] usb 5-1: config 0 descriptor?? [ 855.005497][ T4254] keyspan 5-1:0.0: Keyspan 2 port adapter converter detected [ 855.023568][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7 [ 855.041872][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81 [ 855.069528][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1 [ 855.090125][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2 [ 855.097865][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 85 [ 855.121267][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 5 [ 855.140449][ T4254] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1 [ 855.150149][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83 [ 855.188593][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3 [ 855.217900][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 4 [ 855.223588][ T4304] usb 6-1: USB disconnect, device number 2 [ 855.232020][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 86 [ 855.248523][ T4254] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 6 [ 855.268443][ T4304] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0 [ 855.278056][ T4254] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB2 [ 855.320852][ T4304] spcp8x5 6-1:0.55: device disconnected [ 855.331071][ T4254] usb 5-1: USB disconnect, device number 32 [ 855.352940][ T4254] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1 [ 855.384282][ T4254] keyspan_2 ttyUSB2: Keyspan 2 port adapter converter now disconnected from ttyUSB2 [ 855.450453][ T4254] keyspan 5-1:0.0: device disconnected [ 855.593777][T26189] netlink: 'syz.2.9637': attribute type 10 has an invalid length. [ 855.635665][T26189] team0: Port device wlan1 added [ 855.856985][T26198] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9640'. [ 855.906897][T26198] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9640'. [ 856.150768][T26208] netlink: 188 bytes leftover after parsing attributes in process `syz.4.9645'. [ 856.157522][T26206] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 856.169913][T26208] ksmbd: Unknown IPC event: 10, ignore. [ 856.415309][T26214] netlink: 'syz.4.9648': attribute type 3 has an invalid length. [ 856.636225][T26222] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9653'. [ 856.896766][T26232] cgroup: release_agent respecified [ 857.158384][T26242] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9660'. [ 857.182400][T26241] overlayfs: conflicting options: nfs_export=on,index=off [ 857.370387][T26248] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9663'. [ 857.399157][T26248] netlink: 74 bytes leftover after parsing attributes in process `syz.1.9663'. [ 857.517512][T26228] loop2: detected capacity change from 0 to 32768 [ 857.596570][T26228] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 857.895089][ T4263] (syz-executor,4263,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 857.982125][ T4263] ocfs2: Unmounting device (7,2) on (node local) [ 858.107803][T26271] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9673'. [ 858.159661][T26271] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9673'. [ 858.999806][T26306] loop2: detected capacity change from 0 to 256 [ 859.026337][T26306] exfat: Deprecated parameter 'utf8' [ 859.059817][T26306] exfat: Deprecated parameter 'utf8' [ 859.099305][T26306] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 859.209906][T26306] exFAT-fs (loop2): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5) [ 859.238795][T26313] netlink: 'syz.5.9688': attribute type 10 has an invalid length. [ 859.290149][T26313] device batadv0 entered promiscuous mode [ 859.312515][T26313] bridge0: port 3(batadv0) entered blocking state [ 859.319774][T26313] bridge0: port 3(batadv0) entered disabled state [ 859.327882][T26313] bridge0: port 3(batadv0) entered blocking state [ 859.334473][T26313] bridge0: port 3(batadv0) entered forwarding state [ 859.394631][T26315] device ip6tnl4 entered promiscuous mode [ 859.598253][ T33] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 859.608882][ T33] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 859.849707][ T4304] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 860.051477][ T4304] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 860.074205][ T4304] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 860.109608][ T4304] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 860.151437][ T4304] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 860.213030][ T4304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 860.249933][ T4304] usb 1-1: Product: syz [ 860.269453][ T4304] usb 1-1: Manufacturer: syz [ 860.274137][ T4304] usb 1-1: SerialNumber: syz [ 860.311456][ T4304] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 860.336047][T26347] loop1: detected capacity change from 0 to 4096 [ 860.356544][ T4304] cdc_ncm 1-1:1.0: bind() failure [ 860.463935][T26356] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 860.498712][T26347] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=18158232222581129218, rec_len=65535, name_len=1 [ 860.555651][ T4304] usb 1-1: USB disconnect, device number 47 [ 860.684974][T26347] Remounting filesystem read-only [ 860.843803][T26360] loop2: detected capacity change from 0 to 4096 [ 860.888252][T26360] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 861.014112][T26360] ntfs3: loop2: ino=5, "/" directory corrupted [ 861.573392][T26387] nfs: Unknown parameter 'no' [ 861.600270][T26381] loop2: detected capacity change from 0 to 4096 [ 861.657603][T26381] ntfs: volume version 3.1. [ 861.738264][T26391] loop5: detected capacity change from 0 to 256 [ 861.891517][T26391] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d) [ 862.823388][T26429] loop1: detected capacity change from 0 to 256 [ 862.851506][T26427] loop0: detected capacity change from 0 to 1024 [ 862.900297][T26427] EXT4-fs: Ignoring removed bh option [ 862.960013][T26427] EXT4-fs: inline encryption not supported [ 863.001074][T26427] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 863.168032][T26427] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.9734: lblock 2 mapped to illegal pblock 2 (length 1) [ 863.259515][T26427] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 863.289929][T26427] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 48: comm syz.0.9734: lblock 0 mapped to illegal pblock 48 (length 1) [ 863.346917][T26427] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 863.380079][T26427] EXT4-fs error (device loop0): ext4_acquire_dquot:6802: comm syz.0.9734: Failed to acquire dquot type 0 [ 863.479755][T26427] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 863.489496][T26427] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #11: comm syz.0.9734: mark_inode_dirty error [ 863.549808][T26427] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 863.609661][T26427] EXT4-fs (loop0): 1 orphan inode deleted [ 863.615552][T26427] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 863.631560][ T4316] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 863.727061][ T4316] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 863.780261][T26427] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 1: comm syz.0.9734: lblock 1 mapped to illegal pblock 1 (length 1) [ 863.795167][ T4316] EXT4-fs error (device loop0): ext4_release_dquot:6838: comm kworker/u4:6: Failed to release dquot type 0 [ 863.838748][T26427] Quota error (device loop0): find_next_id: Can't read quota tree block 1 [ 864.062052][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 864.101493][ T4258] EXT4-fs error (device loop0): __ext4_get_inode_loc:4507: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 864.198595][ T4258] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5914: Corrupt filesystem [ 864.219463][ T4258] EXT4-fs error (device loop0): ext4_quota_off:7108: inode #3: comm syz-executor: mark_inode_dirty error [ 864.461769][T26479] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 864.469816][T26481] netlink: 'syz.1.9758': attribute type 4 has an invalid length. [ 864.593608][T26489] IPVS: set_ctl: invalid protocol: 4 0.0.0.0:0 [ 865.174446][T26511] loop1: detected capacity change from 0 to 64 [ 865.487933][T26519] netlink: 'syz.0.9771': attribute type 1 has an invalid length. [ 865.543452][T26519] netlink: 'syz.0.9771': attribute type 3 has an invalid length. [ 865.578571][T26519] __nla_validate_parse: 2 callbacks suppressed [ 865.578588][T26519] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9771'. [ 865.972292][ T93] block nbd1: Attempted send on invalid socket [ 865.978660][ T93] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 865.999591][T26536] vxfs: unable to read disk superblock at 1 [ 866.010868][ T52] block nbd1: Attempted send on invalid socket [ 866.017112][ T52] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 866.041098][T26536] vxfs: unable to read disk superblock at 8 [ 866.069642][T26536] vxfs: can't find superblock. [ 866.282667][T26546] loop2: detected capacity change from 0 to 1024 [ 866.320453][T26546] EXT4-fs: Ignoring removed nomblk_io_submit option [ 866.339671][T26546] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 866.379506][T26546] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 866.459069][T26546] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 866.750340][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 866.796788][T26562] CIFS mount error: No usable UNC path provided in device string! [ 866.796788][T26562] [ 866.849754][T26562] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 867.209789][T26575] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9794'. [ 867.402815][T26580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9797'. [ 868.459549][T26616] netlink: del zone limit has 4 unknown bytes [ 869.561580][T26650] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9823'. [ 869.819973][T26659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9828'. [ 869.934676][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 869.941153][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.319452][ T4686] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 