last executing test programs: 4.069079127s ago: executing program 3 (id=1219): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006400303000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 3.75263412s ago: executing program 3 (id=1225): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0) 3.507394815s ago: executing program 3 (id=1231): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x8008af26, &(0x7f0000001080)) 3.412593304s ago: executing program 3 (id=1233): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000057c0)={[{@resuid={'resuid', 0x3d, 0xee01}}, {@background_gc_off}, {@nodiscard}, {@grpjquota={'grpjquota', 0x3d, ':-('}}, {@usrjquota={'usrjquota', 0x3d, '\\A'}}, {@jqfmt_vfsv1}, {@two_active_logs}, {@nouser_xattr}, {@grpjquota}, {@nodiscard}, {@inline_dentry}, {}, {@user_xattr}]}, 0x0, 0x551a, &(0x7f0000000280)="$eJzs3M1rI/UfB/BP2u22+/DbXxEP3nZgEVrYhKYPi96q7uIDdimrHjxpmqQh3SRTmjStPXnwKB78T0TBk0f/Bg+evYkHxZugZGYqW11Bbdq429cLJu+ZbyaffL9DKHwmJQFcWPPJzz+W4kZciYjpiLgeke2Xii2znsdzEXEzIqYe2UrF+O8DlyPiakTcGBXPa5aKpz69Pby19sMbP331zeyla599+e3kVg1M2vMR0d3N9w+6eaatPHeK8dqwnWV3dVhk/kT3YXGc5nnQ3MoqHNSOz6tludLKz0939/uj3O7U6qNstbez8d1e/ob9Yeu4TvaCndpedtxobmXZ7qdZto7yeR0e5X/bjvqDvE6jqPdBVj4Gg+PMx5uHzXw9uw+zrPcGxXheN200D0c5LLJ4u6innUY2j63TXOn/tjfbvf3DZNjc67fTXrJWqb5Qqd4pV/fSRnPQXC3Xuo07q8lCqzM6rTxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXFYu928ur9d5JOI1kY5cvt3v6g3ekn2+lekr9iMVmurLy4mNyqJm9tbCabD+7d29h8+727795/aeP1V4qT/jStZGF5aXm5XF0qL1cXL9D6Pyom/fj1l053JeBf8KkD+Mf0/8AknF3/v/cg4uz7/9D/j8UT1f9e9P7/DNYPp6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sL6b+fy1bGc+P75WjP+vGHqmOC5FxFRE/PoY03H5RM3pos7MX5w/84c5fF2KrMLoPWaL7WpErBfbL/8/66sAAAAAT68vPrz5Sd6t5w/zk54Q56dU3LSZuv7+2CpGzMx/P6ZqU6OHZ8dULPt8X4rDMVXLbmDNjalYfsvt0riq/S3TJ2LukSjFXOyc61wAAIDzcrITON8uBAAAgPP08aQnwGSU4virzDj+B/7ZPIovBK+cOAIAAACeQKVJTwAAAAA4c1n/7/f/AAAA4OmW//4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793aYRw3EA/93BFfpPRV2gq/QN3rtAR6j61MeKAboEI9AVugAz0LeMEEGUs4NCRKJE+O4U9PlIh7HFfbER92BbMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCl/8168ff3lz/n5uz25ykzGgAAAOCUbbNetG9mqf4+t3/MTZ9zvYqIOiJOzd1H8eYoc5Rzmkc+3zzow7+INuH2Oyb5ehcRX/N1/anrXwEAAAAu12a5mqfZenqZDd0h+pQWbeoP3wvlVRHRzK4KpdXxs1BS5P/3OH4VSmsXsKaFwtKS27hU2rO0j/th1W56r6hSUT99f7GxAwAAPRodFf3OQgAAAOjTj6E7wDCquNvKPGwFTlKRt/feHtUAAACAV6gaugMAAABA59r5v/P/AAAA4LKl8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0rZZLzbL1fwl93w70bbbn6fciAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7Yn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLnfn6jqOIAgL+Z2dkCaqzV9FBjNPGgFykLgtyMB03jwf9Ak6YsWFn8AT0IISa9eNL0zMXo0RgTSb3xP3CGhAveOKwJJp4186t9IpKt1Zml+/kkb953Z4Z53zebkH5nXgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0xm/txlmxma/itN536/7VtaK//UBfuLF1Z6loRZy0mfTj4YX4Q7LYXSIAAADMjqyp70MId/PtlaJP58v6P2/OKWr+b5+q4qaef7Dub/qm9i/az9fvPbcz0Hw1TnHRs+uj4bG/p9L7/2Y53Z5uguv/dEavvPPls5es/ELSdzefHefl/Uy+vnnz7X4ZzrWVMQCwV0ebvg6an4eKftBlYgDMjF5UeDf1fzbfbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbRhvhiea+NcQwlKvipN63+37V9ce1t/YurPUtFPXrm3F1ywukYcQzq6PhsdanMu0u3T5yvnV0Wh4sf3gxRDCPq/z/r+dxZv1Pzz/wQQnh9DJ/RH8R0Faf9nTks9+g7lWxuroPyQAAA6svG5FXX83314p9iULIfzx3W79Xxx7JYrDhPX/vQ9P3YrHiuv/QWsznAbpI48ub1z4dPnS5SuvrV9YPTc8N/z49eODNwYnTp88eXq5fFay7IkJAAAA+9OvW1z/pwvR+/9D1bEj9fl7qf8/+2bwRTxWNrP1/6PtvvTrOhMAAIDZ9sxLv/+WPGR/0u+Hz1c3Ni4Oqu3O5+PVtoNU92yubnH9ny10nRUAAADQhvFm8pf1/2eiOEz4/v/J75//Mb5mFkI4XL//P7r2yehMe9OZam38xnLXcwQAAKBbh+sWv//Py/X/6c6ShzSE8OrLVVz/GcCJ6v/snS9/iMeK1/+faG+KUyldrO5H2S+G0FvsOiMAAAAOmq+i+FDdimL/l3x75aOfjrzXt/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG1/BgAA//9TJj43") lsetxattr$system_posix_acl(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000080), 0x24, 0x0) 3.272423147s ago: executing program 2 (id=1235): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000180)='syzkaller\x00', 0x1}, 0x90) 3.040234768s ago: executing program 2 (id=1240): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x40045109, &(0x7f0000001b80)) 2.843041447s ago: executing program 2 (id=1244): mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@name={'name', 0x3d, '-'}}, {@name={'name', 0x3d, '_'}}]}) 2.570516967s ago: executing program 2 (id=1250): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0x20, 0x1410, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0) 2.362732228s ago: executing program 2 (id=1253): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000082, &(0x7f0000000240)={[{@utf8no}, {@utf8no}, {@shortname_win95}, {@rodir}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fat=@sys_immutable}, {@shortname_mixed}, {@fat=@check_strict}, {@uni_xlateno}, {@numtail}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@shortname_mixed}]}, 0x25, 0x358, &(0x7f0000000480)="$eJzs3T9oXHUcAPDv9aW5JFhzg1B0Ot0EKU3EQaeEUqGYQSuH/xYPm/ondxZyeBCHXG5RipPiIujk1kHHzuIg4ubgagWpiovdCg0+ubt3/+/sBbxY8fMZwpfv7/d9v+97eeS9hOSXVxuxc+lkXL5162YsLeViYePcRtzORSFORBIdBzHRB4uT8wDAPe52msYfacfdZ3+00o08+wHgv6v9/H/9VD+RP0Lx1fvm0RIAMGczfv//7MTslbm1BQDM0djz/5Gh4ZEf8y/0fiegY3n+DQIA/7jnX3r5mc2tiIvF4lJE9f16qV6Kp/rjm5fjzajEdpyN1TiM6LwodN4WWh+fvrB1/myx5ZdClFoV9VJEtVEvdd4UNpN2fT7WYjUKWX3aq09a9Wvt+mJEHDTa60c1Vy+djJVs/R9XYjvWYzUeGKuPuLB1fr2YHaBU7dY3Ipqx1D2JVv9nYjW+fy2uRCUuRau23//+WrF4Lt0aqq9fy7fnAQAAAAAAAAAAAAAAAAAAAADAPJwp9hR6+9+k1Ub9vYujEwpD++OUOsPZ/kDNzv5Aab67O8/VZHR/oOH9eeqlhTjxr545AAAAAAAAAAAAAAAAAAAA3Dtqe4tRrlS2d2t77+4MBo2BzNvffvH1cnSHFrLSt5J+VWTJoeN0Jw4cOYneEmmvPE2G5mRBEtGdfFC+dr3X8eCcfO8sxspbQX5sKJf1VK5UTj3886eTqv5sBQftTBJjl2U4yGXrDwxV728lliLicFrV9GD9LnNupGk6rXz/k9FMthVD48htzBB8c/ONBx+vnX6infkqW+nRx1ZfuPHx57/tlCvR7FyZSmVxt3aYznDkyEWMDyUD908uu865CXfC5KDZzzR3a3vl5IffX3zow+9GJieT7590MPPO9LW+HM0sdoJcRKF7Ef6u1ZMTbv7JwSt3enfv0T9xpz/bKF/f/+nXWasGvkjYqAMAAAAAAAAAAAAAAAAAAI5F/49+RwbSNG1MrXryubk3BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHqP///weC5lhmluBOI8aH8tu7tamLLx/rqQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D/2VwAAAP//wGN9HA==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) 1.621010232s ago: executing program 0 (id=1265): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2810000, &(0x7f0000001040)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d63703835322c73686f72746e616d653d77696e6e742c636f6465706167653d3836342c726f6469722c696f636861727365743d6370313235352c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c756e695f786c6174653d312c696f636861727365743d63703836392c756e695f786c6174653d312c0046f954b34e928130540b869af3eb807a3d9ce5fe5e0ed041428df48def2bfeca21208d9306c189e802ed568ca7cfb350a22affe1c05814ee212429036aab67b7fd2a98f56aebe178ee6dcca902f725acec54ff5da88197f1ac16873f2e03de4b3ea3841a9424f41847"], 0x2d, 0x33c, &(0x7f0000001980)="$eJzs3U1oXFUUAOAzfUkmCdRkIRRdje4EKU3Eha4SSoViFlod/Ns42NSfvLGQwYG4yDQbxaXiRtCVuy502bW4EHHnwq0VpCpu7K7Q4pOZ9zLz5ic1FSf15/sW4XDuPXPPe7lkXkJy8/JabJ2fjQvXr1+L+flKzKydXosblViOY5FE7lIAAP8lN7Isfstyfz77g8X9aG7KfQEA09N7/3/1+CBRvZvdAABH4ZDf/z81MXtxam0BAFM09v7/4NDwyI/5Z/q/EwAA/Hs988KLT65vRJyr1eYjmu+26+16PD4YX78Qr0cam3EqluJWRP6gkD8tdD8+cXbjzKla10/LUe9WtOsRzU67nj8prCe9+mqsxFIsF/VZvz7p1q/06msRcanTWz+alXZ9NhaL9b9fjM1YjaW4N69/dlAfcXbjzGqteIF6c7++E7EX8/sX0e3/ZCzFt6/ExUjjfHRrB/3vrtRqp7ONofr25WpvHgAAAAAAAAAAAAAAAAAAAAAATMPJWt9y//ybrNlpv3NudMLy0Pk49Xy4OB9oLz8fKKvun+7zXjJ6PtDw+Tzt+kwcu6tXDgAAAAAAAAAAAAAAAAAAAP8crZ25aKTp5nZr5+2tctApZd78+rMvF2J0zhvJIBMz+csNzSlyUapKol+e9cuzZGhOESQRg8mXr/Q7Ls+p9q9irLwbVMeGKkVPjTQ9/sCPH0+q+n2QSWLstgwHlWL90lDznjx1m6qtRroweWj19lXp1SzLDupn96PxqqhEzIx94v6O4Ktrr933SOvEo73MF8WhDw89vPTc1Q8//WWrkUZxa9J0brt1K/vLayWl/VMp7nNlwk6YHOwNMnvbrZ1G8t2vz9///jcjk5PJ+ycrZ946eK3PRzNzedBt8zBXOjth808OXrrZ3713fjNPfLLWuLL7w8+HrSp9kXBQBwAAAAAAAAAAAAAAAAAAHInS34rfgceenl5HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD0Bv//vxTsjWUOE9zsxPhQdXO7deDiC0d6qQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/I/9EQAA//8hAXfe") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) 1.4993727s ago: executing program 2 (id=1268): r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR") ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f00000018c0)={{}, 0x0, 0x8, @inherit={0x90, 0x0}, @subvolid}) 1.233335592s ago: executing program 3 (id=1274): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}]}]}, 0x54}}, 0x0) 1.121947894s ago: executing program 1 (id=1277): r0 = socket(0x40000000015, 0x805, 0x0) getsockopt(r0, 0x114, 0x271b, 0x0, &(0x7f00000000c0)) 889.192135ms ago: executing program 4 (id=1278): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="2400000020000103000000000000000080000000000000000000000008000d"], 0x24}}, 0x0) 888.429095ms ago: executing program 0 (id=1279): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1f, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "5642000800000000001000"}) 835.603916ms ago: executing program 4 (id=1280): r0 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0x81785501, &(0x7f0000000080)={{0x0, 0x0, 0xfffffffd}, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) 833.296517ms ago: executing program 1 (id=1281): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000070000000090a010400000000000000000100000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021340011800a0001006c696d6974000000240002800c000240000000000000008108000340fffffffd0c0001400000000000000007"], 0xb8}}, 0x0) 755.394101ms ago: executing program 4 (id=1282): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e6d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf01860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e748fafa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f0844307df70f532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fda0f0a04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0001002d8c38a967c1bbe09315c298774009d8c6a16c7da308bcc87dc3addb08141bdee5d2780cfef663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd805deb28c13c1ed1c0d9cae846bcbfa8cce7b893ebc68578af7dc7d5e87d44ff80800000034c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c568cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7dcf050000000000001491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c78974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000400000000000a5accf93bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9c46136a5755c47287eb00000000000000c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b179509bd9f263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a378700000000000000000000000000631ffc86fe0c8124536afbfc6300ee2c00000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e35776e37c2b7772d0873369ba559e4a9ce9a7878a9a46f2a68adae0f3f5c0715b169ff053d8f5ab73d5f738b0edc71a287418ba45a14fd1ab423d9c392d010af2cf1356c6f78d563822afd3e8fb693ef3e1f1c02289e94b15a0a2a58e9c77a6d388004396baf8af32d0bd7fef1597b20e2eec0273012e344628a8ea5bd0a9da43078b95af7186d5bf36a2e31c0ee3e1ec6accd94b7e3b47e52681128c5b6fb2afbffaa52d53080f7ef112fdffffffffffffff0c1f7b4673fc5202bcc1159ba59b9b5c996079b6c2b9cc011470ce48b53c7339135e0a1e7c90b91a84cfaf95af6edc881ca69cb3d869fcd87a294447e3eb627923970281e28528348f9d0157c80ffd70dd45fc9ae550e191e9f88a1f15c2d997c217bb6d5d24e88d07837851b391ffcf3aa2183952ef4d68757c7511179f0984960b907016a4ad6ba19f89794b545f983e94a980f83794c277dd644651d721a0d0546b3e69b8530d9391068d67cfb4fe879c23933ec59d3e728113fdf3a28800512b9cef65523490caa4f5ec30ad6ded9879843ade683b3263197964e752ca77b966ae22e73a0cbbe549306e49d0e11662cf8bcccd8198ef44911ed6b86792086cc6c758d8c4a872041e58685d4134a5ee5063b4bb7e8035442b1cba567cfee96b3b858c9086c907ddddd16414545f1b94b34f081f3e6248699060d62f236b5204993cf42c180f757938a62b5f302cae4a4a7be523be2db61b74bab36d0e63e4469969482ada533c54bdc9c2ad0b7dce02c869e6c853f92d24823036f8b5f4a6f6f89e1a9cd003c714814277f32bd6d535dcc08c992f2938b2e265ff6bfbf38694255c367867d64c50b6f7f2fd131b5b30059ea2ed6bd2b887f808dee79a76d600883085436d79381d7a4a09c4d73f8046c72b206ae3b76429c719f80ab8ff65494f35a75916d81ce89b94ed2e07540d855ebb2e78bfbb354e29d6b905f2573bec68e340472006f3738f004c24edd7c538ad9f25bda4c443bc816a8fb38081adbf5a80f5cd6fde3aadd56a9283dfdcbf7fdd1b44e717c0b405b3261f19b1c38df6331df8e84619ef307875c893a8f0a436ccfb6319000000000000000000000000001f1c8231baae9e6b907826aa7431ee8ee9deb4db6dca3e4fa3df5cd4015a3771c25bff7d305689ff0a71d821fc6ee9d2d0069a6f4cb434e8183796f89825de4d251bbf526adcf572bd39c9817a51b50859c77eebd37709f0d65667a71700006103120886e81241c7186011c6949a9ef5eadb3ca1ba74d055196c80fe796f3550eef858d924ba6a93ea687720ffe78f1e2c98686d85575fbabee88e97d4dea9b7d8416d62f962b9202528fcc38eea7d2b4efca4e14fcbcc15e8"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x13, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f00800fee0050000000000002f77fbac141416e000030a44079f03b180006000000000845013f2325f003901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xffffff23}, 0x2c) 674.534221ms ago: executing program 1 (id=1283): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffc, 0x4) 591.601726ms ago: executing program 0 (id=1284): r0 = socket(0x2000000015, 0x80005, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) 530.229321ms ago: executing program 4 (id=1285): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc9) 451.218568ms ago: executing program 0 (id=1286): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000280)={0x1, @pix={0x0, 0x0, 0x50565559}}) 450.068137ms ago: executing program 1 (id=1287): r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r0, r0}, &(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000340)={&(0x7f0000000300)={'sha512-generic\x00'}}) 329.965837ms ago: executing program 4 (id=1288): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file1\x00', 0x208400, &(0x7f0000000500)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c636f6465706167653d69736f383835392d392c747970653d8806e6d92c007c3da50838b213e45c60dfa80dde3ce87abe5e338e4e6a59adcbbcd8c1298ca6754466db1a8a1278dabca7f2fe40cf27dc1fb941304798bf42ba7569909de3630242504efec00c875fa448eb7bdaa7ba31d37ec3e7d64cd77624a0da2b05469cfb6ff12378569cc8b28d1168e0b17c24be8bc7e84cc44764d86c47497b7f98bc4582fe16504124539d5e1c09b9294efa2dd7"], 0x1, 0x2e5, &(0x7f00000001c0)="$eJzs3U9rE08cx/HPbJI27a/0t/0jghelWtBLsepBvEQkV++eRG1SKIaKbQX1YisexQfg3afgg/Ci+AT05MkH0IOwMpPJZtPsbpLSJE19vyBhMzsz+x1mNzvfRRsB+Gfdq/74dPOXfRmpoIKkO1IgqSwVJZ3T+fKL7b2tvUa9ltdRwbWwL6NmS9NVZ2O7ntbUtnMtvNB+KmouWZZkunvGMUVRdPdnXoXC6GLB+JiMmQ6kaX8duv3lEcc1LPvSxXHHMGrJCTaHOtRLzY8xHADAKeDv/4G/Tcy5IqMgkFb9bf9M3f8Pxx3AybrV6CqKchsk7v9udRcZO7//u13tfM8lWnZ/0MoS+wmmdOTzlJpnVscC0/TKKl0swczmVlFrGweqBXqripeotuzea81Tt6VHtCspuWmO7N5Kuj/bHI1bUR7VCmlzq1GfthuJ+FsRLA12xDwzfdUyX8w389CE+qhavP4rRsZOk5up8MhMBSUb//XsHv9zrWwt+YFVKpWgo8qCO8gFfwSvxyjLPXLPhfZDg/04grw43bEX1flYoTm69R6tltJahfGnjFbLHa0K/kxY23jWyH2UMhytIZoP5oFZ0W99VjWx/g9sfKtKXJl5X/XG1fRnRnM8U+k1i65m2HXnaF8ul+IIvOmBxwYp62lZhvd6otua3331+mmh0ajv2I3HKRvP53aMLym9k1LrDH+joJw62m+XRNabKOq352iYwV870Q7t90dcYi+ftMr2KotLglFP06Ru/BmwVfWr8k7IydmIIilj19C+p3CK7JrWpLuPxT4XkTg77LrLNPM/t5L3qzqXoNi3MGednp9kqqPH9TiD61wKLrr32YEyuP6OeCMjZ3Q51+Wr0pVEoVHuEUMf5xlhqvquRzz/BwAAAAAAAAAAAAAAAAAAmDTJf/R/MKT/aTDuMQIAAAAAAAAAAAAAAAAAAAAAMOmO9fu/aX8j3v3+bziS3/8FcDL+BgAA//9Id3lt") listxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) 239.580837ms ago: executing program 1 (id=1289): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x4}}]}, &(0x7f0000000300)='GPL\x00', 0x3, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90) 239.463735ms ago: executing program 0 (id=1290): prctl$PR_SET_SECUREBITS(0x1c, 0x1d) prctl$PR_GET_SECUREBITS(0x1b) 133.203551ms ago: executing program 3 (id=1291): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002780)=ANY=[@ANYRES16=0x0, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESDEC, @ANYRES8=0x0, @ANYRESOCT, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b892438cdddda3da4c78d940655fbd68a286059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826d49e35134a94e27f115c8195a0f152cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fd3cfc830dff1787f000000b7400f5aef57b6dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabcee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a9968104bf02481022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce66522e652939a37435edb78f9ae18489f9d2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205caf209a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8b010e2232d1b2e6ca603b466b2c82afff4a8cc469e8664d54769fc97df122b3ff8c34354dad46f900eaf6e72e538c0595caa056984ab8974af7cdae5bde6a12f412fe2a876aa191e78e91fbf780e2f4a20f57d41376b29f990ce63aa6edf622d2203fee37df269abf869d13b175852b775fff70491d1e5d1311b7eef954a101ddb98c5ba2b312528485ece7aff23cc6fee599daea0fca71a5970cf0fc82b49640cc3fabbc401dead4f83aa0c4072a9e98ab5afb790be17961fc073e2f8f800000000000000005089d6db5ad893ee9b22b9250d01980952d0a3e0076c877556fa43f90cb574fd6ad67398ac4d9f8ff4e3ef09f99220928602523adc2289b51328ac152bd7edc66d4e962cbc2d2b0c5f8e48384eff563a10787b0199642385e811504e7168804114842d51f42dd6937515fa64b2fd14ef427072c6556b99171bd00165a9aada7173f001679ac791ee67188c670f583f7b1f8df68b97f4dcb5652f2b13aa941b7ff56c48fb7162e91ef53c70938a92e4bf55d65319f74766a309722f767fc8f3db2a194a2f098336601be2edcbcc9b562f2fc64e2deff9a16e84f1e8bc5fb82c91f4d10e34f5a093fc4fcbdb89342274857c8e6aa8864b3214f51b9e515bf645235007cede80ff5931bff340780a3b43bc0466340c195a515f779d0333dd467bb665508d9c89e18e86d1975e273f937e3bd1", @ANYRESDEC, @ANYRES32=0x0], 0x1, 0x1f6, &(0x7f0000000680)="$eJzslU1rE0EYx3+zO2kazaFnTwWD7UXbbEH8BvYD+AEM6VqLG1+6AU0oGL304kH8EgU/hQdB7x5EBC/1oKCHiqeKrMzOM9MNicRKeyjMH5bnZZ6XeZ7ZeeZ2/iCvA78PdrosUELR5KNSaGBJWd3hnKU/hBaCL9rKbdG/FPpZaD4Yvntm2eGdTpal2/lgBqMUzLLJCiwj6Rk30lOSOcuZod8+HdcophpHwD/VcyKMyTax1I9tSZNez8c09Wk24stpb74mef7LffEY/42t1DI/m+O/xNeTrqvGaZ97pWO/mn87piJ2/fnwwrbZL0nbMcaxuDcmbspZY6JjeeXI+MqvP4n4XgrvD3a6hrkpU8zoNuznrkRpY4TXFZsLGkagYgofR5fTEpaAlX7v/ko+GF7e6nU20830bpKsXV19c15OoXgMW1m6qirbMJcaN5cAc08blXVzdT4drY+oQMnWpEDOgXK8c3HDeflixbEBUaUsR4/ivvL566KL6XGDS8wDD0dqERJst1qYaJpbprR1FLEIbV3ZJxwSMV8uXOneyzZ2USjntof2Mdr71LyQiGASpWvXfPm7QltC14XuCd0X6t4u9ybpMsI3kZZHMMejTr+/XT5elvO6xOuSBZ85kqzuNXQNb9UJCAgICAgICDgj+BMAAP//duk56A==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) 