last executing test programs: 4.176102782s ago: executing program 1 (id=4266): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(&(0x7f0000000040)=@cell={0x25, '', 'syz0', '.readonly'}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@dyn}]}) 3.939221431s ago: executing program 0 (id=4270): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000e00)={@null, 0xd, 'veth1_to_bridge\x00'}) 3.857611718s ago: executing program 1 (id=4272): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=r0, @ANYBLOB="00410000000000001c002b8008000100", @ANYRES32, @ANYBLOB="080003001900000008000880"], 0x3c}}, 0x4000030) 3.653580945s ago: executing program 0 (id=4274): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 3.406451594s ago: executing program 1 (id=4276): ioprio_set$uid(0x3, 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x300000c, 0x4f832, 0xffffffffffffffff, 0x1000000) 3.294285164s ago: executing program 0 (id=4277): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x20, 0x1, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4804) 3.056333733s ago: executing program 0 (id=4280): syz_usb_connect(0x6, 0x1fc, &(0x7f0000000780)=ANY=[@ANYBLOB="12015002b8005108101407a0683e010203010902ea01030e00300309040309027f54cc00090502040004040403800109661bede31b6d40ffd5a6457d3483a7c64a2cf09c6b30e3afe9ca"], 0x0) syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="040e06006220"], 0x9) 2.923457314s ago: executing program 1 (id=4282): syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x8008c4, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x1, 0x4436, &(0x7f0000004480)="$eJzs3c9rm+cdAPDnfe0sdpZkdpZDBoMJFtjYhrFz2ubAHMeJYyeeR9aE0osi20riVraCLZcecnBvgZ4KPZQeQguFUnwKPvSa/gm99JieA+2hl0Ih1EXSK1vvawmrxrKb8PlA9Oh9fitfvY8eHeQnTlTuL67mFldzheVcef7u6oXc2+XS2lIxxIfkqMenM92Ik9gfndnLV/9/+0IIXy58/Xxra2srVPWGlkaanv/w/cP55rQhzrSp9tu6t4PyRgjh7K55VfWEEF7/IoQohHApyRtP0v4QwulQL7v98L07uQOazZNnxYv5FzOPNkfPT2883mz/2qMQPir94R/3lr79c8/oN387oOEBAAAAAAAAAAAAAAAAAHjJTd6cvfW/4ZHwNAq9G9Hu3+tOJmmL38fOfl5Ptw7Gnw7j5QIAAAAAAAAAAAAAAAAAAMCv0s7v/3PRmRa//59I0rE27bf+0/050j1T/52duDI8kpz/Hu0q/2eS9d2lnjDY4tz37PnvlzLtW5//vnuc/WrMrzHuQIjiodR1HA8NhfBJcvD7uehEXCqvVv5+t7y2vHBg03hppeNfP70/FZ3kQP9O4z+e6b/75///fte7qXp95+DeYq+0dPx72tb79N2oo/hfzrQ7jPizf+n499by+psrjNUXgGr83+/dO/4Tmf67Ff/TIYRcVJ1rLrUCVPcw1fx2+xXS0vE/VstLLZ3Jf2S7+//HTPyvZPo/qvV/PftBREvp+P+mlteXqrFz/w/Ge93/feHq9vP6G+co4l+d/7rP/46k43+8ntnb9JgsB52u/5OZ/rsV/1txMsPTUeodsBHV81v8vTpaSMe/b1f5zve/uKP937VM+8P6/tcYt/H9r7H8/zWqf/+jtXT8+9vW6/T+n8q06/b6P1bb/7Ff6fifqOWl984DtcdO4z+d6b9b8a/tSvoa8d9ZT346Xs//2P6vI+n4/7aeGTfXWK891vZ/0d77/+uZ/o9i/1ed/3rc3VFfFen4n2xb77PFKHzVwef/jUy7ar/HujP1bcP2+vuWjv+ptvVq93/f3vGfybTr9v3/l252DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASGE/SgRDFQ6nrOB4aCuFycn0unIjmCgv5uVJ5/q3VECaS/Fw4E90rlecKpfzicnmhmC+USuX5EK4k5WdDX7RaKlfyS4UHV7f76o/uFwsrlblioRJCmEzy/xhONfqaW6wsFR6EEK5tl/0uLq88uF9Yzi8srvx7eHh4OExtz2EwKr5TKS5X6qPXS0OY3m47EDVNrlZ8fXsuJ6M3y2sry4VSLf9GU5tSeb5Qamozk5R9EAajysra8nyhUsyXyvca4x2lsSSdmLr52s0bI7vK70T1dPxwpwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL/R09F8fhhB661dxCCEXJU+i5F/Kk2fFi/kXM482R89PbzzefN6qDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RilgSAKA/CbAdHSY1gtu53tiiJauCJ4Aj2Gh9GjeAnvYJEibYoQSGYh7E6xTVJ9X/Ngfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/D+2vbRaS42l5G/H7+/R/nz6V+31UuX5xnRk7n6WW4f2i78u9plt+Wo1Wf9+lm/fURlTr6mezJdJ8O5n2mqvtWMc439r2OlJuI6Et+k3JummVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//6KfHYs=") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) 2.291861475s ago: executing program 0 (id=4287): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r0, 0x1, 0x46, &(0x7f0000000140)=0xffff0000, 0x4) 2.010283008s ago: executing program 2 (id=4291): syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") rename(&(0x7f0000000440)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.956307042s ago: executing program 0 (id=4292): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=") setxattr$trusted_overlay_origin(&(0x7f0000000240)='.\x00', &(0x7f0000000000), 0x0, 0x0, 0x0) 1.818236893s ago: executing program 3 (id=4294): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/vlan/config\x00') lseek(r0, 0x47, 0x1) 1.632657678s ago: executing program 4 (id=4295): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0x1, 0x3, 0x0, {}, [{0x58, 0x1, [@m_skbmod={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x2, 0x3, 0xffffffffffffffff, 0x4, 0x8}, 0x4}}]}, {0x4, 0x14}, {0xc}, {0xc, 0x6, {0x0, 0x1}}}}]}]}, 0x6c}}, 0x20000000) 1.594286431s ago: executing program 3 (id=4296): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x1c, 0xc, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008811}, 0x20000000) 1.338196362s ago: executing program 2 (id=4297): r0 = socket(0x1, 0x803, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000040)={'gre0\x00', 0x0, 0x708, 0x80, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @empty}}}}) 1.286025206s ago: executing program 4 (id=4298): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000020a01020000000000000000010000000900010073797a30000000000900030073797a310000000054000000060a010400000000000000000100000008000b40000000002c000480280001800e000100696d6d65646961746500000014000280080001400000000008000280040001000900010073797a30"], 0xc8}}, 0x0) 1.130389059s ago: executing program 3 (id=4299): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x840, 0x0) ioctl$RTC_PIE_OFF(r0, 0x7006) 1.11466144s ago: executing program 2 (id=4300): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r0, 0x0, 0x0) 999.446579ms ago: executing program 1 (id=4301): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000009002010014001a801000028006000180"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 998.737009ms ago: executing program 4 (id=4302): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000004ec0)={0x2, &(0x7f0000000000)=[{0x35}, {0x6}]}) 730.145611ms ago: executing program 3 (id=4303): r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, &(0x7f0000000040)) 729.964171ms ago: executing program 2 (id=4304): r0 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0xe02) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000040)={0x0, 0x0, 0x0}) 721.196692ms ago: executing program 4 (id=4305): r0 = syz_open_dev$video4linux(&(0x7f0000000400), 0x800000000401, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc040564a, &(0x7f0000000000)={0x0, 0x1, 0x1011, 0xffffffffffffffff, 0x0, 0x0}) 515.866418ms ago: executing program 1 (id=4306): r0 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtaction={0x70, 0x13, 0x53b, 0x1, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0xd, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xfffffff9}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xd0, 0x401, 0x2, 0x4}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x4}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x4004000) 496.53391ms ago: executing program 2 (id=4307): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]}) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) 409.409407ms ago: executing program 4 (id=4308): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x3}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, &(0x7f00000000c0), &(0x7f0000000180)=""/165}, 0x20) 385.600869ms ago: executing program 3 (id=4309): r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="cf9ee6ac83d467f4e2e65c30dcdf31923f075efb8a37aa5217bee0825756e9942a247ae28049605c82407c75db82bd91bcd39cea5b5a71c19c81544145cb78cdc47657bf970820c73e85010275687590cd1a18fdcb1e50dd45ce9a5f341b1f8ab51b13a446ff6d5c963f2aa24d9cd120e6e28730341d3d8e9b0b8de6708c1fd1bf372cb3b31add32cd3904cc36f1ad33ee3239ac168072fba596829e76143da4bf02c60c66482d994bb111f7dd47283a9328cd4f804e8750eca11cfed38b832234d0f3e1eaaadc09486bd97db879635514ca857810ae49ea7b96aa7ff6d69f48c14dfabb76361d9e3156d4b9d2d1909aec142fe0e0ca32ae1f86b9e9db1709e6cee02f6123952e031eee1e2083f966db37fb46dd8e5653a3e76b8a5df2351790887c78e725ae2c155dca702f56000ad9b0699e5c73382ea0574c33de0a03509df2c61aae3be0a2ad08a96efdab41c262795905a6526da50d787c5ce1113c7c18b1b0c710724cb16c63570cbb17714f00d5e82f66b45c761774a3a4eaa8fcd7c6771593fb104f278da3ac75be4ff0178a504bca60118fa86aa6760dcf129c71af950b4a37e9270423536452f8a49da3cd3e525c00fc6801a5fdc2e567f742b2db6016eea3b9d8179bc3ee6227823d3cfe38e0641417b323c5e3926ce4cf376028dac52e25d3ab215ec906ff279957b34a9ba20084835cbd5adf0f5bec83983f4c37e5d2bbd954c5d41a4c853f8d4bb61f7dba2a9b1438f31ddbcc32bce8c03a8bab42f96f40b0338d39cf78e76777e45397970e5a659de95cd12dcc9dd2b75af6764679f1d1cd7c1b645674642e0e338190ae9ed5f33596bb8f6e7902ad1afb92006005887aba6188f3d5ad38c143cfbb200fac51481d9ec92a44da631100067a254fcbafaf14b9f957f119806c668d939a13ffef568211c30ff8eeba8ac8bedb00a70b61683257e7efa7788337872d3fcaad08155539054af1eec48713c42859e852f7a30069c598e427643303c96398bee84723c0f766b3a650d4d3b3a20efb366593172ff5e6f0fee75fa3d67c6a4f5a137145a546a7c7f44ca4753bd7fb734c62ae66ccb0f5080cf1063934acd3d2740434520961a4b276364a58ca116eebf0709c1546f0413c89b54aeb364b154e5631ba091e899aae24e44e6fbe07c0a5a092538490823b1bb2a6e79e6e6351460aa52759bb037b9ca11e3f507c37f50261bf10c26a2238b4a9ae8efdfc13f6328d473d93dfce5e49f37e329f6dd8d4573899f6d1007532fc939b7330631bd9b6e3c3ac3ee8deb510468bcf2384bd037f5ab5c23ad0f82f196c7ef599fb4c2a3734054d5ecf0e3fd0644c898ac0b4a0def092bd7b6207a569a1fea9dbf963c4fd4117b8ab0076803a3b89120d2fda90daae51e35772e784095f1b0f24c4cb2c5f4700c5a5a7d7608c670cb6713f472cff5aa44b5a6caa69fa2c47444913dfa43ac6a962abcfcd56f2cbf258fd7ce68834e963a8ee2b21fc68a0d85dcd960610a6cb5585b4c869b624cef59919229674f01484568eb540e764b4230be8c672515b48a117d6e14edd1b2a0e926b37aeaf892cdc6100ad80d795e9275ecd9b335772bd8b5b24fa5e3f1481dc6a77bd369fa27487b77d43125c97186c669a17522b6cef46f35c6fead10329603845e8be114ffc5cb47d0b64f91a66baf0fd31b83e932ef98ab57066b3bf87e680a2b4f6df2b983a8ec818319633a511844acd8f70c0ee9ce3059800d1d0ad7b61badcffdde94d0cc768c0b970d82b54097e73bd6e2aedad4139d983ab94014ed599ec82a62c0753622ed8febf4f34df8feef86c87f6ad63baa09472f55be9f0ce570d3b388d8dbd4c621494653a1a30255cc6df7f461c308668e691d4a2b975ac116fa502460b5f6db4a9ae5ab40c2e996f958ce5cf0485c9fcd45c07dcb0589947bfc2e59ebef707e387d656e90d3048c7170a81248d612f6b6252324ecb338028de0a1e47e359a0a1153c9bc8c9cbc7a1c2d385f5d32f90d607dec0807c67db24a1d7f8ccfe42cb84dfab0584aa10fea7a939051bf523b5708086019b38a60a6c3526ba9f533ebbf5d8a81b5d6d", 0x5c9, 0xfffffffffffffffd) keyctl$update(0x2, r0, &(0x7f0000001080)="e1190d0a69dbb45c2885105ffe498b25", 0x10) 210.262243ms ago: executing program 2 (id=4310): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x158, 0x10, 0x713, 0x70bd25, 0x0, {{@in6=@mcast2, @in6=@rand_addr=' \x01\x00', 0x0, 0x8, 0x0, 0x2, 0x2, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in=@loopback, 0x4d2, 0x32}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x2, 0x0, 0x0, 0x2, 0x0, 0x1c00000000000}, {0x11df, 0x0, 0x0, 0xffffffffffffffff}, {}, 0x70bd29, 0x0, 0xa, 0x1}, [@algo_aead={0x68, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xe0, 0x60, "00000000000000000000a1c31b3718243e97a18e6085921a4cf3f6e2"}}]}, 0x158}}, 0x0) 86.271403ms ago: executing program 4 (id=4311): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) io_setup(0x22, &(0x7f00000003c0)) 0s ago: executing program 3 (id=4312): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0xec37, 0x40024}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x24004004) kernel console output (not intermixed with test programs): . [ 249.295604][ T9570] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 249.429176][ T9570] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 249.487685][ T9570] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.2311: Failed to acquire dquot type 0 [ 249.494086][ T4549] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 249.524219][ T4549] ath9k_htc: Failed to initialize the device [ 249.524549][ T9570] EXT4-fs (loop3): 1 truncate cleaned up [ 249.530765][ T4548] usb 2-1: ath9k_htc: USB layer deinitialized [ 249.591695][ T9570] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 249.627564][ T9579] loop4: detected capacity change from 0 to 512 [ 249.743940][ T9579] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.2315: iget: bad i_size value: 38620345925642 [ 249.827124][ T9579] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2315: couldn't read orphan inode 15 (err -117) [ 249.846832][ T9579] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 249.895418][ T9587] x_tables: duplicate underflow at hook 2 [ 249.934778][ T9579] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.2315: bg 0: block 5: invalid block bitmap [ 250.047771][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 250.064098][ T4548] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 250.257435][ T4548] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 250.285660][ T4548] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 62709, setting to 1024 [ 250.297867][ T9600] device netdevsim0 entered promiscuous mode [ 250.340704][ T9600] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 250.344525][ T4548] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 1024 [ 250.408549][ T9604] netlink: 'syz.0.2328': attribute type 10 has an invalid length. [ 250.416897][ T4548] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 250.429956][ T9604] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2328'. [ 250.439362][ T4548] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.454542][ T9604] device virt_wifi0 entered promiscuous mode [ 250.491672][ T9604] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 250.509281][ T9570] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 250.548413][ T4548] usb 4-1: invalid MIDI out EP 0 [ 250.643360][ T4548] snd-usb-audio: probe of 4-1:27.0 failed with error -22 [ 250.750331][ T4262] udevd[4262]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 250.839033][ T9617] loop0: detected capacity change from 0 to 16 [ 250.902403][ T9617] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 250.978798][ T4548] usb 4-1: USB disconnect, device number 8 [ 251.237676][ T9628] tmpfs: Bad value for 'mpol' [ 251.282779][ T9632] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 251.606538][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 251.961786][ T9658] ksmbd: Unknown IPC event: 0, ignore. [ 252.148665][ T9663] loop0: detected capacity change from 0 to 1024 [ 252.215596][ T9663] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 252.370750][ T9663] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 252.463476][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 252.800512][ T9669] loop4: detected capacity change from 0 to 32768 [ 252.885364][ T9669] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 252.937561][ T9669] (syz.4.2360,9669,1):ocfs2_find_entry:1086 ERROR: status = -117 [ 253.024615][ T9669] (syz.4.2360,9669,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 253.042814][ T9669] (syz.4.2360,9669,0):ocfs2_symlink:2065 ERROR: status = -117 [ 253.135496][ T4548] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 253.178394][ T4268] (syz-executor,4268,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 253.235591][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 253.335979][ T4548] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 253.366681][ T4548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 253.404150][ T4548] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 253.444111][ T4548] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 253.479807][ T4548] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 253.509822][ T4548] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 253.544250][ T4548] usb 3-1: Manufacturer: syz [ 253.552866][ T4548] usb 3-1: config 0 descriptor?? [ 253.814212][ T4545] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 253.824520][ T4548] usb 3-1: USB disconnect, device number 10 [ 253.888493][ T9714] loop3: detected capacity change from 0 to 1024 [ 253.963066][ T9714] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 253.997492][ T4545] usb 1-1: config 0 has an invalid interface number: 199 but max is 1 [ 254.015389][ T4545] usb 1-1: config 0 has no interface number 1 [ 254.031773][ T4545] usb 1-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 