870.509675][ T4686] usb 3-1: Using ep0 maxpacket: 16 [ 870.524164][ T4686] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 870.566117][ T4686] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 870.607437][ T4686] usb 3-1: Product: syz [ 870.615165][ T4686] usb 3-1: Manufacturer: syz [ 870.620430][T26683] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 870.648920][ T4686] usb 3-1: SerialNumber: syz [ 870.669864][ T4686] r8152-cfgselector 3-1: config 0 descriptor?? [ 871.091627][ T4686] r8152-cfgselector 3-1: Unknown version 0x0000 [ 871.108294][ T4686] r8152-cfgselector 3-1: USB disconnect, device number 40 [ 871.248025][T26670] loop1: detected capacity change from 0 to 32768 [ 871.356273][T26670] XFS (loop1): Mounting V5 Filesystem [ 871.533839][T26670] XFS (loop1): Ending clean mount [ 871.600537][T26670] XFS (loop1): Quotacheck needed: Please wait. [ 871.775074][T26670] XFS (loop1): Quotacheck: Done. [ 872.104608][ T4257] XFS (loop1): Unmounting Filesystem [ 872.373683][T26694] loop0: detected capacity change from 0 to 32768 [ 872.752171][T26729] netlink: 'syz.4.9851': attribute type 4 has an invalid length. [ 872.792839][T26729] netlink: 'syz.4.9851': attribute type 3 has an invalid length. [ 872.829638][T26729] netlink: 132 bytes leftover after parsing attributes in process `syz.4.9851'. [ 873.148844][T26737] loop0: detected capacity change from 0 to 2048 [ 873.282212][T26745] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 873.562632][T26747] loop2: detected capacity change from 0 to 4096 [ 873.620872][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 873.659104][T26755] loop0: detected capacity change from 0 to 256 [ 873.669657][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 873.690584][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 873.713376][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 873.755424][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc1c00 [ 873.781730][T26755] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 873.850162][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc2c00 [ 873.858120][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc4c00 [ 873.959534][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffc8c00 [ 873.967476][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffd0c00 [ 874.029817][T26747] ntfs3: loop2: try to read out of volume at offset 0x3fffffe0c00 [ 874.458888][T26768] xt_hashlimit: size too large, truncated to 1048576 [ 874.953071][T26787] loop0: detected capacity change from 0 to 1024 [ 875.342950][T26799] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9878'. [ 875.429588][T26799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9878'. [ 876.043333][T26830] loop5: detected capacity change from 0 to 256 [ 876.725436][T26846] loop2: detected capacity change from 0 to 2048 [ 876.747542][T26853] loop5: detected capacity change from 0 to 164 [ 876.785142][T26853] Unable to read rock-ridge attributes [ 876.822804][T26853] Unable to read rock-ridge attributes [ 876.860839][T26856] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9901'. [ 877.630482][T26878] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9911'. [ 877.743303][T26884] loop2: detected capacity change from 0 to 1024 [ 878.018124][T26892] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9918'. [ 878.774457][T26923] netlink: 'syz.5.9932': attribute type 1 has an invalid length. [ 878.817580][T26923] netlink: 56 bytes leftover after parsing attributes in process `syz.5.9932'. [ 879.416350][T26947] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9945'. [ 879.632767][T26952] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 879.700245][T26957] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 879.721899][T26954] loop2: detected capacity change from 0 to 1024 [ 880.039829][T26967] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9954'. [ 880.089606][T26970] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 880.096186][T26970] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 880.171019][T26970] vhci_hcd vhci_hcd.0: Device attached [ 880.196301][T26974] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 880.260221][T26971] vhci_hcd: connection closed [ 880.260867][ T9] vhci_hcd: stop threads [ 880.284142][ T9] vhci_hcd: release socket [ 880.288686][ T9] vhci_hcd: disconnect device [ 880.750327][T26993] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9965'. [ 880.780982][T26993] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9965'. [ 881.055012][T27003] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9968'. [ 881.584660][T27022] netlink: 'syz.1.9977': attribute type 10 has an invalid length. [ 881.900857][T27035] loop2: detected capacity change from 0 to 65 [ 881.926300][T27034] loop0: detected capacity change from 0 to 128 [ 881.990934][T27035] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway [ 882.997974][T27064] loop2: detected capacity change from 0 to 2048 [ 883.041294][T27064] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 883.290668][T27032] loop1: detected capacity change from 0 to 40427 [ 883.332631][T27032] F2FS-fs (loop1): invalid crc value [ 883.358700][T27032] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 883.399252][T27032] F2FS-fs (loop1): Found nat_bits in checkpoint [ 883.573375][T27032] F2FS-fs (loop1): recover fsync data on readonly fs [ 883.614041][T27032] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 883.640190][T27032] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 883.662594][T27032] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 883.909676][ T4254] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 884.101826][ T4254] usb 6-1: unable to get BOS descriptor or descriptor too short [ 884.127647][ T4254] usb 6-1: not running at top speed; connect to a high speed hub [ 884.142057][ T4254] usb 6-1: config 219 has 1 interface, different from the descriptor's value: 2 [ 884.183754][ T4254] usb 6-1: config 219 interface 0 has no altsetting 0 [ 884.236381][ T4254] usb 6-1: config 219 interface 0 has no altsetting 1 [ 884.262158][ T4254] usb 6-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e [ 884.313291][ T4254] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 884.342283][ T4254] usb 6-1: Product: syz [ 884.346499][ T4254] usb 6-1: Manufacturer: syz [ 884.379656][ T4254] usb 6-1: SerialNumber: syz [ 884.545987][T27101] overlayfs: failed to resolve './file0': -2 [ 884.611483][ T4254] usb 6-1: selecting invalid altsetting 0 [ 884.701839][ T4254] snd-usb-audio: probe of 6-1:219.0 failed with error -22 [ 884.739958][ T4254] usb 6-1: USB disconnect, device number 3 [ 884.841044][T27109] loop2: detected capacity change from 0 to 128 [ 884.874839][T27109] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 884.919797][T27111] netlink: 'syz.0.10021': attribute type 5 has an invalid length. [ 885.000968][ T4388] udevd[4388]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:219.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 885.060790][ T4263] sysv_free_block: flc_count > flc_size [ 885.066418][ T4263] sysv_free_block: flc_count > flc_size [ 885.119614][ T4263] sysv_free_block: flc_count > flc_size [ 885.125235][ T4263] sysv_free_block: flc_count > flc_size [ 885.164767][ T4263] sysv_free_block: flc_count > flc_size [ 885.188548][ T4263] sysv_free_block: flc_count > flc_size [ 885.198673][ T4263] sysv_free_block: flc_count > flc_size [ 885.218915][ T4263] sysv_free_block: flc_count > flc_size [ 885.235030][ T4263] sysv_free_block: flc_count > flc_size [ 885.250309][ T4263] sysv_free_block: flc_count > flc_size [ 885.276986][ T4263] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 886.125032][T27149] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10038'. [ 886.783829][T27173] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 886.784253][T27168] loop1: detected capacity change from 0 to 1764 [ 887.215058][T27186] netlink: 'syz.0.10059': attribute type 30 has an invalid length. [ 888.394903][T27225] loop2: detected capacity change from 0 to 164 [ 888.448236][T27225] rock: directory entry would overflow storage [ 888.485175][T27225] rock: sig=0x66, size=4, remaining=3 [ 888.518641][T27225] rock: directory entry would overflow storage [ 888.540185][T27225] rock: sig=0x66, size=4, remaining=3 [ 888.779126][T27233] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2 [ 888.794971][T27233] XFS (loop1): SB validate failed with error -5. [ 889.180056][T27250] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 889.219577][T27250] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0 [ 889.552930][T27266] loop1: detected capacity change from 0 to 256 [ 889.599907][T27268] Invalid ELF header magic: != ELF [ 889.638653][T27266] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 889.869021][T27278] loop1: detected capacity change from 0 to 256 [ 889.914432][T27278] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 890.178791][T27286] netlink: 'syz.2.10105': attribute type 1 has an invalid length. [ 890.228911][T27286] netlink: 'syz.2.10105': attribute type 2 has an invalid length. [ 890.242567][T27290] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 890.258574][T27286] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10105'. [ 890.498465][T27297] netlink: 'syz.4.10110': attribute type 30 has an invalid length. [ 890.978875][T27321] netlink: 'syz.4.10122': attribute type 27 has an invalid length. [ 891.194198][T27330] loop0: detected capacity change from 0 to 128 [ 891.226821][T27331] netlink: 208 bytes leftover after parsing attributes in process `syz.5.10127'. [ 891.265249][T27330] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 891.504799][T27335] loop0: detected capacity change from 0 to 256 [ 891.569782][T27339] cgroup: subsys name conflicts with all [ 891.963811][ T26] audit: type=1326 audit(891.922:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27350 comm="syz.5.10137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa44c98e969 code=0x0 [ 892.359597][ T4254] usb 3-1: new full-speed USB device number 41 using dummy_hcd [ 892.561537][ T4254] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 