last executing test programs: 3.577357569s ago: executing program 4 (id=1729): r0 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) r1 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100)=0x21) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x22) 3.495887209s ago: executing program 4 (id=1730): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3000010, &(0x7f0000000000), 0x3e, 0x51b, &(0x7f0000000100)="$eJzs3c9vI1cdAPDvTOLd7G6KU0CoVKJUtGi3grU3DW0jhKBc4FQJKPclJE4UxY6j2CmbqKKp+A8QEkicOHFB4g9AQj3wB6BKleCCOCBAIARbOCABHTTjsZp17CTQrJ3Gn4/04vfm1/e9sfw8M36ZCWBqPRkRL0bETEQ8ExHVcnpaprt54bC33Nv3X13NUxJZ9vJfk0jKaf1t5eXZiLjRWyXmIuJrX474ZnI8bmf/YGul2WzsluV6t7VT7+wf3N5srWw0NhrbS0uLzy+/sPzc8p2s9J7audDP/PhLn//5p7/1u7t/vvXtvFqf+0hUYqAd56nX9EqxL/ryfbT7MIJNwEzZnsqkKwIAwJnkx/gfjIhPFMf/1ZgpjuYGzEyiZgAAAMB5yb4wH/9OIjIAAADg0kojYj6StFaOBZiPNL1SXhv4cFxPm+1O91Pr7b3ttXxexEJU0vXNZuNOOVZ4ISpJXl4sx9j2y88OlJci4tGI+F71WlGurbabaxO+9gEAAADT4sbA+f8/qmmRP92Q/xMAAAAALq6FkQUAAADgsnDKDwAAAJff4Pm/+/0DAADApfKVl17KU9Z//vXaK/t7W+1Xbq81Olu11t5qbbW9u1PbaLc3inv2tU7bXrPd3vlMbO/dq3cbnW69s39wt9Xe2+7e3XzgEdgAAADAGD368Td+nUTE4WevFSnK+wACPOAPk64AcJ4M9YPp5S7eML0qk64AMHHJKfMN3gEAgPe/mx89/vt///n/rg3A5WasDwBMH7//w/SqGAEIU2u2vAbwgV7x6qjlRv7+/8uzRsqyiDerR6e4vggAAOM1X6QkrZXnAfORprVaxCMR6UJUkvXNZuNOeX7wq2rlal5eLNZMTh0zDAAAAAAAAAAAAAAAAAAAAAAAAAD0ZFkSGQAAAHCpRaR/Soq7+UfcrD49P3h94Eryz2r8sSz88OXv31vpdncX8+l/K57ldSUiuj8opz878vFhAAAAwHlLDkfO6p2nl6+LY60VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFPg7fuvrvbTOOP+5YsRsTAs/mzMFa9zUYmI639PYvbIeklEzJxD/MPXI+KxYfGTeCfLXouyFsPiX3vI8ReKXTM8fhoRN84hPkyzN/L+58Vhn780nixeh3/+Zsv0Xo3u/9Iy8mNFPzes/3nk2NZaQ2M8/tZP671c5Xj81yMenx3e//T732RE/KeObe1fWZYdj/+Nrx8cjGp/9qOIm0O/f5IHYtW7rZ16Z//g9mZrZaOx0dheWlp8fvmF5eeW79TXN5uN8u/QGN/92M/eGRU/b//1IfF/+5te/3tS+58etdEB/3nr3v0P9bLH3oA8/q2nhn7/zsWI+Gn53ffJMp/Pv9nPH/byRz3xkzefOKn9ayP2/2nv/60ztv+Zr37n92dcFAAYg87+wdZKs9nYPSEzd4Zl3o+ZX8xdiGr8j5nstd47d1Hq8/9m8qPVd6f0W3UBKnYkk40l1tXieP6sa10ZU9sn2i0BAAAPwbsH/ZOuCQAAAAAAAAAAAAAAAAAAAEyvcdxKbTDm4WSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwov8GAAD//3QT3Gw=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x61) lseek(r0, 0x100, 0x0) getdents(r0, 0x0, 0x0) 2.379915073s ago: executing program 4 (id=1741): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10) 2.027459071s ago: executing program 3 (id=1745): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x2, 0x3, 0x1c0, 0x0, 0xe0, 0xe0, 0x0, 0x0, 0x158, 0x2e8, 0x2e8, 0x158, 0x2e8, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0x90, 0x0, {0x6020000}}, @unspec=@TRACE={0x20}}, {{@ip={@local, @dev, 0x0, 0x0, '\x00', 'wg1\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x220) r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x1) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x40045702, &(0x7f0000000000)) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000280)={0xfe, 0x9e, 0x0, 0x0, 0x81}) 1.925037871s ago: executing program 4 (id=1746): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 1.73122445s ago: executing program 4 (id=1750): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x6000, 0x1000, &(0x7f0000090000/0x1000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f0000000040)={0x1}) 1.703626279s ago: executing program 3 (id=1751): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0) semop(r0, &(0x7f0000000180)=[{}], 0x1) semctl$IPC_RMID(r0, 0x0, 0x10) 1.555877418s ago: executing program 0 (id=1754): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000100)={0x84, @remote, 0x0, 0x0, 'none\x00', 0x1}, 0x2c) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}], 0x1, 0x0) 1.549727859s ago: executing program 3 (id=1755): syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000180)='./bus\x00', 0x2010000, &(0x7f0000001080)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYBLOB="2c6465636f6d706f73652c63726561746f723d8bda2a282c6e6c733d69736f383835392d31352c6e6f6465636f6d706f73652c63726561746f723d387634542c666f7263652c006c431c85c6d0902b4eb4500c410d9d63a742dd6b941f5a95269986d9e98e02e722fd0f197ed67ff369513d27e1f0b8fa23d7bef4f00bf3636236f0d0e765a7407ee6c266030c18fcd8f1fc4bdc5b4c4cc8603e81801a579ae4ffa3621fbd64d62fea1ddc7da074beafd7da0cb3e79a3bc29221ab85eab5d42a36a680665a1d4e6a320d037e69bd7be224738e5de74b669352304f2fa2f81fff483308a909025d780b8068c2a7c04e4656241b3e291ec92080c69d9bed9bb6aa3d8e0508aaa77278ded4d16396652cc94da74e0156f1f4654bcc0d640bfb1e06859dbcdd0b56b06272ff543f55ac76a3a96708e8cdd46cec6d9cd8147a"], 0x23, 0x6bf, &(0x7f0000000980)="$eJzs3c1vHGcZAPBnxutdb5BSp03agiphGqkgLBJ/yAVziUEI+VChCg6crWTTWNm4le2CWyFqvq899A8oB984IXEPKme4wdFwqoTohZNvW82Xvfbu2rtN4o2V3y8azzvzzrzzvM/O566iCeCZtTobtYeRxOrsGzvZ9P7eYnt/b7FRVrcjIiunEbViFMlGRPJJxEoUQ3w5m1kunwzazkfryz/+5//3Py2mauWQL5/2rvdBZ7Re7JZDzETERDnuNdk7a+rs9m4PbK/Q6Cr3739yWJMl7HqVOBi3TqfZOW53lNUHHu/AxZEU180e0xGXystkfp0rzw7p+Ub3+I10lgMAAIAxW/3ftYVRlm+W4+cO4iB2LvxjPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJyr8v3/STmkVXkmkur9//VyXpTlC+3huAMAAAAAAAAAgCE0qsKt/vVfPYiD2InL1XQnyX/zfzWfuJr//VK8G1vRis24ETuxFtuxHZsxHxHTXQ3Vd9a2tzfnh1hzoe+aC4+33wAAAAAAAADwjPl1rB79/g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+DJGKiGOXD1ao8HWktIqYiop4ttxvxj6p8QST9Zj48/zgAAADgkUwdnxzq0bYecRA7cbma7iT5M/+L+fPyVLwbG7Ed67Ed7WjFnfIZOnvqT/f3Ftv7e4sPsqG7xU5ppNDzFqP47qH/ll/Ol2jG3VjP59yI23kwdyLN18z8JyIeVDGdjCviV59lbd8q/HzIyO6U42xjH1bfIjRG6twTMh1RS2PyMCNzeWzFTnClOwu9mfjeZ4MaXSlGtZNbiu4tzUd6+M3P1WILWfHMnN8asmeXynHWn98P+ubmcZs62ujuwIUOM5FGnomFrr3vxdNzHvH1v/zpw3vtjfv37m7NnkuXnqST+8RiVyZeGiITP31qM1Ebcfm5PBPXDqdX44fxk5iNmXgzNmM9fhZrsR2tSMqerpX7c/Z3+vRMrRybevOsSOrl51KcRYeJaSZ+kJfW4tV83cuxHkm8HXeiFa/n/xZiPr4dS7EUy12f8LWBced9y4/6NDvi/x09R33aP/jr3ygLzYj4Qzket+KkkOX1Sldeu8+503ld95yjLD2fZ6cx1PUoz9LZXa59pSxk2/jN4GyOwclMzHdl4oXT9/M/5ncLW+2N+5v31t7pe3WdLMdHtxavlXOyPe53vbc/J/11wPzHtZt1ncey/eX5mCrPJFdisghtoqp74fAsczxf9fIXl6Iu7am7VnzcSXWk/mjgkVov7+F6W1rI617qW7eY173cVdd9vxXxdrQP74cAeIpd+ualevO/zb83P27+tnmv+cbU9xvfabxSj8m/TX63NjfxWvpK8uf4OH559PwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8cVvvvX9/rd1ubfYvpIOrTitUb/IZfq2kfJPO6NsaV6HzQcRTEMbm1tciom/VRDxKhMkTijnarc3qJYKjrT7Xu0etjDPz/xpl4S/Q5c5zxSqjBJa/jWu4z71RJHNiwHFaxnvG27WAi+vm9oN3bm699/631h+svdV6q7UxubS0PLe89Prizbvr7dZc8XfcUQJPwtFFf9yRAAAAAAAAAAAAAMM6j/8vMe4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfb6mzUHkYS83M35rLp/b3FdjZU5aMlaxGRphHJLyKSTyJWohhiuqu5ZNB2PlpfnoiIT4/aqlXLp6es12kM1YvdcoiZiJgox4/gWHu3H7m95LCHWcKuV4mDcfs8AAD//5Fw9b4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000080)=""/29, 0x1d) getdents64(r0, 0xfffffffffffffffe, 0x29) 1.487187308s ago: executing program 2 (id=1756): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed000e, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@nolazytime}, {@debug}, {@noload}, {@auto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@nojournal_checksum}, {@acl}, {@nodelalloc}]}, 0xfe, 