last executing test programs: 33.996416032s ago: executing program 1 (id=491): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000880)={@desc={0x1, 0x0, @desc3}, 0x40, 0x0, '\x00', @a}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000080)={@desc={0x1, 0x0, @desc3}}) 33.64397457s ago: executing program 1 (id=493): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x100000e, 0x11, r0, 0x100000000) 33.477995164s ago: executing program 1 (id=495): r0 = socket$inet6(0xa, 0x3, 0x2f) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x8, 0xffff, 0x0, 0xa, 0x50, 0x0, 0x3c}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x6c}, 0x0, @in=@multicast1}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) 33.392905331s ago: executing program 1 (id=496): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=") syz_mount_image$fuse(0x0, &(0x7f0000000240)='./bus\x00', 0x20000, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x200000, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 32.834822016s ago: executing program 1 (id=500): r0 = socket$inet6(0xa, 0x5, 0x0) listen(r0, 0x50) listen(r0, 0x0) 31.55229939s ago: executing program 1 (id=514): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 31.18128667s ago: executing program 32 (id=514): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0)) 5.384110244s ago: executing program 4 (id=727): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000040)=@ethtool_drvinfo={0x3, "2c9bf624d607a5a9e2843fe8ae6632d02ffd8f9dd4c5e64fc65ac033b7a87c1f", "1c1e66c29869bf688917a2ed3835dc1d9e81b84960aca558453c4565abe3dcd8", "d1157590637541abeca20b9ca73977b269091c8aca21e3a616010dc44053ec09", "0f83ee263df12a6401579dcd55e31d69df95ecfcd41b0b75ef367a2297d352fc", "eef1d2fa3c932f1f8ebfc1874010684213066050ad07a2af725a1cc11d7e0bd6", "ce579275bc602e7bd0597b59", 0xa, 0xfffffffd, 0x1c, 0x3, 0x6}}) syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000055bed40020000000000000003010902380002000000060904c700010e0101000300d009050a000000000000090400000101be2600090500000000000000080b"], 0x0) 3.329873241s ago: executing program 4 (id=749): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x3c, r1, 0x431, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}]}, 0x3c}}, 0x0) 3.044118184s ago: executing program 4 (id=753): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)={0x34, r1, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x34}}, 0x0) 2.868319948s ago: executing program 4 (id=755): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="09000000e70014000000d97bfbf7", 0xe, 0x200000c4, &(0x7f0000000080)={0x11, 0x88a8, r1, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x43}}, 0x14) 2.699462211s ago: executing program 4 (id=757): syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12014000f273a440cd060a01c3d90102030109021b040000dd00200904000c01950d18000905", @ANYBLOB="87e295"], 0x0) syz_open_dev$evdev(0x0, 0x2, 0x862b01) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) 2.116112669s ago: executing program 0 (id=760): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x50, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @loopback=0xac1414aa}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @remote}]}, 0x50}}, 0x0) 1.994727508s ago: executing program 0 (id=761): setuid(0xffffffffffffffff) shmget(0x1, 0x1000, 0x383, &(0x7f0000ffc000/0x1000)=nil) shmget(0x1, 0x1000, 0x6e7, &(0x7f0000ffa000/0x1000)=nil) 1.873482368s ago: executing program 0 (id=762): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) 1.663914045s ago: executing program 0 (id=764): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000203010200000000000000000000000009000200000000470200000008000340000000000800010001"], 0x30}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000000203050000000000000000000e0000000900020000080010b3"], 0x20}, 0x1, 0x0, 0x0, 0x40049d1}, 0x0) 1.424151134s ago: executing program 0 (id=766): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000000)) 1.223686921s ago: executing program 0 (id=768): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=") symlinkat(&(0x7f0000000140)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00') fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100) 1.193650633s ago: executing program 2 (id=769): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 978.843921ms ago: executing program 4 (id=770): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") syz_mount_image$vfat(&(0x7f0000000340), &(0x7f00000002c0)='./bus\x00', 0x4000, 0x0, 0xfd, 0x0, &(0x7f0000000340)) chown(&(0x7f0000000140)='./bus\x00', 0xee01, 0xffffffffffffffff) 844.199681ms ago: executing program 2 (id=771): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x40, 0x7, 0x48, 0x3}, {0x28, 0x4, 0x76, 0xfffff034}, {0x6, 0x29, 0x3, 0x207}]}, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) 843.995121ms ago: executing program 3 (id=772): chdir(&(0x7f0000000480)='./cgroup\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 730.714231ms ago: executing program 3 (id=773): r0 = syz_open_dev$evdev(&(0x7f00000001c0), 0x1bbc, 0x801) write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x0, 0x1, 0x3}], 0x5b) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000040)=0x1) 679.822565ms ago: executing program 2 (id=774): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x401, 0x4000, 0x101, {0x0, 0x0, 0x0, 0x0, 0x20009}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) 582.655512ms ago: executing program 3 (id=775): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x3, 0x0, {0x33}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x20000040) 408.074716ms ago: executing program 2 (id=776): r0 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb09001800000000000c0000ffffffff"], &(0x7f0000001f80)=""/218, 0x26, 0xda, 0x2}, 0x28) 407.780346ms ago: executing program 3 (id=777): capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x2c4}) r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000008c0)={0xe0, 0x11, 0x50b, 0x0, 0x0, "", [@nested={0xcd, 0x53, 0x0, 0x1, [@typed={0x4, 0x40, 0x0, 0x0, @binary}, @typed={0x14, 0xc0, 0x0, 0x0, @ipv6=@mcast2}, @generic="c53f5db51e7d08209225dc54476d721fefa1a16229434e", @typed={0x4, 0x6d}, @generic="4aad66ef746e12553f79286eeda3f43f631dca32aec463ba56d597d09cc7096cb79d20b59795d962403edfbf35bcc9d9f618456043acab27c75f1556e3ad097d74b51c9e26ece1a6a178b786330cfef313c89b35ba3641bd681427d73171ecc36f0d1b374eef00b1321c5d1b86e33d459e42b2ef0b46bb6a8608e814948044c9b84475cbb077769158d3c456821599babffa6d5e6787"]}]}, 0xe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0) 270.828657ms ago: executing program 3 (id=778): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) 181.386075ms ago: executing program 2 (id=779): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xa4, &(0x7f0000000200), &(0x7f0000000140)=0x4) 68.075834ms ago: executing program 3 (id=780): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc52b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x60, 0x0, [{{0x9, 0x4, 0x0, 0xb, 0x2, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x406, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x7, 0x8, 0x7}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0) 0s ago: executing program 2 (id=781): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private1={0xfc, 0x1, '\x00', 0xfd}, 0x8000000, 0x0, 0x3, 0x1, 0xfffc}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x8000000, 0x0, 0x3, 0x0, 0x0, 0x600}, 0x20) kernel console output (not intermixed with test programs): called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 76.522783][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.535879][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.545443][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.554502][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.567320][ T5791] veth1_macvtap: entered promiscuous mode [ 76.611996][ T5876] loop3: detected capacity change from 0 to 8192 [ 76.631437][ T5876] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 76.646078][ T5876] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 76.655892][ T5876] REISERFS (device loop3): using ordered data mode [ 76.662409][ T5876] reiserfs: using flush barriers [ 76.669847][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.670537][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.678090][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.701183][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.704330][ T5876] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 76.711383][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.737896][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.749360][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.759926][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.771646][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.783186][ T5876] REISERFS (device loop3): checking transaction log (loop3) [ 76.800249][ T5876] REISERFS (device loop3): Using r5 hash to sort names [ 76.821905][ T5876] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 76.843159][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.872422][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.893839][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.911579][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.928002][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.939117][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.952696][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.964069][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.980488][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.036847][ T5791] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.058371][ T5791] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.074234][ T5791] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.082987][ T5791] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.123500][ T1296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.151804][ T1296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.287336][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.324503][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.430743][ T1308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.448091][ T1308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.524896][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.532841][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.784593][ T5101] Bluetooth: hci2: command tx timeout [ 77.821236][ T5880] loop3: detected capacity change from 0 to 32768 [ 77.861873][ T5880] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.7 (5880) [ 77.864763][ T5101] Bluetooth: hci3: command tx timeout [ 77.881408][ T5101] Bluetooth: hci1: command tx timeout [ 77.882211][ T5790] Bluetooth: hci0: command tx timeout [ 77.994399][ T5880] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 78.060244][ T5880] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 78.086132][ T5898] loop0: detected capacity change from 0 to 128 [ 78.124389][ T5880] BTRFS info (device loop3): using free space tree [ 78.132314][ T5898] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 78.145226][ T5900] capability: warning: `syz.1.11' uses deprecated v2 capabilities in a way that may be insecure [ 78.218447][ T5898] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 78.398036][ T5880] BTRFS info (device loop3): enabling ssd optimizations [ 78.398982][ T28] audit: type=1326 audit(1756512921.303:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.439168][ T5880] BTRFS info (device loop3): auto enabling async discard [ 78.455475][ T5898] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 48 marked as free, partition length is 40) [ 78.508475][ T28] audit: type=1326 audit(1756512921.303:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.559666][ T28] audit: type=1326 audit(1756512921.383:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.671901][ T28] audit: type=1326 audit(1756512921.383:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.711606][ T5792] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 78.730982][ T28] audit: type=1326 audit(1756512921.383:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.835643][ T28] audit: type=1326 audit(1756512921.403:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.857645][ C1] vkms_vblank_simulate: vblank timer overrun [ 78.953121][ T28] audit: type=1326 audit(1756512921.403:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 78.975124][ C1] vkms_vblank_simulate: vblank timer overrun [ 78.994786][ T5930] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 79.006884][ T5929] [U] J"—E:ÀÆ" [ 79.058588][ T28] audit: type=1326 audit(1756512921.403:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5918 comm="syz.2.