83.530887ms ago: executing program 0 (id=1292): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x1a, 0x1, 0x0, 0x0, {0x81}, [@FRA_SRC={0x14, 0x2, @remote}]}, 0x30}}, 0x0) 80.553975ms ago: executing program 4 (id=1293): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$nci(r0, 0x0, 0x4) 0s ago: executing program 1 (id=1294): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r0, &(0x7f0000005d40)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000005c80)="39fea2b767dc7891723dd0b1032f7180b021dc14b054e9bff95257151bb97a057d327042ec6c4000825e74949d2e096555c9af11a03ec1871d572290e162178c0e13bae06109ce42a233b93aac8ad0b69bf46725d3cea55c174a7bfd7faa0627d3da3a04d36401c20d7c172bc46f", 0x6e}}, 0x0) kernel console output (not intermixed with test programs): ddresses unique to avoid problems! [ 73.567396][ T5240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.579412][ T5240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.589328][ T5240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.606616][ T5240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.632555][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.650020][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.662611][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.674634][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.687922][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.698137][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.714697][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.730964][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.741844][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.754164][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.794566][ T5240] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.824844][ T5240] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.848024][ T5240] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.866649][ T5240] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.901073][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.914782][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.931633][ T5243] Bluetooth: hci1: command tx timeout [ 73.937732][ T5243] Bluetooth: hci2: command tx timeout [ 73.948916][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.959687][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.970327][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.981733][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.992336][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.004282][ T5243] Bluetooth: hci4: command tx timeout [ 74.004305][ T5234] Bluetooth: hci0: command tx timeout [ 74.009827][ T5248] Bluetooth: hci3: command tx timeout [ 74.023714][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.035266][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.055599][ T5323] netlink: 'syz.0.8': attribute type 30 has an invalid length. [ 74.070027][ T5239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.080024][ T5239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.087221][ T5283] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 74.089394][ T5239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.105208][ T5239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.185797][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.211024][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.284127][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.286771][ T5283] usb 3-1: Using ep0 maxpacket: 32 [ 74.298758][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.319536][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.343941][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.349678][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.373142][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.390734][ T5283] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 74.430995][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.471559][ T5283] usb 3-1: config 0 descriptor?? [ 74.482778][ T1060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.508416][ T5283] hub 3-1:0.0: USB hub found [ 74.527477][ T1060] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.592586][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.650020][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.672038][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.701869][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.704694][ T5331] usb usb8: usbfs: process 5331 (syz.3.4) did not claim interface 0 before use [ 74.726516][ T5283] hub 3-1:0.0: 1 port detected [ 74.913954][ T5335] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.924987][ T5283] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 74.952997][ T5283] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 74.990340][ T5283] usbhid 3-1:0.0: can't add hid device: -71 [ 75.026798][ T5283] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 75.109035][ T5283] usb 3-1: USB disconnect, device number 2 [ 75.676646][ T5364] netlink: 288 bytes leftover after parsing attributes in process `syz.2.25'. [ 75.737358][ T5366] hfsplus: unable to find HFS+ superblock [ 75.939826][ T5372] loop1: detected capacity change from 0 to 256 [ 75.996984][ T5248] Bluetooth: hci1: command tx timeout [ 76.002802][ T5248] Bluetooth: hci2: command tx timeout [ 76.078019][ T5243] Bluetooth: hci3: command tx timeout [ 76.083591][ T5243] Bluetooth: hci4: command tx timeout [ 76.091764][ T5248] Bluetooth: hci0: command tx timeout [ 76.148755][ T5380] netlink: 'syz.0.33': attribute type 1 has an invalid length. [ 76.226416][ T5382] netlink: 8 bytes leftover after parsing attributes in process `syz.0.37'. [ 76.674311][ T5398] netlink: 20 bytes leftover after parsing attributes in process `syz.1.39'. [ 76.703116][ T5398] netlink: 1 bytes leftover after parsing attributes in process `syz.1.39'. [ 76.821662][ T5404] cgroup: name respecified [ 77.448436][ T5422] tmpfs: Bad value for 'mpol' [ 77.496585][ T5393] loop0: detected capacity change from 0 to 40427 [ 77.542458][ T5393] F2FS-fs (loop0): Invalid log sectors per block(3) log sectorsize(10) [ 77.579637][ T5393] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 77.641186][ T5429] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 77.728236][ T5393] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453) [ 77.981023][ T5393] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 78.002722][ T5393] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 78.191655][ T5416] loop4: detected capacity change from 0 to 32768 [ 78.261412][ T5416] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.46 (5416) [ 78.306937][ T5455] netlink: 16 bytes leftover after parsing attributes in process `syz.2.65'. [ 78.319076][ T5416] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 78.330061][ T5416] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 78.338995][ T5416] BTRFS info (device loop4): using free-space-tree [ 78.771823][ T5452] loop1: detected capacity change from 0 to 32768 [ 78.783539][ T5452] ======================================================= [ 78.783539][ T5452] WARNING: The mand mount option has been deprecated and [ 78.783539][ T5452] and is ignored by this kernel. Remove the mand [ 78.783539][ T5452] option from the mount to silence this warning. [ 78.783539][ T5452] ======================================================= [ 78.896296][ T5478] netlink: 76 bytes leftover after parsing attributes in process `syz.2.66'. [ 79.023699][ T5452] ERROR: (device loop1): dbAllocNext: Corrupt dmap page [ 79.023699][ T5452] [ 79.218968][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 79.766575][ T5283] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 79.957263][ T5283] usb 3-1: Using ep0 maxpacket: 8 [ 80.013841][ T5283] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.049252][ T5283] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 80.096550][ T5283] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 80.131353][ T5283] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 80.190787][ T5283] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 80.210509][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 80.234599][ T5283] usb 3-1: SerialNumber: syz [ 80.264833][ T5497] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 80.427177][ T5283] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 80.475454][ T5283] usb-storage 3-1:1.0: USB Mass Storage device detected [ 80.476168][ T5488] loop3: detected capacity change from 0 to 32768 [ 80.519425][ T5283] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 80.564599][ T5283] scsi host1: usb-storage 3-1:1.0 [ 80.575825][ T5488] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 80.596759][ T5488] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 80.732951][ T5488] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 80.758748][ T5283] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 80.765833][ T5283] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 80.775599][ T5282] usb 3-1: USB disconnect, device number 3 [ 80.909853][ T5283] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 144ms [ 80.935525][ T5541] sctp: [Deprecated]: syz.1.92 (pid 5541) Use of struct sctp_assoc_value in delayed_ack socket option. [ 80.935525][ T5541] Use struct sctp_sack_info instead [ 80.961965][ T5283] gfs2: fsid=syz:syz.0: jid=0: Done [ 80.982849][ T5488] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 80.985331][ T5543] loop4: detected capacity change from 0 to 1024 [ 81.111310][ T5543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.138903][ T5548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.94'. [ 81.361879][ T5543] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 623: comm syz.4.93: Attempting to read directory block (623) that is past i_size (638464) [ 81.429081][ T5531] loop0: detected capacity change from 0 to 32768 [ 81.453396][ T5531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.89 (5531) [ 81.604512][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.649205][ T5560] trusted_key: encrypted_key: keylen parameter is missing [ 81.868273][ T5531] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.879959][ T5531] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 81.888789][ T5531] BTRFS info (device loop0): using free-space-tree [ 81.935578][ T5571] netlink: 'syz.3.106': attribute type 63 has an invalid length. [ 81.943633][ T5571] netlink: 5 bytes leftover after parsing attributes in process `syz.3.106'. [ 82.139318][ T8] cfg80211: failed to load regulatory.db [ 82.437428][ T5594] xt_TCPMSS: Only works on TCP SYN packets [ 82.720797][ T5606] 9pnet_virtio: no channels available for device syz [ 82.750145][ T5608] netlink: 'syz.3.115': attribute type 1 has an invalid length. [ 82.872027][ T5614] netlink: 'syz.1.118': attribute type 11 has an invalid length. [ 82.933419][ T5231] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 83.086983][ T5619] netlink: 'syz.2.121': attribute type 1 has an invalid length. [ 83.451126][ T5604] loop4: detected capacity change from 0 to 32768 [ 83.499315][ T5604] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 83.667233][ T5604] XFS (loop4): Ending clean mount [ 83.810756][ T5240] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 83.827747][ T5641] loop1: detected capacity change from 0 to 1024 [ 84.286671][ T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 84.476420][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 84.477639][ T5623] loop3: detected capacity change from 0 to 32768 [ 84.484299][ T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 84.545778][ T25] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 84.577111][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 84.587381][ T5623] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 84.596421][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 84.609358][ T25] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 84.618578][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.629383][ T25] usb 1-1: config 0 descriptor?? [ 84.639907][ T25] hso 1-1:0.0: Can't find BULK IN endpoint [ 84.825000][ T5674] loop4: detected capacity change from 0 to 1024 [ 84.833848][ T5676] netlink: 'syz.2.139': attribute type 32 has an invalid length. [ 84.896225][ T25] usb 1-1: USB disconnect, device number 2 [ 85.138750][ T5623] XFS (loop3): Ending clean mount [ 85.181656][ T5623] XFS (loop3): Quotacheck needed: Please wait. [ 85.191528][ T5654] loop1: detected capacity change from 0 to 32768 [ 85.204836][ T5654] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.133 (5654) [ 85.253655][ T5685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.142'. [ 85.266426][ T5654] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 85.291994][ T5654] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 85.304339][ T5654] BTRFS info (device loop1): disk space caching is enabled [ 85.315670][ T5685] netlink: 20 bytes leftover after parsing attributes in process `syz.4.142'. [ 85.326704][ T5654] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 85.331719][ T5623] XFS (loop3): Quotacheck: Done. [ 85.456765][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 85.517624][ T5229] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 85.696490][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 85.704731][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 85.711394][ T5654] BTRFS info (device loop1): rebuilding free space tree [ 85.717047][ T8] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 85.786475][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 85.802248][ T5711] netlink: 'syz.0.148': attribute type 15 has an invalid length. [ 85.804045][ T5654] BTRFS info (device loop1): disabling free space tree [ 85.826570][ T5654] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 85.833695][ T8] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 85.836937][ T5654] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 85.852076][ T8] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 85.916981][ T8] usb 3-1: Manufacturer: syz [ 85.960827][ T8] usb 3-1: config 0 descriptor?? [ 86.006793][ T5715] netlink: 160 bytes leftover after parsing attributes in process `syz.3.143'. [ 86.018762][ T5715] netlink: 160 bytes leftover after parsing attributes in process `syz.3.143'. [ 86.028138][ T5715] netlink: 96 bytes leftover after parsing attributes in process `syz.3.143'. [ 86.031839][ T5717] loop0: detected capacity change from 0 to 256 [ 86.185063][ T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 86.195851][ T5239] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 86.224575][ T8] usb 3-1: USB disconnect, device number 4 [ 86.578062][ T5733] xt_CT: You must specify a L4 protocol and not use inversions on it [ 86.645191][ T5736] netlink: 28 bytes leftover after parsing attributes in process `syz.3.158'. [ 86.706466][ T5736] netlink: 44 bytes leftover after parsing attributes in process `syz.3.158'. [ 86.777698][ T5738] loop0: detected capacity change from 0 to 4096 [ 87.022296][ T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 87.129750][ T29] audit: type=1326 audit(1724332813.346:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000 [ 87.152313][ T29] audit: type=1326 audit(1724332813.356:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000 [ 87.177179][ T29] audit: type=1326 audit(1724332813.406:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000 [ 87.199681][ T29] audit: type=1326 audit(1724332813.406:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000 [ 87.222162][ T29] audit: type=1326 audit(1724332813.406:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000 [ 87.228017][ T5738] ntfs3: loop0: ino=21, The size of extended attributes must not exceed 64KiB [ 87.244157][ C1] vkms_vblank_simulate: vblank timer overrun [ 87.295404][ T5748] loop1: detected capacity change from 0 to 4096 [ 87.308725][ T5748] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 87.347883][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 87.364229][ T25] usb 5-1: unable to get BOS descriptor or descriptor too short [ 87.374393][ T25] usb 5-1: config 0 has an invalid interface number: 125 but max is 0 [ 87.401414][ T25] usb 5-1: config 0 has no interface number 0 [ 87.416026][ T25] usb 5-1: config 0 interface 125 has no altsetting 0 [ 87.454383][ T25] usb 5-1: string descriptor 0 read error: -22 [ 87.461943][ T25] usb 5-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 87.462801][ T5748] ntfs3: loop1: failed to convert "c46c" to cp863 [ 87.471154][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.481887][ T25] usb 5-1: config 0 descriptor?? [ 87.487569][ T5282] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 87.494518][ T25] hub 5-1:0.125: bad descriptor, ignoring hub [ 87.512054][ T25] hub 5-1:0.125: probe with driver hub failed with error -5 [ 87.526120][ T25] usb 5-1: Found UVC 0.00 device (17dc:0202) [ 87.576705][ T25] usb 5-1: No valid video chain found. [ 87.682472][ T5761] loop0: detected capacity change from 0 to 2048 [ 87.755550][ T5282] usb 4-1: Using ep0 maxpacket: 32 [ 87.776851][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.797769][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.837027][ T5282] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 87.846162][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.864861][ T5282] usb 4-1: config 0 descriptor?? [ 87.881924][ T5761] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.169: bad orphan inode 8192 [ 87.894402][ T5282] hub 4-1:0.0: USB hub found [ 87.920069][ T5761] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.946724][ T25] usb 5-1: USB disconnect, device number 2 [ 88.050498][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.122622][ T5282] hub 4-1:0.0: 1 