892.590027][ T4254] usb 3-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 892.619770][ T4254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 892.661155][ T4254] usb 3-1: config 0 descriptor?? [ 892.683400][T27375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10149'. [ 892.893738][ T4254] usb 3-1: USB disconnect, device number 41 [ 893.221863][T27365] loop1: detected capacity change from 0 to 32768 [ 893.259706][T27365] (syz.1.10144,27365,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 893.289050][T27392] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10155'. [ 893.315086][T27365] (syz.1.10144,27365,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 893.407585][T27365] (syz.1.10144,27365,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 893.438521][T27365] JBD2: Ignoring recovery information on journal [ 893.517089][T27365] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 893.734335][T27404] netlink: 'syz.2.10162': attribute type 1 has an invalid length. [ 894.151056][ T4257] ocfs2: Unmounting device (7,1) on (node local) [ 894.390938][T27425] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10172'. [ 894.440772][T27425] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10172'. [ 894.592456][T27430] loop1: detected capacity change from 0 to 16 [ 894.625976][T27430] erofs: (device loop1): mounted with root inode @ nid 36. [ 894.692187][T27430] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 1 @ nid 89 [ 894.739522][T27430] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 895.330019][T27458] tmpfs: Bad value for 'mpol' [ 895.379482][T27460] x_tables: duplicate entry at hook 1 [ 895.583735][T27467] loop5: detected capacity change from 0 to 190 [ 895.621877][T27469] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 895.626862][T27467] ntfs: (device loop5): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 895.743852][T27471] overlayfs: option "workdir=./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 895.744119][T27471] overlayfs: missing 'lowerdir' [ 895.830996][ C0] vkms_vblank_simulate: vblank timer overrun [ 895.845079][T27467] ntfs: (device loop5): ntfs_read_locked_inode(): $STANDARD_INFORMATION attribute is missing. [ 895.869430][T27467] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 895.921563][T27467] ntfs: (device loop5): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 896.009448][T27467] ntfs: volume version 3.1. [ 896.019189][T27467] ntfs: (device loop5): load_system_files(): Volume is dirty. Will not be able to remount read-write. Run chkdsk and mount in Windows. [ 896.119733][T27467] ntfs: (device loop5): ntfs_read_locked_inode(): Inode is an extent inode! [ 896.138683][T27467] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 896.204703][T27467] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 896.228294][T27483] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10201'. [ 896.265100][T27467] ntfs: (device loop5): ntfs_lookup_inode_by_name(): No index allocation attribute but index entry requires one. Directory inode 0x5 is corrupt or driver bug. [ 896.344472][T27467] syz.5.10192: attempt to access beyond end of device [ 896.344472][T27467] loop5: rw=0, sector=224, nr_sectors = 8 limit=190 [ 896.391517][T27490] loop0: detected capacity change from 0 to 128 [ 896.426164][T27491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10205'. [ 896.480395][T27490] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 896.760572][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 897.049232][T27507] netlink: 'syz.5.10211': attribute type 2 has an invalid length. [ 897.411817][T27523] loop5: detected capacity change from 0 to 64 [ 897.859555][ T4304] usb 5-1: new full-speed USB device number 33 using dummy_hcd [ 897.923870][T27543] netlink: 'syz.5.10230': attribute type 21 has an invalid length. [ 897.940040][T27543] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10230'. [ 898.057380][ T4304] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 898.075995][ T4304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 898.121480][ T4304] usb 5-1: config 0 descriptor?? [ 898.193474][T27549] loop0: detected capacity change from 0 to 512 [ 898.236522][T27551] loop5: detected capacity change from 0 to 64 [ 898.297675][T27549] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 898.347598][ T4304] [drm] vendor descriptor length:25 data:25 5f 00 00 00 00 00 00 00 00 00 [ 898.397478][ T4304] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 898.572827][ T4304] [drm:udl_init] *ERROR* Selecting channel failed [ 898.581295][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 898.657497][ T4304] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 898.724251][T27567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10242'. [ 898.729725][ T4304] [drm] Initialized udl on minor 2 [ 898.813330][ T4304] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 898.850764][ T4304] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 898.898794][ T4304] usb 5-1: USB disconnect, device number 33 [ 899.438347][T27582] loop1: detected capacity change from 0 to 8192 [ 899.499608][T27582] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 899.524982][T27582] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 899.550155][T27582] REISERFS (device loop1): using ordered data mode [ 899.556895][T27582] reiserfs: using flush barriers [ 899.572225][T27582] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 899.610348][T27582] REISERFS (device loop1): checking transaction log (loop1) [ 899.630388][T27582] REISERFS (device loop1): Using r5 hash to sort names [ 899.649988][T27582] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 899.719094][T27582] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 899.860859][T27582] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 900.459519][T27622] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10269'. [ 900.490870][T27622] netlink: get zone limit has 8 unknown bytes [ 900.851127][T27637] loop2: detected capacity change from 0 to 512 [ 900.950859][T27637] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 901.033983][T27648] loop0: detected capacity change from 0 to 64 [ 901.251427][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 901.311720][T27655] IPVS: set_ctl: invalid protocol: 4 0.0.0.0:0 [ 901.320876][T27653] loop1: detected capacity change from 0 to 512 [ 901.430361][T27653] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 901.438338][T27653] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 901.469596][T27653] System zones: 0-1, 15-15, 18-18, 34-34 [ 901.479871][T27661] netlink: 'syz.2.10284': attribute type 1 has an invalid length. [ 901.501503][T27661] netlink: 'syz.2.10284': attribute type 3 has an invalid length. [ 901.530705][T27653] EXT4-fs (loop1): orphan cleanup on readonly fs [ 901.537270][T27653] __quota_error: 10 callbacks suppressed [ 901.537284][T27653] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 901.553195][T27661] netlink: 224 bytes leftover after parsing attributes in process `syz.2.10284'. [ 901.594540][T27653] EXT4-fs warning (device loop1): ext4_enable_quotas:7054: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 901.606119][T27664] netlink: 'syz.0.10287': attribute type 4 has an invalid length. [ 901.649588][T27653] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 901.688722][T27653] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.10280: bad orphan inode 16 [ 901.732214][T27653] ext4_test_bit(bit=15, block=18) = 1 [ 901.750280][T27653] is_bad_inode(inode)=0 [ 901.762865][T27653] NEXT_ORPHAN(inode)=0 [ 901.767136][T27653] max_ino=32 [ 901.798267][T27653] i_nlink=2 [ 901.822736][T27653] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 901.836816][T27672] loop5: detected capacity change from 0 to 64 [ 901.950578][T27653] fscrypt (loop1, inode 16): Error -61 getting encryption context [ 901.958529][T27653] fscrypt (loop1, inode 16): Error -61 getting encryption context [ 902.032927][T27675] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10302'. [ 902.129118][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 902.511164][ T93] block nbd4: Attempted send on invalid socket [ 902.517427][ T93] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 902.526738][T27692] vxfs: unable to read disk superblock at 1 [ 902.548406][ T93] block nbd4: Attempted send on invalid socket [ 902.554796][ T93] I/O error, dev nbd4, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 902.566094][T27692] vxfs: unable to read disk superblock at 8 [ 902.595635][T27692] vxfs: can't find superblock. [ 902.925141][T27705] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10305'. [ 902.962833][T27707] CIFS mount error: No usable UNC path provided in device string! [ 902.962833][T27707] [ 902.996779][T27707] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 903.039253][T27711] loop0: detected capacity change from 0 to 1024 [ 903.067177][T27711] EXT4-fs: Ignoring removed nomblk_io_submit option [ 903.089469][ T4686] usb 3-1: new full-speed USB device number 42 using dummy_hcd [ 903.097713][T27711] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 903.157865][T27711] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 903.242188][T27711] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 903.293461][ T4686] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 903.339512][ T4686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 903.384283][ T4686] usb 3-1: config 0 descriptor?? [ 903.543186][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 903.614086][ T4686] [drm] vendor descriptor length:25 data:25 5f 00 00 00 00 00 00 00 00 00 [ 903.629429][ T4686] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 903.824443][ T4686] [drm:udl_init] *ERROR* Selecting channel failed [ 903.861678][ T4686] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 903.893776][ T4686] [drm] Initialized udl on minor 2 [ 903.913215][ T4686] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 903.933547][ T4686] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 903.963857][ T4686] usb 3-1: USB disconnect, device