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 79.144573][ T28] audit: type=1800 audit(1756512921.443:10): pid=5880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.7" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 79.312285][ T5941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24'. [ 79.789717][ T5953] loop1: detected capacity change from 0 to 512 [ 79.809851][ T5953] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 79.819565][ T5955] loop0: detected capacity change from 0 to 512 [ 79.835432][ T5953] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 79.856538][ T5955] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 79.868747][ T5795] Bluetooth: hci2: command tx timeout [ 79.893517][ T5953] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 79.913052][ T5953] EXT4-fs (loop1): 1 truncate cleaned up [ 79.920883][ T5849] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 79.939246][ T5953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.953518][ T5790] Bluetooth: hci3: command tx timeout [ 79.959214][ T5101] Bluetooth: hci0: command tx timeout [ 79.966091][ T5795] Bluetooth: hci1: command tx timeout [ 80.006589][ T5955] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 80.018093][ T5953] EXT4-fs warning (device loop1): verify_group_input:169: Last group not full [ 80.058552][ T5955] FAT-fs (loop0): Filesystem has been set read-only [ 80.067267][ T5958] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003) [ 80.131416][ T5960] loop2: detected capacity change from 0 to 512 [ 80.141291][ T5849] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 80.157084][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.160437][ T5849] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 80.179658][ T5960] EXT4-fs: Ignoring removed bh option [ 80.196610][ T5849] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 80.238988][ T5849] usb 4-1: config 220 has no interface number 2 [ 80.239113][ T5960] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 80.258807][ T5849] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 80.295911][ T5962] UBIFS error (pid: 5962): cannot open "usrquota", error -22 [ 80.314027][ T5849] usb 4-1: config 220 interface 0 has no altsetting 0 [ 80.314574][ T5960] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 80.353240][ T5849] usb 4-1: config 220 interface 76 has no altsetting 0 [ 80.366141][ T5849] usb 4-1: config 220 interface 1 has no altsetting 0 [ 80.386841][ T5960] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 80.436327][ T5849] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 80.458384][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.477791][ T5960] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 80.497327][ T5960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.498590][ T5849] usb 4-1: Product: syz [ 80.574406][ T5849] usb 4-1: Manufacturer: syz [ 80.579074][ T5849] usb 4-1: SerialNumber: syz [ 80.639828][ T5971] loop1: detected capacity change from 0 to 1024 [ 80.655288][ T5971] EXT4-fs: Ignoring removed nomblk_io_submit option [ 80.709724][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.718279][ T5971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.895326][ T5849] usb 4-1: selecting invalid altsetting 0 [ 80.923557][ T5849] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 80.952201][ T5980] loop0: detected capacity change from 0 to 1024 [ 80.970000][ T5849] usb 4-1: No valid video chain found. [ 80.971651][ T5980] EXT4-fs: Ignoring removed nomblk_io_submit option [ 80.985816][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.019961][ T5849] usb 4-1: selecting invalid altsetting 0 [ 81.024371][ T5980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.040772][ T5849] usbtest: probe of 4-1:220.1 failed with error -22 [ 81.091673][ T5849] usb 4-1: USB disconnect, device number 2 [ 81.141859][ T5989] netlink: 'syz.1.41': attribute type 29 has an invalid length. [ 81.230884][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.396110][ T5995] loop1: detected capacity change from 0 to 2048 [ 81.413570][ T5995] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 81.500007][ T5995] UDF-fs: unknown compression code (0) [ 81.890656][ T6007] loop1: detected capacity change from 0 to 512 [ 81.915285][ T6007] ======================================================= [ 81.915285][ T6007] WARNING: The mand mount option has been deprecated and [ 81.915285][ T6007] and is ignored by this kernel. Remove the mand [ 81.915285][ T6007] option from the mount to silence this warning. [ 81.915285][ T6007] ======================================================= [ 81.950222][ C1] vkms_vblank_simulate: vblank timer overrun [ 82.025606][ T6007] EXT4-fs: Ignoring removed bh option [ 82.031151][ T6007] EXT4-fs: Ignoring removed mblk_io_submit option [ 82.089690][ T6007] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 82.171152][ T6007] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 82.257589][ T6007] EXT4-fs (loop1): orphan cleanup on readonly fs [ 82.317157][ T6007] Quota error (device loop1): do_insert_tree: Free block already used in tree: block 4 [ 82.365359][ T6007] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.51: Failed to acquire dquot type 1 [ 82.427267][ T6007] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.51: Invalid block bitmap block 0 in block_group 0 [ 82.470196][ T6007] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.51: Invalid block bitmap block 0 in block_group 0 [ 82.510891][ T6007] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.51: Invalid block bitmap block 0 in block_group 0 [ 82.541905][ T6007] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.51: Failed to acquire dquot type 1 [ 82.578902][ T6000] loop3: detected capacity change from 0 to 32768 [ 82.580512][ T6007] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.51: Failed to acquire dquot type 1 [ 82.608046][ T6000] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.48 (6000) [ 82.625841][ T6007] EXT4-fs (loop1): 1 orphan inode deleted [ 82.643129][ T6007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 82.711728][ T6000] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.737221][ T6000] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 82.763541][ T6000] BTRFS info (device loop3): using free space tree [ 82.766658][ T6007] syz.1.51 (6007) used greatest stack depth: 20720 bytes left [ 82.792016][ T6005] loop0: detected capacity change from 0 to 32768 [ 82.882026][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.893421][ T6005] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 82.938446][ T6000] BTRFS info (device loop3): enabling ssd optimizations [ 83.097323][ T6040] loop2: detected capacity change from 0 to 2048 [ 83.159097][ T6005] XFS (loop0): Ending clean mount [ 83.169772][ T6040] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 83.186591][ T6044] ptrace attach of "./syz-executor exec"[5784] was attempted by ""[6044] [ 83.197751][ T6040] NILFS (loop2): mounting unchecked fs [ 83.210127][ T6005] XFS (loop0): Quotacheck needed: Please wait. [ 83.273667][ T5982] udevd[5982]: incorrect nilfs2 checksum on /dev/loop2 [ 83.283327][ T6040] NILFS (loop2): recovery complete [ 83.302025][ T6005] XFS (loop0): Quotacheck: Done. [ 83.347264][ T6045] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 83.444240][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 83.444253][ T28] audit: type=1800 audit(1756512926.343:11): pid=6005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.50" name="bus" dev="loop0" ino=9290 res=0 errno=0 [ 83.624662][ T5791] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 83.638136][ T5792] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 84.877446][ T6066] netlink: 16 bytes leftover after parsing attributes in process `syz.3.67'. [ 84.914179][ C0] sched: RT throttling activated [ 85.004769][ T6054] loop1: detected capacity change from 0 to 131072 [ 85.016603][ T6054] F2FS-fs (loop1): build fault injection attr: rate: 7, type: 0x7ffff [ 85.025235][ T6054] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x40004 [ 85.033432][ T6054] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name [ 85.048173][ T6054] F2FS-fs (loop1): invalid crc value [ 85.071133][ T6054] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580 [ 85.087707][ T6054] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920 [ 85.102818][ T6054] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920 [ 85.117404][ T6054] F2FS-fs (loop1): Found nat_bits in checkpoint [ 85.151160][ T6054] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920 [ 85.162672][ T6054] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920 [ 85.184349][ T6054] F2FS-fs (loop1): sanity_check_inode: corrupted inode ino=3, run fsck to fix. [ 85.218978][ T6054] F2FS-fs (loop1): Failed to read root inode [ 85.615769][ T6083] netlink: 16 bytes leftover after parsing attributes in process `syz.1.73'. [ 85.674645][ T6086] autofs4:pid:6086:autofs_fill_super: called with bogus options [ 85.779825][ T6060] loop0: detected capacity change from 0 to 40427 [ 85.833180][ T6060] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 85.864367][ T6060] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 85.892909][ T6060] F2FS-fs (loop0): invalid crc value [ 85.938388][ T6060] F2FS-fs (loop0): Found nat_bits in checkpoint [ 86.139251][ T6091] loop2: detected capacity change from 0 to 8192 [ 86.166998][ T6060] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 86.180313][ T6060] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 86.221758][ T6091] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.275313][ T6091] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 86.285111][ T6091] REISERFS (device loop2): using ordered data mode [ 86.292086][ T6091] reiserfs: using flush barriers [ 86.304682][ T6091] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.330402][ T6091] REISERFS (device loop2): checking transaction log (loop2) [ 86.339869][ T6091] REISERFS (device loop2): Using r5 hash to sort names [ 86.374634][ T6091] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 86.685413][ T23] cfg80211: failed to load regulatory.db [ 86.755670][ T6111] netlink: 'syz.1.86': attribute type 1 has an invalid length. [ 86.822613][ T6113] veth1_to_bridge: entered promiscuous mode [ 86.871838][ T6113] veth1_to_bridge: left promiscuous mode [ 87.287495][ T6123] loop1: detected capacity change from 0 to 4096 [ 87.320728][ T6129] netlink: set zone limit has 8 unknown bytes [ 87.354330][ T6131] netlink: 60 bytes leftover after parsing attributes in process `syz.2.93'. [ 87.375374][ T6131] netlink: 60 bytes leftover after parsing attributes in process `syz.2.93'. [ 87.385796][ T6128] netlink: 60 bytes leftover after parsing attributes in process `syz.2.93'. [ 87.393886][ T6130] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 87.772299][ T6145] loop2: detected capacity change from 0 to 1024 [ 87.815497][ T6145] EXT4-fs: Ignoring removed bh option [ 87.821032][ T6145] EXT4-fs: Ignoring removed nobh option [ 87.843862][ T6145] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 87.899016][ T6145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.009745][ T6156] tipc: Enabling of bearer rejected, failed to enable media [ 88.190963][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.339887][ T6165] loop0: detected capacity change from 0 to 256 [ 88.401873][ T6171] loop3: detected capacity change from 0 to 128 [ 88.406750][ T6165] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 88.635386][ T27] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 88.757086][ T6178] loop0: detected capacity change from 0 to 8192 [ 88.776640][ T6178] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 88.789871][ T6178] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 88.800112][ T6178] REISERFS (device loop0): using ordered data mode [ 88.807425][ T6178] reiserfs: using flush barriers [ 88.818322][ T6178] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 88.843550][ T6178] REISERFS (device loop0): checking transaction log (loop0) [ 88.855074][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 88.862179][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.886515][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.898494][ T27] usb 3-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00 [ 88.915136][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.934899][ T27] usb 3-1: config 0 descriptor?? [ 88.964397][ T5829] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 89.018699][ T6178] REISERFS (device loop0): Using tea hash to sort names [ 89.026501][ T6178] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 89.158504][ T5829] usb 4-1: Using ep0 maxpacket: 16 [ 89.182728][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.194463][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.204395][ T5829] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 89.219888][ T5829] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 89.246058][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.251483][ T6175] loop1: detected capacity change from 0 to 32768 [ 89.258510][ T5829] usb 4-1: config 0 descriptor?? [ 89.295165][ T6175] [ 89.295165][ T6175] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 89.295165][ T6175] [ 89.410298][ T6175] ERROR: (device loop1): diWrite: ixpxd invalid [ 89.410298][ T6175] [ 89.423163][ T6175] ERROR: (device loop1): txCommit: [ 89.423163][ T6175] [ 89.445814][ T27] aquacomputer_d5next 0003:0C70:F0B6.0001: hidraw0: USB HID vff.fc Device [HID 0c70:f0b6] on usb-dummy_hcd.2-1/input0 [ 89.549948][ T5784] [ 89.549948][ T5784] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 89.549948][ T5784] [ 89.578042][ T5784] [ 89.578042][ T5784] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 89.578042][ T5784] [ 89.620961][ T27] usb 3-1: USB disconnect, device number 2 [ 89.724115][ T6183] fido_id[6183]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 89.741241][ T5829] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0002/input/input8 [ 89.805646][ T5829] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 89.958059][ T6189] loop0: detected capacity change from 0 to 1024 [ 90.004142][ T27] usb 4-1: USB disconnect, device number 3 [ 90.090581][ T6190] fido_id[6190]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 90.191806][ T6192] loop1: detected capacity change from 0 to 4096 [ 90.209029][ T6192] ntfs3: loop1: ino=3, Correct links count -> 2. [ 90.340455][ T6192] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 90.522950][ T6192] ntfs3: loop1: failed to convert "0000" to iso8859-9 [ 90.533863][ T6192] ntfs3: loop1: failed to convert name for inode 1e. [ 90.609182][ T28] audit: type=1326 audit(1756512933.513:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.2.125" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f049178ebe9 code=0x0 [ 90.862245][ T6212] loop1: detected capacity change from 0 to 8 [ 91.400874][ T6218] loop3: detected capacity change from 0 to 40427 [ 91.423474][ T6218] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 91.436591][ T6218] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 91.478896][ T6218] F2FS-fs (loop3): invalid crc value [ 91.505755][ T6218] F2FS-fs (loop3): Found nat_bits in checkpoint [ 91.518466][ T5829] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 91.631268][ T6218] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 91.664347][ T6218] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 91.727734][ T5829] usb 2-1: Using ep0 maxpacket: 32 [ 91.767684][ T5829] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 91.785297][ T5829] usb 2-1: config 0 has no interface number 0 [ 91.821415][ T28] audit: type=1800 audit(1756512934.723:13): pid=6218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.133" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 91.825993][ T5829] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 91.851240][ T5829] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.859843][ T5829] usb 2-1: Product: syz [ 91.864059][ T5829] usb 2-1: Manufacturer: syz [ 91.870197][ T5829] usb 2-1: SerialNumber: syz [ 91.877440][ T5829] usb 2-1: config 0 descriptor?? [ 91.886143][ T5829] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 91.924898][ T5829] usb 2-1: selecting invalid altsetting 1 [ 91.941487][ T5829] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 91.981884][ T5829] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 91.993498][ T5829] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 92.008043][ T5829] usb 2-1: media controller created [ 92.017509][ T6242] loop0: detected capacity change from 0 to 512 [ 92.060795][ T5829] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 92.073332][ T6242] EXT4-fs: Ignoring removed bh option [ 92.121708][ T6242] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 92.138197][ T6242] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 92.160136][ T5829] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 92.198578][ T6242] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 92.210434][ T5829] zl10353_read_register: readreg error (reg=127, ret==-71) [ 92.245603][ T5829] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 92.259958][ T6242] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 92.281908][ T6242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.439912][ T6242] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.142: bg 0: block 353: padding at end of block bitmap is not set [ 92.452047][ T5829] usb 2-1: USB disconnect, device number 2 [ 92.552374][ T6252] loop2: detected capacity change from 0 to 1024 [ 92.606358][ T6252] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 92.655220][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.693668][ T6254] binfmt_misc: register: failed to install interpreter file ./file0 [ 92.834668][ T6259] program syz.2.149 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.845406][ T6260] loop3: detected capacity change from 0 to 128 [ 92.910340][ T6260] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 93.807648][ T6283] loop3: detected capacity change from 0 to 512 [ 93.817614][ T6273] syz.1.154 (6273): drop_caches: 2 [ 93.917610][ T6266] loop0: detected capacity change from 0 to 32768 [ 93.945309][ T6266] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.153 (6266) [ 94.512510][ T6283] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 94.516867][ T6266] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 94.533296][ T6268] syz.1.154 (6268): drop_caches: 2 [ 94.563396][ T6266] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 94.578682][ T6283] EXT4-fs (loop3): 1 truncate cleaned up [ 94.583388][ T6266] BTRFS info (device loop0): using free space tree [ 94.630438][ T6283] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.648652][ T6296] loop1: detected capacity change from 0 to 8 [ 94.677948][ T6288] loop2: detected capacity change from 0 to 32768 [ 94.701755][ T6288] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.162 (6288) [ 94.728750][ T6288] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 94.743036][ T6288] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 94.753241][ T6288] BTRFS info (device loop2): using free space tree [ 94.781293][ T6266] BTRFS info (device loop0): enabling ssd optimizations [ 94.793383][ T6296] SQUASHFS error: xz decompression failed, data probably corrupt [ 94.802151][ T6296] SQUASHFS error: Failed to read block 0xa8: -5 [ 94.817113][ T6296] SQUASHFS error: xz decompression failed, data probably corrupt [ 94.825178][ T6296] SQUASHFS error: Failed to read block 0xa8: -5 [ 94.844610][ T28] audit: type=1800 audit(1756512937.733:14): pid=6296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.163" name="file0" dev="loop1" ino=3 res=0 errno=0 [ 94.855746][ T6266] BTRFS info (device loop0): auto enabling async discard [ 94.877263][ T6283] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.160: bg 0: block 256: padding at end of block bitmap is not set [ 94.922644][ T6283] EXT4-fs (loop3): Remounting filesystem read-only [ 94.950249][ T6283] overlayfs: failed to verify origin (/, ino=2, err=-5) [ 94.966922][ T6283] overlayfs: failed to verify upper root origin [ 94.981844][ T6288] BTRFS info (device loop2): enabling ssd optimizations [ 95.018693][ T6288] BTRFS info (device loop2): auto enabling async discard [ 95.084075][ T5791] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 95.160596][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.184480][ T6326] 9pnet_rdma: rdma_create_trans (6326): problem binding to privport: 13 [ 95.344333][ T23] kernel write not supported for file /input/event2 (pid: 23 comm: kworker/1:0) [ 95.444286][ T1136] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 95.560991][ T5786] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 95.631393][ T6333] loop1: detected capacity change from 0 to 16 [ 95.703812][ T6333] erofs: (device loop1): mounted with root inode @ nid 36. [ 95.740768][ T6337] loop0: detected capacity change from 0 to 512 [ 95.834140][ T5981] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 12 /dev/loop2 scanned by udevd (5981) [ 95.869513][ T6337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.953042][ T6337] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.159486][ T6337] EXT4-fs error (device loop0): ext4_empty_dir:3136: inode #12: comm syz.0.165: invalid size [ 96.218976][ T6337] EXT4-fs (loop0): Remounting filesystem read-only [ 96.366392][ T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 96.384349][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.415566][ T12] Quota error (device loop0): write_blk: dquota write failed [ 96.423012][ T12] Quota error (device loop0): free_dqentry: Can't write quota data block 5 [ 96.752306][ T6344] loop2: detected capacity change from 0 to 32768 [ 96.827568][ T6344] ialloc: diAlloc returned -5! [ 96.896497][ T6335] loop3: detected capacity change from 0 to 40427 [ 96.921283][ T111] ERROR: (device loop2): diUpdatePMap: the iag is outside the map [ 96.921283][ T111] [ 96.934429][ T6335] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 96.953240][ T6335] F2FS-fs (loop3): Image doesn't support compression [ 96.964097][ T111] ERROR: (device loop2): remounting filesystem as read-only [ 96.971648][ T6335] F2FS-fs (loop3): Image doesn't support compression [ 97.018124][ T6335] F2FS-fs (loop3): invalid crc value [ 97.047789][ T6335] F2FS-fs (loop3): Found nat_bits in checkpoint [ 97.161742][ T6335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 97.250784][ T6348] loop1: detected capacity change from 0 to 32768 [ 97.330359][ T6348] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 97.367206][ T5792] syz-executor: attempt to access beyond end of device [ 97.367206][ T5792] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 97.398761][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 97.448549][ T6348] XFS (loop1): Ending clean mount [ 97.536146][ T6371] binder: 6370:6371 ioctl c0306201 2000000001c0 returned -22 [ 97.644772][ T5784] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 97.938045][ T6375] netlink: 'syz.2.176': attribute type 27 has an invalid length. [ 98.136913][ T6382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.182'. [ 98.153893][ T6382] netlink: 16 bytes leftover after parsing attributes in process `syz.1.182'. [ 98.173075][ T6383] loop2: detected capacity change from 0 to 1024 [ 98.259419][ T6383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.278728][ T6383] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.309582][ T6388] loop0: detected capacity change from 0 to 16 [ 98.375537][ T6388] erofs: (device loop0): mounted with root inode @ nid 36. [ 98.376539][ T6392] nbd: must specify a size in bytes for the device [ 98.452320][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.644348][ T27] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 98.854917][ T27] usb 4-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1 [ 98.888518][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.915932][ T27] usb 4-1: config 0 descriptor?? [ 98.943575][ T27] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 98.966379][ T27] dvb_usb_af9015: probe of 4-1:0.0 failed with error -22 [ 99.050201][ T6416] loop0: detected capacity change from 0 to 512 [ 99.070514][ T6416] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 99.151328][ T27] usb 4-1: USB disconnect, device number 4 [ 99.615149][ T6415] loop2: detected capacity change from 0 to 32768 [ 99.629519][ T6415] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.199 (6415) [ 99.663991][ T6415] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 99.709975][ T6415] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 99.727579][ T6432] loop1: detected capacity change from 0 to 2048 [ 99.744255][ T6415] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8) [ 99.754010][ T6415] BTRFS info (device loop2): use lzo compression, level 0 [ 99.774677][ T6433] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 99.798116][ T6415] BTRFS info (device loop2): using free space tree [ 99.937119][ T28] audit: type=1800 audit(1756512942.833:15): pid=6432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.208" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 100.055348][ T6432] NILFS (loop1): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 4) [ 100.073958][ T6456] loop3: detected capacity change from 0 to 512 [ 100.095871][ T6415] BTRFS info (device loop2): enabling ssd optimizations [ 100.097547][ T6456] EXT4-fs: Ignoring removed bh option [ 100.102848][ T6415] BTRFS info (device loop2): auto enabling async discard [ 100.124340][ T6432] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16) [ 100.144110][ T6456] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 100.171978][ T6432] Remounting filesystem read-only [ 100.177478][ T6456] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 100.262626][ T6456] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 100.338583][ T5784] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 100.365160][ T6456] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 100.397123][ T5784] NILFS (loop1): discard dirty page: offset=4096, ino=16 [ 100.413788][ T6456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.427959][ T5786] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 100.434501][ T5784] NILFS (loop1): discard dirty block: blocknr=27, size=1024 [ 100.459065][ T5784] NILFS (loop1): discard dirty block: blocknr=28, size=1024 [ 100.472582][ T5784] NILFS (loop1): discard dirty block: blocknr=29, size=1024 [ 100.513747][ T5784] NILFS (loop1): discard dirty block: blocknr=30, size=1024 [ 100.546593][ T5784] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 100.553585][ T5784] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 100.584997][ T6456] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.212: bg 0: block 353: padding at end of block bitmap is not set [ 100.612753][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.635235][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.656190][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.702856][ T5784] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 100.713584][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.723280][ T6465] loop0: detected capacity change from 0 to 64 [ 100.734249][ T5784] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 100.749111][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.794197][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.824871][ T5784] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 100.954442][ T6468] netlink: 104 bytes leftover after parsing attributes in process `syz.3.217'. [ 101.194652][ T6476] loop2: detected capacity change from 0 to 256 [ 101.492487][ T6485] netlink: 136 bytes leftover after parsing attributes in process `syz.2.224'. [ 101.514281][ T6485] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 101.825984][ T6472] loop1: detected capacity change from 0 to 32768 [ 101.855031][ T6472] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.214 (6472) [ 101.904763][ T6472] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 101.954404][ T6472] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 101.963877][ T6472] BTRFS info (device loop1): using free space tree [ 102.125193][ T6472] BTRFS info (device loop1): enabling ssd optimizations [ 102.144390][ T6472] BTRFS info (device loop1): auto enabling async discard [ 102.557237][ T5784] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 102.584789][ T6524] loop2: detected capacity change from 0 to 8192 [ 102.624594][ T6524] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 102.694026][ T6524] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 102.764345][ T6524] REISERFS (device loop2): using ordered data mode [ 102.770904][ T6524] reiserfs: using flush barriers [ 102.837421][ T6524] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 102.863590][ T6537] loop3: detected capacity change from 0 to 1024 [ 102.883411][ T6537] EXT4-fs: Ignoring removed nomblk_io_submit option [ 102.950165][ T6524] REISERFS (device loop2): checking transaction log (loop2) [ 103.010550][ T6537] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.059527][ T6524] REISERFS (device loop2): Using r5 hash to sort names [ 103.095897][ T6524] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 103.360105][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.599934][ T6556] loop3: detected capacity change from 0 to 512 [ 103.666638][ T6556] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 103.805939][ T6564] loop0: detected capacity change from 0 to 1024 [ 103.879958][ T6556] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 104.041629][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.065558][ T1136] hfsplus: b-tree write err: -5, ino 4 [ 104.228482][ T6574] loop0: detected capacity change from 0 to 128 [ 104.477647][ T6550] loop1: detected capacity change from 0 to 32768 [ 104.529426][ T6550] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.661559][ T6590] netlink: 'syz.0.248': attribute type 281 has an invalid length. [ 104.773483][ T6560] loop2: detected capacity change from 0 to 40427 [ 104.798809][ T6560] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff [ 104.821006][ T6560] F2FS-fs (loop2): Image doesn't support compression [ 104.828080][ T6550] XFS (loop1): Ending clean mount [ 104.839407][ T6560] F2FS-fs (loop2): Image doesn't support compression [ 104.851424][ T6560] F2FS-fs (loop2): invalid crc value [ 104.867418][ T6550] XFS (loop1): Quotacheck needed: Please wait. [ 104.882528][ T6560] F2FS-fs (loop2): Found nat_bits in checkpoint [ 104.920303][ T6595] capability: warning: `syz.0.249' uses 32-bit capabilities (legacy support in use) [ 104.953897][ T6560] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 104.984692][ T6550] XFS (loop1): Quotacheck: Done. [ 105.145774][ T5784] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 105.242849][ T5786] syz-executor: attempt to access beyond end of device [ 105.242849][ T5786] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 105.273967][ T5786] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 105.653650][ T6611] loop0: detected capacity change from 0 to 8 [ 105.663687][ T6611] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 105.672036][ T6610] loop1: detected capacity change from 0 to 1024 [ 105.682237][ T5981] udevd[5981]: incorrect cramfs checksum on /dev/loop0 [ 105.742135][ T6611] cramfs: Error -5 while decompressing! [ 105.761971][ T6611] cramfs: ffffffff96fda298(16)->ffff88805741a000(4096) [ 105.794336][ T6611] cramfs: Error -5 while decompressing! [ 105.816908][ T6611] cramfs: ffffffff96fda298(16)->ffff88805741a000(4096) [ 105.846759][ T28] audit: type=1800 audit(1756512948.753:16): pid=6611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.258" name="file0" dev="loop0" ino=244 res=0 errno=0 [ 105.929378][ T1308] hfsplus: b-tree write err: -5, ino 4 [ 106.560381][ T6629] loop1: detected capacity change from 0 to 4096 [ 