254.042758][ T9714] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.3.2380: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 254.052367][ T4545] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 254.096243][ T4545] usb 1-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 254.114082][ T4545] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 254.132314][ T4545] usb 1-1: SerialNumber: syz [ 254.146267][ T4545] usb 1-1: config 0 descriptor?? [ 254.160453][ T9714] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 254.266431][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 254.312069][ T9723] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 254.376816][ T4545] usb 1-1: Found UVC 0.00 device (0002:0000) [ 254.400824][ T4545] usb 1-1: No valid video chain found. [ 254.421185][ T4545] usb 1-1: USB disconnect, device number 6 [ 254.873112][ T9741] loop1: detected capacity change from 0 to 2048 [ 254.919909][ T9741] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 255.034104][ T4545] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 255.260741][ T4545] usb 3-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 255.299666][ T4545] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.307310][ T9758] netlink: 'syz.1.2401': attribute type 10 has an invalid length. [ 255.322818][ T4545] usb 3-1: Product: syz [ 255.327789][ T4545] usb 3-1: Manufacturer: syz [ 255.342704][ T4545] usb 3-1: SerialNumber: syz [ 255.361108][ T4545] usb 3-1: config 0 descriptor?? [ 255.488339][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.494729][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.587717][ T4545] int51x1: probe of 3-1:0.0 failed with error -22 [ 255.810049][ T4545] usb 3-1: USB disconnect, device number 11 [ 256.218451][ T9789] loop3: detected capacity change from 0 to 512 [ 256.269617][ T9789] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.2415: iget: bad i_size value: 38620345925642 [ 256.298318][ T9789] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2415: couldn't read orphan inode 15 (err -117) [ 256.353476][ T9789] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 256.456105][ T9789] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.2415: bg 0: block 5: invalid block bitmap [ 256.611307][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 256.832205][ T9804] loop3: detected capacity change from 0 to 1024 [ 256.980987][ T9810] loop4: detected capacity change from 0 to 1024 [ 257.060881][ T9810] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 257.162846][ T9818] loop1: detected capacity change from 0 to 512 [ 257.251098][ T9818] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 257.293200][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 257.324591][ T9818] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 257.377187][ T9818] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.452386][ T4545] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 257.631851][ T9830] netlink: 'syz.4.2431': attribute type 1 has an invalid length. [ 257.647548][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 257.650245][ T9830] netlink: 'syz.4.2431': attribute type 3 has an invalid length. [ 257.670658][ T4545] usb 3-1: config 6 has an invalid interface number: 109 but max is 0 [ 257.672797][ T9830] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2431'. [ 257.689595][ T4545] usb 3-1: config 6 has no interface number 0 [ 257.699787][ T4545] usb 3-1: config 6 interface 109 has no altsetting 0 [ 257.713001][ T4545] usb 3-1: New USB device found, idVendor=046d, idProduct=0821, bcdDevice=62.59 [ 257.723731][ T4545] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.779867][ T4545] usb 3-1: Found UVC 0.00 device (046d:0821) [ 257.801771][ T4545] usb 3-1: No valid video chain found. [ 258.007508][ T4547] usb 3-1: USB disconnect, device number 12 [ 258.305138][ T9853] loop4: detected capacity change from 0 to 2048 [ 258.334755][ T9853] NILFS (loop4): invalid segment: Magic number mismatch [ 258.360195][ T9853] NILFS (loop4): trying rollback from an earlier position [ 258.390878][ T9853] NILFS (loop4): recovery complete [ 258.431620][ T9856] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 258.474215][ T9853] NILFS (loop4): unrecognized mount option "01777777777777777777777ÿÿÿñ¼ÊíXc¥vÌ:ýQºòœÞ" [ 259.399683][ T9889] loop2: detected capacity change from 0 to 2048 [ 259.449246][ T9889] NILFS (loop2): invalid segment: Magic number mismatch [ 259.483876][ T9889] NILFS (loop2): trying rollback from an earlier position [ 259.526621][ T9889] NILFS (loop2): recovery complete [ 259.562480][ T9897] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 259.621410][ T9889] NILFS (loop2): unrecognized mount option "01777777777777777777777ÿÿÿñ¼ÊíXc¥vÌ:ýQºòœÞ" [ 259.693482][ T9903] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 259.888508][ T9903] CIFS mount error: No usable UNC path provided in device string! [ 259.888508][ T9903] [ 259.940997][ T9903] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 260.337186][ T9923] netlink: 766 bytes leftover after parsing attributes in process `syz.2.2479'. [ 260.720181][ T9941] netlink: 'syz.3.2487': attribute type 15 has an invalid length. [ 261.134140][ T5229] usb 3-1: new full-speed USB device number 13 using dummy_hcd [ 261.352015][ T5229] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 261.370739][ T5229] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 261.409086][ T5229] usb 3-1: config 0 has no interface number 0 [ 261.447195][ T5229] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 261.491010][ T5229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.518075][ T5229] usb 3-1: Product: syz [ 261.532748][ T5229] usb 3-1: Manufacturer: syz [ 261.553031][ T5229] usb 3-1: SerialNumber: syz [ 261.582752][ T5229] usb 3-1: config 0 descriptor?? [ 261.610426][ T5229] hub 3-1:0.31: bad descriptor, ignoring hub [ 261.648104][ T5229] hub: probe of 3-1:0.31 failed with error -5 [ 261.699476][ T5229] usb 3-1: Found UVC 0.04 device syz (046d:08c3) [ 261.737059][ T5229] uvcvideo 3-1:0.31: Entity type for entity Output 6 was not initialized! [ 261.766845][ T5229] usb 3-1: Failed to create links for entity 6 [ 261.822261][ T5229] usb 3-1: Failed to register entities (-22). [ 261.891472][ T5229] usb 3-1: USB disconnect, device number 13 [ 262.038089][ T9983] netlink: 'syz.0.2508': attribute type 30 has an invalid length. [ 262.798901][T10007] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2521'. [ 262.831490][T10007] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2521'. [ 263.899110][T10048] loop1: detected capacity change from 0 to 256 [ 263.938970][T10048] exfat: Deprecated parameter 'namecase' [ 263.951268][T10050] overlayfs: conflicting options: userxattr,redirect_dir=on [ 263.964330][T10048] exfat: Deprecated parameter 'utf8' [ 264.302765][T10048] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d) [ 264.722191][T10069] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2551'. [ 264.904243][T10077] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2554'. [ 264.923719][T10077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2554'. [ 265.409584][T10094] loop3: detected capacity change from 0 to 512 [ 265.437221][T10096] loop2: detected capacity change from 0 to 256 [ 265.486525][T10094] EXT4-fs (loop3): 1 truncate cleaned up [ 265.530390][T10094] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 265.569185][T10096] FAT-fs (loop2): Directory bread(block 64) failed [ 265.617739][T10096] FAT-fs (loop2): Directory bread(block 65) failed [ 265.630674][T10094] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.2563: deleted inode referenced: 15 [ 265.641772][T10096] FAT-fs (loop2): Directory bread(block 66) failed [ 265.668106][T10096] FAT-fs (loop2): Directory bread(block 67) failed [ 265.700133][T10094] EXT4-fs (loop3): Remounting filesystem read-only [ 265.701393][T10096] FAT-fs (loop2): Directory bread(block 68) failed [ 265.788880][T10096] FAT-fs (loop2): Directory bread(block 69) failed [ 265.804302][T10096] FAT-fs (loop2): Directory bread(block 70) failed [ 265.810939][T10096] FAT-fs (loop2): Directory bread(block 71) failed [ 265.823491][T10096] FAT-fs (loop2): Directory bread(block 72) failed [ 265.832291][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 265.864489][T10096] FAT-fs (loop2): Directory bread(block 73) failed [ 266.132443][T10118] netlink: 'syz.4.2574': attribute type 3 has an invalid length. [ 266.534130][ T4547] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 266.726638][ T4547] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 266.766692][ T4547] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 266.807963][ T4547] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 266.853941][ T4547] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.887611][T10124] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 266.976898][T10148] loop2: detected capacity change from 0 to 2048 [ 267.044533][T10153] loop4: detected capacity change from 0 to 16 [ 267.069558][T10153] erofs: (device loop4): mounted with root inode @ nid 36. [ 267.081370][T10148] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 267.083059][T10153] erofs: (device loop4): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 267.103263][T10153] erofs: (device loop4): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 267.116136][T10153] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 267.159643][T10148] ext4 filesystem being mounted at /501/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.451049][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 267.483287][ T5229] usb 2-1: USB disconnect, device number 12 [ 267.733764][T10175] loop3: detected capacity change from 0 to 1024 [ 267.820048][T10175] hfsplus: bad catalog entry type [ 267.921863][ T1172] hfsplus: b-tree write err: -5, ino 4 [ 268.076052][T10184] Cannot find del_set index 3 as target [ 268.730728][T10205] loop3: detected capacity change from 0 to 512 [ 268.877103][T10205] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 268.950682][T10205] ext4 filesystem being mounted at /518/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 269.062396][T10205] EXT4-fs error (device loop3): ext4_xattr_block_find:1837: inode #15: comm syz.3.2615: corrupted xattr block 33 [ 269.225766][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 269.544461][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 269.544478][ T27] audit: type=1326 audit(1755021588.998:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10231 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 269.547167][T10234] netlink: 'syz.2.2628': attribute type 39 has an invalid length. [ 269.557643][ T27] audit: type=1326 audit(1755021589.008:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10231 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 269.573103][ C1] vkms_vblank_simulate: vblank timer overrun [ 269.813918][ T27] audit: type=1326 audit(1755021589.078:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10231 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 269.845562][T10244] netlink: 'syz.3.2633': attribute type 2 has an invalid length. [ 269.932035][ T27] audit: type=1326 audit(1755021589.078:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10231 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 269.933243][T10244] device .*! entered promiscuous mode [ 269.954575][ C1] vkms_vblank_simulate: vblank timer overrun [ 270.165906][ T27] audit: type=1326 audit(1755021589.618:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10257 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 270.207757][ T27] audit: type=1326 audit(1755021589.648:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10257 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 270.240641][T10258] syz.4.2640 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 270.272469][ T27] audit: type=1326 audit(1755021589.688:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10257 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 270.363303][ T27] audit: type=1326 audit(1755021589.798:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10257 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 270.408971][ T27] audit: type=1326 audit(1755021589.798:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10257 comm="syz.4.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 270.440625][ T5227] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 270.636649][ T5227] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 270.661911][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.701644][ T5227] usb 3-1: config 0 descriptor?? [ 270.727359][ T5227] cp210x 3-1:0.0: cp210x converter detected [ 270.968544][T10284] ipt_rpfilter: unknown options [ 271.144243][ T5227] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 271.172789][ T5227] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 271.204364][ T5227] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 271.230284][ T5227] usb 3-1: cp210x converter now attached to ttyUSB0 [ 271.258876][ T5227] usb 3-1: USB disconnect, device number 14 [ 271.278981][T10290] loop3: detected capacity change from 0 to 1024 [ 271.284927][T10296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2659'. [ 271.308970][ T5227] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 271.331154][ T5227] cp210x 3-1:0.0: device disconnected [ 271.381125][T10290] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 271.574831][T10301] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2661'. [ 271.608924][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 271.771531][ T27] audit: type=1326 audit(1755021591.218:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10307 comm="syz.3.2663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4941d8ebe9 code=0x7ffc0000 [ 271.857788][T10310] loop4: detected capacity change from 0 to 512 [ 271.907857][T10310] EXT4-fs (loop4): 1 truncate cleaned up [ 271.958251][T10310] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 272.074401][T10310] EXT4-fs error (device loop4): ext4_lookup:1862: inode #2: comm syz.4.2665: deleted inode referenced: 15 [ 272.086809][T10310] EXT4-fs (loop4): Remounting filesystem read-only [ 272.171748][T10320] libceph: resolve '0' (ret=-3): failed [ 272.196612][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 272.452628][T10331] loop2: detected capacity change from 0 to 16 [ 272.480389][T10334] loop0: detected capacity change from 0 to 256 [ 272.507339][T10331] erofs: (device loop2): mounted with root inode @ nid 36. [ 272.569939][T10334] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 273.170980][T10353] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 273.406973][T10359] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2688'. [ 273.690371][T10339] loop1: detected capacity change from 0 to 32768 [ 273.750712][T10339] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 273.869703][T10369] loop3: detected capacity change from 0 to 2048 [ 273.916201][T10369] EXT4-fs: Ignoring removed bh option [ 273.997603][T10369] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 274.112320][T10369] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #12: comm syz.3.2694: corrupted in-inode xattr [ 274.164962][T10349] loop2: detected capacity change from 0 to 32768 [ 274.247137][ T4486] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 274.270840][T10349] ERROR: (device loop2): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 274.270840][T10349] [ 274.317581][T10349] ERROR: (device loop2): remounting filesystem as read-only [ 274.330956][T10349] ERROR: (device loop2): jfs_rename: [ 274.330956][T10349] [ 274.351436][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 274.434433][ T5227] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 274.539813][ T4278] ERROR: (device loop2): xtTruncate: XT_GETPAGE: xtree page corrupt [ 274.539813][ T4278] [ 274.654179][ T5227] usb 1-1: Using ep0 maxpacket: 8 [ 274.664470][ T5227] usb 1-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice=3a.11 [ 274.704119][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.733357][T10392] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2704'. [ 