0x473, &(0x7f00000004c0)="$eJzs3M1vFOUfAPDvTF8ob7/2h/gCglbRiG8tLS9y8KBGEw6YmOgB46m2C6ks1NCaCCFaPeDRkHg33v0DjCe9GPVk4lXvhoQYLqCnNbMzA0u7W7plywL7+STTfZ6ZZ3me78w8O8/Ms0sAPWs0+5NEbImIPyJiOM/eXGA0f7l25fz0P1fOTydRq739d1Ivd/XK+emyaPm+zXmmVivyG5rUe+G9iKlqtXKmyI8vnPpwfP7suRdnT02dqJyonJ48fPjA/t2DhyYPNr5taK1xZnFd3fnJ3K4dR969+Ob0sYvv//Jt1t4txfbGODplNN+7TT3d6cq6bGtDOunvYkNoS19EZIdroN7/h6MvNl7fNhxvfN7VxgHrqlar1ZpdnwuLNeA+lkS3WwB0R3mhz+5/y+UODT3uCpdfzW+AsrivFUu+pT/SPPH4wJL7204ajYhji/9+nS2xTs8hAAAa/ZCNf15oNv5L46E8MZj9+V8xhzISEf+PiG0R8UBEbI+IByPqZR+OiEfarH/pDMny8U96ac3BrUI2/nu5mNu6efyXlkVG+orc1nr8A8nx2WplX7FP9sbAhuOzSWVihTp+fP33L1ttaxz/ZUtWfzkWLNpxqX/JA7qZqYWp24m50eXPInb2N4s/iXIaJ4mIHRGxc411zD7XekLo1vGvoAPzTLVvIp7Jj/9iLIm/lLScn5x46dDkwfGhqFb2jZdnxXK//nbhrVb13xx/DLUVfwdkx39T0/P/evwjyVDE/NlzJ+vztfPt13Hhzy9a3tO0ef4f2Vqc/4PJO/UVg8WGj6cWFs5MRAwmR5evn7zxr5X5snwW/949zfv/trixJx6NiF0RsTsiHstuCou2PxERT0bEnhXi//m1pz5oP/4Vnsp3UBb/zK2OfzQe//YTfSd/+r79+EvZ8T9QT+0t1qzm82+1DbydfQcAAAD3irT+HfgkHbueTtOxsfw7/NtjU1qdm194/vjcR6dn8u/Kj8RAWj7pGm54HjpRPBsu85NL8vuL58Zf9W2s58em56oz3Q4eetzmFv0/81dft1sHrLs1zKO9sh7tAO48v9eE3qX/Q29K9H/oafo/9K5m/f/TlqXHvlvXxgB3lOs/9K5V9P/F/KX1qAC4N7n+Q+/S/6EntfxtfHpbP/mX6Fji6LNJ3AXNWJaI9K5oxv2f6F/1f2bRRqI2nPf/bM2GpmW6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGf8FAAD//5qc4N0=") bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"}) 1.398282978s ago: executing program 0 (id=1758): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000011c0)={0x18, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x2}, [@ldst={0x7, 0x2, 0x4, 0xa}]}, &(0x7f00000000c0)='syzkaller\x00', 0x5, 0x1000, &(0x7f0000000100)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001100)={0x1, 0xffffffffffffffff}, 0x4) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000001140)={&(0x7f0000000000)="171e281f8794a94c47f7084fcf746cce1bb09966ee40f6db32506f8776afb5d55c390fcff4bb6c90dabd4e7435233532b475595b3adacb09ca126e", &(0x7f0000001280)=""/4096, &(0x7f0000000040)="8c1028b88bf3c6e11e151e47174a147b63dab191dff551cf8bd5c9ebbafcfca83868f8b6", &(0x7f0000002280)="a8626345b80e70608db4c604ffd1a5160c5d8593fc68924c8ddc53280d693d493ef22c2cea8964a67c384fbbc29490d610435e84df51355eae469430a90dbfcd6f47164e02fcef312a26be3bd3de1a90807f95fd18ac856c795c9bb3dc695f9fa1210e6b073defa0376a189e42226f20d3ecf162523be954e1762a4149c39d5771fe3e7833d1d4589f40d98e317e85d483a1073f046ce662ab311fcc6f42f0b627c768cb69330e8d10d52ff35c6b94287263147afc3b9fa8a5ca1b91b692fccee1a2f6f7cef6d61c79a8ee384414594ee918aa7a72ca054fea8d4af0384ddb40fcced131807c594124fa5479c0be9cf240", 0x1, r0, 0x4}, 0x38) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 1.319981737s ago: executing program 2 (id=1759): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1f00"/20, @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32], 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='V?\x00\x00-\x00Y'], 0xfe33) 1.310994317s ago: executing program 4 (id=1760): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e173610ef171e7206d3010243010902"], 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="0009110000000200005e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.273544687s ago: executing program 3 (id=1761): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000001880)={0x1, 0x1, 0x1000, 0x1, &(0x7f0000000cc0)="df", 0x0, 0x0, 0x0}) 1.155824387s ago: executing program 0 (id=1762): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) syz_clone3(&(0x7f0000000200)={0x100000, 0x0, 0x0, 0x0, {0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) preadv(r0, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0) 1.155544406s ago: executing program 2 (id=1763): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xfffffffe, 0x0, 0x40000, 0x10001, 0x5, "59c27c65a78308634e78299ef68057107ea354"}) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) 1.128699006s ago: executing program 1 (id=1764): r0 = landlock_create_ruleset(&(0x7f0000000000)={0x8000}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) r1 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_TMR_TIMEBASE(r1, 0xc0045401, 0x0) 1.098665406s ago: executing program 2 (id=1765): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x24, &(0x7f0000000100)=ANY=[], 0x0) ioctl$EVIOCGBITSW(r0, 0x5509, 0x0) 975.845565ms ago: executing program 0 (id=1766): sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b108b1cd", 0x6, 0x1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, 0x0, &(0x7f0000000080)) 975.449485ms ago: executing program 1 (id=1767): syz_open_dev$sndpcmc(&(0x7f0000006780), 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x90, 0xfffffffffffffff5, 0x400, {0x3, 0xfffffffffffffffd, 0xfff, 0x5, 0xfffffffd, 0x0, {0x1, 0xff, 0x1, 0x4, 0x2, 0x0, 0x4002, 0x1ff, 0x8, 0x8000, 0xb, 0xee00, 0x0, 0x8}}}, 0x0, 0x0, 0x0, 0x0}) unshare(0x20000400) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 942.569185ms ago: executing program 0 (id=1768): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r0, 0x560f, &(0x7f0000000000)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x560f, &(0x7f0000000000)) 870.429225ms ago: executing program 1 (id=1769): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000002440), 0x90000, 0x0) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000002480)) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001080)=@newtaction={0x7c, 0x30, 0x9, 0x0, 0x0, {}, [{0x68, 0x1, [@m_vlan={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0xfffffffffffffeb7}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) 743.849414ms ago: executing program 1 (id=1770): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) 743.344584ms ago: executing program 1 (id=1771): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f0000000000), 0x1, 0x77d, &(0x7f0000000f80)="$eJzs3c1rHOUfAPDvbPPSX9qfjSBoPQUEDZRuTI2tgoeKBxEsFPRsGzbbULPJluymNCFgiwheBBUPgl569qXevPpy1f/Cg7RUTYMVDxKZzWy6aXbTJGazDfv5wLTPM/Nsnue7z8w8z+4MOwF0raH0n1zE0Yj4MIk4kq1PIqK3luqJOL1a7u7SYiFdklhZeeP3pFZmeWmxEA2vSR3KMk9ExA/vRRzLbay3Mr8wNV4qFWez/Eh1+tJIZX7h+MXp8cniZHHm5OjY2IlTz586uXux/vnzwuFbH736zNen/3738Rsf/JjE6TicbVvu3b166oZiKHtPetO3cJ1X4p3dr7CDkk43gB1JD80Dq0d5HE3SdE+nmwQAtFk6C10BALpMYvwHgC5T/x5geWmxUF86+43E3rr9ckQcXI2/fn1zdUtPds3uYO066MBysu7KSBIRg7tQ/1BEfP7tW1+mS9x3PRWgna5ei4jzg0Mbz//JhnsWtuvZLZQZui/v/Ad757t0/vNCs/lfbm3+E03mP/1Njt2dePDxn7u5C9W0lM7/Xmq4t+1uQ/yZwQNZ7v+1OV9vcuFiqZie2x6JiOHo7U/zo5vUMXznnzvr1/StpRrnf398/PYXaf3p//fK5m729K9/9cR4dfy/xl13+1rEkz3N4k/W+j9pMf89u8U6Xnvx/c9abUvjT+OtLxvjb6+V6xFPN+3/e3e0JZvenzhS2x1G6jtFE9/88ulAq/ob+z9d0vrrnwX2Qtr/A5vHP5g03q9Z2X4dP10/8n2rbQ+Ov/n+35e8WUvXj6Qr49Xq7GhEX/L6xvUn7r22nq+XT+Mffqr58b/Z/p9+Jjy/xfh7bv321c7jb680/olt9X/TxIGsbNMyN+6ubd9ga/0/VksNZ2u2cv7LKu9v3eSd7s0AAAAAAAAAAAAAAAAAAAAAAAAAsH25iDgcSS6/ls7l8vnVZ3g/FgO5UrlSPXahPDczEbVnZQ9Gb67+U5dHGn4PdTT7Pfx6/sR9+eci4tGI+KT/f7V8vlAuTXQ6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIHGrx/P/Ur/2dbh0A0DYHO90AAGDPGf8BoPsY/wGg+xj/AaD7GP8BoPsY/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGizs2fOpMvKX0uLhTQ/cXl+bqp8+fhEsTKVn54r5Avl2Uv5yXJ5slTMF8rTD/p7pXL50ljMzF0ZqRYr1ZHK/MK56fLcTPXcxenxyeK5Yu+eRAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA21OZX5gaL5WKs/s6cfXhaEbbEz1Zrz0s7dkfib6Hoxn7LNHhExMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPvFvAAAA//8FqyE2") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000100)={0x26, 