106.587326][ T6629] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 106.695248][ T6615] loop3: detected capacity change from 0 to 32768 [ 106.787769][ T6615] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 106.901352][ T6622] loop0: detected capacity change from 0 to 40427 [ 106.923640][ T6622] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 106.944612][ T6622] F2FS-fs (loop0): Image doesn't support compression [ 106.951382][ T6622] F2FS-fs (loop0): Image doesn't support compression [ 106.997283][ T6622] F2FS-fs (loop0): invalid crc value [ 107.035902][ T6622] F2FS-fs (loop0): Found nat_bits in checkpoint [ 107.087952][ T6615] XFS (loop3): Ending clean mount [ 107.162203][ T6615] XFS (loop3): Quotacheck needed: Please wait. [ 107.190364][ T6622] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 107.279677][ T6615] XFS (loop3): Quotacheck: Done. [ 107.335710][ T5791] syz-executor: attempt to access beyond end of device [ 107.335710][ T5791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 107.372954][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 107.438649][ T6627] loop2: detected capacity change from 0 to 32768 [ 107.446779][ T5792] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.494316][ T5829] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 107.525149][ T6627] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.714660][ T5829] usb 2-1: Using ep0 maxpacket: 32 [ 107.737610][ T5829] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 107.769186][ T5829] usb 2-1: config 0 has no interface number 0 [ 107.779124][ T6627] XFS (loop2): Ending clean mount [ 107.798286][ T5829] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 107.824393][ T5829] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.826649][ T6627] XFS (loop2): Quotacheck needed: Please wait. [ 107.839216][ T5829] usb 2-1: Product: syz [ 107.853634][ T5829] usb 2-1: Manufacturer: syz [ 107.870389][ T5829] usb 2-1: SerialNumber: syz [ 107.895617][ T5829] usb 2-1: config 0 descriptor?? [ 107.922662][ T5829] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 107.941727][ T6627] XFS (loop2): Quotacheck: Done. [ 108.032353][ T6654] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'. [ 108.147385][ T5786] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 108.374687][ T6664] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 108.478751][ T5829] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 108.515310][ T5829] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 108.560805][ T6667] loop0: detected capacity change from 0 to 256 [ 108.654795][ T28] audit: type=1800 audit(1756512951.543:17): pid=6667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.275" name="file1" dev="loop0" ino=1048601 res=0 errno=0 [ 108.697178][ T6667] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 108.720310][ T6667] FAT-fs (loop0): Filesystem has been set read-only [ 108.777282][ C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 108.794535][ T5829] usb 2-1: USB disconnect, device number 3 [ 108.815078][ T5829] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 108.879465][ T5829] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 108.936750][ T5829] quatech2 2-1:0.51: device disconnected [ 109.077207][ T6679] loop3: detected capacity change from 0 to 64 [ 109.309612][ T6690] loop0: detected capacity change from 0 to 128 [ 109.328168][ T6690] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002] [ 109.338143][ T6688] loop2: detected capacity change from 0 to 512 [ 109.350153][ T6690] System zones: 1-3, 19-19, 35-36 [ 109.368177][ T6690] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 109.493087][ T6690] ext4 filesystem being mounted at /84/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 109.632948][ T6690] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 25 (only 1 groups) [ 109.776919][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 109.810587][ T5849] IPVS: starting estimator thread 0... [ 109.940460][ T6694] loop3: detected capacity change from 0 to 32768 [ 109.944467][ T6702] IPVS: using max 20 ests per chain, 48000 per kthread [ 110.135992][ T6694] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 110.296897][ T5792] (syz-executor,5792,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 110.369222][ T5792] ocfs2: Unmounting device (7,3) on (node local) [ 111.273627][ T6725] loop0: detected capacity change from 0 to 40427 [ 111.294614][ T6725] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 111.324682][ T6725] F2FS-fs (loop0): Image doesn't support compression [ 111.331431][ T6725] F2FS-fs (loop0): heap/no_heap options were deprecated [ 111.372000][ T6725] F2FS-fs (loop0): Image doesn't support compression [ 111.402082][ T6725] F2FS-fs (loop0): invalid crc value [ 111.431137][ T6725] F2FS-fs (loop0): Found nat_bits in checkpoint [ 111.464277][ T28] audit: type=1326 audit(1756512954.353:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.3.308" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f43fff8ebe9 code=0x0 [ 111.578768][ T6725] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 111.639779][ T6725] F2FS-fs (loop0): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x97f/0x19e0 [ 111.661936][ T6725] syz.0.296: attempt to access beyond end of device [ 111.661936][ T6725] loop0: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 111.679934][ T6737] loop2: detected capacity change from 0 to 32768 [ 111.712742][ T6737] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.818045][ T5791] syz-executor: attempt to access beyond end of device [ 111.818045][ T5791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 111.834760][ T6737] XFS (loop2): Ending clean mount [ 111.837873][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 111.867398][ T6737] XFS (loop2): Quotacheck needed: Please wait. [ 111.903573][ T6768] netlink: 'syz.1.313': attribute type 3 has an invalid length. [ 111.922789][ T6768] netlink: 'syz.1.313': attribute type 1 has an invalid length. [ 111.928436][ T6737] XFS (loop2): Quotacheck: Done. [ 111.943560][ T6768] netlink: 192 bytes leftover after parsing attributes in process `syz.1.313'. [ 111.965591][ T6768] NCSI netlink: No device for ifindex 0 [ 112.132155][ T5786] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 112.562954][ T6774] loop1: detected capacity change from 0 to 4096 [ 112.659101][ T6774] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 112.714865][ T6774] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 112.779870][ T6774] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 112.833572][ T6774] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 112.846786][ T28] audit: type=1326 audit(1756512955.733:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6786 comm="syz.0.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb007d8ebe9 code=0x7ffc0000 [ 112.871475][ T6787] loop0: detected capacity change from 0 to 256 [ 112.903745][ T6787] exfat: Deprecated parameter 'namecase' [ 112.904295][ T6774] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 112.946169][ T6787] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 112.954335][ T28] audit: type=1326 audit(1756512955.733:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6786 comm="syz.0.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb007d8ebe9 code=0x7ffc0000 [ 113.012594][ T6774] ntfs: volume version 3.1. [ 113.046302][ T28] audit: type=1326 audit(1756512955.753:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6786 comm="syz.0.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb007d8ebe9 code=0x7ffc0000 [ 113.069538][ T6774] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 113.383711][ T6802] netlink: 24 bytes leftover after parsing attributes in process `syz.2.324'. [ 113.500193][ T6808] nftables ruleset with unbound set [ 113.685687][ T6813] ptrace attach of "./syz-executor exec"[5786] was attempted by ""[6813] [ 113.911558][ T6819] loop1: detected capacity change from 0 to 64 [ 114.168584][ T6831] sctp: [Deprecated]: syz.0.334 (pid 6831) Use of int in max_burst socket option. [ 114.168584][ T6831] Use struct sctp_assoc_value instead [ 114.411457][ T6806] loop3: detected capacity change from 0 to 32768 [ 114.531647][ T6806] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 114.690725][ T6806] XFS (loop3): Ending clean mount [ 114.712922][ T6806] XFS (loop3): Quotacheck needed: Please wait. [ 114.779463][ T6806] XFS (loop3): Quotacheck: Done. [ 114.951205][ T5792] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 115.229241][ T6835] loop1: detected capacity change from 0 to 32768 [ 115.316039][ T6835] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 115.466003][ T6835] XFS (loop1): Ending clean mount [ 115.486897][ T6876] loop3: detected capacity change from 0 to 512 [ 115.489639][ T6835] XFS (loop1): Quotacheck needed: Please wait. [ 115.521567][ T6876] EXT4-fs: Ignoring removed nobh option [ 115.580428][ T6876] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.341: iget: bad i_size value: 38620345925642 [ 115.597759][ T6835] XFS (loop1): Quotacheck: Done. [ 115.614690][ T6876] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.341: couldn't read orphan inode 15 (err -117) [ 115.707881][ T6876] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.726072][ T6882] netlink: 'syz.0.346': attribute type 2 has an invalid length. [ 115.743071][ T5784] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 115.960454][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.189946][ T6894] sp0: Synchronizing with TNC [ 116.246028][ T6893] [U] è [ 116.649503][ T28] kauditd_printk_skb: 29 callbacks suppressed [ 116.649516][ T28] audit: type=1326 audit(1756512959.553:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.714306][ T28] audit: type=1326 audit(1756512959.553:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.761759][ T28] audit: type=1326 audit(1756512959.593:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.783811][ C1] vkms_vblank_simulate: vblank timer overrun [ 116.791376][ T28] audit: type=1326 audit(1756512959.593:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.822048][ T28] audit: type=1326 audit(1756512959.593:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.848504][ T28] audit: type=1326 audit(1756512959.603:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.874897][ T28] audit: type=1326 audit(1756512959.603:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.919584][ T28] audit: type=1326 audit(1756512959.603:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6914 comm="syz.2.360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 116.948036][ T5849] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 117.160696][ T5849] usb 2-1: config index 0 descriptor too short (expected 1307, got 27) [ 117.177206][ T5849] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 117.196750][ T5849] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 117.214520][ T5849] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 117.246591][ T5849] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 117.270263][ T5849] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 117.294362][ T5849] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 117.320395][ T5849] usb 2-1: string descriptor 0 read error: -22 [ 117.330261][ T5849] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 117.349766][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.416739][ T5849] usb 2-1: config 0 descriptor?? [ 117.433847][ T5849] hub 2-1:0.0: bad descriptor, ignoring hub [ 117.450672][ T5849] hub: probe of 2-1:0.0 failed with error -5 [ 117.461044][ T5849] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input9 [ 117.658026][ T5936] usb 2-1: USB disconnect, device number 4 [ 117.877986][ T6952] loop0: detected capacity change from 0 to 2048 [ 117.908627][ T6953] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 118.229673][ T6948] loop2: detected capacity change from 0 to 32768 [ 118.504547][ T5795] Bluetooth: hci3: command 0x0405 tx timeout [ 118.724044][ T6972] loop1: detected capacity change from 0 to 1024 [ 118.733218][ T6973] loop2: detected capacity change from 0 to 22 [ 118.770628][ T6973] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 118.796627][ T6973] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 118.890447][ T12] hfsplus: b-tree write err: -5, ino 4 [ 119.024748][ T6981] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 119.083165][ T6985] netlink: 204 bytes leftover after parsing attributes in process `syz.1.392'. [ 119.093630][ T6985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.392'. [ 119.110819][ T6985] netlink: 8 bytes leftover after parsing attributes in process `syz.1.392'. [ 119.122258][ T6985] netlink: 32 bytes leftover after parsing attributes in process `syz.1.392'. [ 119.321465][ T6993] dvmrp1: entered allmulticast mode [ 119.349694][ T6993] dvmrp1: left allmulticast mode [ 119.811385][ T6979] loop3: detected capacity change from 0 to 40427 [ 119.873762][ T6979] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 119.894344][ T6979] F2FS-fs (loop3): Image doesn't support compression [ 119.901173][ T6979] F2FS-fs (loop3): Image doesn't support compression [ 119.953720][ T6979] F2FS-fs (loop3): invalid crc value [ 120.007158][ T6979] F2FS-fs (loop3): Found nat_bits in checkpoint [ 120.131648][ T6979] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 120.225355][ T6979] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910 [ 120.315100][ T5792] syz-executor: attempt to access beyond end of device [ 120.315100][ T5792] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 120.350325][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 120.543155][ T7009] loop1: detected capacity change from 0 to 32768 [ 120.623450][ T7009] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 120.847637][ T7009] XFS (loop1): Ending clean mount [ 120.878530][ T7009] XFS (loop1): Quotacheck needed: Please wait. [ 120.957181][ T7009] XFS (loop1): Quotacheck: Done. [ 121.123749][ T7018] loop0: detected capacity change from 0 to 32768 [ 121.190388][ T7018] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 121.212641][ T7018] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 121.222714][ T5784] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 121.294574][ T7034] loop2: detected capacity change from 0 to 32768 [ 121.359872][ T7018] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 121.379779][ T7034] jfs_strtoUCS: char2uni returned -22. [ 121.424919][ T7034] charset = iso8859-6, char = 0xdf [ 121.495861][ T7018] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 121.765405][ T7041] netlink: 20 bytes leftover after parsing attributes in process `syz.1.415'. [ 122.224251][ T27] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 122.332823][ T7055] loop0: detected capacity change from 0 to 512 [ 122.403967][ T7055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.454260][ T27] usb 2-1: Using