274.749245][ T5227] usb 1-1: Product: syz [ 274.763713][ T5227] usb 1-1: Manufacturer: syz [ 274.769097][ T5227] usb 1-1: SerialNumber: syz [ 274.824398][ T5227] usb 1-1: config 0 descriptor?? [ 274.852547][ T5227] gspca_main: vc032x-2.14.0 probing 046d:0896 [ 275.279047][ T5227] gspca_vc032x: reg_w err -71 [ 275.283953][ T5227] vc032x: probe of 1-1:0.0 failed with error -71 [ 275.330009][ T5227] usb 1-1: USB disconnect, device number 7 [ 275.907625][T10428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2721'. [ 276.134087][ T5227] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 276.170556][T10410] loop4: detected capacity change from 0 to 32768 [ 276.186286][T10438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2725'. [ 276.222882][T10410] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 276.277913][T10410] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 276.322765][T10437] loop2: detected capacity change from 0 to 1024 [ 276.338610][ T5227] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 276.354619][ T5227] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.373461][ T5227] usb 2-1: Product: syz [ 276.377864][ T5227] usb 2-1: Manufacturer: syz [ 276.382542][ T5227] usb 2-1: SerialNumber: syz [ 276.401707][ T5227] usb 2-1: config 0 descriptor?? [ 276.421776][ T5227] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 276.566629][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 276.614499][ T9] hfsplus: b-tree write err: -5, ino 4 [ 276.864666][ T5227] usb 2-1: USB disconnect, device number 13 [ 277.022165][T10460] loop3: detected capacity change from 0 to 16 [ 277.056927][T10460] erofs: (device loop3): mounted with root inode @ nid 36. [ 277.735073][T10479] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2743'. [ 278.548831][ T4547] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 278.630433][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 278.630449][ T27] audit: type=1400 audit(1755021598.078:58): apparmor="DENIED" operation="stack" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=10501 comm="syz.0.2755" [ 278.766471][ T4547] usb 3-1: Using ep0 maxpacket: 8 [ 278.773668][ T4547] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 278.815251][ T4547] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 278.840010][ T4547] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.869400][ T4547] usb 3-1: Product: syz [ 278.873637][ T4547] usb 3-1: Manufacturer: syz [ 278.900729][ T4547] usb 3-1: SerialNumber: syz [ 278.921826][ T4547] usb 3-1: config 0 descriptor?? [ 278.943340][ T4547] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 278.967641][ T4547] usb 3-1: selecting invalid altsetting 1 [ 279.041933][T10512] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 279.352947][T10523] loop3: detected capacity change from 0 to 256 [ 279.394656][T10527] netlink: 'syz.1.2766': attribute type 10 has an invalid length. [ 279.406990][ T4548] usb 3-1: USB disconnect, device number 15 [ 279.418533][T10523] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 279.424568][T10529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2768'. [ 279.485819][T10527] team0: Port device syz_tun added [ 279.505036][T10526] IPv6: sit1: Disabled Multicast RS [ 279.747493][T10535] netlink: zone id is out of range [ 279.753043][T10535] netlink: zone id is out of range [ 279.777882][T10535] netlink: zone id is out of range [ 279.783076][T10535] netlink: zone id is out of range [ 279.798646][T10535] netlink: zone id is out of range [ 279.810986][T10535] netlink: zone id is out of range [ 279.854223][T10535] netlink: zone id is out of range [ 279.859509][T10535] netlink: zone id is out of range [ 279.874435][T10535] netlink: zone id is out of range [ 279.892627][T10535] netlink: zone id is out of range [ 279.901537][T10541] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2774'. [ 279.921250][T10541] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511) [ 279.964528][T10541] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 280.264416][T10549] loop4: detected capacity change from 0 to 164 [ 280.544478][T10557] tmpfs: Bad value for 'mpol' [ 280.804523][T10567] loop2: detected capacity change from 0 to 1024 [ 280.856126][T10537] loop0: detected capacity change from 0 to 32768 [ 281.011060][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2790'. [ 281.453808][T10577] loop3: detected capacity change from 0 to 8192 [ 281.507618][T10587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2796'. [ 281.521478][T10577] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 281.545533][T10577] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 281.569902][T10577] REISERFS (device loop3): using ordered data mode [ 281.647784][T10577] reiserfs: using flush barriers [ 281.669369][T10577] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 281.746328][T10577] REISERFS (device loop3): checking transaction log (loop3) [ 281.774306][T10577] REISERFS (device loop3): Using r5 hash to sort names [ 281.791527][T10577] REISERFS (device loop3): using 3.5.x disk format [ 281.854923][T10596] loop0: detected capacity change from 0 to 1024 [ 281.863747][T10595] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2799'. [ 281.961341][T10596] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 282.206464][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 282.309051][T10610] x_tables: duplicate entry at hook 1 [ 282.894317][T10634] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2818'. [ 282.917547][T10636] ip6t_srh: unknown srh invflags 7863 [ 283.061852][T10642] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2822'. [ 283.086020][T10640] tmpfs: Bad value for 'mpol' [ 283.352428][T10652] mmap: syz.0.2827 (10652) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 283.634536][T10663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2832'. [ 283.675637][T10664] loop1: detected capacity change from 0 to 512 [ 283.709185][T10664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 283.787660][T10664] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 283.827695][T10664] ext4 filesystem being mounted at /553/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.844322][ T5222] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 284.020302][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 284.056330][ T5222] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 284.107830][ T5222] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 284.124515][ T5222] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 284.142847][ T5222] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.186883][T10660] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 284.322848][T10689] loop1: detected capacity change from 0 to 64 [ 284.631250][ T5227] usb 4-1: USB disconnect, device number 9 [ 285.371567][T10717] tmpfs: Bad value for 'nr_inodes' [ 285.622549][ T27] audit: type=1400 audit(1755021605.068:59): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name=":(%#{//(@\)//&@},['%%&\#*" pid=10725 comm="syz.3.2863" [ 285.885966][T10740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2870'. [ 286.144072][ T4548] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 286.337012][ T4548] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 286.359877][ T4548] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.400973][ T4548] usb 1-1: config 0 descriptor?? [ 286.435418][ T4548] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 286.469832][T10764] trusted_key: encrypted_key: master key parameter is missing [ 286.839379][ T4548] gspca_stv06xx: I2C: Read error writing address: -71 [ 286.860463][ T4548] usb 1-1: USB disconnect, device number 8 [ 287.078650][T10778] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2884'. [ 287.116535][T10778] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 287.892435][T10802] device erspan1 entered promiscuous mode [ 288.721993][T10830] loop0: detected capacity change from 0 to 2048 [ 288.744209][ T5223] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 288.778219][T10834] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2913'. [ 288.806044][T10830] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 288.953941][ T5223] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 288.997100][ T5223] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 289.024297][ T5223] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 289.059972][ T5223] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.133084][T10824] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 289.141424][T10843] netlink: 'syz.1.2917': attribute type 11 has an invalid length. [ 289.287651][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2920'. [ 289.480615][T10855] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2922'. [ 289.530882][ T4545] usb 3-1: USB disconnect, device number 16 [ 289.538567][T10855] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2922'. [ 290.459072][ T4549] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 290.534181][ T4545] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 290.554987][T10895] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2942'. [ 290.575893][T10895] 0ªX¹¦À: renamed from caif0 [ 290.604130][T10895] net_ratelimit: 4 callbacks suppressed [ 290.604140][T10895] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 290.669380][ T4549] usb 4-1: config 0 has an invalid interface number: 69 but max is 0 [ 290.714258][ T4549] usb 4-1: config 0 has no interface number 0 [ 290.728302][ T4549] usb 4-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 290.748072][ T4545] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 290.772153][ T4545] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.788361][ T4549] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 290.793764][T10901] loop2: detected capacity change from 0 to 512 [ 290.811596][ T4545] usb 2-1: Product: syz [ 290.817001][ T4545] usb 2-1: Manufacturer: syz [ 290.822598][ T4545] usb 2-1: SerialNumber: syz [ 290.840134][ T4549] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 290.856346][T10901] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 290.856527][ T4545] r8152-cfgselector 2-1: config 0 descriptor?? [ 290.870425][T10901] EXT4-fs (loop2): Test dummy encryption mode enabled [ 290.884218][ T4549] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.892639][ T4549] usb 4-1: Product: syz [ 290.904956][ T4549] usb 4-1: Manufacturer: syz [ 290.911285][ T4549] usb 4-1: SerialNumber: syz [ 290.927661][ T4549] usb 4-1: config 0 descriptor?? [ 290.935295][T10877] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 290.952138][T10901] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2956: invalid indirect mapped block 4294967295 (level 1) [ 290.972390][ T4549] cyberjack 4-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 291.005525][ T4549] usb 4-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 291.009548][T10901] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2956: invalid indirect mapped block 4294967295 (level 1) [ 291.032339][T10901] EXT4-fs (loop2): 2 truncates cleaned up [ 291.038362][T10901] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 291.074133][ T5227] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 291.143823][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 291.266104][ T5227] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 291.288811][ T5227] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 291.305433][ T5227] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 291.315936][ T5227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.325587][ T4545] r8152-cfgselector 2-1: Unknown version 0x0000 [ 291.344681][ T4545] r8152-cfgselector 2-1: USB disconnect, device number 14 [ 291.354213][T10904] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 291.397237][ T4549] usb 4-1: USB disconnect, device number 10 [ 291.449472][ T4549] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 291.473169][ T4549] cyberjack 4-1:0.69: device disconnected [ 291.752375][ T5223] usb 5-1: USB disconnect, device number 10 [ 291.801765][T10923] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2954'. [ 291.835661][T10925] xt_l2tp: unknown flags: 17 [ 291.842999][T10923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2954'. [ 292.391600][T10937] loop3: detected capacity change from 0 to 8192 [ 292.412310][T10937] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 292.464142][T10937] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 1046) [ 292.476029][T10937] FAT-fs (loop3): Filesystem has been set read-only [ 292.631548][ T4277] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 1046) [ 292.663569][T10949] libceph: resolve '4' (ret=-3): failed [ 293.021359][T10960] loop3: detected capacity change from 0 to 256 [ 293.031257][T10961] loop1: detected capacity change from 0 to 512 [ 293.081267][T10961] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 293.083865][T10960] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 293.166079][T10961] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 293.327359][T10961] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2971: invalid indirect mapped block 2683928664 (level 1) [ 293.419767][T10961] EXT4-fs (loop1): Remounting filesystem read-only [ 293.449934][T10961] EXT4-fs (loop1): 1 truncate cleaned up [ 293.469357][T10961] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 293.713097][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 294.124466][ T5222] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 294.150264][T11002] xt_l2tp: invalid flags combination: 8 [ 294.319458][ T5222] usb 2-1: Using ep0 maxpacket: 32 [ 294.327762][ T5222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.333541][T11008] loop3: detected capacity change from 0 to 512 [ 294.377267][ T5222] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.385189][T11008] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 294.412129][ T5222] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 294.414382][T11008] EXT4-fs (loop3): Test dummy encryption mode enabled [ 294.458253][ T5222] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.476856][T11008] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2993: invalid indirect mapped block 4294967295 (level 1) [ 294.492408][ T5222] usb 2-1: config 0 descriptor?? [ 294.506239][ T5222] hub 2-1:0.0: USB hub found [ 294.533821][T11008] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2993: invalid indirect mapped block 4294967295 (level 1) [ 294.574674][T11008] EXT4-fs (loop3): 2 truncates cleaned up [ 294.580649][T11008] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 294.666572][T10990] loop2: detected capacity change from 0 to 32768 [ 294.710544][ T5222] hub 2-1:0.0: 31 ports detected [ 294.716220][T10990] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 294.727753][ T5222] hub 2-1:0.0: insufficient power available to use all downstream ports [ 294.874957][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 294.917054][ T5222] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 294.934312][ T5222] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 294.973239][ T5222] usbhid 2-1:0.0: can't add hid device: -71 [ 294.984213][ T5222] usbhid: probe of 2-1:0.0 failed with error -71 [ 295.045281][ T5222] usb 2-1: USB disconnect, device number 15 [ 295.116199][ T4260] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 296.224350][T11062] netlink: 'syz.2.3019': attribute type 2 has an invalid length. [ 296.884271][ T4547] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 297.114118][ T4547] usb 5-1: Using ep0 maxpacket: 32 [ 297.121439][ T4547] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 297.145024][ T4547] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 297.170220][ T4547] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.214164][ T4547] usb 5-1: Product: syz [ 297.218504][ T4547] usb 5-1: Manufacturer: syz [ 297.253686][ T4547] usb 5-1: SerialNumber: syz [ 297.269835][ T4547] usb 5-1: config 0 descriptor?? [ 297.287727][T11078] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 297.296586][ T4547] hub 5-1:0.0: bad descriptor, ignoring hub [ 297.302603][ T4547] hub: probe of 5-1:0.0 failed with error -5 [ 297.326868][ T4547] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input16 [ 297.504449][T11066] loop0: detected capacity change from 0 to 32768 [ 297.567327][T11066] [ 297.567327][T11066] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 297.567327][T11066] [ 297.644375][T11078] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 297.651573][T11078] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 297.694139][T11078] vhci_hcd vhci_hcd.0: Device attached [ 297.718267][T11073] loop2: detected capacity change from 0 to 32768 [ 297.736250][T11066] read_mapping_page failed! [ 297.741025][T11066] ERROR: (device loop0): txCommit: [ 297.741025][T11066] [ 297.758085][T11099] vhci_hcd: connection closed [ 297.762752][ T4354] vhci_hcd: stop threads [ 297.778334][ T5227] usb 5-1: USB disconnect, device number 11 [ 297.778335][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 297.780519][ T4354] vhci_hcd: release socket [ 297.853485][T11073] [ 297.853485][T11073] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 297.853485][T11073] [ 297.904445][ T5229] vhci_hcd: vhci_device speed not set [ 297.930992][ T4354] vhci_hcd: disconnect device [ 297.951191][T11073] jfs_lookup: dtSearch returned -5 [ 297.985146][ T5229] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 298.019452][ T5229] usb 41-1: enqueue for inactive port 0 [ 298.046102][ T4280] [ 298.046102][ T4280] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 298.046102][ T4280] [ 298.067494][ T4278] [ 298.067494][ T4278] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 298.067494][ T4278] [ 298.094062][ T4278] [ 298.094062][ T4278] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 298.094062][ T4278] [ 298.106194][ T4280] [ 298.106194][ T4280] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 298.106194][ T4280] [ 298.124373][ T5229] vhci_hcd: vhci_device speed not set [ 298.366358][T11094] loop1: detected capacity change from 0 to 32768 [ 298.545269][T11094] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 298.592425][T11118] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3044'. [ 298.683554][T11094] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2048 but claims that 39166 are free [ 298.764833][T11094] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 298.790619][T11094] OCFS2: File system is now read-only. [ 298.830724][T11094] (syz.1.3034,11094,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 298.841703][T11122] Cannot find del_set index 2 as target [ 298.854141][ T4547] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 298.864471][T11094] (syz.1.3034,11094,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 298.903059][T11094] (syz.1.3034,11094,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 298.954221][T11094] (syz.1.3034,11094,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 298.963103][T11094] (syz.1.3034,11094,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 299.003771][T11094] (syz.1.3034,11094,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 299.032869][T11094] (syz.1.3034,11094,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 299.054126][ T4547] usb 5-1: Using ep0 maxpacket: 32 [ 299.062013][ T4547] usb 5-1: unable to get BOS descriptor or descriptor too short [ 299.084257][T11094] (syz.1.3034,11094,0):ocfs2_mknod:385 ERROR: status = -30 [ 299.093052][ T4547] usb 5-1: config 7 has an invalid interface number: 187 but max is 0 [ 299.117868][T11094] (syz.1.3034,11094,0):ocfs2_mknod:502 ERROR: status = -30 [ 299.134218][ T4547] usb 5-1: config 7 has no interface number 0 [ 299.140431][ T4547] usb 5-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 16 [ 299.171057][T11094] (syz.1.3034,11094,0):ocfs2_create:676 ERROR: status = -30 [ 299.184103][ T4547] usb 5-1: config 7 interface 187 has no altsetting 0 [ 299.198337][T11133] netlink: 'syz.0.3051': attribute type 21 has an invalid length. [ 299.208476][ T4547] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 299.244078][ T4547] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.252393][ T4547] usb 5-1: Product: syz [ 299.257708][T11133] netlink: 'syz.0.3051': attribute type 1 has an invalid length. [ 299.273904][T11133] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3051'. [ 299.283422][ T4547] usb 5-1: Manufacturer: syz [ 299.288435][ T4547] usb 5-1: SerialNumber: syz [ 299.305433][ T4269] ocfs2: Unmounting device (7,1) on (node local) [ 299.309479][T11116] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 299.575740][ T4547] usb 5-1: Limiting number of CPorts to U8_MAX [ 299.602786][ T4547] usb 5-1: Unknown endpoint type found, address 0x07 [ 299.612790][ T4547] usb 5-1: Not enough endpoints found in device, aborting! [ 299.837045][ T4549] usb 5-1: USB disconnect, device number 12 [ 300.203896][T11164] netlink: 'syz.3.3067': attribute type 2 has an invalid length. [ 300.229203][T11164] netlink: 'syz.3.3067': attribute type 2 has an invalid length. [ 300.590132][T11176] loop1: detected capacity change from 0 to 4096 [ 300.620641][T11176] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 300.724205][ T5223] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 300.904248][ T4549] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 300.934453][ T5223] usb 1-1: Using ep0 maxpacket: 8 [ 300.951932][ T5223] usb 1-1: unable to get BOS descriptor or descriptor too short [ 300.989293][ T5223] usb 1-1: config 8 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 8 [ 301.009328][ T5223] usb 1-1: config 8 interface 0 has no altsetting 0 [ 301.029855][ T5223] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 301.047692][ T5223] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.056418][ T5223] usb 1-1: Product: syz [ 301.060641][ T5223] usb 1-1: Manufacturer: syz [ 301.065849][ T5223] usb 1-1: SerialNumber: syz [ 301.090011][T11172] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 301.114178][ T4549] usb 4-1: Using ep0 maxpacket: 16 [ 301.129371][ T4549] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 301.138669][ T4549] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.147388][ T4549] usb 4-1: Product: syz [ 301.151767][ T4549] usb 4-1: Manufacturer: syz [ 301.156474][ T4549] usb 4-1: SerialNumber: syz [ 301.162280][ T4549] r8152-cfgselector 4-1: config 0 descriptor?? [ 301.312213][ T5223] usb 1-1: selecting invalid altsetting 0 [ 301.331708][ T5223] usb 1-1: USB disconnect, device number 9 [ 301.580379][ T4549] r8152-cfgselector 4-1: Unknown version 0x0000 [ 301.588574][ T4549] r8152-cfgselector 4-1: USB disconnect, device number 11 [ 301.594551][ T4895] udevd[4895]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 302.146866][ T4549] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 302.348105][ T4549] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 302.365784][ T4549] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 302.376141][ T4549] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 302.385568][ T4549] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.403228][T11194] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 302.792443][ T5229] usb 1-1: USB disconnect, device number 10 [ 303.055224][T11229] device vlan0 entered promiscuous mode [ 303.471644][T11246] Option ' ' to dns_resolver key: bad/missing value [ 305.014639][T11293] autofs4:pid:11293:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 305.018648][T11264] loop4: detected capacity change from 0 to 32768 [ 305.061367][T11264] [ 305.061367][T11264] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 305.061367][T11264] [ 305.153416][T11264] read_mapping_page failed! [ 305.161119][T11264] ERROR: (device loop4): txCommit: [ 305.161119][T11264] [ 305.318640][ T4268] [ 305.318640][ T4268] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 305.318640][ T4268] [ 305.396381][ T4268] [ 305.396381][ T4268] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 305.396381][ T4268] [ 306.002981][T11321] device bond1 entered promiscuous mode [ 306.009563][T11321] 8021q: adding VLAN 0 to HW filter on device bond1 [ 306.184138][T11334] snd_dummy snd_dummy.0: control 2:0:128:syz0:0 is already present [ 306.283143][T11337] loop3: detected capacity change from 0 to 128 [ 306.342027][T11342] netlink: 180900 bytes leftover after parsing attributes in process `syz.2.3153'. [ 306.359944][T11337] FAT-fs (loop3): Directory bread(block 414) failed [ 306.394233][T11342] openvswitch: netlink: Flow actions attr not present in new flow. [ 306.402342][T11337] FAT-fs (loop3): Directory bread(block 415) failed [ 306.402384][T11337] FAT-fs (loop3): Directory bread(block 416) failed [ 306.402413][T11337] FAT-fs (loop3): Directory bread(block 417) failed [ 306.402442][T11337] FAT-fs (loop3): Directory bread(block 418) failed [ 306.402469][T11337] FAT-fs (loop3): Directory bread(block 419) failed [ 306.402497][T11337] FAT-fs (loop3): Directory bread(block 420) failed [ 306.453126][T11337] FAT-fs (loop3): Directory bread(block 421) failed [ 306.494303][T11337] FAT-fs (loop3): Directory bread(block 414) failed [ 306.530120][T11337] FAT-fs (loop3): Directory bread(block 415) failed [ 307.122452][T11372] loop0: detected capacity change from 0 to 256 [ 307.180037][T11372] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 307.233295][T11372] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 307.314100][ T5229] usb 2-1: new full-speed USB device number 16 using dummy_hcd [ 307.371702][T11377] loop3: detected capacity change from 0 to 256 [ 307.462998][T11377] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 307.536050][ T5229] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 307.561934][ T5229] usb 2-1: config 0 interface 0 has no altsetting 0 [ 307.591644][ T5229] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 307.621474][ T5229] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.652043][ T5229] usb 2-1: Product: syz [ 307.662146][ T5229] usb 2-1: Manufacturer: syz [ 307.672728][ T5229] usb 2-1: SerialNumber: syz [ 307.693884][ T5229] usb 2-1: config 0 descriptor?? [ 307.737356][ T5229] usb 2-1: selecting invalid altsetting 0 [ 307.979249][ T4545] usb 2-1: USB disconnect, device number 16 [ 308.119486][T11386] loop3: detected capacity change from 0 to 4096 [ 308.339572][T11382] loop0: detected capacity change from 0 to 32768 [ 308.436270][T11382] jfs_strtoUCS: char2uni returned -22. [ 308.481014][T11382] charset = cp932, char = 0xfc [ 308.608799][T11378] loop4: detected capacity change from 0 to 32768 [ 309.101162][T11405] loop2: detected capacity change from 0 to 2048 [ 309.251095][T11405] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 309.314253][T11405] ext4 filesystem being mounted at /621/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.358611][T11416] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 309.470118][T11416] EXT4-fs (loop2): Remounting filesystem read-only [ 309.724771][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 309.865981][T11435] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3198'. [ 310.093697][T11443] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3201'. [ 310.149937][T11446] kernel read not supported for file /½ Iqî"ûIvÃQhþµ“3žJÇÈyûxÐîÃüv÷Lª=QÿW-™. Gaǹ”óW£ (pid: 11446 comm: syz.4.3203) [ 310.194377][ T27] audit: type=1800 audit(1755021629.648:60): pid=11446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3203" name=BD16204971EE22FB4976C3015168FEB51D9093339E8F064AC7C879FB78D0EEC3FC76F74CAA3D5118FF572D05992E1A09476115C7B9949DF357A3 dev="mqueue" ino=56340 res=0 errno=0 [ 310.361218][T11453] loop0: detected capacity change from 0 to 1024 [ 310.370542][T11457] netlink: 2 bytes leftover after parsing attributes in process `syz.4.3208'. [ 310.394186][ T5229] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 310.437579][T11453] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 310.481200][T11463] loop4: detected capacity change from 0 to 136 [ 310.529828][T11463] rock: directory entry would overflow storage [ 310.537411][T11464] netlink: 'syz.1.3209': attribute type 9 has an invalid length. [ 310.546530][T11464] netlink: 'syz.1.3209': attribute type 6 has an invalid length. [ 310.557452][T11453] EXT4-fs error (device loop0): ext4_get_first_dir_block:3605: inode #11: comm syz.0.3206: directory missing '..' [ 310.578320][T11463] rock: sig=0x4f50, size=4, remaining=3 [ 310.586859][T11463] iso9660: Corrupted directory entry in block 2 of inode 1472 [ 310.610904][ T5229] usb 3-1: Using ep0 maxpacket: 32 [ 310.618397][ T5229] usb 3-1: config 0 interface 0 has no altsetting 0 [ 310.662457][ T5229] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 310.697178][ T5229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.709810][ T5229] usb 3-1: Product: syz [ 310.728036][ T5229] usb 3-1: Manufacturer: syz [ 310.732761][ T5229] usb 3-1: SerialNumber: syz [ 310.769479][ T5229] usb 3-1: config 0 descriptor?? [ 310.816605][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 311.209316][ T5229] gs_usb 3-1:0.0: Couldn't get device config: (err=-71) [ 311.226400][ T5229] gs_usb: probe of 3-1:0.0 failed with error -71 [ 311.264571][ T5229] usb 3-1: USB disconnect, device number 17 [ 311.593426][T11493] loop3: detected capacity change from 0 to 1024 [ 311.690963][ T27] audit: type=1326 audit(1755021631.138:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11495 comm="syz.0.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 311.706619][T11498] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3225'. [ 311.734714][ T27] audit: type=1326 audit(1755021631.168:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11495 comm="syz.0.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 311.790526][ T46] hfsplus: b-tree write err: -5, ino 4 [ 311.793654][T11498] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3225'. [ 311.874840][ T27] audit: type=1326 audit(1755021631.168:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11495 comm="syz.0.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 311.939706][T11502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3228'. [ 311.985819][ T27] audit: type=1326 audit(1755021631.168:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11495 comm="syz.0.3227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 312.141178][T11508] netlink: 'syz.1.3231': attribute type 7 has an invalid length. [ 312.217342][T11508] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3231'. [ 312.274366][T11508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3231'. [ 312.627750][T11528] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3241'. [ 313.990360][T11576] loop0: detected capacity change from 0 to 2048 [ 314.049440][T11576] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 314.094161][T11576] UDF-fs: Scanning with blocksize 512 failed [ 314.158188][T11576] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 314.769433][T11599] loop0: detected capacity change from 0 to 512 [ 314.830337][T11599] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 314.850285][T11599] ext4 filesystem being mounted at /705/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 314.931763][T11582] loop2: detected capacity change from 0 to 32768 [ 315.002660][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 315.664183][T11622] binder: 11621:11622 ioctl c018620c 200000000000 returned -22 [ 315.912972][T11595] loop1: detected capacity change from 0 to 40427 [ 315.974216][T11595] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 316.018926][T11595] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 316.066901][T11595] F2FS-fs (loop1): invalid crc value [ 316.121087][T11595] F2FS-fs (loop1): Found nat_bits in checkpoint [ 316.309973][T11595] F2FS-fs (loop1): recover fsync data on readonly fs [ 316.352953][T11595] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 316.399478][T11595] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 316.655016][T11595] F2FS-fs (loop1): Try to recover all the superblocks, ret: 0 [ 316.929763][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.936183][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.234186][ T4549] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 317.434200][ T4549] usb 1-1: Using ep0 maxpacket: 16 [ 317.441423][ T4549] usb 1-1: config index 0 descriptor too short (expected 18, got 14) [ 317.450981][ T4549] usb 1-1: config 0 has an invalid descriptor of length 9, skipping remainder of the config [ 317.494086][ T4549] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 317.531984][ T4549] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 317.562335][ T4549] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.593100][T11684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3315'. [ 317.606147][ T4549] usb 1-1: Product: syz [ 317.610387][ T4549] usb 1-1: Manufacturer: syz [ 317.621518][ T4549] usb 1-1: SerialNumber: syz [ 317.644573][ T4549] r8152-cfgselector 1-1: config 0 descriptor?? [ 317.762387][T11690] overlayfs: missing 'workdir' [ 317.784060][ T5223] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 317.862468][ T4549] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 317.984419][ T5223] usb 3-1: Using ep0 maxpacket: 32 [ 317.992203][ T5223] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 318.012196][ T5223] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.033437][ T5223] usb 3-1: config 0 descriptor?? [ 318.038705][T11700] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 318.056224][ T5223] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 318.118373][ T4549] usb 1-1: USB disconnect, device number 11 [ 318.312724][ T27] audit: type=1326 audit(1755021637.758:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11705 comm="syz.3.