0x3, 0x0, {0x0, 0x5, 0x0, 'ext4\x00'}}, 0x26) 743.098704ms ago: executing program 0 (id=1772): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE") syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) rename(&(0x7f0000000200)='./bus\x00', &(0x7f0000000180)='./file0\x00') 660.351384ms ago: executing program 3 (id=1773): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x1000) 396.660962ms ago: executing program 3 (id=1774): syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000100)='./bus\x00', 0x800084, &(0x7f00000000c0)=ANY=[], 0xfe, 0x627a, &(0x7f0000008200)="$eJzs3c1vHGcdB/DfvvqlNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT28yTjzW7s1PHO2s/nIzkzv3lm1s/ku7Mv3pl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj687RgKeIz0YvoRizU9XJELCwv5fX7EfF87DTHcxExmIuot9/555mI1yLi41MRW9vrq/XiCwfsx3f/+Pff/fCpt//2h8G5//7pdu/1SevdufOr//z57uH2GQAAAEpTVVXVSW/zT6f39922OwUATEV+/q+SvPzE17/+59t/maX+qNVqtVo9hbqpGu9us4iIjeY29WsGH8cDwDGzEZ+03QVaJP+i9SPiqbY7Acy0Ttsd4Ehsba+vdlK+nebzwfJuez4XZE/+G53713dMmu5n9ByTad2/NqMXz07oz8KU+jBLcv7d0fyv7rYP03pHnf+0TMp/uHvpU3Fy/r3R/EecnPy7Y/MvVc6//1j59+QPAAAAAAAzLP/9f6nlz3/nDr8rB/Koz3+Xp9QHAAAAAAAAAHjSDjv+333G/wMAAICZVb9Xr/3m1INlk76LrV5+pRPx9Mj6QGHSxTKLbfcDAAAAAAAAAAAAAErS3z2H90onYhARTy8uVlVV/zSN1o/rsNsfd6XvP5Ss7Qd5AADY9fGpkWv5OxHzEXElujvf9TdYXFysqvmFxWqxWpjLr2eHc/PVQuN9bZ7Wy+aGB3hB3B9W9Y3NN7Zr2u/98n7to7dX/65h1TtAx56QQfrfnNDcUtgAkOw+G215RjphquqZSS8+YA/H/wm0FEtt36+YfW3fTQEAAICjV1VV1Ulf5306je/XbbtTAMBU5Of/0c8FDlV3J7RHPJnbV6vVarVa/anqpmq8u80iIjaa29SvGQzHDwDHzEZ80nYXaJH8i9aPiOfb7gQw0zptd4AjsbW9vtpJ+XaazwdpfPd8Lsie/Dc6O9vl7cdN9zN6jsm07l+b0YtnJ/TnuSn1YZbk/Luj+V/dbR+m9Y46/2mZlP9w55K58uT8e6P5jzg5+XfH5l+qnH//sfLvyR8AAAAAAGZY/vv/ks9/8y4DAAAAAAAAwLGztb2+mq97zZ//f27Meq7/PJly/p3HzX8hzcv/WMv5d0fy//LIer3G/L23Hhz//95eX/397X99Nk8Pmv9cnumke1Yn3SM66Td1+ml6mL1ryHe4QW9Yzw463V4/nfNTDd6N63Ej1uL8Q5v097Sv7GmvezrY035hT3v/ofaLe9oH6XsHqoXcfjZW4ydxI97Zaa/b5vbZ//l92qt92nP+PY//Rcr59xs/df6Lqb0zMq3d+6j70HHfnI77PW9e//wvzx/97uxrM3r3962p3r8zLfRn5//kqWH87NbazbN3rt2+fXMl0mTP0guRJk9Yzn+w8zP34PH/xd32/LjfPF7vfTR87PxnxWb0J+b/YmO+3t+Xp9y3NuT8h+kn5/9Oah9//B/n/Ccf/6+00B8AAAAAAAAAAAAAAAB4lKqqdi4RfTMiLqXrf9q6NhMAmK78/F8leblarVar1eqTVzdV473RLCLir81t6tcMvxh3YwDALPtfRPyj7U7QGvkXLH/fXz19qe3OAFN164MPf3Ttxo21m7fa7gkAAAAAAAAA8Gnl8T+XG+M/vxQRSyPr7Rn/9a1YPuz4n/08c3+A0Sc10PejbXaHvW5juPEXYmd87rOTxv8+Ew+P/53HxO0192OCwT7tw33a5/Zpnx+79EFaYy/0aMj5v9AY77zO//TI8OsljP86OuZ9CXL+Zxr35zr/L42s18y/+u3M5b9x0BU3o7sn/3O33//puVsffPjq9fevvbf23tqPL66snL946dLly5fPvXv9xtr53X+PptczIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn13vyL0vOP7/3kX9Zcv4vp1r+Zcn5fyXV8i/L1vb6XJ3/K6mWf1ny8f/VVMu/LDn/V1Mt/7Lk/M+mWv5lyfmfS/UB8vf18CdIzj9/wuX4L0vOfyXV8i9Lzv9CquVflpz/xVTLvyw5/9dSLf+y5Py/lmr5lyXnfynV8i9Lzv/rqZZ/WXL+l1Mt/7Lk/L+RavmXJef/zVTLvyw5/9dTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5v5Fq+Zflwff/mzFjxkyeafuRCQAAAAAAAAAAAAAYNY3TidveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzdXYxcZ30/8DP75rVDiIEQnPwNbBITQrJk13biF/5NMYEADVAKJBT6guN612bBsY3XLoEi2TS8RMKoqKJqetEWUNRGqiqsigtaUZqLqi9Xpb2gNxVVJaRGlUEBFamtaLaac57n2ZnZ2ZlZ73h99pzPR7J/uzPnzHnmzHPO7m93v3MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWt365vnPN7Isa/7L/9ueZS9qfrx1ant+2xuu9QgBAACA9frf/P/nb0g3HBpgpZZl/vZV//CNpaWlpewDo78z/uWlpXTHVJaNb8my/L7o0r99sNG6TPBENtkYafl8pM/mR/vcP9bn/vE+90/0uX9Ln/sn+9y/YgessLX4eUz+YLvyD7cXuzS7MRvP79vVZa0nGltGRuLPcnKNfJ2l8WPZQnYim89m25Yvlm3ky3/r1ua23p7FbY20bGtnc4b86FNH4xgaYR/vatvW8mNGP3hTNvXjH33q6B+dvXxzt9p3N7Q9XjHOO29rjvMz4ZZirI1sS9oncZwjLePc2eU1GW0bZyNfr/lx5zifH3Cco8vD3FCdr/lkNpJ//J18P421/lgv7aed4bb/uj3LsgvLw+5cZsW2spFsW9stI8uvz2QxI5uP0ZxKL83G1jRPbx1gnjbr3K72edp5TMTX/9aw3tgqY2h9mX7w6YkVr/ta52nUfNarHSudc3DYx0pZ5mCcF9/Jn/STXefgrvD8P3XH6nOw69zpMgfT826Zg7f1m4MjE6P5mNOL0MjXWZ6Du9uWH8231Mjrc3f0noMzZx87PbP4iU++fuGxI8fnj8+f3Lt79+zeffsOHDgwc2zhxPxs8f8V7u3y25aNpGPgtrDv4jHw2o5lW6fq0leHdxxO9jgOt3csO+zjcKzzyTU25oBcOaeLY+Ph5k6fvDiSrXKM5a/PXes/DtPzbjkOx1qOw65fU7och2MDHIfNZU7fNdj3LGMt/7qN4Wp9LdjeMgc7vx/pnIPD/n6kLHNwMsyLf7lr9a8FO8N4n5xe6/cjoyvmYHq64dzTvCV9vz95IC/d5uUtzTuum8jOLc6fuefxI2fPntmdhbIhXtYyVzrn67aW55StmK8ja56vhxZe9eQtXW7fHvbV5Oub/02u+lo1l7n3nt6vVf7Vrfv+bLt1TxbKkG30/uz21by5P1Mv2WN/Npf5zMz6vxdPfWnL+Xd8lfNv7PtfKLaXHuqJ0fGx4vgdTXtnvO183P5SjeXnrka+7ednBjsfj4d/G30+vrHH+XhHx7LDPh+Pdz65eD5u9Ptpx/p0vp6TYZ6cmO19Pm4us2PPWufkWM/z8e2hNsL+f13oFFJf1DJ3Vpu3aVtjY+PheY3FLbTP071ty4+H3qy5rWf2XNk8vfP24rFG07NbtlHzdKpj2WHP03S+Wm2eNvr99O3KdL6ek2Fe3Li39zxtLvPsves/d26NH7acOyf6zcHx0YnmmMfTJCzO90tb4xy8JzuancpOZHP5vRP5fGrk25q+b7A5OBH+bfS5ckePOXhnx7LDnoPp69hqc68xtvLJD0Hn6zkZ5sVT9/Weg81l3rJ/uN+73hluScu0fO/a+fO11X7mdUvHbrqaP/NqjvOv9/f+2WxzmRMH1tpn9t5Pd4dbruuynzqP39WOqblsY/bTjjDOywdW30/N8TSX+fLBAefToSzLzn/sgfznveH3K3927rvfaPu9S7ff6Zz/2AM/vP7Y36xl/ABsfi8UZVvxta7lN1OD/P4fAAAA2BRi3z8SaqL/BwAAgMqIfX/8q/BE/w8AAACVEfv+sVCTmvT/O95yeeGF81lK5i8F8f60Gx4qlosZ19nw+dTSsubtDzw9/5O/OD/YtkeyLPvpQ7/RdfkdD8VxFabCOC892H77yhXPD7T9Rx9ZXq41v/6V8Pjx+Qw6DbpFcGezLPvWDV/MtzP1wYt5ffahR/P63gtPPtFc5vmDxedx/edeViz/+yH8e+jYkbb1nwv74fuhzr6j+/6I63394ut27n//8vbieo3bXpw/7ac+VDxufJ+cLz1RLB/382rj/8svPPP15vKPv6b7+M+PdB//M+Fxn37w8kJzxv33K4vlW1+D5udxvc+G8cftPR3Wv+dr3+46/kufL5Y//dZiuUdDjdu/M3y+662XF1r31+ONI23PK3tbsVzc/ux3fyu/Pz5efPzO8U8evti2Pzrnx7P/VDzOTMfy8fa4nejPO7bffJzW+Rm3/8znHm3bz/22f+m9z72y+bid27+7Y7nRjvU737HpDz77xa7bi+M59Ken257PofeE4zhs/6kPhfkY7v+fS19s22706Hvazz9x+a9sP9/2fKK3/7jY/qU3Hs/rv0/95Peue9H1L77w6ua+y7LvvK94vH7bP/6Hp9rG/9Wb7spfj3h/zOh3bn81cftnPj598tTiuYW5lr2av3fOO4vxbJncuq053hvCubXz88Onzn54/szU7NRslk1V9y30rtjXQv1hUS6sdf27Hgmv5y2/+61td/zjF+Lt//xwcfvFdxRft14blvtSuH178fotNda5/aduvSk/vhvPFp+35diHYOeu/zgw0ILh+Xd+XxDn++mXfzjfD8378q8b8bhe5/i/N1c8zjfDfl0K78x8203L22tdPr43wsX3Fcf7uvdfOM3F1/WPw+v9ru8Xjx/HFZ/v98L3Md/e0X6+i/Pjm+dHOh8/fxePC+F8kl0o7o9Lxf198fmbug4vvg9JduHm/PPfTo9z85qe5moWP7E4c2Lh5LnHZ87OL56dWfzEJw8/durcybOH8/fyPPyRfusvn5+25eenufl992azW7MsO5XNbsAJ6+qMv/nRYOM//cjRuf2zd8zNHzty7tjZR07Pnzl+dHHx6Pzc4h1Hjh2b/3i/9Rfm7t+95+De/Xumjy/M3X/g4MG9B6cXTp5qDqMYVB/7Zj86ffLM4XyVxfvvPbj7vvvunZ1+7NTc/P37Z2enz/VbP//aNN1c+9enz8yfOHJ24bH56cWFT87fv/vgvn17+r4b4GOnjy1OzZw5d3Lm3OL8mZniuUydzW9ufu3rtz7VtPivxfeznRrFG/Fl7757X3p/1qanP73qQxWLdLyB6OXwXjR//5LTBwb5PPb946EmNen/AQAAoA5i3z8RaqL/BwAAgMqIff+WUBP9PwAAAFRG7PsnQ01q0v/L/8v/D5b/L+4fZv6/W34+k/8vVf7/9MeKXOlmz//H/Lz8fz1c4/z/urcv/y//X738/+D5+c0+fvl/+X9WKlv+P/b9W7Oslv0/AAAA1EHs+7eFmuj/AQAAoDJi339dqIn+HwAAACoj9v0vCjWpSf8v/z9Q/n9Pv8BV9fP/w7/+v/z/Nc3/T2R1yf/HF0f+vzbWnL9//8Ntn1Yj/995FC2T/+9D/l/+X/5f/p8hGl/1nmuV/499//WhJjXp/wEAAKAOYt//4lAT/T8AAABURuz7bwg1Gbz/X/2PGgAAAIBSiH3/9lCTmvz+X/7f9f/l/2uZ/3f9/0Hz/y2Dkf/fHFz/vzf5/z6uOP8/Kf+/GfP/48Mdf7nz/32HL//PVVG26//Hvv8loSY16f8BAACgDmLf/9JQE/0/AAAAVEbs+18WaqL/BwAAgMqIff+NoSY16f/l/+X/5f/l/+X/u2+///X/i4/k/8tF/r83+f8+XP+/Xvn/IY+/3Pn/YV//f/zBzvXl/+mmbPn/2Pe/PNSkJv0/AAAA1EHs+28KNdH/AwAAQGXEvv8VoSb6fwAAAKiM2PfvCDWpSf8v/y//L/+/sfn/z2Xy/9XJ/xfk/8tF/r83+f8+5P/l/+X/B8v/d/nmV/6fbsqW/499/82hJjXp/wEAAKAOYt9/S6iJ/h8AAAAqI/b9/y/URP8PAAAAlRH7/p2hJjXp/+X/5f/l/+t1/f+7J+T/5f+rTf6/N/n/PuT/5f/l/we8/v9Ka8n/b+n3YFRG2fL/se9/ZahJTfp/AAAAqIPY978q1ET/DwAAAJUR+/5Xh5ro/wEAAKAyYt8/FWpSk/5f/r9a+f8/+aunXp3J/8v/99l+RfP/cRrI/9ec/H9v8v99yP/L/8v/b0j+n/ooW/4/9v23hprUpP8HAACAOoh9/22hJvp/AAAAqIzY998earJK/7/mP+QDAAAArrnY9+8KNanJ7//l/6uV/4/k/+X/e22/ovn/RP6/3uT/u2g5SOX/+5D/l//f1Pn/Rrb+/H/87lf+n+EoW/4/9v2vCTWpSf8PAAAAdRD7/jtCTfT/AAAAUBmx739tqIn+HwAAACoj9v13hprUpP+X/5f/l/+X/5f/7759+f/NSf6/t7Xm/yfk/+X/5f83Uf7f9f8pn7Ll/2Pf/7pQk5r0/wAAAFAHse+/K9RE/w8AAACVEf9+s/i7V/0/AAAAVFHs+6dDTWrS/8v/y//XKf/fkP+X/5f/rzz5/95c/78P+X/5f/l/+X+Gqmz5/9j3vz7UpCb9PwAAANRB7PvvCTXR/wMAAEBlxL5/JtRE/w8AAACVEfv+2VCTmvT/8v/y/3XK/7v+v/y//H/1yf/3Jv/fh/y//P/mzP/nTUzX/H+Wyf9zTZUt/x/7/t2hJjXp/wEAAKAOYt+/J9RE/w8AAACVEfv+vaEm+n8AAACojNj33xtqUpP+v6T5/7FM/j8n/y//L/8v/y//vzby/73J//ch/y//vznz/znX/6eMypb/j33/faEmNen/AQAAoA5i378v1ET/DwAAAJUR+/79oSah/+/2d90AAADA5hL7/gOhJjX5/X9J8/+u/7/W/P9v/l3btuX/5f97bX84+f+t8v+hyv+XS0Xz/52HxRWT/+9D/v+q5eezkaEM8ZqNX/5f/p8rU7b8f+z7D4aa1KT/BwAAgDqIff8bQk30/wAAAFAZse///6Em+n8AAACojNj3/0yoSU36f/n/iuT/O8j/y//32r7r/8v/V1lF8/9DU6n8/4j8/2bK/7v+v/x/v/Wppquf/48fDZb/j33//aEmNen/AQAAoA5i3/+zoSb6fwAAAKiM2Pe/MdRE/w8AAACVEfv+Q6EmNen/5f/l/+X/5f+vTv7/jVmnMub/m5NH/r9aSpz/Hx9k+/L/rv8v/78h4+/8UjOU8cv/y/+zUtmu/x/7/jeFmtSk/wcAAIA6iH3/A6Em+n8AAACojNj3vznURP8PAAAAlRH7/reEmtSk/5f/l/+X/5f/d/3/7tuX/9+cSpz/H4j8v/y//P/mHb/8v/w/K5Ut/x/7/gdDTWrS/wMAAEAdxL7/raEm+n8AAACojNj3vy3URP8PAAAAlRH7/reHmtSk/5f/l/+X/5f/l//vvn35/81J/r83+f8+apD/39rjvmudn1+vaz1++X/5f1YqW/4/9v0/F2pSk/4fAAAA6iD2/Q+Fmuj/AQAAoDJi3/+OUBP9PwAAAFRG7PvfGWpSk/5f/l/+X/5f/l/+v/v25f83J/n/3uT/+yh7/n8ifOD6/6Ucv/y//D8rlS3/H/v+d4Wa1KT/BwAAgDqIff/Ph5ro/wEAAKAyYt//7lAT/T8AAABURuz7fyHUpCb9v/y//H+58v9L51vXk/+X/8+Glf9vriT/Xwvy/73J//fRJf+/pUz5/yFc/7+Xa52fL9P4H5b/l/9nKMqW/499/3tCTWrS/wMAAEAdxL7/vaEm+n8AAACojNj3vy/URP8PAAAAlRH7/odDTWrS/8v/1zL/n55y+fL/rv8v/+/6//L/6yP/35v8fx9lv/6//H+pxy//L//PSmXL/8e+/5FQk5r0/wAAAFAHse9/f6iJ/h8AAAAqI/b9vxhqov8HAACAyoh9/wdCTWrS/8v/1zL/X+Lr/1ct/z/WNj/qlP+fbHk907yU/5f/3wDy/73J//ch/y//X+b8f5jNW1dZX/6fMipb/j/2/R8MNalJ/w8AAAB1EPv+Xwo10f8DAABAZcS+/5dDTfT/AAAAUBmx7/+VUJOa9P8VzP9fyOT/5f9Lk/9vnx91yv+7/v9K8v8bQ/6/N/n/PuT/5f/LnP/vQ/6fMipb/j/2/b8aarJq4/fD/xzgaQIAAAAlEvv+D4Wa1OT3/wAAAFAHse8/HGqi/wcAAIDKiH3/o6EmNen/K5j/X+f1/+MVVeX/5f+Hnf8fkf+X/5f/3wDDy/+/4vosk/+X/5f/l/+X/5f/Zz3Klv+Pff+RUJOa9P8AAABQB7Hv/7VQE/0/AAAAVEbs+4+Gmuj/AQAAoDJi3z8XalKT/v8a5v/Hy5n/d/3/K83//1T+3/X/A/n/7uT/N4br//cm/9+H/L/8v/y//D9DVbb8f+z750NNatL/AwAAQIWlHwfHvv9YqIn+HwAAACoj9v3HQ030/wAAAFAZse//cKhJTfp/1/9vz5635u8y+f/yXP//fNXy/2Nty8v/F+T/5f+HQf6/N/n/PuT/5f/l/+X/Gaqy5f9j378QalKT/h8AAADqIPb9Hwk10f8DAABAZcS+/6OhJvp/AAAAqIzY958INalJ/y//7/r/myL/fxWv/9/Isguu/y//32378v+bk/x/b/L/fcj//x979/Ek2VXlcfyppXarmeVsJkLrWc0OWEl/Aisi2BHBWljhjVp4EE54b4T33jvhvfdeeG+FFUQ0oapzTldVZr2s6squfO/ez2dzRh3dVPaoEPzo+MbV/+v/9f+s1dT6/9z918Qtnex/AAAA6EHu/nvELfY/AAAANCN3/z3jFvsfAAAAmpG7/15xSyf7X/+v/++9/x828v7/7p+v/9+m/9f/r8NCf3/F8p+3XxS+b////3e89m76f/2//n/Upvv/ywf9v/6fqZla/5+7/95xSyf7HwAAAHqQu/8+cYv9DwAAAM3I3X/fuMX+BwAAgGbk7r82bulk/+v/9f/6f/3/rv7/Zv2//n/eDtPfX7Xkx7z/H2bU/+d/e9P/H93c+/9Nf379v/6fRVPr/3P33y9u6WT/AwAAQA9y998/brH/AQAAoBm5+x8Qt9j/AAAA0Izc/Q+MWzrZ//p//b/+fy79/ynv/+/5/ej/9f/LHLW/1/+HGfX/g/f/9f8T+fz6f/0/i6bW/+fuf1Dc0sn+BwAAgB7k7n9w3GL/AwAAQDNy9z8kbrH/AQAAoBm5+x8at3Sy//X/+n/9/1z6/2N6/1//r/+fuZuGC/9M0P8v0v+vsKL/Hwb9/5gD9/PLf3vz+fz70P/r/1k0tf4/d//D4parh+HUxf4mAQAAgEnJ3f/wuKWTP/8HAACAHuTuvy5usf8BAACgGbn7z8Utnex//b/+X/+v/9f/L//6+v958v7/uKP3///339fcvd/+3/v/47z/v+7+//bvDP0/8za1/j93//VxSyf7HwAAAHqQu/8RcYv9DwAAAM3I3f/IuMX+BwAAgGbk7n9U3NLJ/tf/t9b/X77r1+3o/7dqF/2//l//r/9vnf5/nPf/V9j6x9zZ+kv9v/7f+//6f45mav1/7v5Hxy2d7H8AAADoQe7+x8Qt9j8AAAA0I3f/Y+MW+x8AAACakbv/cXFLJ/tf/99a/7/713n/X/+/7Ovr//X/LdP/j9P/r9DK+/8X+V2z6X7+qDb9+fX/+n8WTa3/z93/+Lilk/0PAAAAPcjd/4S4xf4HAACAZuTuvyFusf8BAACgGbn7nxi3dLL/9f/6/3n0//kV9P/6/0vf/yf9/zzp/8fp/1dopf+/SJvu5+f++fX/+n8WTa3/z93/pLilk/0PAAAAPcjd/+S4xf4HAACAZuTuf0rcYv8DAABAM3L3PzVu6WT/99n/X67/n13/7/1//b/3//X/B6P/H6f/X2Fn/3/ZMJzT/+v/9f/6f45kav1/7v4b45ZO9j8AAAD0IHf/0+IW+x8AAACakbv/6XGL/Q8AAADNyN3/jLilk/3fZ//v/X/9v/5f/6//b5X+f5z+f4XO3/8fzun/9f/6f9ZrQv3/jl91Znhm3NLJ/gcAAIAe5O5/Vtxi/wMAAEAzcvc/O26x/wEAAKAZufufE7d0sv/1/5Pp/7dyvrb6/7PDMOj/h077/7M7/n7W96X+X/9/DPT/4/T/K3Te/2+6n5/759f/6/9ZNKH+f+uvc/c/N27pZP8DAABAD3L3Py9usf8BAACgGbn7nx+32P8AAADQjNz9L4hbOtn/+v/J9P9b2ur/vf+/9/ujp/7f+/+L9P/HY839/5X54/r/bfr/9vr/Uzv+703380e16c+v/9f/s2hq/X/u/hfGTadOXvRvEQAAAJiY3P0vils6+fN/AAAA6EHu/hfHLfY/AAAAzNSNCz+Su/8lcUsn+1//v97+f2dDp//faP9/Rv+//9fX/+v/W7be/n8Ybokf1/9v0/+31//vtOl+fu6fX/+v/2fR1Pr/3P0vjVs62f8AAADQg9z9N8Ut9j8AAAA0I3f/y+IW+x8AAACakbv/5XFLJ/tf/+/9/0b7f+//j3z9w/b/F55D1f/r/6dvze//35A/rv/fpv/X/4/R/x+5/z994f/U/9OGQ/T/58+fv+6S9/+5+18Rt3Sy/wEAAKAHuftfGbfY/wAAANCM3P2vilvsfwAAAGhG7v5Xxy2d7H/9f6f9f36rz6v/PzcM+n/v/+v/9f/j9P/j9P8r6P/1/97/1/+zVlN7/z93/2vilk72PwAAAPQgd/9r4xb7HwAAAJqRu/91cYv9DwAAAM3I3f/6uKWT/a//77T/9/6//l//f9z9/22D/v9YzKL/P7v/1596/3+9/v9/73CX/FT6/7266//vfKddf6n/1/+zaGr9f+7+N8Qtnex/AAAA6EHu/jfGLdv7/8L/wAsAAADMVu7+N8Ut/vwfAAAAmpG7/81x0xWd7H/9v/5f/6//1/8v//rH/P7/qWEY9P9rMIv+f8TU+//1vP+/99/lF8yj//f+/3666//30P/r/1k0tf4/d/9b4pZO9j8AAAD0IHf/W+MW+x8AAACakbv/bXGL/Q8AAADNyN3/9rilk/2v/9f/6//1/833/9fPov/3/v+a6P/HTaP/35/+X/8/58+v/9f/c3Cb6v9z978jbulk/wMAAEAPcve/M26x/wEAAKAZufvfFbfY/wAAANCM3P3vjls62f/6f/3/Yfr//Jz6/7b6/9OT6//P7PrX6+T9f/3/muj/x+n/V9D/6//1/zfq/1mnqb3/n7v/PXFLJ/sfAAAAepC7/71x63+6tf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9v/f/9f/Nv/+v/++K/n+c/n8F/f86+vlz+v9Z9//e/2etptb/5+7/QNzSyf4HAACAHuTu/2DcYv8DAABAM3L3fyhusf8BAACgGbn7b45bOtn/+n/9v/5f/6//3/57qP9vg/5/3PH0/2f1/+vs/3f819OZ9P+7+vnL4t8F+n/9/6pfT5um1v/n7v9w3NLJ/gcAAIAe5O7/SNxi/wMAAEAzcvd/NG6x/wEAAGCWrljyY7n7Pxa3dLL/9f/6f/2//l//v/zr6//naSP9f35T6P+9/x/6ef//yl1/ddR+/rg//97//NL/6/9Zv6n1/7n7Px63dLL/AQAAoAe5+z8Rt9j/AAAA0Izc/Z+MW+x/AAAAaEbu/k/FLTPf/6cO+PP0//p//b/+X/+//Ovr/+fJ+//j9P8r6P83+n7+3D+//l//z6Kp9f+5+z8dt8x8/wMAAAAX5O7/TNxi/wMAAEAzcvd/Nm6x/wEAAKAZW7s/47IO97/+f339/96fq//X/+/8/hj0//p//f+x0P+P0/+voP/X/+v/9f+s1dT6/89t/aozw+fjlk72PwAAAPQgd/8X4hb7HwAAAJqRu/+LcYv9DwAAAM3I3f+luKWT/f8/cc/p/7d4/3+q/f/58+ev0/9Pr/8/PUyj/79F/0/R/4/T/6+g/9f/6//1/6zV1Pr/3P1fjls62f8AAADQg9z9X4lb7H8AAABoRu7+r8Yt9j8AAAA0I3f/1+KWTva/9/8n0P+f0f97/3+u/b/3/4dL2f+f2P6Hsv7/cLb6+wv/ca7/30P/v0KL/f+Zg//2N93PH9WmP7/+X//Poqn1/7n7vx63dLL/AQAAoAe5+78Rt9j/AAAA0Izc/d+MW+x/AAAAaEbu/m/FLZ3sf/3/gfr/vTnygoP0/7f/i/Ty/v/ZYfnn1//r//X/3v+/1Lz/P07/v0KL/f8hbLqfn/vn1//r/1k0tf4/d/+345bd+//k4X6XAAAAwJTk7v9O3NLJn/8DAABAD3L3fzdusf8BAACgGbn7vxe3dLL/9f8TeP+/wf7f+//Lvz/0/5Pu/0/o/9ug/x+n/19B/7+snz87DIP+X/9/yP4/v5v