ep0 maxpacket: 32 [ 122.477043][ T7055] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.477400][ T27] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice=30.46 [ 122.495377][ T7039] loop3: detected capacity change from 0 to 40427 [ 122.531123][ T7039] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 122.552073][ T7039] F2FS-fs (loop3): Image doesn't support compression [ 122.568205][ T28] audit: type=1800 audit(1756512965.473:49): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.422" name=0AF301 dev="loop0" ino=18 res=0 errno=0 [ 122.598293][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.614231][ T7039] F2FS-fs (loop3): heap/no_heap options were deprecated [ 122.634018][ T27] usb 2-1: config 0 descriptor?? [ 122.639732][ T7039] F2FS-fs (loop3): Image doesn't support compression [ 122.672932][ T7039] F2FS-fs (loop3): invalid crc value [ 122.681878][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.693647][ T7039] F2FS-fs (loop3): Found nat_bits in checkpoint [ 122.817743][ T7049] loop2: detected capacity change from 0 to 32768 [ 122.841650][ T7039] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 122.863419][ T7049] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 122.941561][ T23] usb 2-1: USB disconnect, device number 5 [ 123.006100][ T7039] F2FS-fs (loop3): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x97f/0x19e0 [ 123.044348][ T7049] XFS (loop2): Ending clean mount [ 123.045823][ T7039] syz.3.416: attempt to access beyond end of device [ 123.045823][ T7039] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 123.077999][ T7049] XFS (loop2): Quotacheck needed: Please wait. [ 123.157760][ T7049] XFS (loop2): Quotacheck: Done. [ 123.171513][ T5792] syz-executor: attempt to access beyond end of device [ 123.171513][ T5792] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 123.206350][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 123.382185][ T5786] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 123.934364][ T7085] RDS: rds_bind could not find a transport for ::8000:0:20:0, load rds_tcp or rds_rdma? [ 123.978959][ T7087] Bluetooth: MGMT ver 1.22 [ 124.206865][ T7077] loop0: detected capacity change from 0 to 40427 [ 124.218490][ T7077] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff [ 124.257674][ T7077] F2FS-fs (loop0): invalid crc value [ 124.287757][ T7077] F2FS-fs (loop0): Found nat_bits in checkpoint [ 124.402685][ T7077] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 124.459819][ T7105] netlink: 232 bytes leftover after parsing attributes in process `syz.3.438'. [ 124.614374][ T5791] syz-executor: attempt to access beyond end of device [ 124.614374][ T5791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 124.642898][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 124.851889][ T7093] loop2: detected capacity change from 0 to 32768 [ 124.878010][ T7093] (syz.2.433,7093,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 124.919114][ T7093] (syz.2.433,7093,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 125.078151][ T7093] JBD2: Ignoring recovery information on journal [ 125.187835][ T7093] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 125.272541][ T28] audit: type=1326 audit(1756512968.173:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.352022][ T28] audit: type=1326 audit(1756512968.173:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.401721][ T28] audit: type=1326 audit(1756512968.173:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.453721][ T7129] loop0: detected capacity change from 0 to 128 [ 125.461271][ T28] audit: type=1326 audit(1756512968.173:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.493118][ T28] audit: type=1326 audit(1756512968.173:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.513178][ T7129] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 125.520259][ T28] audit: type=1326 audit(1756512968.173:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.557971][ T28] audit: type=1326 audit(1756512968.173:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.580198][ T28] audit: type=1326 audit(1756512968.173:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.602821][ T28] audit: type=1326 audit(1756512968.173:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7118 comm="syz.1.445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc543b8ebe9 code=0x7fc00000 [ 125.622583][ T7129] ext4 filesystem being mounted at /126/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 125.769110][ T5786] ocfs2: Unmounting device (7,2) on (node local) [ 125.831261][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 125.952785][ T7139] syz.3.453 (7139): /proc/7138/oom_adj is deprecated, please use /proc/7138/oom_score_adj instead. [ 126.341304][ T7149] loop3: detected capacity change from 0 to 4096 [ 126.418361][ T7152] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 126.454682][ T7154] ucma_write: process 228 (syz.2.458) changed security contexts after opening file descriptor, this is not allowed. [ 126.496133][ T7149] NILFS error (device loop3): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 126.564369][ T7149] Remounting filesystem read-only [ 126.636212][ T7135] loop1: detected capacity change from 0 to 32768 [ 126.749178][ T7135] ERROR: (device loop1): dbAllocAG: unable to allocate blocks [ 126.749178][ T7135] [ 126.817048][ T7135] ERROR: (device loop1): dbDiscardAG: -EIO [ 126.817048][ T7135] [ 127.393671][ T7183] loop0: detected capacity change from 0 to 256 [ 127.409047][ T7185] tipc: Started in network mode [ 127.414065][ T7185] tipc: Node identity 428dc77d1c05, cluster identity 4711 [ 127.452948][ T7185] tipc: Enabled bearer , priority 10 [ 127.463087][ T7183] FAT-fs (loop0): Directory bread(block 64) failed [ 127.480112][ T7183] FAT-fs (loop0): Directory bread(block 65) failed [ 127.522117][ T7183] FAT-fs (loop0): Directory bread(block 66) failed [ 127.554964][ T7183] FAT-fs (loop0): Directory bread(block 67) failed [ 127.583230][ T7183] FAT-fs (loop0): Directory bread(block 68) failed [ 127.596609][ T7183] FAT-fs (loop0): Directory bread(block 69) failed [ 127.603819][ T7183] FAT-fs (loop0): Directory bread(block 70) failed [ 127.612762][ T7183] FAT-fs (loop0): Directory bread(block 71) failed [ 127.644432][ T7183] FAT-fs (loop0): Directory bread(block 72) failed [ 127.658181][ T7183] FAT-fs (loop0): Directory bread(block 73) failed [ 127.758527][ T7194] smc: net device ip_vti0 applied user defined pnetid SYZ0 [ 128.199648][ T5849] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 128.249963][ T7213] Driver unsupported XDP return value 0 on prog (id 37) dev N/A, expect packet loss! [ 128.355615][ T7217] netlink: 'syz.1.488': attribute type 1 has an invalid length. [ 128.394432][ T5849] usb 3-1: Using ep0 maxpacket: 8 [ 128.408207][ T5849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.422359][ T5849] usb 3-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 128.434294][ T5849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.465634][ T5849] usb 3-1: config 0 descriptor?? [ 128.492498][ T7221] loop1: detected capacity change from 0 to 128 [ 128.492744][ T7219] loop0: detected capacity change from 0 to 2048 [ 128.553824][ T7221] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 128.567008][ T5936] tipc: Node number set to 1586022269 [ 128.585386][ T7219] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.594780][ T7221] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 128.621947][ T28] kauditd_printk_skb: 58 callbacks suppressed [ 128.621960][ T28] audit: type=1800 audit(1756512971.523:117): pid=7219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.490" name="file1" dev="loop0" ino=1367 res=0 errno=0 [ 128.739923][ T5784] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 128.900949][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 128.928815][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 128.944532][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 128.960075][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 128.979248][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 128.992975][ T7210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 128.999939][ T7210] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 129.010365][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.028574][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.047375][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.055258][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.062772][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.070736][ T5849] megaworld 0003:07B5:0312.0003: unknown main item tag 0x0 [ 129.097106][ T7210] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 129.111255][ T7210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 129.120249][ T5849] megaworld 0003:07B5:0312.0003: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.2-1/input0 [ 129.141157][ T7233] loop1: detected capacity change from 0 to 512 [ 129.145762][ T7210] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 129.157631][ T7233] EXT4-fs: Ignoring removed orlov option [ 129.169190][ T5849] megaworld 0003:07B5:0312.0003: no inputs found [ 129.178045][ T7233] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 129.198069][ T7236] loop0: detected capacity change from 0 to 64 [ 129.208457][ T7210] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 129.215751][ T7233] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 129.238359][ T7233] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.496: corrupted in-inode xattr: e_value size too large [ 129.277148][ T7233] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.496: couldn't read orphan inode 15 (err -117) [ 129.298836][ T7233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.313425][ T5849] usb 3-1: USB disconnect, device number 3 [ 129.329373][ T7210] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 129.357259][ T7210] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 129.369508][ T7210] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 129.426610][ T7210] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 129.434378][ T7210] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 129.459778][ T7210] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 129.505874][ T7233] overlayfs: upper fs needs to support d_type. [ 129.680532][ T5784] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 129.714734][ T5784] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 129.742015][ T5784] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 129.814981][ T5784] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 129.849718][ T5784] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 129.909456][ T5784] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 129.934065][ T5784] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 129.968911][ T5784] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 130.007267][ T5784] EXT4-fs error (device loop1): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0 [ 130.007883][ T5784] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0 [ 130.365849][ T7241] loop0: detected capacity change from 0 to 32768 [ 130.429076][ T7241] JBD2: Ignoring recovery information on journal [ 130.529766][ T7241] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 130.582558][ T7241] (syz.0.501,7241,1):ocfs2_group_extend:306 ERROR: The disk is too old and small. Force to do offline resize. [ 130.639806][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 130.795460][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.949610][ T1296] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.141530][ T1296] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.155220][ T5790] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.271802][ T1296] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.364698][ T5849] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 131.384683][ T5790] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.409035][ T1296] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.485649][ T5790] Bluetooth: hci3: command 0x0405 tx timeout [ 131.574248][ T5829] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 131.574415][ T5849] usb 1-1: config 0 has an invalid interface number: 132 but max is 0 [ 131.627578][ T5849] usb 1-1: config 0 has no interface number 0 [ 131.660604][ T5849] usb 1-1: config 0 interface 132 altsetting 4 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 131.706977][ T5849] usb 1-1: config 0 interface 132 altsetting 4 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 131.750574][ T5849] usb 1-1: config 0 interface 132 has no altsetting 0 [ 131.768861][ T7279] loop2: detected capacity change from 0 to 256 [ 131.777139][ T5829] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 131.781782][ T5849] usb 1-1: New USB device found, idVendor=0525, idProduct=9901, bcdDevice=ff.75 [ 131.812995][ T7279] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 131.826591][ T5829] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 131.848492][ T5829] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 131.863040][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.864201][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 131.907353][ T5849] usb 1-1: Product: syz [ 131.911572][ T5849] usb 1-1: Manufacturer: syz [ 131.934262][ T5849] usb 1-1: SerialNumber: syz [ 131.944824][ T5829] usb 4-1: SerialNumber: syz [ 131.953604][ T5795] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 131.966244][ T5795] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 131.977618][ T5795] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 131.981742][ T5849] usb 1-1: config 0 descriptor?? [ 131.992564][ T5829] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 132.005535][ T5795] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.013517][ T5795] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.021767][ T5795] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.030784][ T5829] usb-storage 4-1:1.0: USB Mass Storage device detected [ 132.030871][ T7269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 132.064337][ T7269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 132.086061][ T5829] usb-storage 4-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 132.122701][ T5829] scsi host1: usb-storage 4-1:1.0 [ 132.333642][ T7269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 132.355892][ T7269] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 132.403031][ T5849] cdc_subset 1-1:0.132 usb0: register 'cdc_subset' at usb-dummy_hcd.0-1, Belkin, eTEK, or compatible, 26:a4:e6:d9:a4:4d [ 132.425016][ T27] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 132.602677][ T5936] usb 1-1: USB disconnect, device number 2 [ 132.610776][ T5936] cdc_subset 1-1:0.132 usb0: unregister 'cdc_subset' usb-dummy_hcd.0-1, Belkin, eTEK, or compatible [ 132.638173][ T27] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 