number 42 [ 904.850111][T27771] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10336'. [ 905.529677][ T4386] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 905.667564][T27765] loop0: detected capacity change from 0 to 32768 [ 905.740470][ T4386] usb 5-1: Using ep0 maxpacket: 16 [ 905.746046][T27765] XFS (loop0): Mounting V5 Filesystem [ 905.757274][ T4386] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 905.802197][ T4386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 905.844740][T27806] loop2: detected capacity change from 0 to 8192 [ 905.855084][ T4386] usb 5-1: Product: syz [ 905.860508][T27765] XFS (loop0): Ending clean mount [ 905.875861][ T4386] usb 5-1: Manufacturer: syz [ 905.875898][T27806] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 905.889448][ T4386] usb 5-1: SerialNumber: syz [ 905.897614][T27765] XFS (loop0): Quotacheck needed: Please wait. [ 905.912003][ T4377] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 905.919863][ T4386] r8152-cfgselector 5-1: config 0 descriptor?? [ 905.979256][T27806] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 906.045860][T27765] XFS (loop0): Quotacheck: Done. [ 906.056418][T27806] REISERFS (device loop2): using ordered data mode [ 906.088746][T27806] reiserfs: using flush barriers [ 906.101104][ T4377] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 906.120231][ T4377] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 906.135215][T27806] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 906.167794][T27806] REISERFS (device loop2): checking transaction log (loop2) [ 906.180746][ T4377] usb 6-1: config 0 descriptor?? [ 906.187161][T27806] REISERFS (device loop2): Using r5 hash to sort names [ 906.220303][T27806] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 906.263406][ T4258] XFS (loop0): Unmounting Filesystem [ 906.278956][T27806] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 906.349604][ T4386] r8152-cfgselector 5-1: Unknown version 0x0000 [ 906.379776][ T4386] r8152-cfgselector 5-1: USB disconnect, device number 34 [ 906.393741][ T4377] [drm] vendor descriptor length:25 data:25 5f 00 00 00 00 00 00 00 00 00 [ 906.407214][T27806] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 906.412755][ T4377] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 906.541295][T27812] loop1: detected capacity change from 0 to 4096 [ 906.608287][ T4377] [drm:udl_init] *ERROR* Selecting channel failed [ 906.610241][T27812] ntfs: volume version 3.1. [ 906.648107][ T4377] [drm] Initialized udl 0.0.1 20120220 for 6-1:0.0 on minor 2 [ 906.682899][ T4377] [drm] Initialized udl on minor 2 [ 906.696060][ T4377] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 906.720310][ T4377] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 906.749618][ T4377] usb 6-1: USB disconnect, device number 4 [ 906.777791][ T4304] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 906.806864][ T4304] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 906.816763][ T4304] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 907.417618][T27822] loop2: detected capacity change from 0 to 2048 [ 907.486976][T27829] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 907.933940][T27847] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10371'. [ 907.943427][T27847] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10371'. [ 908.189750][ T4304] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 908.379574][ T4304] usb 1-1: Using ep0 maxpacket: 16 [ 908.389850][ T4304] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 908.401712][T27859] netlink: 'syz.5.10376': attribute type 4 has an invalid length. [ 908.409260][ T4304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 908.418391][ T4304] usb 1-1: Product: syz [ 908.429537][T27859] netlink: 'syz.5.10376': attribute type 3 has an invalid length. [ 908.469547][ T4304] usb 1-1: Manufacturer: syz [ 908.474207][ T4304] usb 1-1: SerialNumber: syz [ 908.479478][T27859] netlink: 132 bytes leftover after parsing attributes in process `syz.5.10376'. [ 908.520498][ T4304] r8152-cfgselector 1-1: config 0 descriptor?? [ 908.774952][T27841] loop1: detected capacity change from 0 to 32768 [ 908.796245][T27866] loop5: detected capacity change from 0 to 1024 [ 908.941031][ T4304] r8152-cfgselector 1-1: Unknown version 0x0000 [ 908.960983][ T4304] r8152-cfgselector 1-1: USB disconnect, device number 48 [ 909.210991][T27872] loop5: detected capacity change from 0 to 2048 [ 909.332366][T27881] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 909.559449][ T4254] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 909.710154][T27887] loop1: detected capacity change from 0 to 1764 [ 909.728160][T27891] loop0: detected capacity change from 0 to 256 [ 909.754468][ T4254] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 909.785285][T27887] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 909.795374][ T4254] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 909.835895][ T4254] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 909.902262][ T4254] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 909.942096][ T4254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 909.982715][ T4254] usb 3-1: Product: syz [ 910.013661][ T4254] usb 3-1: Manufacturer: syz [ 910.018314][ T4254] usb 3-1: SerialNumber: syz [ 910.064948][ T4254] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 910.089499][ T4254] cdc_ncm 3-1:1.0: bind() failure [ 910.290194][ T4254] usb 3-1: USB disconnect, device number 43 [ 910.330288][T27907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10400'. [ 910.368804][T27907] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10400'. [ 910.534401][T27913] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10403'. [ 911.426826][T27946] loop5: detected capacity change from 0 to 2048 [ 911.583500][T27952] loop2: detected capacity change from 0 to 256 [ 911.712774][T27948] loop0: detected capacity change from 0 to 4096 [ 911.777386][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 911.795822][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 911.819590][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 911.829869][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc0c00 [ 911.846248][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc1c00 [ 911.868671][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc2c00 [ 911.894668][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc4c00 [ 911.919578][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffc8c00 [ 911.969494][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffd0c00 [ 912.007148][T27948] ntfs3: loop0: try to read out of volume at offset 0x3fffffe0c00 [ 912.311557][T27970] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10432'. [ 912.487039][T27974] loop0: detected capacity change from 0 to 1024 [ 912.608877][T27978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10437'. [ 913.011044][T27993] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 913.559758][T28013] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 913.984086][T28030] netlink: 60 bytes leftover after parsing attributes in process `syz.2.10460'. [ 914.319232][T28046] netlink: 'syz.5.10468': attribute type 10 has an invalid length. [ 914.450135][T28046] team0: Port device syz_tun added [ 914.498351][T28050] loop2: detected capacity change from 0 to 128 [ 914.536336][T28052] loop1: detected capacity change from 0 to 65 [ 914.600808][T28052] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 914.638296][T28056] netlink: 'syz.0.10474': attribute type 1 has an invalid length. [ 914.682040][T28056] netlink: 56 bytes leftover after parsing attributes in process `syz.0.10474'. [ 914.794305][T28058] loop5: detected capacity change from 0 to 128 [ 914.931107][T28060] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 914.937693][T28060] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 914.961464][T28064] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10477'. [ 914.981225][T28060] vhci_hcd vhci_hcd.0: Device attached [ 915.000510][T28068] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 915.051571][T28062] vhci_hcd: connection closed [ 915.053713][ T4316] vhci_hcd: stop threads [ 915.068141][ T4316] vhci_hcd: release socket [ 915.078620][ T4316] vhci_hcd: disconnect device [ 915.258270][T28075] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10482'. [ 915.305528][T28075] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10482'. [ 915.539886][T28085] netlink: 60 bytes leftover after parsing attributes in process `syz.0.10486'. [ 916.113434][T28107] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10498'. [ 916.159911][T28107] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10498'. [ 916.442061][T28119] netlink: 60 bytes leftover after parsing attributes in process `syz.5.10502'. [ 916.583976][T28125] loop5: detected capacity change from 0 to 65 [ 916.646053][T28125] BFS-fs: bfs_fill_super(): NOTE: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway [ 917.027989][T28137] loop5: detected capacity change from 0 to 128 [ 917.111137][T28137] VFS: Found a Xenix FS (block size = 1024) on device loop5 [ 917.316069][T25311] sysv_free_block: flc_count > flc_size [ 917.337754][T25311] sysv_free_block: flc_count > flc_size [ 917.359504][T25311] sysv_free_block: flc_count > flc_size [ 917.365104][T25311] sysv_free_block: flc_count > flc_size [ 917.395644][T25311] sysv_free_block: flc_count > flc_size [ 917.401830][ T4304] usb 5-1: new full-speed USB device number 35 using dummy_hcd [ 917.419855][T25311] sysv_free_block: flc_count > flc_size [ 917.425910][T25311] sysv_free_block: flc_count > flc_size [ 917.453296][T25311] sysv_free_block: flc_count > flc_size [ 917.486441][T25311] sysv_free_block: flc_count > flc_size [ 917.495002][T25311] sysv_free_block: flc_count > flc_size [ 917.519702][T25311] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 917.601834][ T4304] usb 5-1: unable to get BOS descriptor or descriptor too short [ 917.630152][ T4304] usb 5-1: not running at top speed; connect to a high speed hub [ 917.650247][ T4304] usb 5-1: config 219 has 1 interface, different from the descriptor's value: 2 [ 917.690171][ T4304] usb 5-1: config 219 interface 0 has no altsetting 0 [ 917.697014][ T4304] usb 5-1: config 219 interface 0 has no altsetting 1 [ 917.737374][ T4304] usb 5-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e [ 917.766420][ T4304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 917.788044][ T4304] usb 5-1: Product: syz [ 917.799534][ T4304] usb 5-1: Manufacturer: syz [ 917.804175][ T4304] usb 5-1: SerialNumber: syz [ 917.896765][T28169] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 918.055623][ T4304] usb 5-1: selecting invalid altsetting 0 [ 918.155289][ T4304] snd-usb-audio: probe of 5-1:219.0 failed with error -22 [ 918.179939][ T4304] usb 5-1: USB disconnect, device number 35 [ 918.209124][ T4388] udevd[4388]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:219.