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4941d8ebe9 code=0x7ffc0000 [ 318.371777][ T27] audit: type=1326 audit(1755021637.788:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11705 comm="syz.3.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f4941d8ebe9 code=0x7ffc0000 [ 318.407353][ T27] audit: type=1326 audit(1755021637.788:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11705 comm="syz.3.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4941d8ebe9 code=0x7ffc0000 [ 318.486003][ T5223] gspca_sunplus: reg_w_riv err -71 [ 318.491325][ T5223] sunplus: probe of 3-1:0.0 failed with error -71 [ 318.520170][ T5223] usb 3-1: USB disconnect, device number 18 [ 318.838387][T11722] netlink: 'syz.0.3333': attribute type 2 has an invalid length. [ 318.897507][T11722] netlink: 'syz.0.3333': attribute type 1 has an invalid length. [ 318.921767][T11726] netlink: 'syz.1.3336': attribute type 21 has an invalid length. [ 318.958993][T11726] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3336'. [ 319.163357][T11730] loop0: detected capacity change from 0 to 1024 [ 319.332300][ T11] hfsplus: b-tree write err: -5, ino 4 [ 319.525300][T11745] loop2: detected capacity change from 0 to 1024 [ 319.628101][T11745] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 319.684254][T11745] ext4 filesystem being mounted at /642/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 319.760685][T11745] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 319.932211][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 320.552986][T11744] loop4: detected capacity change from 0 to 32768 [ 320.627442][T11744] (syz.4.3343,11744,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 320.703750][T11744] (syz.4.3343,11744,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 320.798107][T11744] (syz.4.3343,11744,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 320.958177][T11744] JBD2: Ignoring recovery information on journal [ 321.073775][T11744] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 321.161588][T11797] netlink: 'syz.2.3364': attribute type 21 has an invalid length. [ 321.218923][T11797] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3364'. [ 321.437083][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 322.072861][ T27] audit: type=1326 audit(1755021641.518:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.0.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 322.170676][T11829] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.202913][ T27] audit: type=1326 audit(1755021641.578:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.0.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=301 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 322.225289][ C0] vkms_vblank_simulate: vblank timer overrun [ 322.309231][ T27] audit: type=1326 audit(1755021641.578:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.0.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 322.439783][ T27] audit: type=1326 audit(1755021641.578:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11826 comm="syz.0.3378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 323.400151][T11866] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3396'. [ 323.831892][T11880] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744073709551614) [ 324.598253][T11907] loop3: detected capacity change from 0 to 2048 [ 324.669819][T11912] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 324.695181][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.736878][T11907] Remounting filesystem read-only [ 324.749476][T11909] loop0: detected capacity change from 0 to 2048 [ 324.751429][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.776128][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.804821][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.838120][T11909] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 324.846768][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.927792][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 324.982299][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 325.053646][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 325.138848][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 325.214240][T11907] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 325.242875][ T27] audit: type=1800 audit(1755021644.688:72): pid=11907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3417" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 325.369815][T11907] syz.3.3417 (11907) used greatest stack depth: 19328 bytes left [ 325.800015][T11949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3436'. [ 325.920770][T11955] loop4: detected capacity change from 0 to 128 [ 325.930757][T11957] netlink: 'syz.1.3440': attribute type 21 has an invalid length. [ 325.974181][T11957] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3440'. [ 325.993691][T11957] netlink: 'syz.1.3440': attribute type 4 has an invalid length. [ 326.004879][T11955] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 326.024455][T11957] netlink: 'syz.1.3440': attribute type 5 has an invalid length. [ 326.074390][T11957] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3440'. [ 326.136042][T11961] loop0: detected capacity change from 0 to 1764 [ 326.196548][T11963] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3443'. [ 326.344995][T11965] loop4: detected capacity change from 0 to 1024 [ 326.418973][T11965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 326.483826][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 327.406086][T11992] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 327.464521][T11992] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 327.476445][T11992] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 327.553577][T11992] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 327.594433][T11992] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 327.611674][T11992] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 327.640683][T11992] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 327.676125][T11992] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 327.682739][T11992] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 327.701074][T11992] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 327.708928][T11992] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 327.742398][T11992] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 327.765560][T12015] xt_CT: No such helper "syz0" [ 328.448781][T12046] loop4: detected capacity change from 0 to 128 [ 328.541073][T12046] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 328.553661][T12048] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 328.579170][T12042] loop1: detected capacity change from 0 to 4096 [ 328.608911][T12046] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 328.651277][T12052] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3484'. [ 329.324148][ T48] Bluetooth: hci0: command 0x0c1a tx timeout [ 329.569078][ T48] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.608689][T12085] cgroup: Invalid name [ 329.645718][ T4276] Bluetooth: hci2: command 0x0c1a tx timeout [ 329.724184][ T4276] Bluetooth: hci4: command 0x0c1a tx timeout [ 329.746241][T12091] comedi comedi0: dmm32at: a I/O base address must be specified [ 329.777302][T12095] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3503'. [ 329.794403][T12095] unsupported nla_type 65024 [ 330.823657][T12134] xt_TCPMSS: Only works on TCP SYN packets [ 331.310209][T12151] netlink: 240 bytes leftover after parsing attributes in process `syz.0.3532'. [ 331.404216][ T4276] Bluetooth: hci0: command 0x0406 tx timeout [ 331.644237][ T48] Bluetooth: hci1: command 0x0406 tx timeout [ 331.724218][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 331.804124][ T4276] Bluetooth: hci4: command 0x0406 tx timeout [ 331.910757][T12179] loop3: detected capacity change from 0 to 256 [ 332.010122][T12184] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3547'. [ 332.011955][T12179] FAT-fs (loop3): Directory bread(block 64) failed [ 332.050839][T12179] FAT-fs (loop3): Directory bread(block 65) failed [ 332.069864][T12179] FAT-fs (loop3): Directory bread(block 66) failed [ 332.080334][T12179] FAT-fs (loop3): Directory bread(block 67) failed [ 332.093784][T12179] FAT-fs (loop3): Directory bread(block 68) failed [ 332.154193][T12179] FAT-fs (loop3): Directory bread(block 69) failed [ 332.161603][T12179] FAT-fs (loop3): Directory bread(block 70) failed [ 332.180496][T12179] FAT-fs (loop3): Directory bread(block 71) failed [ 332.188112][T12179] FAT-fs (loop3): Directory bread(block 72) failed [ 332.201507][T12179] FAT-fs (loop3): Directory bread(block 73) failed [ 332.234868][T12187] loop1: detected capacity change from 0 to 4096 [ 332.254780][T12187] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 332.385924][T12187] ntfs3: loop1: failed to convert "076c" to cp949 [ 332.868420][T12206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3559'. [ 333.190162][T12211] loop0: detected capacity change from 0 to 4096 [ 333.424141][ T4547] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 333.516393][ T4280] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 333.539409][ T4280] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 333.658260][ T4547] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 333.694274][ T4547] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.722146][ T4547] usb 5-1: Product: syz [ 333.741638][ T4547] usb 5-1: Manufacturer: syz [ 333.759439][ T4547] usb 5-1: SerialNumber: syz [ 333.809604][ T4547] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 333.882243][ T4547] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 334.162903][T12249] loop3: detected capacity change from 0 to 512 [ 334.179465][T12252] loop1: detected capacity change from 0 to 256 [ 334.200842][T12249] EXT4-fs: Ignoring removed nomblk_io_submit option [ 334.287755][T12252] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 334.354170][ T4545] usb 5-1: USB disconnect, device number 13 [ 334.392000][T12249] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 334.464230][T12249] ext4 filesystem being mounted at /715/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 334.481111][ T27] audit: type=1800 audit(1755021653.928:73): pid=12252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3580" name="file1" dev="loop1" ino=1048631 res=0 errno=0 [ 334.529915][T12252] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 334.594199][T12252] exFAT-fs (loop1): Filesystem has been set read-only [ 334.652159][T12249] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 334.695463][T12249] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 334.728069][T12249] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.3579: Failed to acquire dquot type 1 [ 334.893640][T12273] IPv6: Can't replace route, no match found [ 334.981082][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 335.004077][ T4547] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 335.011153][ T4547] ath9k_htc: Failed to initialize the device [ 335.051928][ T4545] usb 5-1: ath9k_htc: USB layer deinitialized [ 335.536782][T12295] loop4: detected capacity change from 0 to 128 [ 335.549073][ T27] audit: type=1326 audit(1755021654.998:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12296 comm="syz.1.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 335.589526][T12301] loop0: detected capacity change from 0 to 512 [ 335.598563][T12301] EXT4-fs: Ignoring removed nomblk_io_submit option [ 335.609885][T12295] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 335.622076][ T27] audit: type=1326 audit(1755021654.998:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12296 comm="syz.1.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 335.647446][ T27] audit: type=1326 audit(1755021655.028:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12296 comm="syz.1.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 335.669721][ C0] vkms_vblank_simulate: vblank timer overrun [ 335.677044][ T27] audit: type=1326 audit(1755021655.028:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12296 comm="syz.1.