132.652548][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.669222][ T27] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 132.682518][ T27] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 132.695014][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.705956][ T27] usb 3-1: config 0 descriptor?? [ 132.749666][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.756796][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.764782][ T7280] chnl_net:caif_netlink_parms(): no params data found [ 132.984818][ T7280] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.993264][ T7280] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.001232][ T7280] bridge_slave_0: entered allmulticast mode [ 133.008857][ T7280] bridge_slave_0: entered promiscuous mode [ 133.018830][ T7280] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.033875][ T7280] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.042747][ T7280] bridge_slave_1: entered allmulticast mode [ 133.056207][ T7280] bridge_slave_1: entered promiscuous mode [ 133.139734][ T27] holtek_kbd 0003:04D9:A055.0004: unknown main item tag 0x0 [ 133.184280][ T27] holtek_kbd 0003:04D9:A055.0004: unknown main item tag 0x0 [ 133.205662][ T27] holtek_kbd 0003:04D9:A055.0004: unknown main item tag 0x0 [ 133.238509][ T5795] Bluetooth: hci1: command 0x0c1a tx timeout [ 133.248627][ T27] holtek_kbd 0003:04D9:A055.0004: item fetching failed at offset 5/7 [ 133.259916][ T27] holtek_kbd: probe of 0003:04D9:A055.0004 failed with error -22 [ 133.301941][ T7312] loop0: detected capacity change from 0 to 2048 [ 133.331752][ T7312] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 133.402438][ T7280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.412876][ T5836] usb 3-1: USB disconnect, device number 4 [ 133.465156][ T5795] Bluetooth: hci2: command 0x0c1a tx timeout [ 133.544592][ T5795] Bluetooth: hci3: command 0x0405 tx timeout [ 133.628992][ T7280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.681736][ T7280] team0: Port device team_slave_0 added [ 133.724943][ T7280] team0: Port device team_slave_1 added [ 133.757170][ T1296] hsr_slave_0: left promiscuous mode [ 133.763668][ T1296] hsr_slave_1: left promiscuous mode [ 133.771965][ T1296] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.787614][ T1296] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.797669][ T1296] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.809423][ T1296] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.819602][ T1296] bridge_slave_1: left allmulticast mode [ 133.830546][ T1296] bridge_slave_1: left promiscuous mode [ 133.840693][ T1296] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.863426][ T1296] bridge_slave_0: left allmulticast mode [ 133.872179][ T1296] bridge_slave_0: left promiscuous mode [ 133.882343][ T1296] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.930678][ T1296] veth1_macvtap: left promiscuous mode [ 133.937030][ T1296] veth0_macvtap: left promiscuous mode [ 133.942732][ T1296] veth1_vlan: left promiscuous mode [ 133.948558][ T1296] veth0_vlan: left promiscuous mode [ 134.119070][ T5795] Bluetooth: hci0: command tx timeout [ 134.334616][ T5936] usb 4-1: USB disconnect, device number 5 [ 134.821664][ T7327] loop2: detected capacity change from 0 to 32768 [ 134.848697][ T7327] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 134.868387][ T7327] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 134.969777][ T7327] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 135.052562][ T7327] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 135.313250][ T5795] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.544437][ T5795] Bluetooth: hci2: command 0x0c1a tx timeout [ 135.551573][ T1296] team0 (unregistering): Port device team_slave_1 removed [ 135.624285][ T5795] Bluetooth: hci3: command 0x0405 tx timeout [ 135.663637][ T1296] team0 (unregistering): Port device team_slave_0 removed [ 135.766767][ T1296] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 135.897698][ T1296] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 136.083328][ T7346] loop0: detected capacity change from 0 to 40427 [ 136.105713][ T7346] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 136.114412][ T7346] F2FS-fs (loop0): Image doesn't support compression [ 136.121166][ T7346] F2FS-fs (loop0): Image doesn't support compression [ 136.151968][ T7346] F2FS-fs (loop0): invalid crc value [ 136.170813][ T7346] F2FS-fs (loop0): Found nat_bits in checkpoint [ 136.194264][ T5795] Bluetooth: hci0: command tx timeout [ 136.260130][ T7346] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 136.402796][ T5791] syz-executor: attempt to access beyond end of device [ 136.402796][ T5791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 136.423882][ T5791] F2FS-fs (loop0): Remounting filesystem read-only [ 136.763035][ T1296] bond0 (unregistering): Released all slaves [ 136.909169][ T7338] warning: `syz.3.528' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 136.928596][ T7280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 136.944393][ T7280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.975288][ T7280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.997850][ T7280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.035031][ T7280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.117063][ T7280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.132182][ T7365] loop2: detected capacity change from 0 to 1024 [ 137.364365][ T1136] hfsplus: b-tree write err: -5, ino 4 [ 137.405578][ T7280] hsr_slave_0: entered promiscuous mode [ 137.419018][ T7280] hsr_slave_1: entered promiscuous mode [ 137.519888][ T7280] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 137.544397][ T7280] Cannot create hsr debugfs directory [ 138.156555][ T7280] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 138.160362][ T7393] loop2: detected capacity change from 0 to 256 [ 138.188819][ T7280] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 138.234065][ T7280] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 138.243251][ T7393] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 138.260514][ T7280] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 138.269782][ T5795] Bluetooth: hci0: command tx timeout [ 138.399144][ T7366] loop3: detected capacity change from 0 to 32768 [ 138.454708][ T7366] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 138.462926][ T7366] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 138.521865][ T7280] 8021q: adding VLAN 0 to HW filter on device bond0 [ 138.577219][ T7280] 8021q: adding VLAN 0 to HW filter on device team0 [ 138.578513][ T7366] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 138.601053][ T1308] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.608237][ T1308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.684506][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.691677][ T1308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.782752][ T7366] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 139.247840][ T7280] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.258088][ T7386] loop0: detected capacity change from 0 to 40427 [ 139.284582][ T7386] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 139.294466][ T7386] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 139.358109][ T7386] F2FS-fs (loop0): Found nat_bits in checkpoint [ 139.555547][ T7386] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 139.562647][ T7386] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 139.674222][ T28] audit: type=1800 audit(1756512982.573:118): pid=7386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.547" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 139.706349][ T7405] loop2: detected capacity change from 0 to 32768 [ 139.777554][ T5791] syz-executor: attempt to access beyond end of device [ 139.777554][ T5791] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 139.812657][ T5791] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 139.860934][ T7405] (syz.2.550,7405,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 139.885391][ T7405] (syz.2.550,7405,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 140.021293][ T7405] JBD2: Ignoring recovery information on journal [ 140.142724][ T7438] netlink: 'syz.3.554': attribute type 3 has an invalid length. [ 140.152823][ T7438] netlink: 'syz.3.554': attribute type 1 has an invalid length. [ 140.165052][ T7405] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 140.344350][ T5795] Bluetooth: hci0: command tx timeout [ 140.362655][ T7280] veth0_vlan: entered promiscuous mode [ 140.421005][ T7280] veth1_vlan: entered promiscuous mode [ 140.443925][ T5786] ocfs2: Unmounting device (7,2) on (node local) [ 140.558014][ T7280] veth0_macvtap: entered promiscuous mode [ 140.587209][ T7280] veth1_macvtap: entered promiscuous mode [ 140.665968][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.707578][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.738976][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.774181][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.802025][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.832917][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.856978][ T7280] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.896729][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.928182][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.970988][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.011061][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.030097][ T7280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.049442][ T7280] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.063937][ T7280] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.088423][ T7280] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.111117][ T7280] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.128017][ T7280] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.138119][ T7280] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.334666][ T1308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.342521][ T1308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.393240][ T1122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.411053][ T1122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.424263][ T5936] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 141.431869][ T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 141.654415][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 141.659718][ T5936] usb 4-1: Using ep0 maxpacket: 16 [ 141.682071][ T8] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.693397][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.718498][ T8] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 141.734186][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.743975][ T5936] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 141.798227][ T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 141.815331][ T5936] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.829391][ T8] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 141.858047][ T7480] netlink: 16 bytes leftover after parsing attributes in process `syz.4.562'. [ 141.869771][ T5936] usb 4-1: config 0 descriptor?? [ 141.876520][ T8] usb 3-1: Product: syz [ 141.886097][ T8] usb 3-1: Manufacturer: syz [ 141.891089][ T8] usb 3-1: SerialNumber: syz [ 141.899109][ T7480] tipc: Invalid UDP bearer configuration [ 141.899160][ T7480] tipc: Enabling of bearer rejected, failed to enable media [ 141.937401][ T8] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input10 [ 142.110008][ T7485] netlink: 'syz.4.563': attribute type 2 has an invalid length. [ 142.246877][ T5836] usb 3-1: USB disconnect, device number 5 [ 142.350909][ T5936] hid-multitouch 0003:1FD2:6007.0005: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0 [ 142.353819][ T5836] appletouch 3-1:1.0: input: appletouch disconnected [ 142.607353][ T5836] usb 4-1: USB disconnect, device number 6 [ 143.549486][ T7531] loop0: detected capacity change from 0 to 512 [ 143.600902][ T7531] EXT4-fs: Ignoring removed i_version option [ 143.605771][ T28] audit: type=1326 audit(1756512986.503:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 143.668260][ T7531] EXT4-fs (loop0): 1 truncate cleaned up [ 143.692270][ T7531] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.714331][ T28] audit: type=1326 audit(1756512986.533:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 143.737574][ T28] audit: type=1326 audit(1756512986.553:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 143.854917][ T28] audit: type=1326 audit(1756512986.553:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 143.973577][ T28] audit: type=1326 audit(1756512986.553:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 143.976445][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.048154][ T28] audit: type=1326 audit(1756512986.553:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 144.148068][ T28] audit: type=1326 audit(1756512986.553:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7534 comm="syz.2.581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f049178ebe9 code=0x7ffc0000 [ 144.621417][ T7572] loop0: detected capacity change from 0 to 256 [ 144.741722][ T7572] FAT-fs (loop0): Directory bread(block 64) failed [ 144.779004][ T7572] FAT-fs (loop0): Directory bread(block 65) failed [ 144.803832][ T7572] FAT-fs (loop0): Directory bread(block 66) failed [ 144.824406][ T7572] FAT-fs (loop0): Directory bread(block 67) failed [ 144.831101][ T7572] FAT-fs (loop0): Directory bread(block 68) failed [ 144.844690][ T7572] FAT-fs (loop0): Directory bread(block 69) failed [ 144.851418][ T7572] FAT-fs (loop0): Directory bread(block 70) failed [ 144.879740][ T7572] FAT-fs (loop0): Directory bread(block 71) failed [ 144.888797][ T7572] FAT-fs (loop0): Directory bread(block 72) failed [ 144.937429][ T7572] FAT-fs (loop0): Directory bread(block 73) failed [ 145.482830][ T7601] loop3: detected capacity change from 0 to 1024 [ 145.614323][ T7354] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 145.822916][ T7354] usb 1-1: Using ep0 maxpacket: 16 [ 145.854775][ T7354] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 145.896813][ T7354] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 145.918405][ T7354] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 145.948841][ T7354] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 145.983429][ T7619] loop3: detected capacity change from 0 to 1024 [ 146.000386][ T7354] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 146.026522][ T7354] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 146.048308][ T7354] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 146.080330][ T7354] usb 1-1: SerialNumber: syz [ 146.102510][ T7592] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 146.132017][ T7354] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 146.180662][ T7354] cdc_acm: probe of 1-1:1.0 failed with error -12 [ 146.436678][ T7354] usb 1-1: USB disconnect, device number 3 [ 146.675788][ T7640] loop4: detected capacity change from 0 to 256 [ 146.772451][ T7640] FAT-fs (loop4): Directory bread(block 64) failed [ 146.780429][ T7645] loop3: detected capacity change from 0 to 512 [ 146.804383][ T7640] FAT-fs (loop4): Directory bread(block 65) failed [ 146.811138][ T7640] FAT-fs (loop4): Directory bread(block 66) failed [ 146.815725][ T7645] EXT4-fs: Ignoring removed nomblk_io_submit option [ 146.844325][ T7640] FAT-fs (loop4): Directory bread(block 67) failed [ 146.851059][ T7640] FAT-fs (loop4): Directory bread(block 68) failed [ 146.853375][ T7645] EXT4-fs: Ignoring removed bh option [ 146.900292][ T7640] FAT-fs (loop4): Directory bread(block 69) failed [ 146.910000][ T7645] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 146.972735][ T7640] FAT-fs (loop4): Directory bread(block 70) failed [ 146.979484][ T7640] FAT-fs (loop4): Directory bread(block 71) failed [ 146.986347][ T7640] FAT-fs (loop4): Directory bread(block 72) failed [ 146.994038][ T7640] FAT-fs (loop4): Directory bread(block 73) failed [ 147.018656][ T7645] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #11: comm syz.3.619: corrupted inode contents [ 147.073990][ T7645] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #11: comm syz.3.619: mark_inode_dirty error [ 147.119112][ T7645] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.619: invalid indirect mapped block 1 (level 1) [ 147.161983][ T7645] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #11: comm syz.3.619: corrupted inode contents [ 147.204476][ T7645] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 147.221086][ T7645] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #11: comm syz.3.619: corrupted inode contents [ 147.257563][ T7645] EXT4-fs error (device loop3): ext4_truncate:4288: inode #11: comm syz.3.619: mark_inode_dirty error [ 147.305331][ T7645] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 147.331047][ T7645] EXT4-fs (loop3): 1 truncate cleaned up [ 147.352532][ T7645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.500468][ T7645] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 13: comm syz.3.619: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 148.246193][ T7678] loop0: detected capacity change from 0 to 512 [ 148.436604][ T7671] loop2: detected capacity change from 0 to 40427 [ 148.456355][ T7659] syz.4.624 (7659): drop_caches: 2 [ 148.461453][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.471665][ T7671] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 148.476446][ T7678] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.631: iget: bad extended attribute block 1 [ 148.485483][ T7671] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 148.497868][ T7678] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.631: couldn't read orphan inode 15 (err -117) [ 148.519935][ T7671] F2FS-fs (loop2): build fault injection attr: rate: 18446, type: 0x7ffff [ 148.538659][ T7678] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 148.544549][ T7671] F2FS-fs (loop2): invalid crc value [ 148.659722][ T7671] F2FS-fs (loop2): Found nat_bits in checkpoint [ 148.786822][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.825397][ T7671] F2FS-fs (loop2): Start checkpoint disabled! [ 148.868006][ T7671] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 148.879125][ T7671] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 148.907686][ T7694] netlink: 16 bytes leftover after parsing attributes in process `syz.4.635'. [ 149.228254][ T11] kworker/u4:0: attempt to access beyond end of device [ 149.228254][ T11] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 149.256317][ T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 149.332349][ T7707] loop3: detected capacity change from 0 to 128 [ 149.413339][ T7707] syz.3.640: attempt to access beyond end of device [ 149.413339][ T7707] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 149.650265][ T7713] loop0: detected capacity change from 0 to 4096 [ 149.678626][ T7713] EXT4-fs: Ignoring removed mblk_io_submit option [ 149.966722][ T7713] EXT4-fs (loop0): Test dummy encryption mode enabled [ 149.999121][ T7713] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.198692][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.358485][ T7736] loop0: detected capacity change from 0 to 512 [ 150.365923][ T7738] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.378744][ T7736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 150.412156][ T7736] EXT4-fs (loop0): 1 truncate cleaned up [ 150.437847][ T7736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.541365][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.573789][ T7723] loop2: detected capacity change from 0 to 40427 [ 150.616111][ T7723] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff [ 150.634362][ T7723] F2FS-fs (loop2): Image doesn't support compression [ 150.654524][ T7723] F2FS-fs (loop2): Image doesn't support compression [ 150.693240][ T7742] loop4: detected capacity change from 0 to 256 [ 150.709271][ T7723] F2FS-fs (loop2): invalid crc value [ 150.725380][ T7742] exfat: Deprecated parameter 'utf8' [ 150.730856][ T7742] exfat: Deprecated parameter 'namecase' [ 150.757066][ T7742] exfat: Deprecated parameter 'utf8' [ 150.766101][ T7723] F2FS-fs (loop2): Found nat_bits in checkpoint [ 150.816098][ T7742] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 150.904057][ T7723] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 151.015982][ T7752] netlink: 12 bytes leftover after parsing attributes in process `syz.0.656'. [ 151.048390][ T7752] netlink: 'syz.0.656': attribute type 2 has an invalid length. [ 151.075027][ T7752] netlink: 16 bytes leftover after parsing attributes in process `syz.0.656'. [ 151.179629][ T7757] loop3: detected capacity change from 0 to 128 [ 151.245046][ T7759] loop4: detected capacity change from 0 to 512 [ 151.264982][ T5786] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x5b4/0x19c0 [ 151.282162][ T7757] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 151.283680][ T28] audit: type=1800 audit(1756512994.183:126): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.658" name="file2" dev="loop3" ino=1048655 res=0 errno=0 [ 151.298808][ T5786] F2FS-fs (loop2): invalid blkaddr: 1535, type: 10, run fsck to fix. [ 151.329295][ T7757] FAT-fs (loop3): Filesystem has been set read-only [ 151.350736][ T7759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.369000][ T7759] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 151.535354][ T7766] loop3: detected capacity change from 0 to 128 [ 151.558790][ T7766] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 151.575456][ T7280] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.646049][ T7766] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 151.822630][ T7772] loop0: detected capacity change from 0 to 64 [ 152.193216][ T7787] loop3: detected capacity change from 0 to 1024 [ 152.197832][ T7784] loop2: detected capacity change from 0 to 2048 [ 152.207350][ T7788] loop0: detected capacity change from 0 to 1024 [ 152.237003][ T7787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 152.262994][ T7788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 152.284552][ T7793] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 152.289167][ T7788] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.296981][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 152.423005][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.472541][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 152.540118][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30 [ 152.593149][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.641102][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.674241][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65 [ 152.705510][ T9] usb 5-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00 [ 152.723108][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.756345][ T7802] netlink: 60 bytes leftover after parsing attributes in process `syz.0.674'. [ 152.768977][ T7802] netlink: 60 bytes leftover after parsing attributes in process `syz.0.674'. [ 152.781316][ T9] usb 5-1: config 0 descriptor?? [ 152.796832][ T7799] netlink: 60 bytes leftover after parsing attributes in process `syz.0.674'. [ 153.085482][ T7813] loop0: detected capacity change from 0 to 1024 [ 153.125211][ T7813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 153.200272][ T7813] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 153.233590][ T9] kye 0003:0458:501B.0006: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 153.289200][ T9] kye 0003:0458:501B.0006: unknown main item tag 0x0 [ 153.339632][ T9] kye 0003:0458:501B.0006: hidraw0: USB HID v0.00 Device [HID 0458:501b] on usb-dummy_hcd.4-1/input0 [ 153.383734][ T9] kye 0003:0458:501B.0006: tablet-enabling feature report not found [ 153.398399][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.400670][ T9] kye 0003:0458:501B.0006: tablet enabling failed [ 153.485052][ T9] usb 5-1: USB disconnect, device number 2 [ 153.587691][ T7823] fido_id[7823]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 153.628860][ T7815] loop3: detected capacity change from 0 to 32768 [ 153.681864][ T7815] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 153.763991][ T7834] netlink: 36 bytes leftover after parsing attributes in process `syz.2.687'. [ 153.938489][ T5792] ocfs2: Unmounting device (7,3) on (node local) [ 154.268101][ T7851] netlink: 24 bytes leftover after parsing attributes in process `syz.4.694'. [ 154.329217][ T28] audit: type=1326 audit(1756512997.233:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7854 comm="syz.3.689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f43fff8ebe9 code=0x0 [ 155.239764][ T7894] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 155.504415][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 155.694344][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 155.711151][ T9] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 155.714618][ T7911] process 'syz.3.721' launched '/dev/fd/3' with NULL argv: empty string added [ 155.735236][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.756594][ T9] usb 1-1: Product: syz [ 155.760792][ T9] usb 1-1: Manufacturer: syz [ 155.778341][ T9] usb 1-1: SerialNumber: syz [ 155.794047][ T9] usb 1-1: config 0 descriptor?? [ 155.813856][ T9] gspca_main: sq905-2.14.0 probing 2770:9120 [ 155.864447][ T5795] Bluetooth: hci3: command 0x0405 tx timeout [ 156.009114][ T7907] loop4: detected capacity change from 0 to 32768 [ 156.038753][ T7907] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.719 (7907) [ 156.081517][ T7907] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 156.102454][ T7907] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 156.122703][ T7907] BTRFS info (device loop4): turning on sync discard [ 156.140230][ T7907] BTRFS info (device loop4): setting nodatacow, compression disabled [ 156.158574][ T7907] BTRFS info (device loop4): turning off barriers [ 156.169753][ T7905] loop2: detected capacity change from 0 to 32768 [ 156.176745][ T7907] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 156.190018][ T7907] BTRFS info (device loop4): trying to use backup root at mount time [ 156.198705][ T7907] BTRFS info (device loop4): metadata ratio 3 [ 156.205378][ T7907] BTRFS info (device loop4): enabling auto defrag [ 156.213025][ T7907] BTRFS info (device loop4): doing ref verification [ 156.232156][ T7905] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 156.241780][ T7907] BTRFS info (device loop4): max_inline at 0 [ 156.248494][ T7907] BTRFS info (device loop4): using free space tree [ 156.276169][ T7905] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 156.343976][ T48] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 156.404857][ T7907] BTRFS error (device loop4): failed to load root extent [ 156.429289][ T9] gspca_sq905: sq905_command: usb_control_msg failed (-71) [ 156.470729][ T7907] BTRFS warning (device loop4): try to load backup roots slot 1 [ 156.479001][ T9] sq905: probe of 1-1:0.0 failed with error -71 [ 156.509049][ T1308] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 156.517350][ T9] usb 1-1: USB disconnect, device number 4 [ 156.558248][ T7907] BTRFS warning (device loop4): couldn't read tree root [ 156.576895][ T7907] BTRFS warning (device loop4): try to load backup roots slot 2 [ 156.606440][ T1296] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 156.648381][ T7907] BTRFS warning (device loop4): couldn't read tree root [ 156.660301][ T7907] BTRFS warning (device loop4): try to load backup roots slot 3 [ 156.668977][ T5786] ocfs2: Unmounting device (7,2) on (node local) [ 156.702220][ T7907] BTRFS info (device loop4): enabling ssd optimizations [ 156.741144][ T7907] BTRFS info (device loop4): rebuilding free space tree [ 156.840638][ T7907] BTRFS info (device loop4): checking UUID tree [ 157.058433][ T7280] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 157.087017][ T7941] loop3: detected capacity change from 0 to 256 [ 157.603614][ T7959] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0) [ 157.757922][ T7967] loop0: detected capacity change from 0 to 512 [ 157.828281][ T7970] loop3: detected capacity change from 0 to 256 [ 157.974267][ T5829] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 158.184974][ T5829] usb 5-1: config 0 has an invalid interface number: 199 but max is 1 [ 158.193420][ T5829] usb 5-1: config 0 has no interface number 1 [ 158.207691][ T5829] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 158.228102][ T5829] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 158.253163][ T5829] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 158.283897][ T5829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 158.294015][ T5829] usb 5-1: SerialNumber: syz [ 158.313534][ T5829] usb 5-1: config 0 descriptor?? [ 158.391070][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.399274][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.407170][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.415061][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.422956][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.430837][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.438736][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.446720][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.454600][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.462501][ T7991] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 158.522927][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.535887][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.545227][ T5829] usb 5-1: Found UVC 0.00 device (0002:0000) [ 158.552143][ T5829] usb 5-1: No valid video chain found. [ 158.568761][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.579843][ T5829] usb 5-1: USB disconnect, device number 3 [ 158.593604][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.607821][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.618575][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.632026][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.643088][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.657011][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 158.820027][ T8002] loop0: detected capacity change from 0 to 1024 [ 158.848577][ T8002] hfsplus: bad catalog entry type [ 158.909123][ T8005] loop3: detected capacity change from 0 to 1024 [ 158.920196][ T48] hfsplus: b-tree write err: -5, ino 4 [ 158.989479][ T8005] hfsplus: inconsistency in B*Tree (0,1,255,1,0) [ 159.006946][ T8005] hfsplus: xattr search failed [ 159.402213][ T28] audit: type=1326 audit(1756513002.303:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.446922][ T28] audit: type=1326 audit(1756513002.303:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.523911][ T28] audit: type=1326 audit(1756513002.303:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.602635][ T28] audit: type=1326 audit(1756513002.303:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.663935][ T28] audit: type=1326 audit(1756513002.303:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.733105][ T28] audit: type=1326 audit(1756513002.303:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8022 comm="syz.3.