port detected [ 88.219730][ T5776] netlink: 28 bytes leftover after parsing attributes in process `syz.1.175'. [ 88.330692][ T5282] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 88.376544][ T5282] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 88.426989][ T5282] usbhid 4-1:0.0: can't add hid device: -71 [ 88.457506][ T5282] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 88.560853][ T5282] usb 4-1: USB disconnect, device number 2 [ 88.583935][ T5789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.182'. [ 88.604260][ T5789] netlink: 16 bytes leftover after parsing attributes in process `syz.2.182'. [ 88.776759][ T5796] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 89.132470][ T5808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'. [ 89.172108][ T5808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'. [ 89.683374][ T5800] loop1: detected capacity change from 0 to 32768 [ 89.808918][ T5834] loop3: detected capacity change from 0 to 64 [ 89.881619][ T5834] hfs: unable to locate alternate MDB [ 89.916587][ T5834] hfs: continuing without an alternate MDB [ 89.995732][ T5800] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.187 (5800) [ 90.039035][ T5831] loop0: detected capacity change from 0 to 32768 [ 90.139009][ T5841] loop2: detected capacity change from 0 to 1024 [ 90.161849][ T5841] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 90.263969][ T5841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.359259][ T5831] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.203 (5831) [ 90.369694][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.410384][ T5800] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 90.443565][ T5831] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 90.466553][ T5800] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 90.475544][ T5831] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 90.489505][ T5800] BTRFS info (device loop1): using free-space-tree [ 90.515895][ T5831] BTRFS info (device loop0): using free-space-tree [ 90.769417][ T5886] loop4: detected capacity change from 0 to 512 [ 90.904738][ T5800] BTRFS info (device loop1): checking UUID tree [ 90.918183][ T5886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02d, mo2=0002] [ 90.926275][ T5886] System zones: 1-12 [ 90.933979][ T5886] EXT4-fs (loop4): orphan cleanup on readonly fs [ 90.945497][ T5886] EXT4-fs error (device loop4): __ext4_iget:4982: inode #11: block 393240: comm syz.4.216: invalid block [ 90.992359][ T5886] EXT4-fs (loop4): Remounting filesystem read-only [ 91.067865][ T5886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 91.148101][ T5239] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 91.259324][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 91.261437][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.312614][ T5904] loop3: detected capacity change from 0 to 736 [ 91.532269][ T5904] rock: directory entry would overflow storage [ 91.545617][ T5904] rock: sig=0x5850, size=36, remaining=14 [ 91.995847][ T5923] UBIFS error (pid: 5923): cannot open "", error -22 [ 92.093412][ T5930] netlink: 'syz.2.235': attribute type 21 has an invalid length. [ 92.123015][ T5930] netlink: 'syz.2.235': attribute type 6 has an invalid length. [ 92.136623][ T5930] netlink: 132 bytes leftover after parsing attributes in process `syz.2.235'. [ 92.236036][ T5936] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 93.197906][ T5973] Illegal XDP return value 4294967274 on prog (id 13) dev N/A, expect packet loss! [ 93.249159][ T5282] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 93.294445][ T5917] loop4: detected capacity change from 0 to 32768 [ 93.322127][ T5917] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 93.448243][ T5282] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 93.502823][ T5282] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 93.544661][ T5282] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 93.569478][ T5991] loop2: detected capacity change from 0 to 128 [ 93.579559][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.591855][ T5917] XFS (loop4): Ending clean mount [ 93.604768][ T5917] XFS (loop4): Quotacheck needed: Please wait. [ 93.629834][ T5282] usb 4-1: config 0 descriptor?? [ 93.707897][ T5917] XFS (loop4): Quotacheck: Done. [ 93.883311][ T5226] sysv_free_block: flc_count > flc_size [ 93.894937][ T5226] sysv_free_block: flc_count > flc_size [ 93.897108][ T5240] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 93.904963][ T5226] sysv_free_block: flc_count > flc_size [ 93.929928][ T5226] sysv_free_block: flc_count > flc_size [ 93.936304][ T5226] sysv_free_block: flc_count > flc_size [ 93.956754][ T5226] sysv_free_block: flc_count > flc_size [ 93.962370][ T5226] sysv_free_block: flc_count > flc_size [ 93.975331][ T5226] sysv_free_block: flc_count > flc_size [ 94.000907][ T5226] sysv_free_block: flc_count > flc_size [ 94.020166][ T5226] sysv_free_block: flc_count > flc_size [ 94.046035][ T5226] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 94.077665][ T5282] Bluetooth: Can't get state to change to load configuration err [ 94.099893][ T5282] Bluetooth: Loading sysconfig file failed [ 94.107344][ T5282] ath3k 4-1:0.0: probe with driver ath3k failed with error -16 [ 94.126734][ T5282] usb 4-1: USB disconnect, device number 3 [ 94.134112][ T5998] loop1: detected capacity change from 0 to 128 [ 94.669253][ T6021] netlink: 12 bytes leftover after parsing attributes in process `syz.2.275'. [ 94.689989][ T6021] netlink: 40 bytes leftover after parsing attributes in process `syz.2.275'. [ 94.796738][ T5282] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 94.990832][ T5282] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 95.000175][ T5281] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 95.015091][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.038545][ T5282] usb 2-1: Product: syz [ 95.042789][ T5282] usb 2-1: Manufacturer: syz [ 95.096427][ T5282] usb 2-1: SerialNumber: syz [ 95.123928][ T6043] loop3: detected capacity change from 0 to 512 [ 95.132752][ T5282] usb 2-1: config 0 descriptor?? [ 95.156720][ T6043] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 95.241931][ T6043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 95.268242][ T6043] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.290902][ T5281] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 95.303089][ T5281] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 59391, setting to 1024 [ 95.319620][ T6050] loop2: detected capacity change from 0 to 256 [ 95.326053][ T5281] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 95.328265][ T6050] exfat: Deprecated parameter 'utf8' [ 95.348941][ T5282] hso 2-1:0.0: Can't find BULK IN endpoint [ 95.355454][ T5282] usb-storage 2-1:0.0: USB Mass Storage device detected [ 95.363017][ T5281] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.379106][ T5281] usb 1-1: config 0 descriptor?? [ 95.385399][ T6025] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 95.393313][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 95.409841][ T5281] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 95.420679][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 95.429387][ T6050] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 95.533394][ T6054] netlink: 'syz.3.287': attribute type 5 has an invalid length. [ 95.541821][ T6054] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.287'. [ 95.555059][ T6050] overlay: filesystem on ./file0 not supported [ 95.575375][ T47] usb 2-1: USB disconnect, device number 2 [ 95.600123][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 95.614836][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7 [ 95.640103][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 95.655757][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 95.684748][ T25] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 95.707430][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.737837][ T5281] usb 1-1: USB disconnect, device number 3 [ 95.751252][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.288'. [ 95.761824][ T25] usb 5-1: Product: syz [ 95.766055][ T25] usb 5-1: Manufacturer: syz [ 95.774767][ T25] usb 5-1: SerialNumber: syz [ 95.828383][ T25] usb 5-1: config 0 descriptor?? [ 96.091077][ T5281] usb 5-1: USB disconnect, device number 3 [ 96.492565][ T6068] loop2: detected capacity change from 0 to 32768 [ 96.566014][ T6068] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 96.992234][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.306'. [ 97.026845][ T6068] XFS (loop2): Ending clean mount [ 97.026853][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.306'. [ 97.072966][ T6068] XFS (loop2): Quotacheck needed: Please wait. [ 97.117965][ T6105] netlink: 292 bytes leftover after parsing attributes in process `syz.4.308'. [ 97.136547][ T6105] netlink: 144 bytes leftover after parsing attributes in process `syz.4.308'. [ 97.166140][ T6103] loop3: detected capacity change from 0 to 4096 [ 97.341961][ T6068] XFS (loop2): Quotacheck: Done. [ 97.555042][ T5226] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 97.624975][ T6126] loop4: detected capacity change from 0 to 1024 [ 97.632642][ T6126] EXT4-fs: Ignoring removed oldalloc option [ 97.642081][ T6126] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 97.670614][ T6126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.892846][ T6133] IPv6: sit1: Disabled Multicast RS [ 97.914596][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.031945][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'. [ 99.281352][ T6166] loop1: detected capacity change from 0 to 32768 [ 99.379622][ T6166] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 99.450865][ T6148] loop3: detected capacity change from 0 to 32768 [ 99.542249][ T6195] loop0: detected capacity change from 0 to 1024 [ 99.677439][ T6148] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 99.738843][ T6195] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.781835][ T6166] XFS (loop1): Ending clean mount [ 99.903408][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.914266][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 100.045862][ T6175] loop4: detected capacity change from 0 to 32768 [ 100.248433][ T6148] XFS (loop3): Ending clean mount [ 100.265145][ T6148] XFS (loop3): Quotacheck needed: Please wait. [ 100.397104][ T6148] XFS (loop3): Quotacheck: Done. [ 100.538392][ T6223] loop0: detected capacity change from 0 to 1024 [ 100.585279][ T6219] loop2: detected capacity change from 0 to 4096 [ 100.621156][ T6219] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 100.709635][ T5229] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 100.724746][ T6223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.972216][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.997174][ T6237] loop1: detected capacity change from 0 to 1764 [ 101.106549][ T6239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.366'. [ 101.167435][ T6239] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 101.368757][ T6253] loop1: detected capacity change from 0 to 256 [ 101.679170][ T6252] loop2: detected capacity change from 0 to 4096 [ 101.720612][ T6252] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 101.814022][ T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 101.841528][ T6252] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 101.863177][ T6269] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 101.879387][ T6252] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 101.896429][ T6252] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 101.996449][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 102.004887][ T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 102.045618][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.107999][ T25] usb 5-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 102.155536][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.197543][ T25] usb 5-1: config 0 descriptor?? [ 102.228956][ T25] qmi_wwan 5-1:0.0: bogus CDC Union: master=10, slave=0 [ 102.256618][ T25] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22 [ 102.435336][ T25] usb 5-1: USB disconnect, device number 4 [ 102.655084][ T6295] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 103.106590][ T6281] loop0: detected capacity change from 0 to 32768 [ 103.152483][ T6281] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.382 (6281) [ 103.197201][ T6281] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 103.226006][ T6281] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 103.257713][ T6281] BTRFS info (device loop0): using free-space-tree [ 103.500089][ T6341] loop4: detected capacity change from 0 to 512 [ 103.513547][ T6341] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 103.810125][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 103.928833][ T6316] loop1: detected capacity change from 0 to 32768 [ 103.936078][ T6316] XFS: ikeep mount option is deprecated. [ 103.965041][ T6341] EXT4-fs (loop4): failed to open journal device unknown-block(2940,205839) -6 [ 104.051931][ T6341] loop4: detected capacity change from 0 to 512 [ 104.059566][ T6341] EXT4-fs (loop4): unable to read superblock [ 104.165683][ T6316] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.308493][ T6367] netlink: 209840 bytes leftover after parsing attributes in process `syz.3.411'. [ 104.421080][ T6369] ceph: No source [ 104.491695][ T6371] QAT: failed to copy from user cfg_data. [ 104.682942][ T6316] XFS (loop1): Ending clean mount [ 105.319268][ T6316] XFS (loop1): Quotacheck needed: Please wait. [ 105.374747][ T6316] XFS (loop1): Quotacheck: Done. [ 105.624774][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 105.801271][ T6410] loop3: detected capacity change from 0 to 8 [ 105.810060][ T6410] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 105.863744][ T6410] cramfs: Error -3 while decompressing! [ 105.870476][ T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 105.897087][ T6410] cramfs: ffffffff950c9788(18)->ffff88806d956000(4096) [ 105.917994][ T6410] cramfs: Error -3 while decompressing! [ 105.924371][ T6410] cramfs: ffffffff950c9788(18)->ffff88806d956000(4096) [ 106.004457][ T29] audit: type=1800 audit(1724332832.226:7): pid=6410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.431" name="file1" dev="loop3" ino=324 res=0 errno=0 [ 106.076707][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 106.089422][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.120149][ T8] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43 [ 106.143877][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.167158][ T8] usb 3-1: config 0 descriptor?? [ 106.391314][ T8] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -22 [ 106.635509][ T47] usb 3-1: USB disconnect, device number 5 [ 106.638789][ T6435] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.443'. [ 107.040085][ T6421] infiniband syz2: set down [ 107.064748][ T6421] infiniband syz2: added ipvlan1 [ 107.198898][ T6421] RDS/IB: syz2: added [ 107.215277][ T6421] smc: adding ib device syz2 with port count 1 [ 107.252323][ T6421] smc: ib device syz2 port 1 has pnetid [ 107.271904][ T6448] loop4: detected capacity change from 0 to 4096 [ 107.356172][ T6450] IPv6: Can't replace route, no match found [ 107.588520][ T6456] netlink: 'syz.3.453': attribute type 21 has an invalid length. [ 107.601660][ T6456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.453'. [ 107.694216][ T6462] netlink: 'syz.0.456': attribute type 1 has an invalid length. [ 108.307142][ T47] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 108.405365][ T6487] netlink: 'syz.2.468': attribute type 8 has an invalid length. [ 108.413672][ T6487] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.468'. [ 108.522371][ T6491] sctp: [Deprecated]: syz.2.470 (pid 6491) Use of int in max_burst socket option. [ 108.522371][ T6491] Use struct sctp_assoc_value instead [ 108.526470][ T47] usb 1-1: Using ep0 maxpacket: 32 [ 108.674515][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 108.688833][ T47] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x7, skipping [ 108.707526][ T47] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 108.726458][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 108.746467][ T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 108.756711][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 108.766656][ T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 108.777071][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 108.790957][ T47] usb 1-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 108.823562][ T47] usb 1-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 108.842208][ T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.860625][ T47] usb 1-1: Product: syz [ 108.864950][ T47] usb 1-1: Manufacturer: syz [ 108.879904][ T47] usb 1-1: SerialNumber: syz [ 108.909619][ T47] usb 1-1: config 0 descriptor?? [ 108.931396][ T6496] loop4: detected capacity change from 0 to 4096 [ 108.940426][ T6474] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 109.233687][ T47] cxacru 1-1:0.0: submit of read urb for cm 0x90 failed (-8) [ 109.264111][ T47] cxacru 1-1:0.0: usbatm_usb_probe: invalid endpoint 02! [ 109.296733][ T47] cxacru 1-1:0.0: probe with driver cxacru failed with error -22 [ 109.339567][ T47] usb 1-1: USB disconnect, device number 4 [ 109.500428][ T6501] loop3: detected capacity change from 0 to 32768 [ 109.514863][ T6501] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.475 (6501) [ 109.542195][ T6501] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 109.560414][ T6501] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 109.583720][ T6501] BTRFS info (device loop3): using