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 335.704750][T12295] ext4 filesystem being mounted at /713/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 335.712318][ T27] audit: type=1326 audit(1755021655.028:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12296 comm="syz.1.3602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 335.738079][ C0] vkms_vblank_simulate: vblank timer overrun [ 335.759575][T12301] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 335.769100][T12301] ext4 filesystem being mounted at /774/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 335.861555][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 335.882084][T12301] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 335.954251][T12301] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 335.965259][T12301] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.3603: Failed to acquire dquot type 1 [ 336.105696][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 336.142707][T12314] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3609'. [ 336.242379][T12319] No such timeout policy "syz0" [ 336.484276][T12326] netlink: 'syz.1.3614': attribute type 10 has an invalid length. [ 336.611303][T12326] team0: Port device wlan1 added [ 336.861120][T12342] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 336.920866][T12341] loop4: detected capacity change from 0 to 512 [ 336.956210][T12341] EXT4-fs: Ignoring removed nomblk_io_submit option [ 337.122808][T12341] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 337.174636][T12341] ext4 filesystem being mounted at /717/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 337.205801][T12357] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3626'. [ 337.232525][T12341] EXT4-fs error (device loop4): ext4_acquire_dquot:6814: comm syz.4.3621: Failed to acquire dquot type 1 [ 337.245318][T12357] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3626'. [ 337.347995][ T4268] EXT4-fs (loop4): unmounting filesystem. [ 337.787892][T12373] loop0: detected capacity change from 0 to 512 [ 337.799735][T12367] loop2: detected capacity change from 0 to 4096 [ 337.893327][T12373] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 337.939856][T12367] ntfs: volume version 3.1. [ 337.942005][T12356] loop3: detected capacity change from 0 to 32768 [ 337.968459][T12356] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 338.005269][T12373] ext4 filesystem being mounted at /782/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 338.059466][ T4896] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 338.390481][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 338.777304][T12397] netlink: 'syz.2.3646': attribute type 21 has an invalid length. [ 338.869400][T12399] netlink: 'syz.4.3648': attribute type 30 has an invalid length. [ 338.901140][T12403] cgroup: No subsys list or none specified [ 339.078470][T12407] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3652'. [ 339.126634][T12407] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3652'. [ 339.188988][T12407] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3652'. [ 339.444186][ T5222] usb 1-1: new low-speed USB device number 12 using dummy_hcd [ 339.665978][ T5222] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 339.689343][ T5222] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 339.707245][ T5222] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 339.726725][ T5222] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 339.765114][ T5222] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 339.789341][T12431] loop3: detected capacity change from 0 to 4096 [ 339.814215][ T5222] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 39, setting to 8 [ 339.844081][ T5222] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 339.877052][ T5222] usb 1-1: string descriptor 0 read error: -22 [ 339.886473][ T5222] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 339.897247][ T5222] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 339.908822][ T5222] usb 1-1: config 0 descriptor?? [ 339.917392][T12436] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 339.924382][T12415] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 339.945551][ T5222] hub 1-1:0.0: bad descriptor, ignoring hub [ 339.951574][ T5222] hub: probe of 1-1:0.0 failed with error -5 [ 339.967910][ T5222] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input17 [ 339.984971][T12435] loop2: detected capacity change from 0 to 4096 [ 340.003222][T12431] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 340.019655][T12435] __ntfs_error: 20 callbacks suppressed [ 340.019674][T12435] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 340.052436][T12431] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 340.066093][ C1] usb_acecad 1-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -1 [ 340.083294][T12435] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 340.101630][T12435] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 340.145990][T12431] Remounting filesystem read-only [ 340.151353][T12435] ntfs: volume version 3.1. [ 340.174651][T12431] NILFS (loop3): error -5 truncating bmap (ino=12) [ 340.266686][T12435] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 340.300592][T12435] ntfs: (device loop2): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28. [ 340.346718][ C0] usb_acecad 1-1:0.0: can't resubmit intr, dummy_hcd.0-1/input0, status -1 [ 340.384893][ T5222] usb 1-1: USB disconnect, device number 12 [ 340.391827][ T4277] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 340.458567][T12438] netlink: 'syz.4.3668': attribute type 10 has an invalid length. [ 340.593027][T12438] team0: Port device wlan1 added [ 340.616079][ T46] ntfs: (device loop2): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 340.643624][ T4278] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 340.850878][T12446] netlink: 'syz.3.3672': attribute type 4 has an invalid length. [ 340.861395][T12446] netlink: 'syz.3.3672': attribute type 3 has an invalid length. [ 340.877498][T12446] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3672'. [ 341.032115][T12453] loop2: detected capacity change from 0 to 512 [ 341.039920][T12454] No such timeout policy "syz0" [ 341.192325][T12453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 341.230065][T12453] ext4 filesystem being mounted at /709/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.454624][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 341.625311][ T27] audit: type=1326 audit(1755021661.078:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12476 comm="syz.1.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 341.723473][T12482] netlink: 'syz.4.3687': attribute type 2 has an invalid length. [ 341.786778][ T27] audit: type=1326 audit(1755021661.078:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12476 comm="syz.1.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 341.859763][ T27] audit: type=1326 audit(1755021661.108:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12476 comm="syz.1.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fe1de58ebe9 code=0x7ffc0000 [ 341.990136][T12490] No such timeout policy "syz0" [ 342.453097][T12505] xt_policy: output policy not valid in PREROUTING and INPUT [ 342.741755][T12517] loop3: detected capacity change from 0 to 256 [ 342.955073][T12515] loop2: detected capacity change from 0 to 4096 [ 342.969271][T12521] loop3: detected capacity change from 0 to 64 [ 343.052351][T12523] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 343.116558][T12515] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 343.161674][T12515] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=12) [ 343.225435][T12515] Remounting filesystem read-only [ 343.230528][T12515] NILFS (loop2): error -5 truncating bmap (ino=12) [ 343.395218][ T4278] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 343.432861][T12502] loop4: detected capacity change from 0 to 32768 [ 343.550347][T12527] loop0: detected capacity change from 0 to 4096 [ 343.558008][T12502] syz.4.3697: attempt to access beyond end of device [ 343.558008][T12502] loop4: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 343.594718][T12502] metapage_write_end_io: I/O error [ 343.636965][T12502] blkno = 8ed2c, nblocks = 1 [ 343.641849][T12502] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map [ 343.641849][T12502] [ 343.677340][T12527] ntfs: volume version 3.1. [ 343.685673][T12502] ERROR: (device loop4): remounting filesystem as read-only [ 343.704823][T12502] UFO tlock:0xffffc900028ba090 [ 343.963458][ T108] blkno = 8ed2c, nblocks = 4 [ 343.968917][ T108] ERROR: (device loop4): dbUpdatePMap: blocks are outside the map [ 343.968917][ T108] [ 343.996286][ T4268] syz-executor: attempt to access beyond end of device [ 343.996286][ T4268] loop4: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 344.028539][T12518] loop1: detected capacity change from 0 to 32768 [ 344.030671][ T4268] metapage_write_end_io: I/O error [ 344.051348][ T4268] JFS: metapage_get_blocks failed [ 344.072715][T12518] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 344.084146][ T4268] JFS: metapage_get_blocks failed [ 344.089347][ T4268] JFS: metapage_get_blocks failed [ 344.104100][ T4268] JFS: metapage_get_blocks failed [ 344.498851][ T4896] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 346.036692][T12566] loop4: detected capacity change from 0 to 32768 [ 346.046160][T12568] loop0: detected capacity change from 0 to 32768 [ 346.085868][T12568] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 346.129224][T12566] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10 [ 346.516515][T12594] loop3: detected capacity change from 0 to 1024 [ 346.601470][ T4260] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 346.603061][T12594] fuse: Invalid rootmode [ 346.679503][ T4486] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10 [ 346.721381][T12597] netlink: 'syz.2.3744': attribute type 11 has an invalid length. [ 347.007815][ T34] hfsplus: b-tree write err: -5, ino 4 [ 347.055204][T12604] loop0: detected capacity change from 0 to 512 [ 347.111449][T12604] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 347.167779][T12604] EXT4-fs (loop0): 1 truncate cleaned up [ 347.173542][T12604] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 347.212044][T12604] EXT4-fs (loop0): unmounting filesystem. [ 347.226049][T12608] loop2: detected capacity change from 0 to 4096 [ 347.365073][T12608] ntfs3: loop2: ino=5, "/" attr_set_size [ 347.371500][T12608] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 347.534123][ T4549] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 347.724259][ T4549] usb 5-1: Using ep0 maxpacket: 32 [ 347.738775][ T4549] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 347.774482][ T4549] usb 5-1: config 0 has no interface number 0 [ 347.780698][ T4549] usb 5-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 347.871164][ T4549] usb 5-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 347.899901][T12622] loop3: detected capacity change from 0 to 8192 [ 347.915037][ T4549] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 347.935414][T12622] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 347.958833][ T4549] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.983746][ T4549] usb 5-1: Product: syz [ 347.994102][T12622] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 347.996238][ T4549] usb 5-1: Manufacturer: syz [ 348.008221][ T4549] usb 5-1: SerialNumber: syz [ 348.016825][ T4549] usb 5-1: config 0 descriptor?? [ 348.042740][ T4549] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 348.064241][T12622] REISERFS (device loop3): using ordered data mode [ 348.086324][T12622] reiserfs: using flush barriers [ 348.086492][T12631] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3759'. [ 348.101045][T12622] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 348.124653][T12622] REISERFS (device loop3): checking transaction log (loop3) [ 348.165348][T12622] REISERFS (device loop3): Using tea hash to sort names [ 348.198388][T12622] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 348.231687][ T4549] usb 5-1: qt2_setup_urbs - submit read urb failed -90 [ 348.254196][ T4549] quatech2: probe of 5-1:0.51 failed with error -90 [ 348.471206][ T5222] usb 5-1: USB disconnect, device number 14 [ 348.942261][T12646] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 348.956017][T12646] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 348.975412][T12646] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 349.002525][T12646] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 349.035310][T12646] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 349.041372][T12646] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 349.077675][T12646] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 349.130473][T12646] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 349.170324][T12646] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 349.194068][T12646] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 349.229811][T12646] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 349.236697][T12646] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 349.318400][T12668] loop3: detected capacity change from 0 to 512 [ 349.337407][T12668] EXT4-fs (loop3): orphan cleanup on readonly fs [ 349.355580][T12668] __quota_error: 2 callbacks suppressed [ 349.355597][T12668] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 349.373648][T12668] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 349.384576][T12668] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.3778: Failed to acquire dquot type 1 [ 349.413290][T12668] EXT4-fs (loop3): 1 truncate cleaned up [ 349.475387][T12668] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 349.695566][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 349.895217][ T27] audit: type=1326 audit(1755021669.348:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12690 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 349.964450][ T4545] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 350.042345][ T27] audit: type=1326 audit(1755021669.388:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12690 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 350.070785][T12695] netlink: 180 bytes leftover after parsing attributes in process `syz.2.3789'. [ 350.112697][T12700] device geneve3 entered promiscuous mode [ 350.141929][ T27] audit: type=1326 audit(2000000000.000:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12690 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 350.184203][ T4545] usb 2-1: Using ep0 maxpacket: 8 [ 350.197949][ T4545] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 350.203503][ T27] audit: type=1326 audit(2000000000.000:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12690 comm="syz.4.3788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 350.257280][ T4545] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 350.320022][ T4545] usb 2-1: config 0 has no interface number 0 [ 350.339190][ T4545] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 350.398346][ T4545] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 350.418233][ T4545] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 350.439502][ T4545] usb 2-1: config 0 interface 52 has no altsetting 0 [ 350.442115][T12710] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3796'. [ 350.466415][T12710] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3796'. [ 350.472758][ T4545] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 350.486678][T12710] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3796'. [ 350.523820][ T4545] usb 2-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 350.558794][ T4545] usb 2-1: Product: syz [ 350.563586][ T4545] usb 2-1: Manufacturer: syz [ 350.569530][ T4545] usb 2-1: SerialNumber: syz [ 350.579734][T12712] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3798'. [ 350.597108][ T4545] usb 2-1: config 0 descriptor?? [ 350.844259][ T4276] Bluetooth: hci0: command 0x0c1a tx timeout [ 350.944223][T12726] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 351.004607][ T48] Bluetooth: hci1: command 0x0c1a tx timeout [ 351.084308][ T4276] Bluetooth: hci2: command 0x0c1a tx timeout [ 351.089533][ T5227] usb 2-1: USB disconnect, device number 17 [ 351.154736][T12732] tmpfs: Bad value for 'mpol' [ 351.244208][ T48] Bluetooth: hci4: command 0x0c1a tx timeout [ 351.461735][T12744] IPv6: sit2: Disabled Multicast RS [ 351.809579][T12756] loop2: detected capacity change from 0 to 1024 [ 351.862793][T12756] EXT4-fs (loop2): orphan cleanup on readonly fs [ 351.901539][T12756] EXT4-fs (loop2): 1 truncate cleaned up [ 351.924736][T12756] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 352.162338][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 352.773484][T12753] loop3: detected capacity change from 0 to 32768 [ 352.924185][ T48] Bluetooth: hci0: command 0x0406 tx timeout [ 353.084122][ T48] Bluetooth: hci1: command 0x0406 tx timeout [ 353.133748][T12801] loop2: detected capacity change from 0 to 164 [ 353.144951][T12801] Unable to read rock-ridge attributes [ 353.158382][T12801] Unable to read rock-ridge attributes [ 353.164222][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 353.179531][T12801] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 353.329661][ T48] Bluetooth: hci4: command 0x0406 tx timeout [ 353.565450][ T27] audit: type=1326 audit(2000000003.620:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 353.586889][T12818] IPv6: sit3: Disabled Multicast RS [ 353.684581][ T27] audit: type=1326 audit(2000000003.620:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 353.781525][ T27] audit: type=1326 audit(2000000003.640:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=145 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 353.927786][ T27] audit: type=1326 audit(2000000003.640:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.0.3844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda1098ebe9 code=0x7ffc0000 [ 353.992530][T12829] loop1: detected capacity change from 0 to 1764 [ 354.103117][T12829] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 354.141873][T12837] loop3: detected capacity change from 0 to 1024 [ 354.192256][T12837] EXT4-fs (loop3): orphan cleanup on readonly fs [ 354.227557][T12837] EXT4-fs (loop3): 1 truncate cleaned up [ 354.288403][T12837] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 354.520220][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 355.056329][T12872] loop3: detected capacity change from 0 to 64 [ 355.273033][T12876] loop4: detected capacity change from 0 to 1024 [ 355.321658][T12876] hfsplus: unable to parse mount options [ 355.353557][ T48] Bluetooth: hci0: unexpected event for opcode 0x0c14 [ 355.375149][T12878] netlink: 1 bytes leftover after parsing attributes in process `syz.1.3876'. [ 355.760937][T12863] loop2: detected capacity change from 0 to 32768 [ 355.848810][T12863] JBD2: Ignoring recovery information on journal [ 355.915876][T12898] trusted_key: encrypted_key: insufficient parameters specified [ 355.986138][T12863] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 356.300803][ T4278] ocfs2: Unmounting device (7,2) on (node local) [ 356.324900][T12910] loop3: detected capacity change from 0 to 1024 [ 356.385034][T12910] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 357.055709][T12930] loop2: detected capacity change from 0 to 4096 [ 357.077530][T12934] openvswitch: netlink: Unknown key attributes 1 [ 357.095656][T12930] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 357.272338][T12930] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 357.310507][T12930] ntfs3: loop2: ino=1f, "file2" failed to open parent directory r=5 to update [ 357.441726][T12946] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3907'. [ 357.591060][T12952] loop1: detected capacity change from 0 to 64 [ 357.616906][ T11] ntfs3: loop2: ino=1f, failed to open parent directory r=5 to update [ 357.992886][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 357.992903][ T27] audit: type=1326 audit(2000000008.040:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.4.