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 918.920159][T28196] overlayfs: failed to resolve './file0': -2 [ 919.525248][T28159] loop0: detected capacity change from 0 to 65536 [ 919.652393][T28159] XFS (loop0): Mounting V5 Filesystem [ 919.755434][T28159] XFS (loop0): Ending clean mount [ 919.998813][ T4258] XFS (loop0): Unmounting Filesystem [ 920.093532][T28239] netlink: 'syz.1.10557': attribute type 30 has an invalid length. [ 920.405139][T28249] netlink: 'syz.4.10564': attribute type 5 has an invalid length. [ 921.669022][T28258] loop1: detected capacity change from 0 to 32768 [ 921.713743][T28258] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 921.866250][T28287] netlink: 'syz.0.10593': attribute type 1 has an invalid length. [ 921.901596][T28290] netlink: 'syz.2.10582': attribute type 5 has an invalid length. [ 921.912948][T28287] netlink: 'syz.0.10593': attribute type 2 has an invalid length. [ 921.940939][T28291] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 921.949623][T28287] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10593'. [ 922.110345][ T4813] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 922.427118][T28303] loop2: detected capacity change from 0 to 256 [ 922.486183][T28303] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 922.589794][T28309] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled [ 922.977407][T28265] loop5: detected capacity change from 0 to 65536 [ 923.102426][T28325] netlink: 'syz.0.10598': attribute type 30 has an invalid length. [ 923.172062][T28265] XFS (loop5): Mounting V5 Filesystem [ 923.261095][T28265] XFS (loop5): Ending clean mount [ 923.332341][T28339] netlink: 'syz.2.10604': attribute type 30 has an invalid length. [ 923.452859][T28342] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2 [ 923.496694][T25311] XFS (loop5): Unmounting Filesystem [ 923.519495][T28342] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0 [ 924.516024][T28369] loop2: detected capacity change from 0 to 1024 [ 924.533610][T28369] EXT4-fs: Ignoring removed bh option [ 924.670665][T28369] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 924.757012][T28383] loop1: detected capacity change from 0 to 164 [ 924.816278][T28383] rock: directory entry would overflow storage [ 924.879394][T28383] rock: sig=0x66, size=4, remaining=3 [ 924.979552][T28383] rock: directory entry would overflow storage [ 924.985762][T28383] rock: sig=0x66, size=4, remaining=3 [ 925.064578][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 925.266042][T28397] Invalid ELF header magic: != ELF [ 925.307014][T28400] loop5: detected capacity change from 0 to 256 [ 925.330584][ T26] audit: type=1326 audit(925.292:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28399 comm="syz.0.10633" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x0 [ 925.406964][T28400] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 925.833200][T28417] netlink: 'syz.1.10639': attribute type 1 has an invalid length. [ 925.889171][T28417] netlink: 'syz.1.10639': attribute type 2 has an invalid length. [ 925.933464][T28417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10639'. [ 926.003990][T28419] netlink: 'syz.5.10643': attribute type 30 has an invalid length. [ 926.399254][T28433] netlink: 'syz.1.10650': attribute type 27 has an invalid length. [ 926.463510][T28404] loop0: detected capacity change from 0 to 32768 [ 926.492281][T28404] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11 [ 926.569419][ T4304] usb 5-1: new full-speed USB device number 36 using dummy_hcd [ 926.626990][T28437] netlink: 'syz.5.10652': attribute type 1 has an invalid length. [ 926.726776][ T4436] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11 [ 926.781170][ T4304] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 926.803459][T28441] loop2: detected capacity change from 0 to 128 [ 926.809634][ T4304] usb 5-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 926.855375][T28441] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 926.865402][ T4304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 926.916754][ T4304] usb 5-1: config 0 descriptor?? [ 927.126955][T28451] netlink: 'syz.2.10668': attribute type 27 has an invalid length. [ 927.186767][ T4386] usb 5-1: USB disconnect, device number 36 [ 927.757213][T28469] loop0: detected capacity change from 0 to 16 [ 927.789897][T28469] erofs: (device loop0): mounted with root inode @ nid 36. [ 927.820375][T28469] erofs: (device loop0): z_erofs_pcluster_readmore: readmore error at page 1 @ nid 89 [ 927.859624][T28469] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 928.470745][T28494] x_tables: duplicate entry at hook 1 [ 928.614947][T28496] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10691'. [ 928.692306][T28500] netlink: 'syz.0.10681': attribute type 27 has an invalid length. [ 928.889304][T28504] loop1: detected capacity change from 0 to 1024 [ 928.920537][T28504] EXT4-fs: Ignoring removed bh option [ 929.017269][T28504] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 929.186603][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 929.364700][ T26] audit: type=1326 audit(929.322:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28516 comm="syz.1.10689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x0 [ 929.386110][ C1] vkms_vblank_simulate: vblank timer overrun [ 929.779785][T28528] netlink: 'syz.0.10695': attribute type 1 has an invalid length. [ 929.845733][T28531] loop1: detected capacity change from 0 to 190 [ 929.884886][T28471] loop2: detected capacity change from 0 to 65536 [ 929.894887][T28531] ntfs: (device loop1): is_boot_sector_ntfs(): Invalid boot sector checksum. [ 929.961609][T28531] ntfs: (device loop1): ntfs_read_locked_inode(): $STANDARD_INFORMATION attribute is missing. [ 930.000702][T28471] XFS (loop2): Mounting V5 Filesystem [ 930.026487][T28531] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 930.079524][T28531] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 930.090603][T28471] XFS (loop2): Ending clean mount [ 930.157283][T28531] ntfs: volume version 3.1. [ 930.199310][T28531] ntfs: (device loop1): load_system_files(): Volume is dirty. Will not be able to remount read-write. Run chkdsk and mount in Windows. [ 930.254089][T28531] ntfs: (device loop1): ntfs_read_locked_inode(): Inode is an extent inode! [ 930.280672][ T4263] XFS (loop2): Unmounting Filesystem [ 930.298228][T28531] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 930.369484][T28531] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 930.424123][T28531] ntfs: (device loop1): ntfs_lookup_inode_by_name(): No index allocation attribute but index entry requires one. Directory inode 0x5 is corrupt or driver bug. [ 930.468029][T28531] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 930.486777][T28531] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 930.534236][T28531] syz.1.10696: attempt to access beyond end of device [ 930.534236][T28531] loop1: rw=0, sector=224, nr_sectors = 8 limit=190 [ 930.548211][T28531] ntfs: (device loop1): ntfs_end_buffer_async_read(): Buffer I/O error, logical block 0x1c. [ 930.612628][T28531] ntfs: (device loop1): map_mft_record(): Failed with error code 5. [ 930.646840][T28531] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x18 as bad. Run chkdsk. [ 930.679745][T28531] ntfs: (device loop1): load_and_init_quota(): Failed to load $Quota. [ 930.715567][T28531] ntfs: (device loop1): load_system_files(): Failed to load $Quota. Will not be able to remount read-write. Run chkdsk. [ 930.766254][T28531] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 931.090404][T28565] loop2: detected capacity change from 0 to 64 [ 931.246618][T28568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10711'. [ 931.279675][T28568] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10711'. [ 931.320668][T28571] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 931.373964][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.381297][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 931.420936][T28573] loop2: detected capacity change from 0 to 16 [ 931.463429][T28573] erofs: (device loop2): mounted with root inode @ nid 36. [ 931.530633][T28573] erofs: (device loop2): z_erofs_pcluster_readmore: readmore error at page 1 @ nid 89 [ 931.591823][T28573] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 931.894763][T28588] tmpfs: Bad value for 'mpol' [ 931.902861][T28586] loop5: detected capacity change from 0 to 1024 [ 931.929774][T28586] EXT4-fs: Ignoring removed bh option [ 932.037320][T28586] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 932.133269][T25311] EXT4-fs (loop5): unmounting filesystem. [ 932.259990][T28598] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10736'. [ 932.587571][T28606] loop0: detected capacity change from 0 to 4096 [ 932.675915][T28606] ntfs: volume version 3.1. [ 933.099482][ T4304] usb 2-1: new full-speed USB device number 39 using dummy_hcd [ 933.312301][ T4304] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 933.341526][ T4304] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 933.381028][ T4304] usb 2-1: config 0 descriptor?? [ 933.576686][T28642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10745'. [ 933.604370][ T4304] [drm] vendor descriptor