free-space-tree [ 109.764357][ T6524] loop1: detected capacity change from 0 to 512 [ 109.800193][ T6524] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 109.983364][ T6524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.997143][ T6524] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.144226][ T5229] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 110.174121][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.658670][ T6548] loop4: detected capacity change from 0 to 1024 [ 110.971240][ T2991] hfsplus: b-tree write err: -5, ino 4 [ 111.126158][ T6538] loop2: detected capacity change from 0 to 32768 [ 111.160096][ T6538] XFS: ikeep mount option is deprecated. [ 111.166053][ T6538] XFS: ikeep mount option is deprecated. [ 111.208783][ T6538] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.424883][ T6573] netlink: 'syz.0.497': attribute type 4 has an invalid length. [ 111.513266][ T6573] netlink: 60 bytes leftover after parsing attributes in process `syz.0.497'. [ 111.654024][ T6538] XFS (loop2): Ending clean mount [ 111.753308][ T5226] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.851745][ T6552] loop1: detected capacity change from 0 to 32768 [ 111.996656][ T47] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 112.090315][ T6552] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 112.218076][ T47] usb 5-1: config 0 has an invalid interface number: 122 but max is 0 [ 112.228961][ T47] usb 5-1: config 0 has no interface number 0 [ 112.235124][ T47] usb 5-1: config 0 interface 122 has no altsetting 0 [ 112.255450][ T47] usb 5-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67 [ 112.267118][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.275751][ T47] usb 5-1: Product: syz [ 112.291728][ T47] usb 5-1: Manufacturer: syz [ 112.301946][ T47] usb 5-1: SerialNumber: syz [ 112.313140][ T47] usb 5-1: config 0 descriptor?? [ 112.505070][ T6552] XFS (loop1): Ending clean mount [ 112.609929][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 112.726508][ T5227] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 112.768674][ T5282] usb 5-1: USB disconnect, device number 5 [ 112.775046][ T5282] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 112.933351][ T5227] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 112.956454][ T5227] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 112.987210][ T5227] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 113.006429][ T5227] usb 1-1: config 1 interface 0 has no altsetting 1 [ 113.052520][ T6603] loop3: detected capacity change from 0 to 32768 [ 113.082321][ T5227] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 113.092442][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 113.101251][ T5227] usb 1-1: Product: syz [ 113.105469][ T5227] usb 1-1: Manufacturer: syz [ 113.110222][ T5227] usb 1-1: SerialNumber: syz [ 113.129173][ T5227] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 113.136023][ T5227] cdc_ncm 1-1:1.0: bind() failure [ 113.233312][ T6603] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 113.296628][ T6608] loop2: detected capacity change from 0 to 32768 [ 113.303787][ T6608] btrfs: Deprecated parameter 'usebackuproot' [ 113.310541][ T6608] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 113.323528][ T6608] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.511 (6608) [ 113.371056][ T6603] XFS (loop3): Ending clean mount [ 113.388749][ T6608] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 113.435455][ T25] usb 1-1: USB disconnect, device number 5 [ 113.436821][ T6608] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 113.516976][ T6608] BTRFS info (device loop2): disk space caching is enabled [ 113.534117][ T6608] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 113.571438][ T5229] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 113.818374][ T69] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0 [ 113.900913][ T6608] BTRFS error (device loop2): failed to load root extent [ 113.913508][ T6608] BTRFS warning (device loop2): try to load backup roots slot 1 [ 113.947288][ T6652] kAFS: unparsable volume name [ 113.952613][ T6655] netlink: 'syz.4.522': attribute type 23 has an invalid length. [ 113.979447][ T6608] BTRFS info (device loop2 state M): disabling free space tree [ 113.987871][ T6608] BTRFS info (device loop2 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 114.023243][ T6608] BTRFS info (device loop2 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 114.275467][ T6608] BTRFS info (device loop2 state M): use compression, level 0 [ 114.287137][ T6664] netlink: 'syz.3.517': attribute type 1 has an invalid length. [ 114.294936][ T6664] nbd: couldn't find a device at index 20 [ 114.618746][ T5226] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 114.944675][ T5234] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 114.951797][ T5234] Bluetooth: Wrong link type (-22) [ 114.960543][ T5234] Bluetooth: hci4: link tx timeout [ 114.966066][ T5234] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 115.658970][ T6717] loop3: detected capacity change from 0 to 1764 [ 115.687799][ T6717] grow_buffers: requested out-of-range block 18446744072509557520 for device loop3 [ 115.746528][ T6717] isofs_fill_super: bread failed, dev=loop3, iso_blknum=1547486600, block=-1199994096 [ 116.180056][ T25] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 116.386453][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 116.399309][ T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 116.449112][ T25] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 116.532845][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 116.580594][ T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 116.627467][ T25] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 116.663122][ T25] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 116.686439][ T25] usb 3-1: Manufacturer: syz [ 116.697519][ T6757] loop1: detected capacity change from 0 to 2048 [ 116.709495][ T25] usb 3-1: config 0 descriptor?? [ 116.749333][ T6757] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 116.773081][ T6735] loop3: detected capacity change from 0 to 40427 [ 116.779894][ T6757] NILFS (loop1): mounting unchecked fs [ 116.779950][ T6757] NILFS (loop1): recovery required for readonly filesystem [ 116.779967][ T6757] NILFS (loop1): write access will be enabled during recovery [ 116.846489][ T6735] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288) [ 116.861652][ T6757] NILFS (loop1): norecovery option specified, skipping roll-forward recovery [ 116.869810][ T6735] F2FS-fs (loop3): heap/no_heap options were deprecated [ 116.888845][ T5247] udevd[5247]: incorrect nilfs2 checksum on /dev/loop1 [ 116.908972][ T6735] F2FS-fs (loop3): invalid crc value [ 116.923808][ T6735] F2FS-fs (loop3): Found nat_bits in checkpoint [ 116.946047][ T25] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 116.967761][ T25] usb 3-1: USB disconnect, device number 6 [ 116.979231][ T6757] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state [ 117.045113][ T5243] Bluetooth: hci4: command 0x0406 tx timeout [ 117.100212][ T6735] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 117.161979][ T6735] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0 [ 117.329024][ T6777] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (72) [ 117.343278][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.4.581'. [ 117.620201][ T5227] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 117.838768][ T5227] usb 1-1: Using ep0 maxpacket: 32 [ 117.857410][ T5227] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 117.882661][ T5227] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 117.913673][ T5227] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 117.939678][ T5227] usb 1-1: config 1 has no interface number 0 [ 117.945869][ T5227] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 118.005054][ T5227] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 118.045350][ T5227] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 118.092523][ T5227] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 118.136390][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.259416][ T5227] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 118.423496][ T6787] loop4: detected capacity change from 0 to 32768 [ 118.431528][ T6787] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.586 (6787) [ 118.472012][ T5227] snd_usb_pod 1-1:1.1: cannot start listening: -90 [ 118.479424][ T6787] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 118.495261][ T6816] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 118.505420][ T5227] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 118.517108][ T5227] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -90 [ 118.536638][ T6787] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 118.591290][ T6787] BTRFS info (device loop4): using free-space-tree [ 118.691410][ T1853] usb 1-1: USB disconnect, device number 6 [ 118.825702][ T6787] BTRFS error (device loop4): balance: invalid convert metadata profile single [ 118.850840][ T6839] netlink: 12 bytes leftover after parsing attributes in process `syz.1.601'. [ 118.938662][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 119.107514][ T6848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'. [ 119.678506][ T6874] Cannot find add_set index 0 as target [ 119.868924][ T6880] @: renamed from veth0_vlan (while UP) [ 119.989787][ T6887] netlink: 84 bytes leftover after parsing attributes in process `syz.1.625'. [ 120.579337][ T6917] rdma_rxe: rxe_newlink: failed to add ipvlan1 [ 120.640081][ T6923] loop0: detected capacity change from 0 to 256 [ 120.723926][ T6923] FAT-fs (loop0): Directory bread(block 64) failed [ 120.734716][ T6923] FAT-fs (loop0): Directory bread(block 65) failed [ 120.748307][ T6923] FAT-fs (loop0): Directory bread(block 66) failed [ 120.754926][ T6923] FAT-fs (loop0): Directory bread(block 67) failed [ 120.761815][ T6923] FAT-fs (loop0): Directory bread(block 68) failed [ 120.772561][ T6923] FAT-fs (loop0): Directory bread(block 69) failed [ 120.779436][ T6923] FAT-fs (loop0): Directory bread(block 70) failed [ 120.786023][ T6923] FAT-fs (loop0): Directory bread(block 71) failed [ 120.792791][ T6923] FAT-fs (loop0): Directory bread(block 72) failed [ 120.799460][ T6923] FAT-fs (loop0): Directory bread(block 73) failed [ 120.972171][ T6932] loop1: detected capacity change from 0 to 1024 [ 120.989389][ T6932] EXT4-fs: Ignoring removed oldalloc option [ 120.996769][ T6932] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 121.081956][ T6932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.120528][ T6932] 9pnet: Unknown protocol version 9 [ 121.171440][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.226704][ T6945] netlink: 'syz.4.649': attribute type 4 has an invalid length. [ 121.234423][ T6945] netlink: 224 bytes leftover after parsing attributes in process `syz.4.649'. [ 121.465208][ T6953] ɶƣ0GCTw: entered promiscuous mode [ 121.722720][ T6961] rdma_rxe: rxe_newlink: failed to add ipvlan1 [ 121.859317][ T6973] netlink: 12 bytes leftover after parsing attributes in process `syz.0.666'. [ 122.726050][ T6980] loop2: detected capacity change from 0 to 32768 [ 122.745963][ T6980] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.667 (6980) [ 122.781933][ T6980] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 122.803689][ T6980] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 122.831326][ T6980] BTRFS info (device loop2): using free-space-tree [ 122.846579][ T5227] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 122.953950][ T7017] SET target dimension over the limit! [ 122.996540][ T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 123.072873][ T5227] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 123.091051][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.127277][ T5227] usb 1-1: Product: syz [ 123.131515][ T5227] usb 1-1: Manufacturer: syz [ 123.136151][ T5227] usb 1-1: SerialNumber: syz [ 123.139100][ T5226] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 123.196514][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 123.207566][ T5227] r8152-cfgselector 1-1: Unknown version 0x0000 [ 123.207599][ T5227] r8152-cfgselector 1-1: config 0 descriptor?? [ 123.211494][ T8] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 123.211527][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 123.211552][ T8] usb 5-1: config 0 has no interface number 0 [ 123.211591][ T8] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 123.211619][ T8] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 123.211651][ T8] usb 5-1: config 0 interface 52 has no altsetting 0 [ 123.214093][ T8] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 123.214127][ T8] usb 5-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 123.214178][ T8] usb 5-1: Product: syz [ 123.214196][ T8] usb 5-1: SerialNumber: syz [ 123.245013][ T8] usb 5-1: config 0 descriptor?? [ 123.655491][ T8] r8152-cfgselector 1-1: USB disconnect, device number 7 [ 123.674913][ T1853] usb 5-1: USB disconnect, device number 6 [ 123.751922][ T7034] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 123.897405][ T7038] loop2: detected capacity change from 0 to 512 [ 123.919555][ T7038] EXT4-fs: Ignoring removed nomblk_io_submit option [ 123.936640][ T7038] EXT4-fs: Ignoring removed mblk_io_submit option [ 123.997040][ T7038] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 124.026240][ T7038] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 124.095116][ T7038] EXT4-fs (loop2): 1 truncate cleaned up [ 124.115916][ T7038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.151343][ T7038] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.581101][ T7065] loop3: detected capacity change from 0 to 1024 [ 124.612157][ T7065] EXT4-fs: Ignoring removed oldalloc option [ 124.647340][ T7065] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 124.647653][ T7068] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 124.738923][ T7065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.834992][ T7065] 9pnet: Unknown protocol version 9 [ 124.955582][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.105520][ T7086] loop4: detected capacity change from 0 to 32768 [ 126.166123][ T7086] [ 126.166123][ T7086] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 126.166123][ T7086] [ 126.245127][ T7095] loop1: detected capacity change from 0 to 32768 [ 126.272902][ T7095] btrfs: Deprecated parameter 'usebackuproot' [ 126.280593][ T7086] ialloc: diAlloc returned -5! [ 126.295967][ T7095] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 126.332461][ T7094] loop3: detected capacity change from 0 to 32768 [ 126.339886][ T7095] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.712 (7095) [ 126.343863][ T7091] loop0: detected capacity change from 0 to 32768 [ 126.384372][ T5240] [ 126.384372][ T5240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 126.384372][ T5240] [ 126.426485][ T7095] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 126.430830][ T7094] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.708 (7094) [ 126.438052][ T7095] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 126.481478][ T7095] BTRFS info (device loop1): disk space caching is enabled [ 126.494567][ T7095] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 126.514960][ T5240] [ 126.514960][ T5240] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 126.514960][ T5240] [ 126.533818][ T7094] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 126.545810][ T7094] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 126.563255][ T7094] BTRFS info (device loop3): using free-space-tree [ 127.044605][ T11] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0 [ 127.169506][ T7095] BTRFS error (device loop1): failed to load root extent [ 127.177498][ T7095] BTRFS warning (device loop1): try to load backup roots slot 1 [ 127.301233][ T5229] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 127.332013][ T7095] BTRFS info (device loop1 state M): disabling free space tree [ 127.359922][ T7095] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 127.376568][ T7095] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 127.474019][ T7095] BTRFS info (device loop1 state M): use compression, level 0 [ 127.649524][ T5239] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 128.420722][ T7202] loop2: detected capacity change from 0 to 512 [ 128.451566][ T7202] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 128.475387][ T7202] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 128.522566][ T7202] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 128.544286][ T7202] System zones: 0-2, 18-18, 34-34 [ 128.578278][ T7202] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 128.619918][ T7202] EXT4-fs (loop2): 1 truncate cleaned up [ 128.633110][ T7202] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.669791][ T7202] EXT4-fs error (device loop2): ext4_generic_delete_entry:2678: inode #2: block 3: comm syz.2.747: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 128.703540][ T7202] EXT4-fs error (device loop2) in ext4_delete_entry:2749: Corrupt filesystem [ 128.966468][ T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 128.981468][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.038460][ T7193] loop4: detected capacity change from 0 to 32768 [ 129.129328][ T7193] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.741 (7193) [ 129.190028][ T7193] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 129.203382][ T7193] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 129.213675][ T7193] BTRFS info (device loop4): using free-space-tree [ 129.278811][ T7227] loop0: detected capacity change from 0 to 512 [ 129.352602][ T7213] loop1: detected capacity change from 0 to 32768 [ 129.436482][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 129.448252][ T25] usb 4-1: config 253 has an invalid interface number: 157 but max is 3 [ 129.495763][ T7227] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.755: corrupted in-inode xattr: bad e_name length [ 129.516979][ T25] usb 4-1: config 253 contains an unexpected descriptor of type 0x2, skipping [ 129.535585][ T7227] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.755: couldn't read orphan inode 15 (err -117) [ 129.556425][ T25] usb 4-1: config 253 has an invalid interface number: 213 but max is 3 [ 129.570955][ T7227] EXT4-fs (loop0): mounted filesystem 00000004-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.578068][ T7249] loop2: detected capacity change from 0 to 8 [ 129.584853][ T25] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config [ 129.609283][ T7213] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 129.609382][ T25] usb 4-1: config 253 has 2 interfaces, different from the descriptor's value: 4 [ 129.645719][ T7249] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 129.653614][ T25] usb 4-1: config 253 has no interface number 0 [ 129.666958][ T7249] cramfs: Error -3 while decompressing! [ 129.683492][ T7249] cramfs: ffffffff950cd788(18)->ffff888058ebf000(4096) [ 129.698623][ T25] usb 4-1: config 253 has no interface number 1 [ 129.705071][ T25] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 129.736875][ T5231] EXT4-fs (loop0): unmounting filesystem 00000004-0000-0000-0000-000000000000. [ 129.752746][ T7249] cramfs: Error -3 while decompressing! [ 129.760415][ T7249] cramfs: ffffffff950cd788(18)->ffff888058ebf000(4096) [ 129.768057][ T25] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 129.780275][ T29] audit: type=1800 audit(1724332856.006:8): pid=7249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.758" name="file1" dev="loop2" ino=324 res=0 errno=0 [ 129.801421][ T25] usb 4-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 129.816406][ T25] usb 4-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14 [ 129.883228][ T25] usb 4-1: config 253 interface 157 has no altsetting 0 [ 129.885790][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 129.905051][ T25] usb 4-1: config 253 interface 213 has no altsetting 0 [ 129.932238][ T7213] XFS (loop1): Ending clean mount [ 129.950505][ T25] usb 4-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57 [ 129.965940][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.019096][ T25] usb 4-1: Product: syz [ 130.023409][ T25] usb 4-1: Manufacturer: syz [ 130.036434][ T25] usb 4-1: SerialNumber: syz [ 130.087933][ T7213] XFS (loop1): Quotacheck needed: Please wait. [ 130.238382][ T7213] XFS (loop1): Quotacheck: Done. [ 130.295162][ T7265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.772'. [ 130.336614][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 130.390479][ T25] r8712u: register rtl8712_netdev_ops to netdev_ops [ 130.402996][ T25] usb 4-1: r8712u: USB_SPEED_HIGH with 4 endpoints [ 130.478306][ T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed [ 130.485887][ T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 130.496621][ T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 130.551888][ T25] usb 4-1: Found UVC 0.00 device syz (0b05:1791) [ 130.606628][ T25] usb 4-1: No valid video chain found. [ 130.612704][ T25] r8712u: register rtl8712_netdev_ops to netdev_ops [ 130.681155][ T25] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 130.711391][ T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed [ 130.736107][ T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 130.771192][ T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 130.826450][ T25] usb 4-1: USB disconnect, device number 4 [ 130.883389][ T7277] capability: warning: `syz.2.768' uses deprecated v2 capabilities in a way that may be insecure [ 130.970535][ T7280] loop1: detected capacity change from 0 to 512 [ 131.017483][ T7280] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 131.036744][ T7280] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 131.129439][ T7280] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 131.172643][ T7280] System zones: 0-2, 18-18, 34-34 [ 131.262764][ T7285] loop2: detected capacity change from 0 to 1024 [ 131.279883][ T7280] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 131.283896][ T7270] loop0: detected capacity change from 0 to 32768 [ 131.344655][ T7270] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.765 (7270) [ 131.361811][ T7280] EXT4-fs (loop1): 1 truncate cleaned up [ 131.377091][ T7270] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 131.387604][ T7280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.401289][ T7280] EXT4-fs error (device loop1): ext4_generic_delete_entry:2678: inode #2: block 3: comm syz.1.764: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 131.433024][ T7270] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 131.442167][ T7280] EXT4-fs error (device loop1) in ext4_delete_entry:2749: Corrupt filesystem [ 131.548193][ T7270] BTRFS info (device loop0): using free-space-tree [ 131.649507][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.681570][ T11] hfsplus: b-tree write err: -5, ino 4 [ 131.957568][ T25] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 132.158657][ T25] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 132.181652][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.212598][ T25] usb 4-1: config 0 descriptor?? [ 132.235210][ T25] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 132.264996][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.521244][ T7333] loop1: detected capacity change from 0 to 1024 [ 132.652163][ T25] gspca_cpia1: usb_control_msg 03, error -71 [ 132.676913][ T25] gspca_cpia1: usb_control_msg 01, error -71 [ 132.717328][ T25] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 132.757895][ T25] usb 4-1: USB disconnect, device number 5 [ 132.794476][ T1060] hfsplus: b-tree write err: -5, ino 4 [ 132.820316][ T7340] loop0: detected capacity change from 0 to 256 [ 132.847862][ T7340] exfat: Deprecated parameter 'namecase' [ 132.863375][ T7340] exfat: Deprecated parameter 'utf8' [ 132.916472][ T7340] exfat: Deprecated parameter 'namecase' [ 132.922228][ T7340] exfat: Deprecated parameter 'utf8' [ 132.996048][ T7340] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 133.042130][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.050358][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.125819][ T7347] netlink: 'syz.2.794': attribute type 1 has an invalid length. [ 133.171735][ T7349] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 133.370414][ T7353] loop0: detected capacity change from 0 to 2048 [ 133.511201][ T7362] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 133.577600][ T7353] NILFS (loop0): failed to count free inodes: err=-34 [ 133.867654][ T7374] kAFS: unparsable volume name [ 133.947297][ T7313] syz.4.783: vmalloc error: size 2363392, failed to allocated page array size 4616, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 133.980211][ T7313] CPU: 1 UID: 0 PID: 7313 Comm: syz.4.783 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 133.990460][ T7313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 134.000571][ T7313] Call Trace: [ 134.003895][ T7313] [ 134.006869][ T7313] dump_stack_lvl+0x241/0x360 [ 134.011610][ T7313] ? __pfx_dump_stack_lvl+0x10/0x10 [ 134.016860][ T7313] ? __pfx__printk+0x10/0x10 [ 134.021519][ T7313] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 134.028040][ T7313] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 134.034608][ T7313] warn_alloc+0x278/0x410 [ 134.039003][ T7313] ? __pfx_warn_alloc+0x10/0x10 [ 134.043943][ T7313] ? vb2_vmalloc_alloc+0xf2/0x340 [ 134.049025][ T7313] ? __get_vm_area_node+0x23d/0x270 [ 134.054298][ T7313] __vmalloc_node_range_noprof+0x6a2/0x1400 [ 134.060275][ T7313] ? __kmalloc_cache_node_noprof+0x1d3/0x300 [ 134.066320][ T7313] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 134.072711][ T7313] ? vb2_vmalloc_alloc+0xf2/0x340 [ 134.077795][ T7313] ? __get_vm_area_node+0x23d/0x270 [ 134.083051][ T7313] __vmalloc_node_range_noprof+0x5bc/0x1400 [ 134.089018][ T7313] ? vb2_vmalloc_alloc+0xf2/0x340 [ 134.094132][ T7313] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 134.100491][ T7313] ? __kasan_kmalloc+0x98/0xb0 [ 134.105270][ T7313] ? vb2_vmalloc_alloc+0xb5/0x340 [ 134.110317][ T7313] vmalloc_user_noprof+0x74/0x80 [ 134.115275][ T7313] ? vb2_vmalloc_alloc+0xf2/0x340 [ 134.120314][ T7313] vb2_vmalloc_alloc+0xf2/0x340 [ 134.125204][ T7313] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 134.130671][ T7313] __vb2_queue_alloc+0xa0b/0x16f0 [ 134.135744][ T7313] vb2_core_create_bufs+0x825/0x1040 [ 134.141147][ T7313] ? __pfx_vb2_core_create_bufs+0x10/0x10 [ 134.146891][ T7313] ? __pfx___might_resched+0x10/0x10 [ 134.152190][ T7313] ? vb2_set_flags_and_caps+0x2f7/0x5e0 [ 134.157746][ T7313] vb2_create_bufs+0x60e/0xdd0 [ 134.162564][ T7313] ? __pfx_vb2_create_bufs+0x10/0x10 [ 134.167856][ T7313] ? __mutex_lock+0x2ef/0xd70 [ 134.172546][ T7313] ? vb2_set_flags_and_caps+0x2f7/0x5e0 [ 134.178104][ T7313] vb2_ioctl_create_bufs+0x2ba/0x400 [ 134.183497][ T7313] v4l_create_bufs+0x18b/0x2a0 [ 134.188296][ T7313] __video_do_ioctl+0xc26/0xde0 [ 134.193170][ T7313] ? __pfx___video_do_ioctl+0x10/0x10 [ 134.198737][ T7313] ? __might_fault+0xc6/0x120 [ 134.203436][ T7313] video_usercopy+0x89b/0x1180 [ 134.208226][ T7313] ? __pfx___video_do_ioctl+0x10/0x10 [ 134.213607][ T7313] ? __pfx_video_usercopy+0x10/0x10 [ 134.218863][ T7313] ? __fget_files+0x29/0x470 [ 134.223478][ T7313] ? __fget_files+0x3f6/0x470 [ 134.228442][ T7313] ? __fget_files+0x29/0x470 [ 134.233051][ T7313] v4l2_ioctl+0x18c/0x1e0 [ 134.237405][ T7313] ? __pfx_v4l2_ioctl+0x10/0x10 [ 134.242285][ T7313] __se_sys_ioctl+0xfc/0x170 [ 134.246889][ T7313] do_syscall_64+0xf3/0x230 [ 134.251427][ T7313] ? clear_bhb_loop+0x35/0x90 [ 134.256205][ T7313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.262205][ T7313] RIP: 0033:0x7f1093b79e79 [ 134.266633][ T7313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.286261][ T7313] RSP: 002b:00007f1094970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 134.294702][ T7313] RAX: ffffffffffffffda RBX: 00007f1093d15f80 RCX: 00007f1093b79e79 [ 134.302947][ T7313] RDX: 0000000020000140 RSI: 00000000c100565c RDI: 0000000000000003 [ 134.310931][ T7313] RBP: 00007f1093be7916 R08: 0000000000000000 R09: 0000000000000000 [ 134.318910][ T7313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.326914][ T7313] R13: 0000000000000000 R14: 00007f1093d15f80 R15: 00007ffc60c80e28 [ 134.334913][ T7313] [ 134.352911][ T7313] Mem-Info: [ 134.356117][ T7313] active_anon:4645 inactive_anon:0 isolated_anon:0 [ 134.356117][ T7313] active_file:1570 inactive_file:38214 isolated_file:0 [ 134.356117][ T7313] unevictable:768 dirty:286 writeback:0 [ 134.356117][ T7313] slab_reclaimable:8914 slab_unreclaimable:98922 [ 134.356117][ T7313] mapped:21677 shmem:1263 pagetables:791 [ 134.356117][ T7313] sec_pagetables:0 bounce:0 [ 134.356117][ T7313] kernel_misc_reclaimable:0 [ 134.356117][ T7313] free:1348597 free_pcp:2231 free_cma:0 [ 134.425743][ T7379] nvme_fabrics: missing parameter 'transport=%s' [ 134.436925][ T7379] nvme_fabrics: missing parameter 'nqn=%s' [ 134.518604][ T7390] process 'syz.3.814' launched './file0' with NULL argv: empty string added [ 134.530644][ T7313] Node 0 active_anon:18460kB inactive_anon:0kB active_file:6280kB inactive_file:152820kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:86640kB dirty:1228kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10220kB pagetables:3144kB sec_pagetables:0kB all_unreclaimable? no [ 134.574905][ T7393] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 134.669000][ T7313] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:60kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 134.772307][ T7313] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 134.926501][ T7313] lowmem_reserve[]: 0 2559 2560 0 0 [ 134.931872][ T7313] Node 0 DMA32 free:1432176kB boost:0kB min:34992kB low:43740kB high:52488kB reserved_highatomic:0KB active_anon:18312kB inactive_anon:0kB active_file:6280kB inactive_file:151496kB unevictable:1536kB writepending:1228kB present:3129332kB managed:2648716kB mlocked:0kB bounce:0kB free_pcp:1128kB local_pcp:236kB free_cma:0kB [ 134.950613][ T7407] netlink: 'syz.2.824': attribute type 21 has an invalid length. [ 135.076434][ T7313] lowmem_reserve[]: 0 0 1 0 0 [ 135.081538][ T7313] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 135.201407][ T7313] lowmem_reserve[]: 0 0 0 0 0 [ 135.209128][ T7313] Node 1 Normal free:3956068kB boost:0kB min:54892kB low:68612kB high:82332kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:60kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 135.308041][ T7313] lowmem_reserve[]: 0 0 0 0 0 [ 135.326427][ T7313] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 135.345621][ T7313] Node 0 DMA32: 5*4kB (ME) 4*8kB (UE) 152*16kB (ME) 181*32kB (UME) 132*64kB (UME) 58*128kB (UME) 30*256kB (UME) 24*512kB (UME) 18*1024kB (UM) 4*2048kB (M) 332*4096kB (UM) = 1430612kB [ 135.416156][ T7313] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 135.432588][ T7418] loop1: detected capacity change from 0 to 4096 [ 135.439470][ T7313] Node 1 Normal: 3*4kB (UM) 2*8kB (UM) 7*16kB (UM) 12*32kB (UM) 6*64kB (UM) 4*128kB (UM) 8*256kB (UM) 6*512kB (UM) 5*1024kB (UM) 2*2048kB (U) 962*4096kB (M) = 3956108kB [ 135.463577][ T7313] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 135.473419][ T5227] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 135.498245][ T7313] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 135.511504][ T7313] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 135.547179][ T7313] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 135.585917][ T7313] 41597 total pagecache pages [ 135.591725][ T7313] 0 pages in swap cache [ 135.596095][ T7313] Free swap = 124996kB [ 135.634644][ T7313] Total swap = 124996kB [ 135.639148][ T7313] 2097051 pages RAM [ 135.642985][ T7313] 0 pages HighMem/MovableOnly [ 135.649005][ T7313] 402894 pages reserved [ 135.653581][ T7313] 0 pages cma reserved [ 135.678421][ T5227] usb 3-1: Using ep0 maxpacket: 32 [ 135.706237][ T5227] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 135.726728][ T5227] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 135.769894][ T5227] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 135.805666][ T5227] usb 3-1: config 1 has no interface number 0 [ 135.828393][ T5227] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 135.874665][ T5227] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 135.911984][ T5227] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 135.973834][ T5227] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 135.995239][ T7437] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.838'. [ 135.996427][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.089961][ T5227] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 136.303287][ T5227] snd_usb_pod 3-1:1.1: cannot start listening: -90 [ 136.310118][ T5227] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 136.317815][ T5227] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -90 [ 136.545614][ T5227] usb 3-1: USB disconnect, device number 7 [ 136.646255][ T5234] Bluetooth: Unknown BR/EDR signaling command 0x11 [ 136.654327][ T5234] Bluetooth: Wrong link type (-22) [ 136.660947][ T5234] Bluetooth: hci2: link tx timeout [ 136.666525][ T5234] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 136.757558][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 136.765999][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 136.877153][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 136.885616][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 137.791210][ T7463] loop3: detected capacity change from 0 to 32768 [ 137.807054][ T7463] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.849 (7463) [ 137.849198][ T7463] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 137.859899][ T7463] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 137.896604][ T7463] BTRFS info (device loop3): using free-space-tree [ 137.965030][ T7507] loop2: detected capacity change from 0 to 512 [ 137.977066][ T7507] EXT4-fs: Ignoring removed nomblk_io_submit option [ 138.003404][ T7507] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 138.043282][ T7463] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 138.092973][ T7507] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002] [ 138.136854][ T7507] System zones: 0-2, 18-18, 34-34 [ 138.201629][ T7507] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 138.282956][ T7507] EXT4-fs (loop2): 1 truncate cleaned up [ 138.300815][ T7507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.353256][ T7507] EXT4-fs error (device loop2): ext4_empty_dir:3094: inode #12: block 13: comm syz.2.867: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1 [ 138.470593][ T7507] EXT4-fs (loop2): Remounting filesystem read-only [ 138.506281][ T7507] EXT4-fs warning (device loop2): ext4_empty_dir:3096: inode #12: comm syz.2.867: directory missing '.' [ 138.531557][ T7489] loop4: detected capacity change from 0 to 32768 [ 138.719354][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.728887][ T5248] Bluetooth: hci2: command 0x0406 tx timeout [ 138.753206][ T7489] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 139.268427][ T7489] XFS (loop4): Ending clean mount [ 139.808090][ T5240] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 139.880404][ T7545] loop1: detected capacity change from 0 to 32768 [ 139.892142][ T7545] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.875 (7545) [ 139.918119][ T47] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 139.949898][ T7545] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 139.975684][ T7545] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 140.049756][ T7545] BTRFS info (device loop1): using free-space-tree [ 140.186723][ T47] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 140.222194][ T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.328256][ T47] usb 3-1: config 0 descriptor?? [ 140.360910][ T47] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 140.597180][ T5283] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 140.601032][ T5239] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 140.828084][ T47] gspca_cpia1: usb_control_msg 03, error -71 [ 140.839827][ T47] gspca_cpia1: usb_control_msg 01, error -71 [ 140.848003][ T5283] usb 4-1: Using ep0 maxpacket: 32 [ 140.858645][ T5283] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 140.871693][ T47] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0) [ 140.879547][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.910473][ T5283] usb 4-1: Product: syz [ 140.915106][ T47] usb 3-1: USB disconnect, device number 8 [ 140.931276][ T5283] usb 4-1: Manufacturer: syz [ 140.946262][ T5283] usb 4-1: SerialNumber: syz [ 140.974878][ T5283] usb 4-1: config 0 descriptor?? [ 141.242842][ T7603] loop1: detected capacity change from 0 to 256 [ 141.416534][ T5283] peak_usb 4-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 141.441371][ T5283] peak_usb 4-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 141.548992][ T5283] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -71 [ 141.577063][ T5283] usb 4-1: USB disconnect, device number 6 [ 141.697674][ T7615] netlink: 'syz.2.904': attribute type 8 has an invalid length. [ 141.736489][ T5227] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 141.820940][ T7595] loop4: detected capacity change from 0 to 32768 [ 141.925154][ T7595] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 141.938559][ T5227] usb 1-1: Using ep0 maxpacket: 16 [ 141.986981][ T5227] usb 1-1: config 253 has an invalid interface number: 157 but max is 3 [ 141.995501][ T5227] usb 1-1: config 253 contains an unexpected descriptor of type 0x2, skipping [ 142.007184][ T5227] usb 1-1: config 253 has an invalid interface number: 213 but max is 3 [ 142.015593][ T5227] usb 1-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config [ 142.026790][ T5227] usb 1-1: config 253 has 2 interfaces, different from the descriptor's value: 4 [ 142.035980][ T5227] usb 1-1: config 253 has no interface number 0 [ 142.042656][ T5227] usb 1-1: config 253 has no interface number 1 [ 142.049122][ T5227] usb 1-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 142.060513][ T5227] usb 1-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 142.072635][ T5227] usb 1-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 142.084468][ T5227] usb 1-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14 [ 142.098309][ T5227] usb 1-1: config 253 interface 157 has no altsetting 0 [ 142.105304][ T5227] usb 1-1: config 253 interface 213 has no altsetting 0 [ 142.159616][ T5227] usb 1-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57 [ 142.168881][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.186412][ T5227] usb 1-1: Product: syz [ 142.190657][ T5227] usb 1-1: Manufacturer: syz [ 142.195293][ T5227] usb 1-1: SerialNumber: syz [ 142.266661][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 142.388759][ T7595] XFS (loop4): Ending clean mount [ 142.419712][ T7595] XFS (loop4): Quotacheck needed: Please wait. [ 142.431328][ T5227] r8712u: register rtl8712_netdev_ops to netdev_ops [ 142.439483][ T5227] usb 1-1: r8712u: USB_SPEED_HIGH with 4 endpoints [ 142.460240][ T5227] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 142.480677][ T5227] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 142.494135][ T7595] XFS (loop4): Quotacheck: Done. [ 142.499344][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 142.511283][ T5227] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 142.519479][ T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 142.539890][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.560173][ T5227] usb 1-1: Found UVC 0.00 device syz (0b05:1791) [ 142.578233][ T8] usb 2-1: config 0 descriptor?? [ 142.584764][ T5227] usb 1-1: No valid video chain found. [ 142.600377][ T5240] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 142.606038][ T5227] r8712u: register rtl8712_netdev_ops to netdev_ops [ 142.609971][ T7641] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 142.643469][ T5227] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 142.714142][ T5227] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed [ 142.746507][ T5227] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 142.754130][ T5227] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 142.841238][ T8] ath6kl: Failed to submit usb control message: -71 [ 142.872496][ T8] ath6kl: unable to send the bmi data to the device: -71 [ 142.880294][ T8] ath6kl: Unable to send get target info: -71 [ 142.909777][ T8] ath6kl: Failed to init ath6kl core: -71 [ 142.916739][ T8] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 142.933673][ T5227] usb 1-1: USB disconnect, device number 8 [ 142.944875][ T8] usb 2-1: USB disconnect, device number 3 [ 143.303791][ T7663] netlink: 'syz.0.922': attribute type 1 has an invalid length. [ 143.466800][ T5283] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 143.661461][ T5283] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 143.678442][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.724666][ T5283] usb 5-1: config 0 descriptor?? [ 143.739052][ T5283] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 143.936665][ T5227] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 144.046460][ T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 144.146582][ T5227] usb 1-1: Using ep0 maxpacket: 32 [ 144.154445][ T5227] usb 1-1: config 0 has an invalid interface descriptor of length 3, skipping [ 144.160259][ T5283] gspca_cpia1: usb_control_msg 03, error -71 [ 144.171414][ T5227] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 144.179561][ T5283] gspca_cpia1: usb_control_msg 01, error -71 [ 144.193866][ T5227] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 144.199322][ T5283] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 144.225178][ T5227] usb 1-1: New USB device found, idVendor=110a, idProduct=1653, bcdDevice=c0.7b [ 144.232922][ T5283] usb 5-1: USB disconnect, device number 7 [ 144.246644][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 144.268373][ T8] usb 2-1: config 253 has an invalid interface number: 157 but max is 3 [ 144.282785][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.296478][ T8] usb 2-1: config 253 contains an unexpected descriptor of type 0x2, skipping [ 144.313758][ T5227] usb 1-1: config 0 descriptor?? [ 144.329775][ T8] usb 2-1: config 253 has an invalid interface number: 213 but max is 3 [ 144.356734][ T8] usb 2-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config [ 144.369158][ T8] usb 2-1: config 253 has 2 interfaces, different from the descriptor's value: 4 [ 144.385534][ T8] usb 2-1: config 253 has no interface number 0 [ 144.392763][ T8] usb 2-1: config 253 has no interface number 1 [ 144.404634][ T8] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 144.416429][ T47] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 144.419477][ T8] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 144.431534][ T7690] dvmrp0: entered allmulticast mode [ 144.441649][ T8] usb 2-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 144.460642][ T8] usb 2-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14 [ 144.501331][ T8] usb 2-1: config 253 interface 157 has no altsetting 0 [ 144.514154][ T8] usb 2-1: config 253 interface 213 has no altsetting 0 [ 144.541458][ T8] usb 2-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57 [ 144.551027][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.581630][ T8] usb 2-1: Product: syz [ 144.585867][ T8] usb 2-1: Manufacturer: syz [ 144.599650][ T5282] usb 1-1: USB disconnect, device number 9 [ 144.614720][ T8] usb 2-1: SerialNumber: syz [ 144.646405][ T47] usb 4-1: Using ep0 maxpacket: 16 [ 144.662626][ T47] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 144.677223][ T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.685292][ T47] usb 4-1: Product: syz [ 144.689881][ T47] usb 4-1: Manufacturer: syz [ 144.694539][ T47] usb 4-1: SerialNumber: syz [ 144.703896][ T47] usb 4-1: config 0 descriptor?? [ 144.722013][ T47] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 144.810431][ T7697] netlink: 199356 bytes leftover after parsing attributes in process `syz.2.939'. [ 144.929916][ T8] r8712u: register rtl8712_netdev_ops to netdev_ops [ 144.945406][ T8] usb 2-1: r8712u: USB_SPEED_HIGH with 4 endpoints [ 144.954440][ T8] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed [ 144.967442][ T8] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 144.974972][ T8] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 145.010200][ T8] usb 2-1: Found UVC 0.00 device syz (0b05:1791) [ 145.019027][ T8] usb 2-1: No valid video chain found. [ 145.025082][ T8] r8712u: register rtl8712_netdev_ops to netdev_ops [ 145.035421][ T8] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 145.050085][ T7698] loop4: detected capacity change from 0 to 8192 [ 145.059568][ T8] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed [ 145.066227][ T8] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 145.080365][ T8] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 145.082201][ T7698] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 145.096775][ T8] usb 2-1: USB disconnect, device number 4 [ 145.141353][ T47] usb 4-1: clie_3_5_startup: get interface number failed: -71 [ 145.154643][ T47] visor 4-1:0.0: probe with driver visor failed with error -71 [ 145.195875][ T47] usb 4-1: USB disconnect, device number 7 [ 145.437101][ T7707] netlink: 'syz.4.944': attribute type 10 has an invalid length. [ 145.452667][ T7707] netlink: 40 bytes leftover after parsing attributes in process `syz.4.944'. [ 145.469129][ T7707] team0: entered promiscuous mode [ 145.513044][ T7707] team_slave_0: entered promiscuous mode [ 145.536748][ T7707] team_slave_1: entered promiscuous mode [ 145.557067][ T7707] team0: entered allmulticast mode [ 145.572747][ T7707] team_slave_0: entered allmulticast mode [ 145.606596][ T7707] team_slave_1: entered allmulticast mode [ 145.619040][ T7707] bridge0: port 3(team0) entered blocking state [ 145.634445][ T7707] bridge0: port 3(team0) entered disabled state [ 145.657009][ T7707] bridge0: port 3(team0) entered blocking state [ 145.663714][ T7707] bridge0: port 3(team0) entered forwarding state [ 146.137212][ T7736] netlink: 'syz.2.957': attribute type 3 has an invalid length. [ 146.176486][ T7736] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.957'. [ 146.384879][ T7748] loop1: detected capacity change from 0 to 512 [ 146.418006][ T7748] EXT4-fs: Ignoring removed nomblk_io_submit option [ 146.489456][ T7748] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 146.634029][ T7748] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002] [ 146.645362][ T7764] netlink: 16 bytes leftover after parsing attributes in process `syz.3.972'. [ 146.664232][ T7748] System zones: 0-2, 18-18, 34-34 [ 146.717305][ T7748] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 146.760376][ T7748] EXT4-fs (loop1): 1 truncate cleaned up [ 146.770101][ T7748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.845449][ T7748] EXT4-fs error (device loop1): ext4_empty_dir:3094: inode #12: block 13: comm syz.1.964: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1 [ 146.865238][ T1853] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 146.908772][ T7748] EXT4-fs (loop1): Remounting filesystem read-only [ 146.916081][ T7748] EXT4-fs warning (device loop1): ext4_empty_dir:3096: inode #12: comm syz.1.964: directory missing '.' [ 147.001829][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.068505][ T1853] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.101962][ T1853] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 147.136470][ T1853] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 147.163820][ T1853] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 147.197772][ T1853] usb 5-1: config 1 interface 1 has no altsetting 0 [ 147.208974][ T1853] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 147.236566][ T1853] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.244646][ T1853] usb 5-1: Product: syz [ 147.274147][ T1853] usb 5-1: Manufacturer: syz [ 147.281447][ T1853] usb 5-1: SerialNumber: syz [ 147.549875][ T1853] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 147.567061][ T1853] usb 5-1: MIDIStreaming interface descriptor not found [ 147.685851][ T1853] usb 5-1: USB disconnect, device number 8 [ 147.912832][ T7804] loop3: detected capacity change from 0 to 256 [ 147.955158][ T7781] loop0: detected capacity change from 0 to 32768 [ 147.969239][ T7781] btrfs: Deprecated parameter 'usebackuproot' [ 147.975383][ T7781] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 147.990881][ T7781] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.988 (7781) [ 148.056529][ T7781] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 148.101944][ T7781] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 148.167299][ T7781] BTRFS info (device loop0): disk space caching is enabled [ 148.174577][ T7781] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 148.382810][ T1121] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0 [ 148.473418][ T7781] BTRFS error (device loop0): failed to load root extent [ 148.481824][ T7781] BTRFS warning (device loop0): try to load backup roots slot 1 [ 148.627691][ T7781] BTRFS info (device loop0 state M): disabling free space tree [ 148.632017][ T7846] netlink: 'syz.2.1001': attribute type 11 has an invalid length. [ 148.635746][ T7781] BTRFS info (device loop0 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 148.653821][ T7781] BTRFS info (device loop0 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 148.700163][ T7781] BTRFS info (device loop0 state M): use compression, level 0 [ 148.777033][ T5227] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 148.856695][ T5231] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 149.075543][ T5227] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 149.091415][ T5227] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 149.116083][ T5227] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 149.126170][ T5227] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 149.147185][ T5227] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 149.157101][ T5227] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.259729][ T29] audit: type=1326 audit(1724332875.476:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000 [ 149.290574][ T5227] usb 4-1: config 0 descriptor?? [ 149.386476][ T29] audit: type=1326 audit(1724332875.486:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000 [ 149.523939][ T29] audit: type=1326 audit(1724332875.486:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000 [ 149.651307][ T29] audit: type=1326 audit(1724332875.486:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000 [ 149.668940][ T5227] hdpvr 4-1:0.0: firmware version 0x15 dated mҝR( ry|A3je{)7}-S8N [ 149.721170][ T29] audit: type=1326 audit(1724332875.486:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000 [ 149.777871][ T7886] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 149.783912][ T47] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 149.869814][ T5227] hdpvr 4-1:0.0: device init failed [ 149.883247][ T5227] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12 [ 149.920369][ T5227] usb 4-1: USB disconnect, device number 8 [ 149.966530][ T47] usb 5-1: Using ep0 maxpacket: 16 [ 149.978180][ T47] usb 5-1: config 253 has an invalid interface number: 157 but max is 3 [ 150.001787][ T47] usb 5-1: config 253 contains an unexpected descriptor of type 0x2, skipping [ 150.026502][ T47] usb 5-1: config 253 has an invalid interface number: 213 but max is 3 [ 150.035260][ T7892] loop0: detected capacity change from 0 to 512 [ 150.045558][ T47] usb 5-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config [ 150.066751][ T47] usb 5-1: config 253 has 2 interfaces, different from the descriptor's value: 4 [ 150.086519][ T7892] EXT4-fs (loop0): Test dummy encryption mode enabled [ 150.097168][ T47] usb 5-1: config 253 has no interface number 0 [ 150.113825][ T47] usb 5-1: config 253 has no interface number 1 [ 150.124003][ T47] usb 5-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 150.125278][ T7892] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13 [ 150.135631][ T47] usb 5-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 150.154822][ T47] usb 5-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 150.166703][ T47] usb 5-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14 [ 150.180149][ T47] usb 5-1: config 253 interface 157 has no altsetting 0 [ 150.187259][ T47] usb 5-1: config 253 interface 213 has no altsetting 0 [ 150.196832][ T47] usb 5-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57 [ 150.209912][ T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.218254][ T47] usb 5-1: Product: syz [ 150.224988][ T47] usb 5-1: Manufacturer: syz [ 150.230096][ T7892] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.1024: attempt to clear invalid blocks 2 len 1 [ 150.243072][ T47] usb 5-1: SerialNumber: syz [ 150.300637][ T7892] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 