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 358.140611][ T27] audit: type=1326 audit(2000000008.060:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.4.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 358.240615][ T27] audit: type=1326 audit(2000000008.060:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.4.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 358.369501][ T27] audit: type=1326 audit(2000000008.060:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.4.3916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x7ffc0000 [ 358.440351][T12980] netlink: 'syz.2.3923': attribute type 1 has an invalid length. [ 359.031046][T13005] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 359.526839][T13023] loop3: detected capacity change from 0 to 256 [ 359.654079][ T5223] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 359.844215][ T5223] usb 3-1: Using ep0 maxpacket: 8 [ 359.852373][ T5223] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 359.904012][ T5223] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 359.934377][ T5223] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 359.943925][ T5223] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.002720][ T5223] usb 3-1: Product: syz [ 360.016409][ T5223] usb 3-1: Manufacturer: syz [ 360.027827][ T5223] usb 3-1: SerialNumber: syz [ 360.040342][ T5223] usb 3-1: config 0 descriptor?? [ 360.482800][ T5222] usb 3-1: USB disconnect, device number 19 [ 360.823531][T13038] loop3: detected capacity change from 0 to 32768 [ 360.926243][T13038] XFS (loop3): Mounting V5 Filesystem [ 360.983527][T13064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3960'. [ 361.144516][T13038] XFS (loop3): Ending clean mount [ 361.172829][T13038] XFS (loop3): Quotacheck needed: Please wait. [ 361.285793][T13038] XFS (loop3): Quotacheck: Done. [ 361.438943][ T4277] XFS (loop3): Unmounting Filesystem [ 361.465409][T13082] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3967'. [ 361.633362][T13084] loop2: detected capacity change from 0 to 2048 [ 361.740089][T13084] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 361.766964][T13088] netlink: 'syz.0.3971': attribute type 5 has an invalid length. [ 361.824067][T13088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3971'. [ 361.830276][T13090] netlink: 356 bytes leftover after parsing attributes in process `syz.1.3972'. [ 361.844829][ T27] audit: type=1800 audit(2000000011.900:101): pid=13084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3969" name="file1" dev="loop2" ino=1367 res=0 errno=0 [ 362.429769][T13104] loop1: detected capacity change from 0 to 1024 [ 362.550774][T13104] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 362.569753][T13117] overlayfs: failed to resolve './file0': -2 [ 362.653801][T13122] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3985'. [ 362.663016][T13122] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3985'. [ 362.663885][T13104] EXT4-fs error (device loop1): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.1.3979: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 362.672891][T13122] device batadv0 left promiscuous mode [ 362.732610][T13122] bridge0: port 3(batadv0) entered disabled state [ 362.790731][T13122] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3985'. [ 362.801737][T13104] EXT4-fs error (device loop1) in ext4_delete_entry:2800: Corrupt filesystem [ 362.828096][T13122] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 362.856103][T13104] EXT4-fs warning (device loop1): ext4_rename_delete:3778: inode #2: comm syz.1.3979: Deleting old file: nlink 4, error=-117 [ 362.975915][T13123] loop3: detected capacity change from 0 to 4096 [ 362.991591][T13123] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 363.041172][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 363.123455][T13123] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 363.151068][T13123] ntfs3: loop3: ino=1f, "file2" failed to open parent directory r=5 to update [ 363.414194][ T6912] ntfs3: loop3: ino=1f, failed to open parent directory r=5 to update [ 363.753231][T13147] loop4: detected capacity change from 0 to 256 [ 364.057356][T13161] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4005'. [ 364.191092][T13164] loop1: detected capacity change from 0 to 4096 [ 364.250039][T13164] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 364.390046][T13164] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 364.414398][T13164] ntfs3: loop1: ino=1f, "file2" failed to open parent directory r=5 to update [ 364.610665][ T4354] ntfs3: loop1: ino=1f, failed to open parent directory r=5 to update [ 364.923826][T13185] loop3: detected capacity change from 0 to 256 [ 364.994547][T13187] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 365.049154][T13185] FAT-fs (loop3): Directory bread(block 64) failed [ 365.094062][T13185] FAT-fs (loop3): Directory bread(block 65) failed [ 365.100777][T13185] FAT-fs (loop3): Directory bread(block 66) failed [ 365.144038][T13185] FAT-fs (loop3): Directory bread(block 67) failed [ 365.150803][T13185] FAT-fs (loop3): Directory bread(block 68) failed [ 365.201696][T13185] FAT-fs (loop3): Directory bread(block 69) failed [ 365.234208][T13185] FAT-fs (loop3): Directory bread(block 70) failed [ 365.254114][T13185] FAT-fs (loop3): Directory bread(block 71) failed [ 365.260831][T13185] FAT-fs (loop3): Directory bread(block 72) failed [ 365.298901][T13185] FAT-fs (loop3): Directory bread(block 73) failed [ 365.344319][T13171] loop4: detected capacity change from 0 to 32768 [ 365.397014][T13171] JBD2: Ignoring recovery information on journal [ 365.459212][T13170] loop0: detected capacity change from 0 to 32768 [ 365.477312][T13171] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 365.649245][T13170] ERROR: (device loop0): dbAlloc: unable to allocate blocks [ 365.649245][T13170] [ 365.649521][T13170] jfs_create: dtInsert returned -EIO [ 365.649564][T13170] ERROR: (device loop0): jfs_create: [ 365.649564][T13170] [ 365.688593][T13203] netlink: 'syz.3.4024': attribute type 5 has an invalid length. [ 365.735851][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 366.530039][T13225] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready [ 366.660770][T13231] loop2: detected capacity change from 0 to 512 [ 366.723613][T13231] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 366.801225][T13231] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 366.923829][T13231] EXT4-fs (loop2): 1 truncate cleaned up [ 366.933303][T13231] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 367.040732][ T4278] EXT4-fs (loop2): unmounting filesystem. [ 367.171741][T13247] trusted_key: encrypted_key: master key parameter is missing [ 367.200907][T13250] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4046'. [ 367.251722][T13250] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4046'. [ 367.273806][T13250] device batadv0 left promiscuous mode [ 367.292523][T13250] bridge0: port 3(batadv0) entered disabled state [ 367.310490][T13250] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4046'. [ 367.368362][T13250] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 367.630252][T13264] loop0: detected capacity change from 0 to 256 [ 367.712659][T13268] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 367.743727][ T4260] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 367.950628][T13264] loop0: detected capacity change from 0 to 4096 [ 367.957468][ T4260] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 367.978258][ T4260] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 367.989973][T13264] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 368.018864][ T4260] Buffer I/O error on dev loop0, logical block 0, async page read [ 368.078118][T13264] ntfs: (device loop0): parse_options(): Option iocharset is deprecated. Please use option nls= in the future. [ 368.155666][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option uni_xlate. [ 368.193031][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option uni_xlate. [ 368.249088][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option shortname. [ 368.279768][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option shortname. [ 368.334407][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option uni_xlate. [ 368.343370][T13264] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 368.474465][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option tz. [ 368.482797][T13264] ntfs: (device loop0): parse_options(): Unrecognized mount option shortname. [ 368.593102][T13293] netlink: 448 bytes leftover after parsing attributes in process `syz.2.4069'. [ 369.577073][T13325] netlink: 448 bytes leftover after parsing attributes in process `syz.0.4082'. [ 369.688447][T13329] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4084'. [ 370.553809][T13353] netlink: 'syz.2.4099': attribute type 11 has an invalid length. [ 370.804599][T13359] openvswitch: netlink: Key type 29 is not supported [ 370.868676][T13339] loop1: detected capacity change from 0 to 32768 [ 370.923252][T13339] ERROR: (device loop1): xtTruncate: XT_GETPAGE: xtree page corrupt [ 370.923252][T13339] [ 370.980525][T13339] ERROR: (device loop1): remounting filesystem as read-only [ 371.318310][T13373] loop1: detected capacity change from 0 to 1024 [ 371.323537][T13365] loop2: detected capacity change from 0 to 8192 [ 371.416343][T13365] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 371.464304][ T6912] hfsplus: b-tree write err: -5, ino 4 [ 371.519535][T13365] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 371.529738][T13365] REISERFS (device loop2): using ordered data mode [ 371.536943][T13365] reiserfs: using flush barriers [ 371.545844][T13365] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 371.575783][T13365] REISERFS (device loop2): checking transaction log (loop2) [ 371.888970][T13365] REISERFS (device loop2): Using tea hash to sort names [ 371.904653][T13382] loop1: detected capacity change from 0 to 4096 [ 371.930299][T13365] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 371.975500][T13382] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 372.317615][T13370] loop4: detected capacity change from 0 to 32768 [ 372.423680][T13370] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 372.750087][ T4268] ocfs2: Unmounting device (7,4) on (node local) [ 372.946811][T13408] xt_CT: You must specify a L4 protocol and not use inversions on it [ 373.096419][T13412] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 373.133401][T13388] loop3: detected capacity change from 0 to 32768 [ 373.140339][T13412] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 373.234988][T13388] ialloc: diAlloc returned -17! [ 373.343711][T13418] netlink: 'syz.4.4128': attribute type 10 has an invalid length. [ 374.881818][T13465] loop2: detected capacity change from 0 to 256 [ 374.945614][T13465] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 374.985873][T13467] netlink: 'syz.1.4152': attribute type 1 has an invalid length. [ 375.678605][T13487] netlink: 'syz.3.4162': attribute type 10 has an invalid length. [ 375.774314][ T4547] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 375.974141][ T4547] usb 3-1: Using ep0 maxpacket: 16 [ 375.983857][ T4547] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 376.003027][T13499] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.4168'. [ 376.014203][ T4545] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 376.017171][T13500] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4167'. [ 376.043529][ T4547] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 376.053166][T13500] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4167'. [ 376.053187][T13500] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4167'. [ 376.082937][ T4547] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.119388][ T4547] usb 3-1: config 0 descriptor?? [ 376.151746][ T4547] xbox_remote_probe: Unexpected endpoint_in [ 376.191256][ T4547] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 376.215942][ T4545] usb 5-1: config 0 has an invalid interface number: 255 but max is 0 [ 376.244201][ T4545] usb 5-1: config 0 has no interface number 0 [ 376.252942][ T4545] usb 5-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 376.284684][ T4545] usb 5-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 376.308528][ T4545] usb 5-1: config 0 interface 255 has no altsetting 0 [ 376.329593][ T4545] usb 5-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 376.371608][ T4545] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 376.383245][ T4547] usb 3-1: USB disconnect, device number 20 [ 376.415178][ T4545] usb 5-1: config 0 descriptor?? [ 376.453002][ T4545] ums-realtek 5-1:0.255: USB Mass Storage device detected [ 376.540387][T13517] loop0: detected capacity change from 0 to 8 [ 376.617553][T13519] loop1: detected capacity change from 0 to 128 [ 376.651962][T13519] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 376.670854][ T4547] usb 5-1: USB disconnect, device number 15 [ 376.746022][ T27] kauditd_printk_skb: 7 callbacks suppressed [ 376.746037][ T27] audit: type=1800 audit(2000000026.800:102): pid=13517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4175" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 377.564367][T13545] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4189'. [ 377.737648][T13551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4192'. [ 377.947171][T13557] IPv6: Can't replace route, no match found [ 378.043130][T13561] loop4: detected capacity change from 0 to 136 [ 378.147708][T13561] Attempt to read inode for relocated directory [ 378.244413][T13527] loop1: detected capacity change from 0 to 32768 [ 378.272036][T13527] gfs2: Bad value for 'locktable' [ 378.378010][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.384706][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.506421][T13571] netlink: 'syz.3.4204': attribute type 16 has an invalid length. [ 378.574042][T13571] netlink: 'syz.3.4204': attribute type 17 has an invalid length. [ 378.670122][T13571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 378.734254][T13571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 378.775919][T13571] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 378.828936][T13571] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 379.551368][T13605] netlink: 'syz.0.4217': attribute type 1 has an invalid length. [ 379.579994][T13605] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4217'. [ 