1/72bWv+fu//7cUsn+x8AAAB6kLv/B3GL/Q8AAADNyN3/w7jF/gcAAIBm5O6/JW7Zsf+Xtd2t0P/r//X/+n/9//Kvr/+fJ/3/uIP2/6eHo/X/Sf/fRP/v/X/9v/f/uWhT6/9z9/8obvHn/wAAADA7J/f58dz9P45b7H8AAABoRu7+n8Qt9j8AAAA0I3f/T+OWW09s6iMdK/2//l//r//X/y//+vr/edL/j/P+/wr6/3X081fp/9vo/4dB/8/RTa3/z93/s7jFn/8DAABAM3L3/zxusf8BAACgGbn7fxG32P8AAADQjNz9v4xbOtn/+n/9/xH7/600U/+/Tf+/Tf+/nP7/eOj/x+n/V9D/e/9f/+/9f9Zqav1/7v5fxS2d7H8AAADoQe7+X8ct9j8AAAA0I3f/b+IW+x8AAACakbv/t3FLJ/t/Y/1//L9a/z/7/t/7//r/zfX/Jwf9v/5/gf5/nP5/Bf2//l//r/9nrabW/+fu/13c0sn+BwAAgB7k7v993GL/AwAAQDNy9/8hbrH/AQAAoBm5+/8Yt3Sy/73/r//X/+v/Z9v/e/9f/7+E/n+c/n+5+hul/9f/6//1/6zV1Pr/3P1/ils62f8AAADQg9z9f45b7H8AAABoRu7+W+MW+x8AAACakbv/L3FLJ/t/4/3/1fp//b/+X/+/Tf+v/18H/f+4Tfb/d/2v1V/W+/8b7//zI+j/9f/6f9Ziav1/7v6/xi2d7H8AAADoQe7+v8Ut9j8AAAA0I3f/3+MW+x8AAACakbv/H3FLJ/t/Rf9/un7i4fv/E6u+tvf/9f/6f/2//l//v276/3He/19B/+/9f/2//p+1mlr/n7v/n3FLJ/sfAAAAepC7/7a4xf4HAACAZuTu/1fcYv8DAABAM3L3/ztu6WT/b/z9f/3/Ifr/q/T/+n/9v/5f/7+C/n+c/n8F/b/+X/+v/2etptb/5+7/TwAAAP//10Q9fw==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4084, 0xff4) syz_mount_image$exfat(0x0, &(0x7f0000000180)='./bus\x00', 0x1004030, 0x0, 0xfb, 0x0, &(0x7f0000000000)) 247.891592ms ago: executing program 2 (id=1775): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x48, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffff3a3, 0x58}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x48}}, 0x0) 215.174332ms ago: executing program 1 (id=1776): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x9b, 0x298, {0xfffffffa}}) 0s ago: executing program 2 (id=1777): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000a40)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@grpquota}, {@noblock_validity}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x2e}}, {@resgid}, {@sysvgroups}, {@norecovery}, {@usrquota}]}, 0x1, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf6UmVQ+1YFtsJS3a3aSxbfBQK4ieCtZ6rzHZhJBNNmQ3bROKpHhXEFHBkycvgn+AIP0TRCjoXaoooq0ePKgrOztb27jbRLrd6Tf5fGA67zvv7j7P27Az88687ARwaJ2PiFsRMRIRlyNiPN+e5ku77dadzutePH80316SaLXu/iWJJN/W/awkX5+IiJ2IOBoRX/tKxDeT/43b2NpemavVqht5vdJcXa80travLK/OLVWXqmszM9PXZ2/MXpudGkg/JyLi5pf+8IPv/vTLN3/52Qe/u/enS99qpzWWt7/aj0HqdL2U/V90jUbExrsIVoCRfF3q0/6dkSEmAwDAntrn+B+NiE9l5//jMZKdnQIAAAAHSesLY/HPJKIFAAAAHFhpNgc2Scv5XICxSNNyuTOH9+NxPK3VG83PLNY31xY6c2UnopQuLteqU/lc4YkoJe36dD7Htlu/uqs+ExGnIuL748eyenm+Xlso+uIHAAAAHBIndo3//z6ejf+PFJ0XAAAAMGATRScAAAAAvHPG/wAAAHDwGf8DAADAgfbV27fbS6v7/OuF+1ubK/X7VxaqjZXy6uZ8eb6+sV5eqteXst/sW93r82r1+vrnYm3zYaVZbTQrja3te6v1zbXmveXXHoENAAAADNGpc09+m0TEzuePZUvbB0UnBQxFskd79pCQZ3nl90NICBiakaITAAozWnQCQGFKRScAFG6v6wB9J+/8avC5AAAA78bkJ/rf/3dtAA62tOgEAIChc/8fDq/S6zMArxWXCVCUj+zR/vb3/1ut/yshAABg4MayJUnL+b3AsUjTcjniZPZYgFKyuFyrTuXjg9+Ml46069PZO5M95wwDAAAAAAAAAAAAAAAAAAAAAAAAAB2tVhItAAAA4ECLSP+YZL/mHzE5fnFs9/WBD5J/jGfriHjw47s/fDjXbG5Mt7f/9eX25o/y7VeLuIIBAAAA7NYdp3fH8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwSC+eP5rvLsOM++cvRsREz/jnjmaro1GKiON/S2L0lfclETEygPg7jyPidK/4STutmIhOFr3iHyswfhoRJwYQHw6zJ+39z61e3780zmfr3t+/0Xx5W/33f2l0938jffY/J/cZ48zTn1f6xn8ccWa09/6nGz/pE//CPuN/4+vb2/3aWj+JmOx5/Elei1Vprq5XGlvbV5ZX55aqS9W1mZnp67M3Zq/NTlUWl2vV/N+eMb73yV/8+039P94n/sQe/b+4z/7/6+nD5x/rFEu94l+60Pv4e7pP/DQ/9n06L7fbJ7vlnU75VWd/9uuzb+r/Qp/+v/z79zjQtmNe2mf/L9/59rN9vhQAGILG1vbKXK1W3fgwFtJ4L9JQGEjhyPuRhkKnUPSeCQAAGLT/nvQXnQkAAAAAAAAAAAAAAAAAAAAcXsP4ObHdMXeK6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv9JwAA///NOtlz") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0x5c, 0x10003, '\x00', [{0x0, 0x0, 0x3f00}, {0xffffffff}]}) kernel console output (not intermixed with test programs): ment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 135.087915][ T6381] hfsplus: bad catalog entry type [ 135.113217][ T6385] sg_write: data in/out 131036/70 bytes for SCSI command 0x0-- guessing data in; [ 135.113217][ T6385] program syz.4.830 not setting count and/or reply_len properly [ 135.206233][ T1292] hfsplus: b-tree write err: -5, ino 4 [ 135.348341][ T6387] loop0: detected capacity change from 0 to 32768 [ 135.414340][ T6387] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.829 (6387) [ 135.417971][ T6391] loop1: detected capacity change from 0 to 64 [ 135.465175][ T6393] loop3: detected capacity change from 0 to 256 [ 135.498352][ T6387] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 135.508595][ T6387] BTRFS info (device loop0): turning off barriers [ 135.515049][ T6387] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 135.524313][ T6387] BTRFS info (device loop0): force lzo compression, level 0 [ 135.531731][ T6387] BTRFS info (device loop0): use zlib compression, level 3 [ 135.539176][ T6387] BTRFS info (device loop0): turning on sync discard [ 135.545915][ T6387] BTRFS info (device loop0): allowing degraded mounts [ 135.552820][ T6387] BTRFS info (device loop0): using free space tree [ 135.559395][ T6387] BTRFS info (device loop0): has skinny extents [ 135.606917][ T6393] exfat: Deprecated parameter 'utf8' [ 135.646929][ T6393] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 135.844818][ T1292] BTRFS warning (device loop0): checksum verify failed on 5337088 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x962ddb98fea2b0ab71fe094478eb19f149e4707d71daf9fdb70876527915f163 level 0 [ 135.868086][ T6387] BTRFS warning (device loop0): failed to read root (objectid=2): -5 [ 136.265828][ T6387] BTRFS error (device loop0): open_ctree failed [ 136.267225][ T4276] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by udevd (4276) [ 136.431781][ T6429] loop2: detected capacity change from 0 to 256 [ 136.689540][ T6429] FAT-fs (loop2): Directory bread(block 64) failed [ 136.715591][ T6429] FAT-fs (loop2): Directory bread(block 65) failed [ 136.722261][ T6429] FAT-fs (loop2): Directory bread(block 66) failed [ 136.773364][ T6439] mkiss: ax0: crc mode is auto. [ 136.788735][ T6443] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 136.805688][ T6429] FAT-fs (loop2): Directory bread(block 67) failed [ 136.857410][ T6429] FAT-fs (loop2): Directory bread(block 68) failed [ 136.863999][ T6429] FAT-fs (loop2): Directory bread(block 69) failed [ 136.901498][ T6429] FAT-fs (loop2): Directory bread(block 70) failed [ 136.925469][ T6429] FAT-fs (loop2): Directory bread(block 71) failed [ 136.953084][ T6429] FAT-fs (loop2): Directory bread(block 72) failed [ 136.973309][ T6429] FAT-fs (loop2): Directory bread(block 73) failed [ 136.989951][ T6448] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.848'. [ 137.040073][ T6448] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 137.092678][ T6422] loop3: detected capacity change from 0 to 32768 [ 137.133818][ T6450] loop4: detected capacity change from 0 to 2048 [ 137.211505][ T6450] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 137.295426][ T6456] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 137.455252][ T6457] loop0: detected capacity change from 0 to 4096 [ 137.543962][ T6457] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 137.701932][ T6457] ntfs3: loop0: ntfs_sync_fs r=1a failed, -22. [ 137.709389][ T6457] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 137.731558][ T6457] ntfs3: Volume is dirty and "force" flag is not set! [ 137.875617][ T5824] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 137.999934][ T6455] loop1: detected capacity change from 0 to 32768 [ 138.051097][ T6469] loop3: detected capacity change from 0 to 1024 [ 138.073308][ T6465] loop2: detected capacity change from 0 to 8192 [ 138.099270][ T6469] EXT4-fs (loop3): Test dummy encryption mode enabled [ 138.110268][ T6469] EXT4-fs (loop3): Ignoring removed orlov option [ 138.114989][ T6455] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 138.158901][ T6469] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 138.194178][ T6455] (syz.1.853,6455,0):ocfs2_get_suballoc_slot_bit:2716 ERROR: invalid inode 84 requested [ 138.215768][ T5219] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 138.227805][ T6455] (syz.1.853,6455,0):ocfs2_get_suballoc_slot_bit:2741 ERROR: status = -22 [ 138.272878][ T6455] (syz.1.853,6455,0):ocfs2_test_inode_bit:2823 ERROR: get alloc slot and bit failed -22 [ 138.291664][ T6455] (syz.1.853,6455,0):ocfs2_test_inode_bit:2864 ERROR: status = -22 [ 138.350977][ T5824] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1120, setting to 1024 [ 138.369459][ T4168] ocfs2: Unmounting device (7,1) on (node local) [ 138.372763][ T5824] usb 5-1: New USB device found, idVendor=056a, idProduct=010d, bcdDevice= 0.00 [ 138.401192][ T5824] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.430910][ T5824] usb 5-1: config 0 descriptor?? [ 138.437046][ T6475] loop2: detected capacity change from 0 to 512 [ 138.466986][ T6461] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 138.485717][ T5219] usb 1-1: Using ep0 maxpacket: 32 [ 138.529773][ T6475] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 138.643205][ T5219] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.656930][ T6475] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000] [ 138.672096][ T5219] usb 1-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00 [ 138.687452][ T6475] EXT4-fs (loop2): 1 truncate cleaned up [ 138.693349][ T5219] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.707043][ T6475] EXT4-fs (loop2): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,barrier,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 138.735838][ T4253] Quota error (device loop2): free_dqentry: Quota structure has offset to other block (1) than it should (5) [ 138.737773][ T5219] usb 1-1: config 0 descriptor?? [ 138.760508][ T4253] EXT4-fs error (device loop2): ext4_release_dquot:6220: comm kworker/u4:6: Failed to release dquot type 1 [ 138.848497][ T6475] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3876: comm syz.2.860: Allocating blocks 43-57 which overlap fs metadata [ 138.966111][ T5824] wacom 0003:056A:010D.0010: hidraw0: USB HID v0.00 Device [HID 056a:010d] on usb-dummy_hcd.4-1/input0 [ 139.195460][ T5824] usb 5-1: USB disconnect, device number 8 [ 139.214800][ T6489] Process accounting resumed [ 139.222243][ T5219] hid-alps 0003:044E:121E.0011: unknown main item tag 0x0 [ 139.238123][ T5219] hid-alps 0003:044E:121E.0011: unknown main item tag 0x0 [ 139.253537][ T5219] hid-alps 0003:044E:121E.0011: unknown main item tag 0x0 [ 139.263635][ T5219] hid-alps 0003:044E:121E.0011: unknown main item tag 0x0 [ 139.277859][ T5219] hid-alps 0003:044E:121E.0011: unknown main item tag 0x0 [ 139.289752][ T5219] hid-alps 0003:044E:121E.0011: hidraw0: USB HID v0.95 Device [HID 044e:121e] on usb-dummy_hcd.0-1/input0 [ 139.327689][ T6491] loop3: detected capacity change from 0 to 256 [ 139.350289][ T6479] loop1: detected capacity change from 0 to 40427 [ 139.368821][ T6489] Process accounting resumed [ 139.414505][ T26] audit: type=1800 audit(1734867642.275:7): pid=6491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.866" name="file1" dev="loop3" ino=1048697 res=0 errno=0 [ 139.458834][ T6479] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 139.478300][ T5219] usb 1-1: USB disconnect, device number 9 [ 139.484360][ T6479] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 139.522694][ T6479] F2FS-fs (loop1): invalid crc value [ 139.574181][ T6479] F2FS-fs (loop1): Found nat_bits in checkpoint [ 139.713512][ T6479] F2FS-fs (loop1): recover fsync data on readonly fs [ 139.730483][ T6479] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 139.765721][ T6479] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 139.807536][ T6479] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 139.952133][ T6510] netlink: 16 bytes leftover after parsing attributes in process `syz.3.875'. [ 139.991775][ T6510] netlink: 24 bytes leftover after parsing attributes in process `syz.3.875'. [ 140.027447][ T6510] netlink: 72 bytes leftover after parsing attributes in process `syz.3.875'. [ 140.109110][ T6516] loop0: detected capacity change from 0 to 64 [ 140.595542][ T5225] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 140.827301][ T6543] loop1: detected capacity change from 0 to 4096 [ 140.857492][ T6549] loop0: detected capacity change from 0 to 4096 [ 140.865656][ T5225] usb 5-1: Using ep0 maxpacket: 32 [ 140.883218][ T6543] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 140.990030][ T6552] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 141.001154][ T5225] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 141.015767][ T5225] usb 5-1: config 0 has no interface number 0 [ 141.150104][ T6557] loop2: detected capacity change from 0 to 256 [ 141.225887][ T5225] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 141.263251][ T6557] FAT-fs (loop2): Directory bread(block 64) failed [ 141.275768][ T5225] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.286934][ T6557] FAT-fs (loop2): Directory bread(block 65) failed [ 141.294164][ T6557] FAT-fs (loop2): Directory bread(block 66) failed [ 141.300313][ T6559] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 141.309741][ T5225] usb 5-1: Product: syz [ 141.313950][ T5225] usb 5-1: Manufacturer: syz [ 141.318216][ T6557] FAT-fs (loop2): Directory bread(block 67) failed [ 141.325469][ T5225] usb 5-1: SerialNumber: syz [ 141.338983][ T6557] FAT-fs (loop2): Directory bread(block 68) failed [ 141.346822][ T5225] usb 5-1: config 0 descriptor?? [ 141.358821][ T6557] FAT-fs (loop2): Directory bread(block 69) failed [ 141.372887][ T6536] loop3: detected capacity change from 0 to 32768 [ 141.400760][ T6557] FAT-fs (loop2): Directory bread(block 70) failed [ 141.415155][ T6557] FAT-fs (loop2): Directory bread(block 71) failed [ 141.423887][ T5225] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 