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fff8ebe9 code=0x7ffc0000 [ 159.969313][ T8021] loop0: detected capacity change from 0 to 32768 [ 159.994232][ T5829] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 160.054365][ T5836] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 160.198991][ T5829] usb 4-1: Using ep0 maxpacket: 8 [ 160.214094][ T5829] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 160.234256][ T5829] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.248287][ T5829] usb 4-1: Product: syz [ 160.256050][ T5836] usb 5-1: config index 0 descriptor too short (expected 1051, got 27) [ 160.275639][ T5836] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 160.283753][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 160.292708][ T5829] usb 4-1: Manufacturer: syz [ 160.304477][ T5829] usb 4-1: SerialNumber: syz [ 160.325449][ T5829] usb 4-1: config 0 descriptor?? [ 160.332671][ T5836] usb 5-1: config 0 interface 0 altsetting 12 bulk endpoint 0x87 has invalid maxpacket 149 [ 160.359804][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0 [ 160.375035][ T5836] usb 5-1: New USB device found, idVendor=06cd, idProduct=010a, bcdDevice=d9.c3 [ 160.384825][ T5836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.399428][ T5836] usb 5-1: Product: syz [ 160.403686][ T5836] usb 5-1: Manufacturer: syz [ 160.428852][ T5836] usb 5-1: SerialNumber: syz [ 160.455965][ T5836] usb 5-1: config 0 descriptor?? [ 160.461811][ T8038] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 160.541429][ T5829] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 160.698090][ T5836] keyspan 5-1:0.0: Keyspan 4 port adapter converter detected [ 160.715147][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7 [ 160.736224][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81 [ 160.764371][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1 [ 160.785969][ T5836] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 160.816340][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 82 [ 160.840371][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2 [ 160.867272][ T5836] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 160.908021][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83 [ 160.924932][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3 [ 160.951981][ T5829] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71 [ 160.964572][ T5836] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 160.997193][ T5829] usb 4-1: USB disconnect, device number 7 [ 161.022381][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 84 [ 161.047568][ T8075] loop0: detected capacity change from 0 to 128 [ 161.054323][ T5836] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 4 [ 161.090192][ T5836] usb 5-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 161.116670][ T8079] 9p: Unknown Cache mode or invalid value m [ 161.117805][ T8075] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 161.145166][ T8075] ext4 filesystem being mounted at /222/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 161.145529][ T5836] usb 5-1: USB disconnect, device number 4 [ 161.258571][ T5836] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 161.281356][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 161.313024][ T5836] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 161.370054][ T5836] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 161.410983][ T5836] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 161.445018][ T5836] keyspan 5-1:0.0: device disconnected [ 162.365721][ T8086] loop0: detected capacity change from 0 to 32768 [ 162.421751][ T8086] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 162.482660][ T8089] loop4: detected capacity change from 0 to 32768 [ 162.545203][ T8086] [ 162.547563][ T8086] ====================================================== [ 162.554588][ T8086] WARNING: possible circular locking dependency detected [ 162.561624][ T8086] syzkaller #0 Not tainted [ 162.566061][ T8086] ------------------------------------------------------ [ 162.573105][ T8086] syz.0.768/8086 is trying to acquire lock: [ 162.579009][ T8086] ffff88805bb80608 (sb_internal#6){.+.+}-{0:0}, at: ocfs2_setattr+0x95a/0x1b20 [ 162.588018][ T8086] [ 162.588018][ T8086] but task is already holding lock: [ 162.595394][ T8086] ffff88805e83ea20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0x94b/0x1b20 [ 162.605690][ T8086] [ 162.605690][ T8086] which lock already depends on the new lock. [ 162.605690][ T8086] [ 162.616105][ T8086] [ 162.616105][ T8086] the existing dependency chain (in reverse order) is: [ 162.625134][ T8086] [ 162.625134][ T8086] -> #4 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}: [ 162.633955][ T8086] down_write+0x97/0x1f0 [ 162.638746][ T8086] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 162.645270][ T8086] ocfs2_xattr_set+0x596/0x11f0 [ 162.650666][ T8086] ocfs2_set_acl+0x4e1/0x590 [ 162.655804][ T8086] ocfs2_iop_set_acl+0x1ab/0x2a0 [ 162.661293][ T8086] vfs_set_acl+0x803/0xa60 [ 162.666262][ T8086] __se_sys_fsetxattr+0x450/0x4b0 [ 162.671835][ T8086] do_syscall_64+0x55/0xb0 [ 162.674759][ T8089] (syz.4.770,8089,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 162.676775][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 162.690652][ T8089] (syz.4.770,8089,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 162.696364][ T8086] [ 162.696364][ T8086] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}: [ 162.696393][ T8086] down_read+0x46/0x2e0 [ 162.696418][ T8086] ocfs2_init_acl+0x2fa/0x720 [ 162.710111][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 162.717385][ T8086] ocfs2_mknod+0x12e5/0x20f0 [ 162.717412][ T8086] ocfs2_mkdir+0x196/0x410 [ 162.717427][ T8086] vfs_mkdir+0x296/0x440 [ 162.731719][ T8089] JBD2: Ignoring recovery information on journal [ 162.734729][ T8086] do_mkdirat+0x1d4/0x440 [ 162.734758][ T8086] __x64_sys_mkdirat+0x89/0xa0 [ 162.734783][ T8086] do_syscall_64+0x55/0xb0 [ 162.770999][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 162.774059][ T8089] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 162.777429][ T8086] [ 162.777429][ T8086] -> #2 (jbd2_handle){++++}-{0:0}: [ 162.777465][ T8086] start_this_handle+0x1e9d/0x20c0 [ 162.799333][ T8086] jbd2__journal_start+0x2bb/0x5b0 [ 162.804976][ T8086] jbd2_journal_start+0x2a/0x40 [ 162.810361][ T8086] ocfs2_start_trans+0x376/0x6c0 [ 162.815847][ T8086] ocfs2_shutdown_local_alloc+0x201/0xa10 [ 162.822102][ T8086] ocfs2_dismount_volume+0x1e2/0x890 [ 162.827920][ T8086] generic_shutdown_super+0x134/0x2b0 [ 162.833837][ T8086] kill_block_super+0x44/0x90 [ 162.839064][ T8086] deactivate_locked_super+0x97/0x100 [ 162.845015][ T8086] cleanup_mnt+0x429/0x4c0 [ 162.850000][ T8086] task_work_run+0x1ce/0x250 [ 162.855136][ T8086] exit_to_user_mode_loop+0xe6/0x110 [ 162.860967][ T8086] exit_to_user_mode_prepare+0xb1/0x140 [ 162.867065][ T8086] syscall_exit_to_user_mode+0x1a/0x50 [ 162.873074][ T8086] do_syscall_64+0x61/0xb0 [ 162.878049][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 162.884508][ T8086] [ 162.884508][ T8086] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 162.893032][ T8086] down_read+0x46/0x2e0 [ 162.897746][ T8086] ocfs2_start_trans+0x36a/0x6c0 [ 162.903238][ T8086] ocfs2_shutdown_local_alloc+0x201/0xa10 [ 162.909499][ T8086] ocfs2_dismount_volume+0x1e2/0x890 [ 162.915215][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 162.915308][ T8086] generic_shutdown_super+0x134/0x2b0 [ 162.926338][ T8086] kill_block_super+0x44/0x90 [ 162.931559][ T8086] deactivate_locked_super+0x97/0x100 [ 162.936591][ T9] usb 4-1: config 0 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 162.937514][ T8086] cleanup_mnt+0x429/0x4c0 [ 162.937535][ T8086] task_work_run+0x1ce/0x250 [ 162.960416][ T8086] exit_to_user_mode_loop+0xe6/0x110 [ 162.966246][ T8086] exit_to_user_mode_prepare+0xb1/0x140 [ 162.972342][ T8086] syscall_exit_to_user_mode+0x1a/0x50 [ 162.978353][ T8086] do_syscall_64+0x61/0xb0 [ 162.980375][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 162.983296][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 162.983328][ T8086] [ 162.983328][ T8086] -> #0 (sb_internal#6){.+.+}-{0:0}: [ 163.003840][ T8086] __lock_acquire+0x2ddb/0x7c80 [ 163.009230][ T8086] lock_acquire+0x197/0x410 [ 163.012758][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00 [ 163.014256][ T8086] ocfs2_start_trans+0x26b/0x6c0 [ 163.014284][ T8086] ocfs2_setattr+0x95a/0x1b20 [ 163.014305][ T8086] notify_change+0xb0d/0xe10 [ 163.039075][ T8086] chown_common+0x3f9/0x5a0 [ 163.044119][ T8086] do_fchownat+0x168/0x270 [ 163.047093][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.049078][ T8086] __x64_sys_fchownat+0xb5/0xd0 [ 163.049103][ T8086] do_syscall_64+0x55/0xb0 [ 163.067387][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 163.073827][ T8086] [ 163.073827][ T8086] other info that might help us debug this: [ 163.073827][ T8086] [ 163.082243][ T9] usb 4-1: config 0 descriptor?? [ 163.084051][ T8086] Chain exists of: [ 163.084051][ T8086] sb_internal#6 --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key [ 163.084051][ T8086] [ 163.103189][ T8086] Possible unsafe locking scenario: [ 163.103189][ T8086] [ 163.110651][ T8086] CPU0 CPU1 [ 163.116075][ T8086] ---- ---- [ 163.121450][ T8086] lock(&ocfs2_file_ip_alloc_sem_key); [ 163.127030][ T8086] lock(&oi->ip_xattr_sem); [ 163.134162][ T8086] lock(&ocfs2_file_ip_alloc_sem_key); [ 163.142244][ T8086] rlock(sb_internal#6); [ 163.146607][ T8086] [ 163.146607][ T8086] *** DEADLOCK *** [ 163.146607][ T8086] [ 163.154816][ T8086] 3 locks held by syz.0.768/8086: [ 163.159906][ T8086] #0: ffff88805bb80418 (sb_writers#27){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 163.169194][ T8086] #1: ffff88805e83ed98 (&sb->s_type->i_mutex_key#34){+.+.}-{3:3}, at: chown_common+0x313/0x5a0 [ 163.179692][ T8086] #2: ffff88805e83ea20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0x94b/0x1b20 [ 163.190434][ T8086] [ 163.190434][ T8086] stack backtrace: [ 163.196345][ T8086] CPU: 1 PID: 8086 Comm: syz.0.768 Not tainted syzkaller #0 [ 163.203688][ T8086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 163.213763][ T8086] Call Trace: [ 163.217065][ T8086] [ 163.220016][ T8086] dump_stack_lvl+0x16c/0x230 [ 163.224804][ T8086] ? load_image+0x3b0/0x3b0 [ 163.229334][ T8086] ? show_regs_print_info+0x20/0x20 [ 163.234567][ T8086] ? print_circular_bug+0x12b/0x1a0 [ 163.239795][ T8086] check_noncircular+0x2bd/0x3c0 [ 163.244794][ T8086] ? print_deadlock_bug+0x5d0/0x5d0 [ 163.250020][ T8086] ? lockdep_lock+0xe0/0x220 [ 163.254638][ T8086] ? _find_first_zero_bit+0xd3/0x100 [ 163.259961][ T8086] __lock_acquire+0x2ddb/0x7c80 [ 163.264849][ T8086] ? verify_lock_unused+0x140/0x140 [ 163.270073][ T8086] ? verify_lock_unused+0x140/0x140 [ 163.275293][ T8086] ? verify_lock_unused+0x140/0x140 [ 163.280526][ T8086] lock_acquire+0x197/0x410 [ 163.285069][ T8086] ? ocfs2_setattr+0x95a/0x1b20 [ 163.290065][ T8086] ? __might_sleep+0xe0/0xe0 [ 163.294677][ T8086] ? do_raw_spin_lock+0x121/0x2c0 [ 163.299731][ T8086] ? read_lock_is_recursive+0x20/0x20 [ 163.305140][ T8086] ? __rwlock_init+0x150/0x150 [ 163.309940][ T8086] ? do_raw_spin_unlock+0x121/0x230 [ 163.315176][ T8086] ocfs2_start_trans+0x26b/0x6c0 [ 163.320148][ T8086] ? ocfs2_setattr+0x95a/0x1b20 [ 163.325024][ T8086] ? ocfs2_recovery_exit+0x50/0x50 [ 163.330170][ T8086] ? setattr_prepare+0x1e6/0xac0 [ 163.335137][ T8086] ocfs2_setattr+0x95a/0x1b20 [ 163.339847][ T8086] ? ocfs2_extend_allocation+0x1760/0x1760 [ 163.345677][ T8086] ? ocfs2_xattr_get+0x132/0x220 [ 163.350655][ T8086] ? ktime_get_coarse_real_ts64+0x110/0x120 [ 163.356581][ T8086] ? ocfs2_init_security_set+0xd0/0xd0 [ 163.362071][ T8086] ? __vfs_getxattr+0x3e8/0x420 [ 163.366945][ T8086] ? evm_inode_setattr+0x94/0x6a0 [ 163.372005][ T8086] ? bpf_lsm_inode_setattr+0x9/0x10 [ 163.377225][ T8086] ? try_break_deleg+0x79/0x120 [ 163.382104][ T8086] ? ocfs2_extend_allocation+0x1760/0x1760 [ 163.387940][ T8086] notify_change+0xb0d/0xe10 [ 163.392558][ T8086] chown_common+0x3f9/0x5a0 [ 163.397091][ T8086] ? __ia32_sys_chmod+0x70/0x70 [ 163.401963][ T8086] ? rcu_read_lock_any_held+0xb4/0x120 [ 163.407449][ T8086] ? __mnt_want_write+0x223/0x2a0 [ 163.412514][ T8086] do_fchownat+0x168/0x270 [ 163.416954][ T8086] ? chown_common+0x5a0/0x5a0 [ 163.421656][ T8086] ? lock_chain_count+0x20/0x20 [ 163.426617][ T8086] __x64_sys_fchownat+0xb5/0xd0 [ 163.431489][ T8086] do_syscall_64+0x55/0xb0 [ 163.435926][ T8086] ? clear_bhb_loop+0x40/0x90 [ 163.440620][ T8086] ? clear_bhb_loop+0x40/0x90 [ 163.445331][ T8086] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 163.451256][ T8086] RIP: 0033:0x7fb007d8ebe9 [ 163.455699][ T8086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.475325][ T8086] RSP: 002b:00007fb008bf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 163.483766][ T8086] RAX: ffffffffffffffda RBX: 00007fb007fc5fa0 RCX: 00007fb007d8ebe9 [ 163.491758][ T8086] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 163.499749][ T8086] RBP: 00007fb007e11e19 R08: 0000000000000100 R09: 0000000000000000 [ 163.507743][ T8086] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 163.515729][ T8086] R13: 00007fb007fc6038 R14: 00007fb007fc5fa0 R15: 00007ffd0a9fb3a8 [ 163.523730][ T8086] [ 163.582175][ T5791] ocfs2: Unmounting device (7,0) on (node local) [ 163.591677][ T7280] ocfs2: Unmounting device (7,4) on (node local) [ 163.714327][ T7354] usb 4-1: USB disconnect, device number 8