379.757295][T13606] loop2: detected capacity change from 0 to 4096 [ 379.808394][T13606] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 379.852289][T13606] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 379.892127][T13606] ntfs: (device loop2): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 379.895526][T13575] loop4: detected capacity change from 0 to 40427 [ 379.909011][T13614] loop3: detected capacity change from 0 to 256 [ 379.925610][T13606] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 379.963435][T13575] F2FS-fs (loop4): invalid crc value [ 379.973182][T13606] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 380.014063][T13575] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 380.047346][T13575] F2FS-fs (loop4): Found nat_bits in checkpoint [ 380.054813][T13606] ntfs: volume version 3.1. [ 380.056598][T13614] FAT-fs (loop3): Directory bread(block 64) failed [ 380.061281][T13606] ntfs: (device loop2): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 380.115006][T13614] FAT-fs (loop3): Directory bread(block 65) failed [ 380.121728][T13614] FAT-fs (loop3): Directory bread(block 66) failed [ 380.164417][T13614] FAT-fs (loop3): Directory bread(block 67) failed [ 380.171506][T13614] FAT-fs (loop3): Directory bread(block 68) failed [ 380.194212][T13606] ntfs: (device loop2): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 380.208691][T13614] FAT-fs (loop3): Directory bread(block 69) failed [ 380.250536][T13614] FAT-fs (loop3): Directory bread(block 70) failed [ 380.255826][T13575] F2FS-fs (loop4): recover fsync data on readonly fs [ 380.278304][T13614] FAT-fs (loop3): Directory bread(block 71) failed [ 380.295540][T13606] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 380.301362][T13614] FAT-fs (loop3): Directory bread(block 72) failed [ 380.317288][T13575] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 380.332855][T13575] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 380.342204][T13614] FAT-fs (loop3): Directory bread(block 73) failed [ 380.355736][T13575] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 380.356266][T13606] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 381.089224][T13608] loop1: detected capacity change from 0 to 32768 [ 381.142448][T13608] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.4219 (13608) [ 381.236631][T13608] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 381.271173][T13608] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 381.303349][T13608] BTRFS info (device loop1): using free space tree [ 381.473615][ T52] block nbd3: Attempted send on invalid socket [ 381.481419][ T52] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 381.511630][T13646] loop4: detected capacity change from 0 to 256 [ 381.555876][T13646] FAT-fs (loop4): Directory bread(block 64) failed [ 381.644080][T13646] FAT-fs (loop4): Directory bread(block 65) failed [ 381.651121][T13646] FAT-fs (loop4): Directory bread(block 66) failed [ 381.699808][T13608] BTRFS info (device loop1): enabling ssd optimizations [ 381.707424][T13646] FAT-fs (loop4): Directory bread(block 67) failed [ 381.720473][T13667] loop3: detected capacity change from 0 to 1024 [ 381.793237][T13646] FAT-fs (loop4): Directory bread(block 68) failed [ 381.839779][T13646] FAT-fs (loop4): Directory bread(block 69) failed [ 381.844417][T13667] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 381.847187][T13646] FAT-fs (loop4): Directory bread(block 70) failed [ 381.862227][T13646] FAT-fs (loop4): Directory bread(block 71) failed [ 381.869327][T13646] FAT-fs (loop4): Directory bread(block 72) failed [ 381.876169][T13646] FAT-fs (loop4): Directory bread(block 73) failed [ 381.939179][ T4269] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 381.941583][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 381.941598][ T27] audit: type=1326 audit(2000000031.990:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13671 comm="syz.2.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 382.024432][T13646] syz.4.4235: attempt to access beyond end of device [ 382.024432][T13646] loop4: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 382.124191][ T48] Bluetooth: hci4: command 0x2016 tx timeout [ 382.175376][ T27] audit: type=1326 audit(2000000031.990:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13671 comm="syz.2.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 382.294059][ T27] audit: type=1326 audit(2000000032.030:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13671 comm="syz.2.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 382.320377][T13676] loop2: detected capacity change from 0 to 1764 [ 382.404540][ T27] audit: type=1326 audit(2000000032.030:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13671 comm="syz.2.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 382.490495][ T4260] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop1 scanned by udevd (4260) [ 382.521681][ T27] audit: type=1326 audit(2000000032.030:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13671 comm="syz.2.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 382.665277][ T4277] EXT4-fs (loop3): unmounting filesystem. [ 382.807415][T13686] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4246'. [ 382.874576][T13686] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4246'. [ 383.575799][T13712] openvswitch: netlink: EtherType 0 is less than min 600 [ 384.424628][T13744] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4271'. [ 384.566415][T13747] device gre0 entered promiscuous mode [ 384.629374][T13748] loop2: detected capacity change from 0 to 1024 [ 384.826300][T13754] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4275'. [ 384.887392][T13754] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4275'. [ 384.890950][ T46] hfsplus: b-tree write err: -5, ino 4 [ 384.954037][T13754] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4275'. [ 385.319374][ T4276] Bluetooth: hci4: unexpected event for opcode 0x2062 [ 385.714763][T13734] loop3: detected capacity change from 0 to 32768 [ 385.745222][T13734] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 386.113872][ T4260] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 386.490170][T13793] loop2: detected capacity change from 0 to 4096 [ 386.608467][T13802] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 386.619106][T13771] loop1: detected capacity change from 0 to 32768 [ 386.778148][T13771] JBD2: Ignoring recovery information on journal [ 386.905134][T13771] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 386.981322][T13771] (syz.1.4282,13771,1):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 387.237633][ T4269] ocfs2: Unmounting device (7,1) on (node local) [ 387.342167][ T27] audit: type=1326 audit(2000000037.390:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13821 comm="syz.4.4302" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2db9d8ebe9 code=0x0 [ 387.466467][T13826] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4301'. [ 387.812041][ T27] audit: type=1326 audit(2000000037.860:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 387.895984][T13796] loop0: detected capacity change from 0 to 32768 [ 387.930137][ T27] audit: type=1326 audit(2000000037.910:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 388.013110][T13796] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 388.067935][ T27] audit: type=1326 audit(2000000037.910:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 388.090613][ C0] vkms_vblank_simulate: vblank timer overrun [ 388.097219][ T27] audit: type=1326 audit(2000000037.910:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.2.4307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f70f8ebe9 code=0x7ffc0000 [ 388.119987][ C0] vkms_vblank_simulate: vblank timer overrun [ 388.155308][T13796] [ 388.157795][T13796] ====================================================== [ 388.164931][T13796] WARNING: possible circular locking dependency detected [ 388.171987][T13796] 6.1.147-syzkaller #0 Not tainted [ 388.177122][T13796] ------------------------------------------------------ [ 388.184338][T13796] syz.0.4292/13796 is trying to acquire lock: [ 388.190496][T13796] ffff88805560d108 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_xattr_set+0xad6/0x11e0 [ 388.202794][T13796] [ 388.202794][T13796] but task is already holding lock: [ 388.210600][T13796] ffff8880702dbff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 388.220108][T13796] [ 388.220108][T13796] which lock already depends on the new lock. [ 388.220108][T13796] [ 388.230692][T13796] [ 388.230692][T13796] the existing dependency chain (in reverse order) is: [ 388.239800][T13796] [ 388.239800][T13796] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 388.247628][T13796] down_read+0x42/0x2d0 [ 388.252325][T13796] ocfs2_init_acl+0x2fb/0x720 [ 388.257546][T13796] ocfs2_mknod+0x1463/0x2350 [ 388.262839][T13796] ocfs2_create+0x1b6/0x4a0 [ 388.267876][T13796] path_openat+0x1187/0x2e70 [ 388.272991][T13796] do_filp_open+0x1c1/0x3c0 [ 388.278034][T13796] do_sys_openat2+0x142/0x490 [ 388.283236][T13796] __x64_sys_creat+0x8c/0xb0 [ 388.288358][T13796] do_syscall_64+0x4c/0xa0 [ 388.293332][T13796] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 388.299864][T13796] [ 388.299864][T13796] -> #1 (jbd2_handle){++++}-{0:0}: [ 388.307350][T13796] jbd2_journal_lock_updates+0xa7/0x380 [ 388.313517][T13796] __ocfs2_flush_truncate_log+0x2cd/0x11d0 [ 388.319939][T13796] ocfs2_truncate_log_shutdown+0x13e/0x2e0 [ 388.326365][T13796] ocfs2_dismount_volume+0x204/0x930 [ 388.332188][T13796] generic_shutdown_super+0x130/0x340 [ 388.338262][T13796] kill_block_super+0x7c/0xe0 [ 388.343489][T13796] deactivate_locked_super+0x93/0xf0 [ 388.349298][T13796] cleanup_mnt+0x463/0x4f0 [ 388.354252][T13796] task_work_run+0x1ca/0x250 [ 388.359483][T13796] exit_to_user_mode_loop+0xe6/0x110 [ 388.365325][T13796] exit_to_user_mode_prepare+0xb1/0x140 [ 388.371497][T13796] syscall_exit_to_user_mode+0x16/0x40 [ 388.377659][T13796] do_syscall_64+0x58/0xa0 [ 388.382601][T13796] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 388.389038][T13796] [ 388.389038][T13796] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 388.399575][T13796] __lock_acquire+0x2cf8/0x7c50 [ 388.404968][T13796] lock_acquire+0x1b4/0x490 [ 388.409999][T13796] down_write+0x36/0x60 [ 388.414770][T13796] ocfs2_xattr_set+0xad6/0x11e0 [ 388.420328][T13796] __vfs_setxattr+0x3e0/0x420 [ 388.425665][T13796] __vfs_setxattr_noperm+0x129/0x5e0 [ 388.431566][T13796] vfs_setxattr+0x168/0x2f0 [ 388.436781][T13796] setxattr+0x2b2/0x2d0 [ 388.441549][T13796] path_setxattr+0x142/0x280 [ 388.446712][T13796] __x64_sys_setxattr+0xb7/0xd0 [ 388.452226][T13796] do_syscall_64+0x4c/0xa0 [ 388.457184][T13796] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 388.463713][T13796] [ 388.463713][T13796] other info that might help us debug this: [ 388.463713][T13796] [ 388.474215][T13796] Chain exists of: [ 388.474215][T13796] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> jbd2_handle --> &oi->ip_xattr_sem [ 388.474215][T13796] [ 388.490420][T13796] Possible unsafe locking scenario: [ 388.490420][T13796] [ 388.497873][T13796] CPU0 CPU1 [ 388.503239][T13796] ---- ---- [ 388.508728][T13796] lock(&oi->ip_xattr_sem); [ 388.513328][T13796] lock(jbd2_handle); [ 388.520030][T13796] lock(&oi->ip_xattr_sem); [ 388.527259][T13796] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 388.534572][T13796] [ 388.534572][T13796] *** DEADLOCK *** [ 388.534572][T13796] [ 388.542891][T13796] 3 locks held by syz.0.4292/13796: [ 388.548356][T13796] #0: ffff8880792ae460 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 388.557686][T13796] #1: ffff8880702dc2c8 (&type->i_mutex_dir_key#18){++++}-{3:3}, at: vfs_setxattr+0x141/0x2f0 [ 388.568138][T13796] #2: ffff8880702dbff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x40c/0x11e0 [ 388.578059][T13796] [ 388.578059][T13796] stack backtrace: [ 388.584039][T13796] CPU: 0 PID: 13796 Comm: syz.0.4292 Not tainted 6.1.147-syzkaller #0 [ 388.592200][T13796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 388.602371][T13796] Call Trace: [ 388.605670][T13796] [ 388.608798][T13796] dump_stack_lvl+0x168/0x22e [ 388.613485][T13796] ? load_image+0x3b0/0x3b0 [ 388.618001][T13796] ? show_regs_print_info+0x12/0x12 [ 388.623210][T13796] ? print_circular_bug+0x12b/0x1a0 [ 388.628431][T13796] check_noncircular+0x274/0x310 [ 388.633464][T13796] ? add_chain_block+0x940/0x940 [ 388.638687][T13796] ? lockdep_lock+0xdc/0x1e0 [ 388.643292][T13796] ? __schedule+0x10f4/0x40b0 [ 388.648070][T13796] ? _find_first_zero_bit+0xcf/0x100 [ 388.653381][T13796] __lock_acquire+0x2cf8/0x7c50 [ 388.658244][T13796] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 388.664321][T13796] ? verify_lock_unused+0x140/0x140 [ 388.669527][T13796] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 388.675164][T13796] ? lockdep_hardirqs_on+0x94/0x140 [ 388.680458][T13796] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 388.686222][T13796] lock_acquire+0x1b4/0x490 [ 388.690937][T13796] ? ocfs2_xattr_set+0xad6/0x11e0 [ 388.695978][T13796] ? ocfs2_xattr_block_find+0x150/0x4b0 [ 388.701694][T13796] ? __might_sleep+0xd0/0xd0 [ 388.706299][T13796] ? preempt_count_add+0x8d/0x190 [ 388.711412][T13796] ? read_lock_is_recursive+0x10/0x10 [ 388.716963][T13796] ? rwsem_write_trylock+0x12f/0x1b0 [ 388.722339][T13796] ? ocfs2_xattr_ibody_find+0x7c0/0x7c0 [ 388.727982][T13796] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 388.733789][T13796] down_write+0x36/0x60 [ 388.737953][T13796] ? ocfs2_xattr_set+0xad6/0x11e0 [ 388.743068][T13796] ocfs2_xattr_set+0xad6/0x11e0 [ 388.748100][T13796] ? __ocfs2_xattr_set_handle+0xf10/0xf10 [ 388.753924][T13796] ? __lock_acquire+0x13c0/0x7c50 [ 388.759237][T13796] ? is_bpf_text_address+0x28b/0x2a0 [ 388.764792][T13796] ? is_bpf_text_address+0x22/0x2a0 [ 388.770172][T13796] ? look_up_lock_class+0x75/0x140 [ 388.775472][T13796] ? verify_lock_unused+0x140/0x140 [ 388.780833][T13796] ? register_lock_class+0xb1/0x860 [ 388.786036][T13796] ? aa_get_newest_label+0xf4/0x5c0 [ 388.791329][T13796] ? unwind_get_return_address+0x49/0x80 [ 388.797070][T13796] ? posix_xattr_acl+0x8f/0xb0 [ 388.801841][T13796] ? evm_protect_xattr+0x333/0x990 [ 388.807043][T13796] ? ocfs2_xattr_trusted_get+0x40/0x40 [ 388.812590][T13796] __vfs_setxattr+0x3e0/0x420 [ 388.817462][T13796] __vfs_setxattr_noperm+0x129/0x5e0 [ 388.822750][T13796] vfs_setxattr+0x168/0x2f0 [ 388.827261][T13796] ? xattr_permission+0x500/0x500 [ 388.832300][T13796] ? strncpy_from_user+0x1e3/0x350 [ 388.837699][T13796] setxattr+0x2b2/0x2d0 [ 388.841950][T13796] ? path_setxattr+0x280/0x280 [ 388.846811][T13796] ? __mnt_want_write+0x21f/0x2a0 [ 388.851844][T13796] path_setxattr+0x142/0x280 [ 388.856449][T13796] ? simple_xattr_list_add+0xf0/0xf0 [ 388.861742][T13796] ? lock_chain_count+0x20/0x20 [ 388.866689][T13796] __x64_sys_setxattr+0xb7/0xd0 [ 388.871560][T13796] do_syscall_64+0x4c/0xa0 [ 388.875976][T13796] ? clear_bhb_loop+0x60/0xb0 [ 388.880961][T13796] ? clear_bhb_loop+0x60/0xb0 [ 388.885817][T13796] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 388.891997][T13796] RIP: 0033:0x7fda1098ebe9 [ 388.896511][T13796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 388.917096][T13796] RSP: 002b:00007fda11784038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 388.925868][T13796] RAX: ffffffffffffffda RBX: 00007fda10bb5fa0 RCX: 00007fda1098ebe9 [ 388.933933][T13796] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000240 [ 388.941913][T13796] RBP: 00007fda10a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 388.950148][T13796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.958206][T13796] R13: 00007fda10bb6038 R14: 00007fda10bb5fa0 R15: 00007fff195bbf18 [ 388.966287][T13796] [ 388.969402][ C0] vkms_vblank_simulate: vblank timer overrun [ 389.112947][ T4280] ocfs2: Unmounting device (7,0) on (node local) [ 389.326164][ T4276] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 389.334518][ T4276] Bluetooth: hci4: Injecting HCI hardware error event [ 389.341878][ T48] Bluetooth: hci4: hardware error 0x00 [ 391.404119][ T48] Bluetooth: hci4: Opcode 0x0c03 failed: -110