length:25 data:25 5f 00 00 00 00 00 00 00 00 00 [ 933.618751][T28642] netlink: get zone limit has 8 unknown bytes [ 933.628858][ T4304] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 933.684715][T28646] loop2: detected capacity change from 0 to 1024 [ 933.722492][T28646] EXT4-fs: Ignoring removed orlov option [ 933.756112][T28646] EXT4-fs: Ignoring removed nomblk_io_submit option [ 933.825140][T28646] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 933.825160][ T4304] [drm:udl_init] *ERROR* Selecting channel failed [ 933.890344][ T4304] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 933.918308][ T4304] [drm] Initialized udl on minor 2 [ 933.935687][T28654] loop0: detected capacity change from 0 to 64 [ 933.943702][ T4304] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 933.969773][ T4304] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 933.973367][T28650] loop5: detected capacity change from 0 to 2048 [ 934.005890][ T4304] usb 2-1: USB disconnect, device number 39 [ 934.051680][T28650] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 934.100730][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 934.733394][T28676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10762'. [ 934.786368][T28676] netlink: get zone limit has 8 unknown bytes [ 934.991294][T28684] netlink: 'syz.0.10766': attribute type 10 has an invalid length. [ 935.074723][T28684] team0: Device veth1_macvtap failed to register rx_handler [ 935.194385][T28680] loop5: detected capacity change from 0 to 4096 [ 935.247670][T28692] loop2: detected capacity change from 0 to 512 [ 935.271020][T28680] ntfs: volume version 3.1. [ 935.284988][T28692] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 935.343533][T28692] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.10770: Failed to acquire dquot type 0 [ 935.494683][T28692] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 935.571305][T28692] EXT4-fs (loop2): 1 truncate cleaned up [ 935.577022][T28692] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 935.695276][T28692] __quota_error: 22 callbacks suppressed [ 935.695294][T28692] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 935.811331][T28692] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 935.831768][T28692] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.10770: Failed to acquire dquot type 0 [ 936.043250][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 936.245241][T28719] loop5: detected capacity change from 0 to 1024 [ 936.283431][T28719] EXT4-fs: Ignoring removed orlov option [ 936.318977][T28719] EXT4-fs: Ignoring removed nomblk_io_submit option [ 936.400930][T28719] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 936.571876][T25311] EXT4-fs (loop5): unmounting filesystem. [ 936.639521][T28728] loop0: detected capacity change from 0 to 4096 [ 936.739072][T28728] ntfs: volume version 3.1. [ 936.838672][T28737] loop1: detected capacity change from 0 to 512 [ 936.914526][T28737] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 936.976310][T28737] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 936.989572][T28737] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 937.066887][T28737] EXT4-fs error (device loop1): ext4_acquire_dquot:6802: comm syz.1.10793: Failed to acquire dquot type 0 [ 937.155325][T28737] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 937.257636][T28737] EXT4-fs (loop1): 1 truncate cleaned up [ 937.278882][T28737] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 937.375425][T28737] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 937.430239][T28737] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 937.459582][T28737] EXT4-fs error (device loop1): ext4_acquire_dquot:6802: comm syz.1.10793: Failed to acquire dquot type 0 [ 937.647613][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 937.784305][T28767] loop2: detected capacity change from 0 to 1024 [ 937.871965][T28767] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 937.900316][T28767] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.10806: bg 0: block 260: invalid block bitmap [ 937.938770][T28767] EXT4-fs error (device loop2): ext4_free_inode:355: comm syz.2.10806: bit already cleared for inode 15 [ 938.019058][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 938.191941][T28773] loop5: detected capacity change from 0 to 4096 [ 938.270252][T28773] ntfs: volume version 3.1. [ 939.057092][T28812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10826'. [ 939.072217][T28814] netlink: 'syz.2.10827': attribute type 10 has an invalid length. [ 939.154016][T28814] team0: Device veth1_macvtap failed to register rx_handler [ 939.389132][T28819] loop1: detected capacity change from 0 to 4096 [ 939.499099][T28819] ntfs: volume version 3.1. [ 940.043414][T28845] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10842'. [ 940.866037][T28873] loop0: detected capacity change from 0 to 1024 [ 941.438471][T28894] loop1: detected capacity change from 0 to 1024 [ 941.587354][T28894] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 941.635613][T28894] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.10866: bg 0: block 260: invalid block bitmap [ 941.759686][T28894] EXT4-fs error (device loop1): ext4_free_inode:355: comm syz.1.10866: bit already cleared for inode 15 [ 941.964916][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 942.536730][T28931] netlink: 'syz.5.10883': attribute type 11 has an invalid length. [ 943.437986][T28962] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10899'. [ 943.649530][T28968] netlink: 'syz.0.10902': attribute type 11 has an invalid length. [ 943.689555][ T4262] Bluetooth: hci3: command 0x0406 tx timeout [ 944.502363][T28999] netlink: 'syz.0.10918': attribute type 28 has an invalid length. [ 944.531944][T29003] netlink: 'syz.2.10920': attribute type 11 has an invalid length. [ 944.569749][T29005] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10921'. [ 945.070271][T29019] loop5: detected capacity change from 0 to 1024 [ 945.331818][T29029] loop2: detected capacity change from 0 to 1024 [ 945.449984][T29029] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 945.487503][T29029] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #2: block 16: comm syz.2.10933: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=2, rec_len=41827, size=1024 fake=1 [ 945.592109][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 946.320997][T29070] loop5: detected capacity change from 0 to 1024 [ 946.389531][T29070] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 946.441974][T29077] loop1: detected capacity change from 0 to 4096 [ 946.473602][T29070] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #2: block 16: comm syz.5.10951: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=2, rec_len=41827, size=1024 fake=1 [ 946.489906][T29077] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 946.677885][T25311] EXT4-fs (loop5): unmounting filesystem. [ 947.157927][T29092] loop2: detected capacity change from 0 to 4096 [ 947.196112][T29092] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 947.915362][T29126] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10977'. [ 948.403488][T29143] loop0: detected capacity change from 0 to 1024 [ 948.471995][T29143] hfsplus: bad catalog entry type [ 948.858296][T29160] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10991'. [ 949.017013][T29163] netlink: 'syz.5.10994': attribute type 1 has an invalid length. [ 949.063687][T29163] netlink: 'syz.5.10994': attribute type 1 has an invalid length. [ 949.338535][T29176] loop2: detected capacity change from 0 to 1024 [ 949.407272][T29176] hfsplus: bad catalog entry type [ 949.926747][T29198] xt_CONNSECMARK: invalid mode: 0 [ 950.760466][T29228] netlink: 40 bytes leftover after parsing attributes in process `syz.0.11026'. [ 950.836353][T29233] xt_CONNSECMARK: invalid mode: 0 [ 951.872411][T29269] loop5: detected capacity change from 0 to 1024 [ 952.290065][T29281] loop1: detected capacity change from 0 to 1024 [ 952.389976][T29281] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 952.457721][T29281] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 952.486051][T29293] loop2: detected capacity change from 0 to 512 [ 952.498482][T29281] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 952.524673][T29281] EXT4-fs error (device loop1): ext4_acquire_dquot:6802: comm syz.1.11052: Failed to acquire dquot type 1 [ 952.540865][T29293] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 952.661245][ T4257] EXT4-fs (loop1): unmounting filesystem. [ 952.668669][ T4263] EXT4-fs (loop2): unmounting filesystem. [ 952.932330][T29309] loop0: detected capacity change from 0 to 1024 [ 953.263785][T29320] loop2: detected capacity change from 0 to 1024 [ 953.325482][T29324] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 953.359209][T29314] xt_CT: No such helper "netbios-ns" [ 953.658741][T29332] loop5: detected capacity change from 0 to 512 [ 953.749757][T29332] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 953.829438][ T4686] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 953.990611][T25311] EXT4-fs (loop5): unmounting filesystem. [ 954.019448][ T4686] usb 3-1: Using ep0 maxpacket: 16 [ 954.027378][ T4686] usb 3-1: config 1 interface 1 has no altsetting 0 [ 954.061029][ T4686] usb 3-1: string descriptor 0 read error: -22 [ 954.067333][ T4686] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 954.109435][ T4686] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 954.172145][ T4686] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 954.453252][T29358] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 954.617241][ T4686] usb 3-1: USB disconnect, device number 44 [ 954.765768][T29370] loop0: detected capacity change from 0 to 512 [ 954.852824][T29370] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 955.039476][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 955.469147][T29362] loop1: detected capacity change from 0 to 40427 [ 955.578631][T29362] F2FS-fs (loop1): Invalid log blocks per segment (4278190089) [ 955.595906][T29393] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 