150.433060][ T7871] loop1: detected capacity change from 0 to 32768 [ 150.443733][ T7892] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1024: invalid indirect mapped block 1819239214 (level 0) [ 150.468890][ T47] r8712u: register rtl8712_netdev_ops to netdev_ops [ 150.475522][ T47] usb 5-1: r8712u: USB_SPEED_HIGH with 4 endpoints [ 150.500816][ T7892] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1024: invalid indirect mapped block 1819239214 (level 1) [ 150.536634][ T47] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed [ 150.543294][ T47] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 150.551209][ T47] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 150.554825][ T7892] EXT4-fs (loop0): 1 truncate cleaned up [ 150.568741][ T7892] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.606771][ T7904] loop2: detected capacity change from 0 to 4096 [ 150.626793][ T7871] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 150.651650][ T7904] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 150.673415][ T47] usb 5-1: Found UVC 0.00 device syz (0b05:1791) [ 150.679919][ T47] usb 5-1: No valid video chain found. [ 150.686030][ T47] r8712u: register rtl8712_netdev_ops to netdev_ops [ 150.693010][ T47] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 150.703687][ T47] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed [ 150.710724][ T47] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 150.719024][ T47] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 150.742764][ T47] usb 5-1: USB disconnect, device number 9 [ 150.744495][ T7904] ntfs3: loop2: failed to convert "c46c" to maccyrillic [ 150.793034][ T7911] loop3: detected capacity change from 0 to 128 [ 150.802073][ T7892] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 150.832503][ T7871] XFS (loop1): Ending clean mount [ 150.872210][ T7911] befs: (loop3): invalid magic header [ 150.949180][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.001635][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 151.105542][ T7916] netlink: 'syz.3.1032': attribute type 10 has an invalid length. [ 151.125573][ T7916] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1032'. [ 151.137025][ T7916] team0: entered promiscuous mode [ 151.150674][ T7916] team_slave_0: entered promiscuous mode [ 151.166124][ T7916] team_slave_1: entered promiscuous mode [ 151.202700][ T7916] team0: entered allmulticast mode [ 151.215466][ T7916] team_slave_0: entered allmulticast mode [ 151.241542][ T7916] team_slave_1: entered allmulticast mode [ 151.287016][ T7916] bridge0: port 3(team0) entered blocking state [ 151.304862][ T7916] bridge0: port 3(team0) entered disabled state [ 151.342907][ T7916] bridge0: port 3(team0) entered blocking state [ 151.349440][ T7916] bridge0: port 3(team0) entered forwarding state [ 151.846509][ T5282] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 152.032326][ T7957] netlink: 'syz.2.1051': attribute type 10 has an invalid length. [ 152.040664][ T7957] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1051'. [ 152.050438][ T5282] usb 2-1: Using ep0 maxpacket: 16 [ 152.057722][ T5282] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 152.068387][ T5282] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.080216][ T7957] team0: entered promiscuous mode [ 152.085354][ T5282] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 152.097603][ T7957] team_slave_0: entered promiscuous mode [ 152.105641][ T5282] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 152.120326][ T5227] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 152.124061][ T7959] ip6t_srh: unknown srh invflags 7D00 [ 152.129453][ T7957] team_slave_1: entered promiscuous mode [ 152.142101][ T7957] team0: entered allmulticast mode [ 152.147840][ T7957] team_slave_0: entered allmulticast mode [ 152.154401][ T7957] team_slave_1: entered allmulticast mode [ 152.154807][ T5282] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 152.170692][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 152.179240][ T5282] usb 2-1: SerialNumber: syz [ 152.179678][ T7957] bridge0: port 3(team0) entered blocking state [ 152.190877][ T7957] bridge0: port 3(team0) entered disabled state [ 152.225878][ T7957] bridge0: port 3(team0) entered blocking state [ 152.232442][ T7957] bridge0: port 3(team0) entered forwarding state [ 152.319385][ T5227] usb 1-1: Using ep0 maxpacket: 16 [ 152.342971][ T5227] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 152.360920][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.373476][ T5227] usb 1-1: Product: syz [ 152.381602][ T5227] usb 1-1: Manufacturer: syz [ 152.389077][ T5227] usb 1-1: SerialNumber: syz [ 152.429227][ T5227] usb 1-1: config 0 descriptor?? [ 152.437432][ T5282] usb 2-1: USB disconnect, device number 5 [ 152.461783][ T5227] visor 1-1:0.0: Sony Clie 3.5 converter detected [ 152.647384][ T7973] netlink: 'syz.2.1058': attribute type 4 has an invalid length. [ 152.869579][ T5227] usb 1-1: clie_3_5_startup: get interface number failed: -71 [ 152.877864][ T5227] visor 1-1:0.0: probe with driver visor failed with error -71 [ 152.893743][ T5227] usb 1-1: USB disconnect, device number 10 [ 153.034958][ T7985] netlink: 'syz.3.1065': attribute type 1 has an invalid length. [ 153.116577][ T5283] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 153.308622][ T5283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 153.321818][ T5283] usb 5-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f [ 153.337933][ T7998] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 153.344027][ T7993] loop1: detected capacity change from 0 to 4096 [ 153.346589][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.357643][ T7993] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 153.366509][ T7998] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 153.401931][ T5283] usb 5-1: config 0 descriptor?? [ 153.468429][ T5283] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22 [ 153.477707][ T5283] cdc_acm 5-1:0.0: Control and data interfaces are not separated! [ 153.485576][ T5283] cdc_acm 5-1:0.0: This needs exactly 3 endpoints [ 153.492381][ T5283] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22 [ 153.589759][ T8004] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1075'. [ 153.599157][ T8004] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1075'. [ 153.771871][ T7993] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 153.805585][ T5283] usb 5-1: USB disconnect, device number 10 [ 154.183428][ T8028] loop0: detected capacity change from 0 to 512 [ 154.198096][ T8028] EXT4-fs (loop0): DAX unsupported by block device. [ 154.352651][ T8033] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1087'. [ 154.436410][ T5283] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 154.600051][ T8031] loop3: detected capacity change from 0 to 8192 [ 154.619694][ T8031] REISERFS warning (device loop3): super-6513 reiserfs_parse_options: quotafile must be on filesystem root. [ 154.659916][ T5283] usb 3-1: Using ep0 maxpacket: 16 [ 154.692453][ T5283] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 154.712807][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.746379][ T5283] usb 3-1: Product: syz [ 154.771092][ T5283] usb 3-1: Manufacturer: syz [ 154.775762][ T5283] usb 3-1: SerialNumber: syz [ 154.795841][ T5283] usb 3-1: config 0 descriptor?? [ 154.818880][ T5283] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 155.138189][ T8028] loop0: detected capacity change from 0 to 32768 [ 155.226993][ T5283] usb 3-1: clie_3_5_startup: get interface number failed: -71 [ 155.244870][ T5283] visor 3-1:0.0: probe with driver visor failed with error -71 [ 155.249020][ T8028] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section errors: entry with count 0 (id clean_but_journal_not_empty) [ 155.249020][ T8028] errors (size 64): [ 155.249020][ T8028] clean_but_journal_not_empty 0 0 [ 155.249020][ T8028] (unknown error 25442) 133476496583272 12315680807489264408 [ 155.249020][ T8028] (unknown error 55044) 248102311844487 202532834100012515 [ 155.249020][ T8028] [ 155.256513][ T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 155.317972][ T8028] bcachefs: bch2_fs_get_tree() error: invalid_sb_errors [ 155.320819][ T5283] usb 3-1: USB disconnect, device number 9 [ 155.599238][ T25] usb 2-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb [ 155.617319][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.674373][ T25] usb 2-1: config 0 descriptor?? [ 155.709879][ T25] gspca_main: spca505-2.14.0 probing 0733:0430 [ 155.787612][ T8046] loop4: detected capacity change from 0 to 40427 [ 155.809758][ T8046] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 155.845125][ T8046] F2FS-fs (loop4): Found nat_bits in checkpoint [ 155.896963][ T8050] loop3: detected capacity change from 0 to 32768 [ 156.033435][ T8058] loop0: detected capacity change from 0 to 16 [ 156.073380][ T8046] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 156.079809][ T8058] erofs: (device loop0): mounted with root inode @ nid 36. [ 156.144065][ T8058] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 156.159051][ T25] gspca_spca505: reg write: error -71 [ 156.164537][ T25] spca505 2-1:0.0: probe with driver spca505 failed with error -5 [ 156.185198][ T25] usb 2-1: USB disconnect, device number 6 [ 156.205406][ T8058] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 156.227916][ T8058] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 156.886862][ T8081] binder: 8079:8081 ioctl c018620c 200013c0 returned -22 [ 157.001870][ T8087] netlink: 'syz.0.1113': attribute type 21 has an invalid length. [ 157.043276][ T8087] IPv6: NLM_F_CREATE should be specified when creating new route [ 157.091572][ T8087] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 157.098931][ T8087] IPv6: NLM_F_CREATE should be set when creating new route [ 157.106240][ T8087] IPv6: NLM_F_CREATE should be set when creating new route [ 157.113555][ T8087] IPv6: NLM_F_CREATE should be set when creating new route [ 157.202545][ T8092] netlink: 'syz.1.1116': attribute type 1 has an invalid length. [ 157.672670][ T8114] netlink: 'syz.4.1126': attribute type 32 has an invalid length. [ 157.832006][ T8120] loop2: detected capacity change from 0 to 2048 [ 157.935895][ T8120] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 157.964095][ T8128] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1133'. [ 157.997215][ T8128] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1133'. [ 158.056496][ T8128] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1133'. [ 158.277454][ T8142] netlink: 'syz.0.1140': attribute type 7 has an invalid length. [ 158.311060][ T8142] netlink: 'syz.0.1140': attribute type 8 has an invalid length. [ 158.329927][ T8144] tmpfs: Bad value for 'mpol' [ 158.985220][ T8180] loop1: detected capacity change from 0 to 256 [ 159.038805][ T47] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 159.099218][ T8180] FAT-fs (loop1): Directory bread(block 64) failed [ 159.117031][ T8180] FAT-fs (loop1): Directory bread(block 65) failed [ 159.126916][ T8180] FAT-fs (loop1): Directory bread(block 66) failed [ 159.148058][ T8180] FAT-fs (loop1): Directory bread(block 67) failed [ 159.186527][ T8180] FAT-fs (loop1): Directory bread(block 68) failed [ 159.195195][ T8180] FAT-fs (loop1): Directory bread(block 69) failed [ 159.221868][ T8180] FAT-fs (loop1): Directory bread(block 70) failed [ 159.226461][ T47] usb 1-1: Using ep0 maxpacket: 8 [ 159.255230][ T47] usb 1-1: New USB device found, idVendor=0c45, idProduct=628e, bcdDevice=e0.4e [ 159.256444][ T8180] FAT-fs (loop1): Directory bread(block 71) failed [ 159.264895][ T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.284372][ T8180] FAT-fs (loop1): Directory bread(block 72) failed [ 159.304624][ T47] usb 1-1: Product: syz [ 159.307188][ T8180] FAT-fs (loop1): Directory bread(block 73) failed [ 159.323492][ T47] usb 1-1: Manufacturer: syz [ 159.329786][ T47] usb 1-1: SerialNumber: syz [ 159.353346][ T47] usb 1-1: config 0 descriptor?? [ 159.390435][ T47] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:628e [ 159.487285][ T8199] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1168'. [ 159.837901][ T47] gspca_sn9c20x: Write register 1001 failed -71 [ 159.844232][ T47] gspca_sn9c20x: Device initialization failed [ 159.875906][ T47] gspca_sn9c20x 1-1:0.0: probe with driver gspca_sn9c20x failed with error -71 [ 159.918007][ T47] usb 1-1: USB disconnect, device number 11 [ 160.024033][ T8220] netlink: 'syz.2.1178': attribute type 1 has an invalid length. [ 160.026173][ T8224] loop1: detected capacity change from 0 to 512 [ 160.079589][ T8220] netlink: 'syz.2.1178': attribute type 3 has an invalid length. [ 160.093271][ T8220] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1178'. [ 160.104885][ T8220] NCSI netlink: No device for ifindex 0 [ 160.114202][ T8224] EXT4-fs (loop1): Test dummy encryption mode enabled [ 160.187520][ T8224] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 160.303831][ T8224] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1179: attempt to clear invalid blocks 2 len 1 [ 160.307666][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1186'. [ 160.347688][ T8224] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 160.385065][ T8224] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1179: invalid indirect mapped block 1819239214 (level 0) [ 160.471337][ T8224] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1179: invalid indirect mapped block 1819239214 (level 1) [ 160.508351][ T8244] loop4: detected capacity change from 0 to 256 [ 160.543110][ T8224] EXT4-fs (loop1): 1 truncate cleaned up [ 160.550667][ T8224] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.674001][ T8224] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 160.678880][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1191'. [ 160.694278][ T8244] FAT-fs (loop4): Directory bread(block 64) failed [ 160.708563][ T8244] FAT-fs (loop4): Directory bread(block 65) failed [ 160.715591][ T8244] FAT-fs (loop4): Directory bread(block 66) failed [ 160.737961][ T8244] FAT-fs (loop4): Directory bread(block 67) failed [ 160.755214][ T8244] FAT-fs (loop4): Directory bread(block 68) failed [ 160.766445][ T8244] FAT-fs (loop4): Directory bread(block 69) failed [ 160.794697][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.833767][ T8244] FAT-fs (loop4): Directory bread(block 70) failed [ 160.847086][ T8244] FAT-fs (loop4): Directory bread(block 71) failed [ 160.853756][ T8244] FAT-fs (loop4): Directory bread(block 72) failed [ 160.893956][ T8244] FAT-fs (loop4): Directory bread(block 73) failed [ 160.985867][ T8261] tmpfs: Bad value for 'mpol' [ 161.238596][ T8270] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1201'. [ 161.274152][ T8270] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1201'. [ 161.327146][ T8275] netlink: 'syz.3.1204': attribute type 7 has an invalid length. [ 161.828791][ T8301] loop2: detected capacity change from 0 to 4096 [ 161.867253][ T8301] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 161.907146][ T8305] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1218'. [ 161.929330][ T8305] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 161.967609][ T8307] netlink: 'syz.3.1219': attribute type 2 has an invalid length. [ 162.027087][ T8312] xt_hashlimit: invalid rate [ 162.122012][ T8301] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 162.527548][ T8331] loop0: detected capacity change from 0 to 64 [ 162.849873][ T8345] netlink: 'syz.4.1238': attribute type 6 has an invalid length. [ 163.087890][ T8355] __nla_validate_parse: 2 callbacks suppressed [ 163.087914][ T8355] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1242'. [ 163.151042][ T8359] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1245'. [ 163.174801][ T8358] cgroup: name respecified [ 163.228467][ T8361] IPv6: sit1: Disabled Multicast RS [ 163.644620][ T8377] loop2: detected capacity change from 0 to 256 [ 163.720643][ T8377] FAT-fs (loop2): Directory bread(block 64) failed [ 163.758698][ T8377] FAT-fs (loop2): Directory bread(block 65) failed [ 163.765398][ T8377] FAT-fs (loop2): Directory bread(block 66) failed [ 163.794059][ T8381] netlink: 'syz.0.1256': attribute type 1 has an invalid length. [ 163.831482][ T8377] FAT-fs (loop2): Directory bread(block 67) failed [ 163.841182][ T8381] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.1256'. [ 163.841960][ T8383] netlink: 'syz.4.1257': attribute type 3 has an invalid length. [ 163.857155][ T8377] FAT-fs (loop2): Directory bread(block 68) failed [ 163.866057][ T8381] nbd: couldn't find device at index 131082 [ 163.886094][ T8383] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.1257'. [ 163.891431][ T8377] FAT-fs (loop2): Directory bread(block 69) failed [ 163.915801][ T8377] FAT-fs (loop2): Directory bread(block 70) failed [ 163.940749][ T8377] FAT-fs (loop2): Directory bread(block 71) failed [ 163.966931][ T8377] FAT-fs (loop2): Directory bread(block 72) failed [ 163.983887][ T8377] FAT-fs (loop2): Directory bread(block 73) failed [ 164.004477][ T8335] loop3: detected capacity change from 0 to 40427 [ 164.174580][ T8335] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 164.213709][ T8335] F2FS-fs (loop3): Found nat_bits in checkpoint [ 164.249920][ T8400] netlink: 'syz.1.1264': attribute type 2 has an invalid length. [ 164.371624][ T8335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 164.421743][ T8407] loop0: detected capacity change from 0 to 256 [ 164.670807][ T8407] FAT-fs (loop0): Directory bread(block 64) failed [ 164.697274][ T8407] FAT-fs (loop0): Directory bread(block 65) failed [ 164.720534][ T8407] FAT-fs (loop0): Directory bread(block 66) failed [ 164.753293][ T8407] FAT-fs (loop0): Directory bread(block 67) failed [ 164.773085][ T8407] FAT-fs (loop0): Directory bread(block 68) failed [ 164.779956][ T8407] FAT-fs (loop0): Directory bread(block 69) failed [ 164.787907][ T8407] FAT-fs (loop0): Directory bread(block 70) failed [ 164.794491][ T8407] FAT-fs (loop0): Directory bread(block 71) failed [ 164.801903][ T8407] FAT-fs (loop0): Directory bread(block 72) failed [ 164.811004][ T8407] FAT-fs (loop0): Directory bread(block 73) failed [ 165.652429][ T8449] loop4: detected capacity change from 0 to 64 [ 165.832466][ T8415] loop2: detected capacity change from 0 to 32768 [ 165.852334][ T8455] loop3: detected capacity change from 0 to 8 [ 165.870726][ T8415] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1268 (8415) [ 165.954378][ T8455] ================================================================== [ 165.962508][ T8455] BUG: KASAN: slab-use-after-free in squashfs_readahead+0x210c/0x2680 [ 165.970721][ T8455] Read of size 4 at addr ffff88801ffef4c0 by task syz.3.1291/8455 [ 165.978614][ T8455] [ 165.980953][ T8455] CPU: 0 UID: 0 PID: 8455 Comm: syz.3.1291 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 165.991229][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 166.001300][ T8455] Call Trace: [ 166.004640][ T8455] [ 166.007581][ T8455] dump_stack_lvl+0x241/0x360 [ 166.012292][ T8455] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.017505][ T8455] ? __pfx__printk+0x10/0x10 [ 166.022106][ T8455] ? _printk+0xd5/0x120 [ 166.026271][ T8455] ? __virt_addr_valid+0x183/0x530 [ 166.031395][ T8455] ? __virt_addr_valid+0x183/0x530 [ 166.036520][ T8455] print_report+0x169/0x550 [ 166.041052][ T8455] ? __virt_addr_valid+0x183/0x530 [ 166.046169][ T8455] ? __virt_addr_valid+0x183/0x530 [ 166.051372][ T8455] ? __virt_addr_valid+0x45f/0x530 [ 166.056497][ T8455] ? __phys_addr+0xba/0x170 [ 166.061010][ T8455] ? squashfs_readahead+0x210c/0x2680 [ 166.066405][ T8455] kasan_report+0x143/0x180 [ 166.070928][ T8455] ? squashfs_readahead+0x210c/0x2680 [ 166.076324][ T8455] squashfs_readahead+0x210c/0x2680 [ 166.081550][ T8455] ? squashfs_readahead+0x6f0/0x2680 [ 166.086850][ T8455] ? __pfx_squashfs_readahead+0x10/0x10 [ 166.092423][ T8455] ? blk_start_plug+0x70/0x1b0 [ 166.097201][ T8455] read_pages+0x17e/0x840 [ 166.101539][ T8455] ? percpu_ref_put+0x19/0x180 [ 166.106322][ T8455] ? __pfx_read_pages+0x10/0x10 [ 166.111215][ T8455] ? filemap_add_folio+0x26d/0x650 [ 166.116339][ T8455] ? __pfx_filemap_add_folio+0x10/0x10 [ 166.121815][ T8455] page_cache_ra_unbounded+0x6ce/0x7f0 [ 166.127461][ T8455] filemap_get_pages+0x543/0x2330 [ 166.132516][ T8455] ? __pfx_filemap_get_pages+0x10/0x10 [ 166.137999][ T8455] ? __pfx___might_resched+0x10/0x10 [ 166.143393][ T8455] ? unwind_next_frame+0x18e6/0x22d0 [ 166.148698][ T8455] filemap_read+0x457/0xfa0 [ 166.153213][ T8455] ? 0xffffffffa00038c0 [ 166.157382][ T8455] ? __pfx_filemap_read+0x10/0x10 [ 166.162428][ T8455] ? iov_iter_kvec+0x4e/0x180 [ 166.167121][ T8455] __kernel_read+0x532/0x9f0 [ 166.171722][ T8455] ? do_sys_openat2+0x13e/0x1d0 [ 166.176589][ T8455] ? __x64_sys_openat+0x247/0x2a0 [ 166.181632][ T8455] ? __pfx___kernel_read+0x10/0x10 [ 166.186780][ T8455] integrity_kernel_read+0xb0/0x100 [ 166.191995][ T8455] ? __pfx_integrity_kernel_read+0x10/0x10 [ 166.197818][ T8455] ? ima_calc_file_hash+0xab7/0x1b30 [ 166.203142][ T8455] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 166.208705][ T8455] ima_calc_file_hash+0xaef/0x1b30 [ 166.213862][ T8455] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 166.220245][ T8455] ? lockdep_hardirqs_on+0x99/0x150 [ 166.225451][ T8455] ? __pfx_ima_calc_file_hash+0x10/0x10 [ 166.231010][ T8455] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 166.236942][ T8455] ? __x64_sys_openat+0x247/0x2a0 [ 166.242017][ T8455] ? do_syscall_64+0xf3/0x230 [ 166.246707][ T8455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.252815][ T8455] ? mark_lock+0x9a/0x360 [ 166.257154][ T8455] ? make_vfsgid+0x46/0x90 [ 166.261578][ T8455] ? generic_fillattr+0x59c/0x840 [ 166.266620][ T8455] ima_collect_measurement+0x526/0xb20 [ 166.272103][ T8455] ? __pfx_ima_collect_measurement+0x10/0x10 [ 166.278108][ T8455] ? squashfs_xattr_handler_get+0x585/0x900 [ 166.284027][ T8455] ? trace_contention_end+0x3c/0x120 [ 166.289326][ T8455] ? __mutex_lock+0x2ef/0xd70 [ 166.294023][ T8455] ? ima_get_hash_algo+0x156/0x4d0 [ 166.299235][ T8455] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 166.304717][ T8455] process_measurement+0x1357/0x1fb0 [ 166.310026][ T8455] ? __pfx_process_measurement+0x10/0x10 [ 166.315676][ T8455] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 166.322118][ T8455] ? __pfx_apparmor_file_open+0x10/0x10 [ 166.327678][ T8455] ? tomoyo_file_open+0x168/0x220 [ 166.332802][ T8455] ? inode_to_bdi+0x69/0xf0 [ 166.337316][ T8455] ? apparmor_current_getsecid_subj+0xde/0x1b0 [ 166.343486][ T8455] ima_file_check+0xf2/0x170 [ 166.348095][ T8455] ? __pfx_ima_file_check+0x10/0x10 [ 166.353324][ T8455] security_file_post_open+0xb9/0x280 [ 166.358712][ T8455] path_openat+0x2cd0/0x3590 [ 166.363358][ T8455] ? __pfx_path_openat+0x10/0x10 [ 166.368336][ T8455] do_filp_open+0x235/0x490 [ 166.372848][ T8455] ? __pfx_do_filp_open+0x10/0x10 [ 166.377899][ T8455] ? _raw_spin_unlock+0x28/0x50 [ 166.382757][ T8455] ? alloc_fd+0x5a1/0x640 [ 166.387106][ T8455] do_sys_openat2+0x13e/0x1d0 [ 166.391823][ T8455] ? __pfx_do_sys_openat2+0x10/0x10 [ 166.397071][ T8455] __x64_sys_openat+0x247/0x2a0 [ 166.401954][ T8455] ? __pfx___x64_sys_openat+0x10/0x10 [ 166.407353][ T8455] ? do_syscall_64+0x100/0x230 [ 166.412153][ T8455] ? do_syscall_64+0xb6/0x230 [ 166.416875][ T8455] do_syscall_64+0xf3/0x230 [ 166.421397][ T8455] ? clear_bhb_loop+0x35/0x90 [ 166.426085][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.431995][ T8455] RIP: 0033:0x7ff64ed79e79 [ 166.436419][ T8455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.456047][ T8455] RSP: 002b:00007ff64fb4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 166.464480][ T8455] RAX: ffffffffffffffda RBX: 00007ff64ef15f80 RCX: 00007ff64ed79e79 [ 166.472466][ T8455] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 166.480477][ T8455] RBP: 00007ff64ede7916 R08: 0000000000000000 R09: 0000000000000000 [ 166.488472][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.496475][ T8455] R13: 0000000000000000 R14: 00007ff64ef15f80 R15: 00007fffbdd17c18 [ 166.504560][ T8455] [ 166.507587][ T8455] [ 166.509912][ T8455] Allocated by task 8455: [ 166.514242][ T8455] kasan_save_track+0x3f/0x80 [ 166.518931][ T8455] __kasan_kmalloc+0x98/0xb0 [ 166.523541][ T8455] __kmalloc_cache_noprof+0x19c/0x2c0 [ 166.528928][ T8455] squashfs_page_actor_init_special+0x64/0x440 [ 166.535094][ T8455] squashfs_readahead+0x188f/0x2680 [ 166.540301][ T8455] read_pages+0x17e/0x840 [ 166.544640][ T8455] page_cache_ra_unbounded+0x6ce/0x7f0 [ 166.550112][ T8455] filemap_get_pages+0x543/0x2330 [ 166.555173][ T8455] filemap_read+0x457/0xfa0 [ 166.559702][ T8455] __kernel_read+0x532/0x9f0 [ 166.564312][ T8455] integrity_kernel_read+0xb0/0x100 [ 166.569547][ T8455] ima_calc_file_hash+0xaef/0x1b30 [ 166.574675][ T8455] ima_collect_measurement+0x526/0xb20 [ 166.580166][ T8455] process_measurement+0x1357/0x1fb0 [ 166.585488][ T8455] ima_file_check+0xf2/0x170 [ 166.590090][ T8455] security_file_post_open+0xb9/0x280 [ 166.595472][ T8455] path_openat+0x2cd0/0x3590 [ 166.600096][ T8455] do_filp_open+0x235/0x490 [ 166.604604][ T8455] do_sys_openat2+0x13e/0x1d0 [ 166.609293][ T8455] __x64_sys_openat+0x247/0x2a0 [ 166.614178][ T8455] do_syscall_64+0xf3/0x230 [ 166.618691][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.624587][ T8455] [ 166.626914][ T8455] Freed by task 8455: [ 166.630890][ T8455] kasan_save_track+0x3f/0x80 [ 166.635598][ T8455] kasan_save_free_info+0x40/0x50 [ 166.640672][ T8455] __kasan_slab_free+0x59/0x70 [ 166.645442][ T8455] kfree+0x196/0x3e0 [ 166.649374][ T8455] squashfs_readahead+0x195b/0x2680 [ 166.654589][ T8455] read_pages+0x17e/0x840 [ 166.658928][ T8455] page_cache_ra_unbounded+0x6ce/0x7f0 [ 166.664415][ T8455] filemap_get_pages+0x543/0x2330 [ 166.669446][ T8455] filemap_read+0x457/0xfa0 [ 166.673951][ T8455] __kernel_read+0x532/0x9f0 [ 166.678549][ T8455] integrity_kernel_read+0xb0/0x100 [ 166.683761][ T8455] ima_calc_file_hash+0xaef/0x1b30 [ 166.688883][ T8455] ima_collect_measurement+0x526/0xb20 [ 166.694352][ T8455] process_measurement+0x1357/0x1fb0 [ 166.699752][ T8455] ima_file_check+0xf2/0x170 [ 166.704348][ T8455] security_file_post_open+0xb9/0x280 [ 166.709725][ T8455] path_openat+0x2cd0/0x3590 [ 166.714407][ T8455] do_filp_open+0x235/0x490 [ 166.718915][ T8455] do_sys_openat2+0x13e/0x1d0 [ 166.723602][ T8455] __x64_sys_openat+0x247/0x2a0 [ 166.728466][ T8455] do_syscall_64+0xf3/0x230 [ 166.732975][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.738876][ T8455] [ 166.741201][ T8455] The buggy address belongs to the object at ffff88801ffef480 [ 166.741201][ T8455] which belongs to the cache kmalloc-96 of size 96 [ 166.755109][ T8455] The buggy address is located 64 bytes inside of [ 166.755109][ T8455] freed 96-byte region [ffff88801ffef480, ffff88801ffef4e0) [ 166.768836][ T8455] [ 166.771169][ T8455] The buggy address belongs to the physical page: [ 166.777589][ T8455] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ffef [ 166.786355][ T8455] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 166.793467][ T8455] page_type: 0xfdffffff(slab) [ 166.798152][ T8455] raw: 00fff00000000000 ffff888015841280 dead000000000100 dead000000000122 [ 166.806742][ T8455] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000 [ 166.815321][ T8455] page dumped because: kasan: bad access detected [ 166.821741][ T8455] page_owner tracks the page as allocated [ 166.827458][ T8455] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1060, tgid 1060 (kworker/u8:6), ts 74422037414, free_ts 74364420339 [ 166.848134][ T8455] post_alloc_hook+0x1f3/0x230 [ 166.852922][ T8455] get_page_from_freelist+0x3131/0x3280 [ 166.858484][ T8455] __alloc_pages_noprof+0x29e/0x780 [ 166.863700][ T8455] alloc_slab_page+0x5f/0x120 [ 166.868383][ T8455] allocate_slab+0x5a/0x2f0 [ 166.872892][ T8455] ___slab_alloc+0xcd1/0x14b0 [ 166.877575][ T8455] __slab_alloc+0x58/0xa0 [ 166.881903][ T8455] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 166.887285][ T8455] dst_cow_metrics_generic+0x56/0x1c0 [ 166.892677][ T8455] icmp6_dst_alloc+0x270/0x420 [ 166.897529][ T8455] ndisc_send_skb+0x32a/0x1380 [ 166.902327][ T8455] ndisc_send_ns+0xcc/0x160 [ 166.906855][ T8455] addrconf_dad_work+0xb45/0x16f0 [ 166.911884][ T8455] process_scheduled_works+0xa63/0x1850 [ 166.917469][ T8455] worker_thread+0x86d/0xd10 [ 166.922068][ T8455] kthread+0x2f0/0x390 [ 166.926144][ T8455] page last free pid 5324 tgid 5324 stack trace: [ 166.932473][ T8455] free_unref_folios+0xe8a/0x1850 [ 166.937503][ T8455] folios_put_refs+0x76e/0x860 [ 166.942274][ T8455] free_pages_and_swap_cache+0x2ea/0x690 [ 166.947914][ T8455] tlb_flush_mmu+0x3a3/0x680 [ 166.952517][ T8455] tlb_finish_mmu+0xd4/0x200 [ 166.957122][ T8455] exit_mmap+0x496/0xc40 [ 166.961381][ T8455] __mmput+0x115/0x390 [ 166.965459][ T8455] exit_mm+0x220/0x310 [ 166.969529][ T8455] do_exit+0x9b2/0x28e0 [ 166.973689][ T8455] do_group_exit+0x207/0x2c0 [ 166.978285][ T8455] __x64_sys_exit_group+0x3f/0x40 [ 166.983314][ T8455] x64_sys_call+0x26a8/0x26b0 [ 166.988004][ T8455] do_syscall_64+0xf3/0x230 [ 166.992513][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.998490][ T8455] [ 167.000816][ T8455] Memory state around the buggy address: [ 167.006461][ T8455] ffff88801ffef380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 167.014521][ T8455] ffff88801ffef400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 167.022582][ T8455] >ffff88801ffef480: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 167.030641][ T8455] ^ [ 167.036800][ T8455] ffff88801ffef500: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 167.045122][ T8455] ffff88801ffef580: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 167.053187][ T8455] ================================================================== [ 167.076613][ T8455] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 167.083870][ T8455] CPU: 1 UID: 0 PID: 8455 Comm: syz.3.1291 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0 [ 167.094058][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 167.104235][ T8455] Call Trace: [ 167.107535][ T8455] [ 167.110495][ T8455] dump_stack_lvl+0x241/0x360 [ 167.115218][ T8455] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.120545][ T8455] ? __pfx__printk+0x10/0x10 [ 167.125173][ T8455] ? preempt_schedule+0xe1/0xf0 [ 167.130067][ T8455] ? vscnprintf+0x5d/0x90 [ 167.134443][ T8455] panic+0x349/0x880 [ 167.138374][ T8455] ? check_panic_on_warn+0x21/0xb0 [ 167.143496][ T8455] ? __pfx_panic+0x10/0x10 [ 167.147929][ T8455] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 167.153930][ T8455] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 167.160275][ T8455] ? print_report+0x502/0x550 [ 167.164969][ T8455] check_panic_on_warn+0x86/0xb0 [ 167.169917][ T8455] ? squashfs_readahead+0x210c/0x2680 [ 167.175302][ T8455] end_report+0x77/0x160 [ 167.179551][ T8455] kasan_report+0x154/0x180 [ 167.184064][ T8455] ? squashfs_readahead+0x210c/0x2680 [ 167.189450][ T8455] squashfs_readahead+0x210c/0x2680 [ 167.194757][ T8455] ? squashfs_readahead+0x6f0/0x2680 [ 167.200052][ T8455] ? __pfx_squashfs_readahead+0x10/0x10 [ 167.205613][ T8455] ? blk_start_plug+0x70/0x1b0 [ 167.210401][ T8455] read_pages+0x17e/0x840 [ 167.214735][ T8455] ? percpu_ref_put+0x19/0x180 [ 167.219513][ T8455] ? __pfx_read_pages+0x10/0x10 [ 167.224370][ T8455] ? filemap_add_folio+0x26d/0x650 [ 167.229485][ T8455] ? __pfx_filemap_add_folio+0x10/0x10 [ 167.234952][ T8455] page_cache_ra_unbounded+0x6ce/0x7f0 [ 167.240426][ T8455] filemap_get_pages+0x543/0x2330 [ 167.245649][ T8455] ? __pfx_filemap_get_pages+0x10/0x10 [ 167.251129][ T8455] ? __pfx___might_resched+0x10/0x10 [ 167.256611][ T8455] ? unwind_next_frame+0x18e6/0x22d0 [ 167.261918][ T8455] filemap_read+0x457/0xfa0 [ 167.266437][ T8455] ? 0xffffffffa00038c0 [ 167.270612][ T8455] ? __pfx_filemap_read+0x10/0x10 [ 167.275668][ T8455] ? iov_iter_kvec+0x4e/0x180 [ 167.280359][ T8455] __kernel_read+0x532/0x9f0 [ 167.284956][ T8455] ? do_sys_openat2+0x13e/0x1d0 [ 167.289823][ T8455] ? __x64_sys_openat+0x247/0x2a0 [ 167.294882][ T8455] ? __pfx___kernel_read+0x10/0x10 [ 167.300019][ T8455] integrity_kernel_read+0xb0/0x100 [ 167.305228][ T8455] ? __pfx_integrity_kernel_read+0x10/0x10 [ 167.311045][ T8455] ? ima_calc_file_hash+0xab7/0x1b30 [ 167.316346][ T8455] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 167.322080][ T8455] ima_calc_file_hash+0xaef/0x1b30 [ 167.327205][ T8455] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 167.334155][ T8455] ? lockdep_hardirqs_on+0x99/0x150 [ 167.339361][ T8455] ? __pfx_ima_calc_file_hash+0x10/0x10 [ 167.344925][ T8455] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 167.350841][ T8455] ? __x64_sys_openat+0x247/0x2a0 [ 167.355888][ T8455] ? do_syscall_64+0xf3/0x230 [ 167.360582][ T8455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.366688][ T8455] ? mark_lock+0x9a/0x360 [ 167.371036][ T8455] ? make_vfsgid+0x46/0x90 [ 167.375461][ T8455] ? generic_fillattr+0x59c/0x840 [ 167.380505][ T8455] ima_collect_measurement+0x526/0xb20 [ 167.386071][ T8455] ? __pfx_ima_collect_measurement+0x10/0x10 [ 167.392199][ T8455] ? squashfs_xattr_handler_get+0x585/0x900 [ 167.398131][ T8455] ? trace_contention_end+0x3c/0x120 [ 167.403430][ T8455] ? __mutex_lock+0x2ef/0xd70 [ 167.408126][ T8455] ? ima_get_hash_algo+0x156/0x4d0 [ 167.413246][ T8455] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 167.418715][ T8455] process_measurement+0x1357/0x1fb0 [ 167.424016][ T8455] ? __pfx_process_measurement+0x10/0x10 [ 167.429658][ T8455] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 167.436096][ T8455] ? __pfx_apparmor_file_open+0x10/0x10 [ 167.441654][ T8455] ? tomoyo_file_open+0x168/0x220 [ 167.446682][ T8455] ? inode_to_bdi+0x69/0xf0 [ 167.451277][ T8455] ? apparmor_current_getsecid_subj+0xde/0x1b0 [ 167.457444][ T8455] ima_file_check+0xf2/0x170 [ 167.462046][ T8455] ? __pfx_ima_file_check+0x10/0x10 [ 167.467263][ T8455] security_file_post_open+0xb9/0x280 [ 167.472651][ T8455] path_openat+0x2cd0/0x3590 [ 167.477263][ T8455] ? __pfx_path_openat+0x10/0x10 [ 167.482212][ T8455] do_filp_open+0x235/0x490 [ 167.486721][ T8455] ? __pfx_do_filp_open+0x10/0x10 [ 167.491761][ T8455] ? _raw_spin_unlock+0x28/0x50 [ 167.496630][ T8455] ? alloc_fd+0x5a1/0x640 [ 167.500972][ T8455] do_sys_openat2+0x13e/0x1d0 [ 167.505663][ T8455] ? __pfx_do_sys_openat2+0x10/0x10 [ 167.510880][ T8455] __x64_sys_openat+0x247/0x2a0 [ 167.515745][ T8455] ? __pfx___x64_sys_openat+0x10/0x10 [ 167.521130][ T8455] ? do_syscall_64+0x100/0x230 [ 167.525920][ T8455] ? do_syscall_64+0xb6/0x230 [ 167.530601][ T8455] do_syscall_64+0xf3/0x230 [ 167.535123][ T8455] ? clear_bhb_loop+0x35/0x90 [ 167.539811][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.545729][ T8455] RIP: 0033:0x7ff64ed79e79 [ 167.550143][ T8455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.569759][ T8455] RSP: 002b:00007ff64fb4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 167.578270][ T8455] RAX: ffffffffffffffda RBX: 00007ff64ef15f80 RCX: 00007ff64ed79e79 [ 167.586244][ T8455] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 167.594230][ T8455] RBP: 00007ff64ede7916 R08: 0000000000000000 R09: 0000000000000000 [ 167.602208][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.610188][ T8455] R13: 0000000000000000 R14: 00007ff64ef15f80 R15: 00007fffbdd17c18 [ 167.618173][ T8455] [ 167.621536][ T8455] Kernel Offset: disabled [ 167.625861][ T8455] Rebooting in 86400 seconds..