955.599585][T29362] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 955.672438][T29362] F2FS-fs (loop1): invalid crc value [ 955.704659][T29395] netlink: 'syz.0.11104': attribute type 1 has an invalid length. [ 955.752087][T29362] F2FS-fs (loop1): Found nat_bits in checkpoint [ 955.937216][T29362] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 955.969451][T29362] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 956.273910][ T4257] syz-executor: attempt to access beyond end of device [ 956.273910][ T4257] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 956.343041][ T26] audit: type=1326 audit(956.302:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29420 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6677b8e969 code=0x7ffc0000 [ 956.438190][ T26] audit: type=1326 audit(956.322:2083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29420 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f6677b8e969 code=0x7ffc0000 [ 956.599835][ T26] audit: type=1326 audit(956.322:2084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29420 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6677b8e969 code=0x7ffc0000 [ 956.701862][ T26] audit: type=1326 audit(956.322:2085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29420 comm="syz.2.11115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6677b8e969 code=0x7ffc0000 [ 957.665105][ T26] audit: type=1326 audit(957.622:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29450 comm="syz.1.11128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 957.740364][ T26] audit: type=1326 audit(957.652:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29450 comm="syz.1.11128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 957.805363][ T26] audit: type=1326 audit(957.662:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29450 comm="syz.1.11128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 957.838798][T29434] loop5: detected capacity change from 0 to 32768 [ 957.924083][T29434] [ 957.924083][T29434] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 957.924083][T29434] [ 957.930709][ T26] audit: type=1326 audit(957.662:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29450 comm="syz.1.11128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 958.061847][T29434] [ 958.061847][T29434] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.061847][T29434] [ 958.125241][T29434] [ 958.125241][T29434] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.125241][T29434] [ 958.210727][ T108] [ 958.210727][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.210727][ T108] [ 958.327114][T29470] TCP: TCP_TX_DELAY enabled [ 958.347941][ T9] [ 958.347941][ T9] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.347941][ T9] [ 958.378993][ T9] [ 958.378993][ T9] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.378993][ T9] [ 958.423842][T25311] [ 958.423842][T25311] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.423842][T25311] [ 958.450412][ T108] [ 958.450412][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.450412][ T108] [ 958.490497][T25311] [ 958.490497][T25311] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 958.490497][T25311] [ 958.648584][ T26] audit: type=1326 audit(958.602:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29483 comm="syz.4.11145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 958.764978][ T26] audit: type=1326 audit(958.642:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29483 comm="syz.4.11145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 958.888145][ T26] audit: type=1326 audit(958.642:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29483 comm="syz.4.11145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 958.951477][ T26] audit: type=1326 audit(958.642:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29483 comm="syz.4.11145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 959.089545][ T26] audit: type=1326 audit(958.652:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29483 comm="syz.4.11145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb48a78e969 code=0x7ffc0000 [ 959.389788][ T4254] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 959.579633][ T4254] usb 2-1: Using ep0 maxpacket: 16 [ 959.588626][ T4254] usb 2-1: config 1 interface 1 has no altsetting 0 [ 959.618231][ T4254] usb 2-1: string descriptor 0 read error: -22 [ 959.636718][T29505] CIFS mount error: No usable UNC path provided in device string! [ 959.636718][T29505] [ 959.645259][ T4254] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 959.679551][T29505] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 959.689693][ T4254] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 959.748677][ T4254] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 960.199275][ T4254] usb 2-1: USB disconnect, device number 40 [ 960.288280][T29527] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11166'. [ 960.542637][T29535] CIFS mount error: No usable UNC path provided in device string! [ 960.542637][T29535] [ 960.564976][T29535] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 960.814582][T29545] loop2: detected capacity change from 0 to 8 [ 961.779704][ T4377] usb 1-1: new high-speed USB device number 49 using dummy_hcd [ 961.969852][ T4377] usb 1-1: Using ep0 maxpacket: 16 [ 961.977070][ T4377] usb 1-1: config 0 has an invalid interface number: 68 but max is 0 [ 962.016527][ T4377] usb 1-1: config 0 has no interface number 0 [ 962.036783][ T4377] usb 1-1: config 0 interface 68 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 962.077396][ T4377] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 962.090914][ T4377] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 962.118993][ T4377] usb 1-1: Product: syz [ 962.129902][ T4377] usb 1-1: Manufacturer: syz [ 962.144027][ T4377] usb 1-1: SerialNumber: syz [ 962.166973][ T4377] usb 1-1: config 0 descriptor?? [ 962.225941][T29567] loop1: detected capacity change from 0 to 32768 [ 962.248812][ T4377] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 962.324142][T29567] [ 962.324142][T29567] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.324142][T29567] [ 962.385812][ T7203] usb 1-1: Failed to submit usb control message: -71 [ 962.395123][ T4377] usb 1-1: USB disconnect, device number 49 [ 962.408932][T29567] [ 962.408932][T29567] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.408932][T29567] [ 962.429091][ T7203] usb 1-1: unable to send the bmi data to the device: -71 [ 962.459619][T29567] [ 962.459619][T29567] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.459619][T29567] [ 962.467461][ T7203] usb 1-1: unable to get target info from device [ 962.517906][ T7203] usb 1-1: could not get target info (-71) [ 962.522076][ T108] [ 962.522076][ T108] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.522076][ T108] [ 962.544945][ T7203] usb 1-1: could not probe fw (-71) [ 962.755382][ T33] [ 962.755382][ T33] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.755382][ T33] [ 962.785331][ T33] [ 962.785331][ T33] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.785331][ T33] [ 962.822116][ T4257] [ 962.822116][ T4257] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.822116][ T4257] [ 962.849572][ T107] [ 962.849572][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.849572][ T107] [ 962.894761][ T4257] [ 962.894761][ T4257] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 962.894761][ T4257] [ 963.263516][T29620] openvswitch: netlink: Flow key attr not present in new flow. [ 963.429696][T29626] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11216'. [ 963.510149][T29630] openvswitch: netlink: Flow key attr not present in new flow. [ 963.720975][T29636] Timeout policy `syz0' can only be used by L3 protocol number 21 [ 964.151866][T29652] netlink: 2 bytes leftover after parsing attributes in process `syz.0.11226'. [ 964.242880][T29654] x_tables: duplicate entry at hook 2 [ 964.448684][T29660] loop0: detected capacity change from 0 to 2048 [ 964.515516][T29664] openvswitch: netlink: Flow key attr not present in new flow. [ 964.534232][T29660] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 964.800633][T29670] No such timeout policy "syz0" [ 964.886253][T29639] loop5: detected capacity change from 0 to 32768 [ 965.310155][ T26] audit: type=1326 audit(965.272:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29686 comm="syz.1.11246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 965.403181][ T26] audit: type=1326 audit(965.302:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29686 comm="syz.1.11246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 965.403280][T29691] xt_CT: You must specify a L4 protocol and not use inversions on it [ 965.514502][ T26] audit: type=1326 audit(965.302:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29686 comm="syz.1.11246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 965.565862][T29694] loop5: detected capacity change from 0 to 2048 [ 965.599626][T29694] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 965.619673][ T26] audit: type=1326 audit(965.302:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29686 comm="syz.1.11246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4b38e969 code=0x7ffc0000 [ 965.977702][T29706] No such timeout policy "syz0" [ 966.309690][T29718] netlink: 2 bytes leftover after parsing attributes in process `syz.2.11260'. [ 966.344352][ T26] audit: type=1326 audit(966.302:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29719 comm="syz.0.11262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 966.460674][ T26] audit: type=1326 audit(966.342:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29719 comm="syz.0.11262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 966.574050][ T26] audit: type=1326 audit(966.342:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29719 comm="syz.0.11262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 966.662401][ T26] audit: type=1326 audit(966.342:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29719 comm="syz.0.11262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 966.790918][ T26] audit: type=1326 audit(966.342:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29719 comm="syz.0.11262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f531d58e969 code=0x7ffc0000 [ 966.931172][T29739] loop0: detected capacity change from 0 to 512 [ 966.962593][T29739] EXT4-fs: Ignoring removed i_version option [ 966.996215][T29739] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 967.085130][T29739] EXT4-fs (loop0): 1 truncate cleaned up [ 967.096091][T29739] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 967.314506][ T26] audit: type=1326 audit(967.272:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29756 comm="syz.2.11277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6677b8e969 code=0x7ffc0000 [ 967.356060][ T4258] EXT4-fs (loop0): unmounting filesystem. [ 967.432014][T29759] netlink: 2 bytes leftover after parsing attributes in process `syz.5.11278'. [ 968.439815][ T4686] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 968.629497][ T4686] usb 6-1: Using ep0 maxpacket: 16 [ 968.636710][ T4686] usb 6-1: config 0 has an invalid interface number: 68 but max is 0 [ 968.669506][ T4686] usb 6-1: config 0 has no interface number 0 [ 968.685895][ T4686] usb 6-1: config 0 interface 68 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 968.723232][ T4686] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4 [ 968.749270][ T4686] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 968.762614][T29783] loop2: detected capacity change from 0 to 32768 [ 968.778900][ T4686] usb 6-1: Product: syz [ 968.784973][ T4686] usb 6-1: Manufacturer: syz [ 968.806508][ T4686] usb 6-1: SerialNumber: syz [ 968.816423][T29783] JBD2: Ignoring recovery information on journal [ 968.840238][ T4686] usb 6-1: config 0 descriptor?? [ 968.895677][ T4686] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 968.957046][T29783] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 968.976885][T29783] [ 968.979252][T29783] ====================================================== [ 968.986280][T29783] WARNING: possible circular locking dependency detected [ 968.993321][T29783] 6.1.138-syzkaller #0 Not tainted [ 968.998447][T29783] ------------------------------------------------------ [ 969.005483][T29783] syz.2.11291/29783 is trying to acquire lock: [ 969.011653][T29783] ffff88804e0c5108 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_xattr_set+0xad6/0x11e0 [ 969.023893][T29783] [ 969.023893][T29783] but task is already holding lock: [ 969.031278][T29783] ffff88804e1f3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 969.040775][T29783] [ 969.040775][T29783] which lock already depends on the new lock. [ 969.040775][T29783] [ 969.051173][T29783] [ 969.051173][T29783] the existing dependency chain (in reverse order) is: [ 969.060183][T29783] [ 969.060183][T29783] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 969.068001][T29783] down_read+0x42/0x2d0 [ 969.072683][T29783] ocfs2_init_acl+0x2fb/0x720 [ 969.077891][T29783] ocfs2_mknod+0x1463/0x2350 [ 969.083009][T29783] ocfs2_create+0x1b6/0x4a0 [ 969.088055][T29783] vfs_create+0x2db/0x460 [ 969.092912][T29783] do_mknodat+0x399/0x4c0 [ 969.097769][T29783] __x64_sys_mknod+0x8a/0xa0 [ 969.102957][T29783] do_syscall_64+0x4c/0xa0 [ 969.107905][T29783] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 969.114339][T29783] [ 969.114339][T29783] -> #1 (jbd2_handle){++++}-{0:0}: [ 969.121636][T29783] jbd2_journal_lock_updates+0xa7/0x380 [ 969.127698][T29783] __ocfs2_flush_truncate_log+0x2cd/0x11d0 [ 969.134061][T29783] ocfs2_truncate_log_shutdown+0x13e/0x2e0 [ 969.140403][T29783] ocfs2_dismount_volume+0x1fc/0x920 [ 969.146203][T29783] generic_shutdown_super+0x130/0x340 [ 969.152191][T29783] kill_block_super+0x7c/0xe0 [ 969.157405][T29783] deactivate_locked_super+0x93/0xf0 [ 969.163214][T29783] cleanup_mnt+0x463/0x4f0 [ 969.168163][T29783] task_work_run+0x1ca/0x250 [ 969.173282][T29783] exit_to_user_mode_loop+0xe6/0x110 [ 969.179113][T29783] exit_to_user_mode_prepare+0xb1/0x140 [ 969.185189][T29783] syscall_exit_to_user_mode+0x16/0x40 [ 969.191194][T29783] do_syscall_64+0x58/0xa0 [ 969.196137][T29783] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 969.202559][T29783] [ 969.202559][T29783] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 969.213084][T29783] __lock_acquire+0x2cf8/0x7c50 [ 969.218465][T29783] lock_acquire+0x1b4/0x490 [ 969.223500][T29783] down_write+0x36/0x60 [ 969.228182][T29783] ocfs2_xattr_set+0xad6/0x11e0 [ 969.233557][T29783] __vfs_setxattr+0x3e0/0x420 [ 969.238760][T29783] __vfs_setxattr_noperm+0x129/0x5e0 [ 969.244571][T29783] vfs_setxattr+0x168/0x2f0 [ 969.249605][T29783] setxattr+0x2b2/0x2d0 [ 969.254290][T29783] path_setxattr+0x142/0x280 [ 969.259424][T29783] __x64_sys_setxattr+0xb7/0xd0 [ 969.264806][T29783] do_syscall_64+0x4c/0xa0 [ 969.269807][T29783] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 969.276260][T29783] [ 969.276260][T29783] other info that might help us debug this: [ 969.276260][T29783] [ 969.286581][T29783] Chain exists of: [ 969.286581][T29783] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> jbd2_handle --> &oi->ip_xattr_sem [ 969.286581][T29783] [ 969.302325][T29783] Possible unsafe locking scenario: [ 969.302325][T29783] [ 969.309770][T29783] CPU0 CPU1 [ 969.315131][T29783] ---- ---- [ 969.320490][T29783] lock(&oi->ip_xattr_sem); [ 969.325078][T29783] lock(jbd2_handle); [ 969.331666][T29783] lock(&oi->ip_xattr_sem); [ 969.338772][T29783] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2); [ 969.346060][T29783] [ 969.346060][T29783] *** DEADLOCK *** [ 969.346060][T29783] [ 969.354284][T29783] 3 locks held by syz.2.11291/29783: [ 969.359561][T29783] #0: ffff8880196d2460 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 969.368793][T29783] #1: ffff88804e1f42c8 (&type->i_mutex_dir_key#21){+.+.}-{3:3}, at: vfs_setxattr+0x141/0x2f0 [ 969.379091][T29783] #2: ffff88804e1f3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 969.389049][T29783] [ 969.389049][T29783] stack backtrace: [ 969.394940][T29783] CPU: 0 PID: 29783 Comm: syz.2.11291 Not tainted 6.1.138-syzkaller #0 [ 969.403177][T29783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 969.413230][T29783] Call Trace: [ 969.416511][T29783] [ 969.419472][T29783] dump_stack_lvl+0x168/0x22e [ 969.424162][T29783] ? load_image+0x3b0/0x3b0 [ 969.428666][T29783] ? show_regs_print_info+0x12/0x12 [ 969.433876][T29783] ? print_circular_bug+0x12b/0x1a0 [ 969.439088][T29783] check_noncircular+0x274/0x310 [ 969.444036][T29783] ? add_chain_block+0x940/0x940 [ 969.448979][T29783] ? lockdep_lock+0xdc/0x1e0 [ 969.453578][T29783] ? _find_first_zero_bit+0xcf/0x100 [ 969.458899][T29783] __lock_acquire+0x2cf8/0x7c50 [ 969.463779][T29783] ? verify_lock_unused+0x140/0x140 [ 969.469159][T29783] ? ocfs2_inode_lock_tracker+0x3e8/0x660 [ 969.474975][T29783] ? vfs_setxattr+0x168/0x2f0 [ 969.479690][T29783] ? __lock_acquire+0x7c50/0x7c50 [ 969.484810][T29783] ? do_raw_spin_lock+0x11d/0x280 [ 969.489945][T29783] ? __rwlock_init+0x140/0x140 [ 969.494718][T29783] lock_acquire+0x1b4/0x490 [ 969.499225][T29783] ? ocfs2_xattr_set+0xad6/0x11e0 [ 969.504253][T29783] ? ocfs2_xattr_block_find+0x150/0x4b0 [ 969.509814][T29783] ? __might_sleep+0xd0/0xd0 [ 969.514411][T29783] ? preempt_count_add+0x8d/0x190 [ 969.519434][T29783] ? read_lock_is_recursive+0x10/0x10 [ 969.524810][T29783] ? rwsem_write_trylock+0x12f/0x1b0 [ 969.530096][T29783] ? ocfs2_xattr_ibody_find+0x7c0/0x7c0 [ 969.535656][T29783] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 969.541114][T29783] down_write+0x36/0x60 [ 969.545269][T29783] ? ocfs2_xattr_set+0xad6/0x11e0 [ 969.550298][T29783] ocfs2_xattr_set+0xad6/0x11e0 [ 969.555155][T29783] ? __ocfs2_xattr_set_handle+0xf10/0xf10 [ 969.560899][T29783] ? aa_get_newest_label+0xf4/0x5c0 [ 969.566093][T29783] ? do_user_addr_fault+0x77d/0xb10 [ 969.571299][T29783] ? preempt_count_add+0x8d/0x190 [ 969.576321][T29783] ? end_current_label_crit_section+0x170/0x170 [ 969.582557][T29783] ? __up_read+0x27c/0x660 [ 969.586973][T29783] ? evm_protected_xattr_common+0x170/0x190 [ 969.592868][T29783] ? evm_protect_xattr+0x7a0/0x990 [ 969.597992][T29783] ? ocfs2_xattr_security_get+0x40/0x40 [ 969.603543][T29783] __vfs_setxattr+0x3e0/0x420 [ 969.608231][T29783] __vfs_setxattr_noperm+0x129/0x5e0 [ 969.613528][T29783] vfs_setxattr+0x168/0x2f0 [ 969.618053][T29783] ? xattr_permission+0x500/0x500 [ 969.623081][T29783] ? _copy_from_user+0x10b/0x170 [ 969.628544][T29783] ? setxattr+0x243/0x2d0 [ 969.632897][T29783] setxattr+0x2b2/0x2d0 [ 969.637081][T29783] ? path_setxattr+0x280/0x280 [ 969.641865][T29783] ? __mnt_want_write+0x21f/0x2a0 [ 969.646924][T29783] path_setxattr+0x142/0x280 [ 969.651528][T29783] ? simple_xattr_list_add+0xf0/0xf0 [ 969.656821][T29783] ? lock_chain_count+0x20/0x20 [ 969.661683][T29783] __x64_sys_setxattr+0xb7/0xd0 [ 969.666545][T29783] do_syscall_64+0x4c/0xa0 [ 969.670967][T29783] ? clear_bhb_loop+0x45/0xa0 [ 969.675643][T29783] ? clear_bhb_loop+0x45/0xa0 [ 969.680322][T29783] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 969.686225][T29783] RIP: 0033:0x7f6677b8e969 [ 969.690650][T29783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 969.710256][T29783] RSP: 002b:00007f6678924038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 969.718673][T29783] RAX: ffffffffffffffda RBX: 00007f6677db5fa0 RCX: 00007f6677b8e969 [ 969.726647][T29783] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 969.734619][T29783] RBP: 00007f6677c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 969.742590][T29783] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 969.750559][T29783] R13: 0000000000000000 R14: 00007f6677db5fa0 R15: 00007fffe09f4398 [ 969.758533][T29783] [ 969.791563][ T4686] usb 6-1: USB disconnect, device number 5 [ 969.792090][ T7203] usb 6-1: Failed to submit usb control message: -71 [ 969.818252][ T7203] usb 6-1: unable to send the bmi data to the device: -71 [ 969.845083][ T7203] usb 6-1: unable to get target info from device [ 969.851679][ T7203] usb 6-1: could not get target info (-71) [ 969.857564][ T7203] usb 6-1: could not probe fw (-71) [ 969.894283][ T4263] ocfs2: Unmounting device (7,2) on (node local)