141.437514][ T6557] FAT-fs (loop2): Directory bread(block 72) failed [ 141.446614][ T6557] FAT-fs (loop2): Directory bread(block 73) failed [ 141.512073][ T6536] XFS (loop3): Mounting V5 Filesystem [ 141.519598][ T6572] loop0: detected capacity change from 0 to 512 [ 141.580946][ T6572] EXT4-fs (loop0): Ignoring removed orlov option [ 141.590647][ T6572] EXT4-fs (loop0): orphan cleanup on readonly fs [ 141.602972][ T6572] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.904: bg 0: block 248: padding at end of block bitmap is not set [ 141.621021][ T6572] Quota error (device loop0): write_blk: dquota write failed [ 141.634142][ T6572] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 141.646215][ T6572] EXT4-fs error (device loop0): ext4_acquire_dquot:6197: comm syz.0.904: Failed to acquire dquot type 1 [ 141.648168][ T5225] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 141.668463][ T6536] XFS (loop3): Ending clean mount [ 141.669091][ T5225] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 141.712819][ T6572] EXT4-fs (loop0): 1 truncate cleaned up [ 141.738847][ T6572] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,orlov,nojournal_checksum,noquota,max_dir_size_kb=0x00000000000088c3,noload,noload,,errors=continue. Quota mode: writeback. [ 141.766120][ T26] audit: type=1800 audit(1734867644.635:8): pid=6536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.890" name="file1" dev="loop3" ino=1286 res=0 errno=0 [ 141.833919][ T4174] XFS (loop3): Unmounting Filesystem [ 141.946463][ T6572] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 142.031477][ T6572] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: writeback. [ 142.060339][ T6572] ext4 filesystem being remounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 142.192647][ T6592] loop1: detected capacity change from 0 to 256 [ 142.199150][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 142.209021][ T5225] usb 5-1: USB disconnect, device number 9 [ 142.219366][ T5225] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 142.273446][ T5225] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 142.325979][ T5225] quatech2 5-1:0.51: device disconnected [ 142.411002][ T6600] netlink: 'syz.0.914': attribute type 30 has an invalid length. [ 142.491752][ T6602] loop0: detected capacity change from 0 to 512 [ 142.650512][ T6602] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a84ee018, mo2=0000] [ 142.699743][ T6614] loop1: detected capacity change from 0 to 2048 [ 142.703104][ T6602] System zones: 0-2, 18-18, 34-34 [ 142.748594][ T6614] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.761265][ T6602] EXT4-fs (loop0): 1 orphan inode deleted [ 142.801422][ T6616] [U] [ 142.819540][ T6602] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,usrjquota=,nouid32,data_err=ignore,quota,,errors=continue. Quota mode: writeback. [ 142.823213][ T6618] netlink: 'syz.4.922': attribute type 29 has an invalid length. [ 142.847497][ T26] audit: type=1800 audit(1734867645.715:9): pid=6614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.920" name="bus" dev="loop1" ino=1367 res=0 errno=0 [ 142.867676][ C0] vkms_vblank_simulate: vblank timer overrun [ 142.876961][ T6602] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.958082][ T6618] netlink: 'syz.4.922': attribute type 29 has an invalid length. [ 142.971345][ T6622] netlink: 'syz.4.922': attribute type 29 has an invalid length. [ 143.248697][ T6598] loop2: detected capacity change from 0 to 32768 [ 143.332767][ T6633] loop3: detected capacity change from 0 to 1024 [ 143.381720][ T6598] XFS (loop2): Mounting V5 Filesystem [ 143.580508][ T6598] XFS (loop2): Ending clean mount [ 143.603569][ T6598] XFS (loop2): Quotacheck needed: Please wait. [ 143.616128][ T144] hfsplus: b-tree write err: -5, ino 4 [ 143.671476][ T6659] loop4: detected capacity change from 0 to 256 [ 143.735798][ T6598] XFS (loop2): Quotacheck: Done. [ 143.754404][ T6661] netlink: 560 bytes leftover after parsing attributes in process `syz.3.937'. [ 143.776602][ T6661] netlink: 36 bytes leftover after parsing attributes in process `syz.3.937'. [ 143.790755][ T6659] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 143.943676][ T6667] loop0: detected capacity change from 0 to 16 [ 143.972991][ T4178] XFS (loop2): Unmounting Filesystem [ 144.098730][ T6667] erofs: (device loop0): mounted with root inode @ nid 36. [ 144.129505][ T6667] loop0: Can't mount, would change RO state [ 144.275554][ T5225] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 144.332336][ T6678] netlink: 16 bytes leftover after parsing attributes in process `syz.4.946'. [ 144.516356][ T6682] loop4: detected capacity change from 0 to 256 [ 144.596576][ T6682] exfat: Deprecated parameter 'utf8' [ 144.605622][ T5225] usb 2-1: Using ep0 maxpacket: 16 [ 144.616288][ T6682] exfat: Deprecated parameter 'namecase' [ 144.703268][ T6682] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 144.745917][ T5225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.777372][ T5225] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.822927][ T5225] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 144.858266][ T5225] usb 2-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 144.895519][ T5225] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.927743][ T5225] usb 2-1: config 0 descriptor?? [ 145.152810][ T6699] loop4: detected capacity change from 0 to 4096 [ 145.174424][ T6707] loop2: detected capacity change from 0 to 16 [ 145.186935][ T6707] erofs: (device loop2): erofs_superblock_csum_verify: invalid checksum 0xbbaa231a, 0xe73df4ff expected [ 145.250952][ T6712] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.349634][ T6699] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 145.373884][ T6699] Remounting filesystem read-only [ 145.409608][ T5225] uclogic 0003:5543:0064.0012: No inputs registered, leaving [ 145.428044][ T5225] uclogic 0003:5543:0064.0012: hidraw0: USB HID v0.00 Device [HID 5543:0064] on usb-dummy_hcd.1-1/input0 [ 145.473617][ T4177] NILFS (loop4): discard dirty page: offset=0, ino=6 [ 145.487502][ T4177] NILFS (loop4): discard dirty block: blocknr=23, size=4096 [ 145.494866][ T4177] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 145.507639][ T4177] NILFS (loop4): discard dirty block: blocknr=24, size=4096 [ 145.516277][ T4719] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 145.526923][ T6716] loop2: detected capacity change from 0 to 64 [ 145.543320][ T4177] NILFS (loop4): discard dirty page: offset=8192, ino=6 [ 145.551765][ T4177] NILFS (loop4): discard dirty block: blocknr=25, size=4096 [ 145.615274][ T5547] usb 2-1: USB disconnect, device number 6 [ 145.895861][ T4719] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 145.921017][ T4719] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.935654][ T6145] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 145.944466][ T4719] usb 1-1: config 0 descriptor?? [ 146.133388][ T6738] IPv6: NLM_F_CREATE should be specified when creating new route [ 146.152589][ T6738] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 146.160665][ T6738] IPv6: NLM_F_CREATE should be set when creating new route [ 146.167972][ T6738] IPv6: NLM_F_CREATE should be set when creating new route [ 146.300815][ T6145] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 146.322363][ T6145] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 146.336843][ T6744] loop2: detected capacity change from 0 to 4096 [ 146.376738][ T6744] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 146.415921][ T6145] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 146.427963][ T6145] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 146.437167][ T6145] usb 5-1: SerialNumber: syz [ 146.448528][ T6744] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 146.460798][ T6744] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 146.475661][ T4719] [drm:udl_init] *ERROR* Selecting channel failed [ 146.492087][ T6744] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 146.507009][ T4719] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 146.514508][ T4719] [drm] Initialized udl on minor 2 [ 146.519841][ T6744] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 146.547183][ T6744] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 146.556144][ T4719] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 146.565951][ T6744] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 146.587447][ T4719] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 146.605575][ T6744] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 146.605684][ T4719] usb 1-1: USB disconnect, device number 10 [ 146.615113][ T6744] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 146.648971][ T6744] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 146.661681][ T6744] ntfs: volume version 3.1. [ 146.710526][ T6145] usb 5-1: 0:2 : does not exist [ 146.751408][ T6145] usb 5-1: USB disconnect, device number 10 [ 146.962359][ T4276] udevd[4276]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 147.130759][ T6761] netlink: 32 bytes leftover after parsing attributes in process `syz.2.985'. [ 147.160463][ T6764] loop1: detected capacity change from 0 to 512 [ 147.247285][ T6764] EXT4-fs (loop1): orphan cleanup on readonly fs [ 147.265820][ T6764] EXT4-fs error (device loop1): ext4_acquire_dquot:6197: comm syz.1.986: Failed to acquire dquot type 1 [ 147.307994][ T6764] EXT4-fs (loop1): 1 truncate cleaned up [ 147.355844][ T6764] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 147.389771][ T6764] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 147.413299][ T6764] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 8 [ 147.515585][ T5824] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 147.591992][ T6783] loop2: detected capacity change from 0 to 256 [ 147.631387][ T6785] netlink: 'syz.1.997': attribute type 5 has an invalid length. [ 147.689952][ T6783] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 147.747232][ T6789] loop1: detected capacity change from 0 to 128 [ 148.107106][ T5824] usb 1-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19 [ 148.123899][ T5824] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.134640][ T5824] usb 1-1: Product: syz [ 148.145912][ T5824] usb 1-1: Manufacturer: syz [ 148.150654][ T5824] usb 1-1: SerialNumber: syz [ 148.163840][ T5824] usb 1-1: config 0 descriptor?? [ 148.315502][ T6804] loop2: detected capacity change from 0 to 64 [ 148.331451][ T5219] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 148.410743][ T5824] usb 1-1: USB disconnect, device number 11 [ 148.599345][ T6810] loop4: detected capacity change from 0 to 4096 [ 148.745833][ T5219] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 148.775296][ T5219] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 148.801448][ T5219] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 148.822649][ T5219] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.845944][ T6797] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 149.286475][ T6816] loop3: detected capacity change from 0 to 32768 [ 149.326409][ T5824] usb 2-1: USB disconnect, device number 7 [ 149.342343][ T4851] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by udevd (4851) [ 149.386309][ T6816] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 149.424242][ T6816] BTRFS info (device loop3): metadata ratio 2 [ 149.455531][ T6816] BTRFS info (device loop3): force zlib compression, level 3 [ 149.462976][ T6816] BTRFS info (device loop3): enabling auto defrag [ 149.495596][ T6816] BTRFS info (device loop3): max_inline at 0 [ 149.501627][ T6816] BTRFS info (device loop3): using free space tree [ 149.528506][ T6816] BTRFS info (device loop3): has skinny extents [ 149.568176][ T6823] loop0: detected capacity change from 0 to 40427 [ 149.654973][ T6823] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 149.703822][ T6823] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 149.724909][ T6823] F2FS-fs (loop0): invalid crc value [ 149.744896][ T6821] loop4: detected capacity change from 0 to 32768 [ 149.763849][ T6821] XFS: noikeep mount option is deprecated. [ 149.789602][ T6823] F2FS-fs (loop0): Found nat_bits in checkpoint [ 149.868283][ T6821] XFS (loop4): Mounting V5 Filesystem [ 149.868400][ T6823] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 149.882984][ T6823] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 149.930462][ T6816] BTRFS error (device loop3): target device is invalid! [ 149.996103][ T6857] loop2: detected capacity change from 0 to 4096 [ 150.058441][ T6857] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 150.071239][ T6862] loop1: detected capacity change from 0 to 2048 [ 150.210029][ T6821] XFS (loop4): Ending clean mount [ 150.266264][ T6821] XFS (loop4): Quotacheck needed: Please wait. [ 150.437262][ T1292] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 150.481979][ T6821] XFS (loop4): Quotacheck: Done. [ 150.492548][ T6857] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 150.516737][ T1292] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 150.637354][ T4253] ntfs3: loop2: ino=1b, Internal error [ 150.642880][ T4253] ntfs3: loop2: ntfs3_write_inode r=1b failed, -22. [ 150.675785][ T4178] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22. [ 150.698788][ T4178] ntfs3: loop2: ntfs_evict_inode r=1a failed, -22. [ 150.746512][ T4177] XFS (loop4): Unmounting Filesystem [ 150.824904][ T6872] loop3: detected capacity change from 0 to 512 [ 151.033228][ T6872] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1027: invalid indirect mapped block 4294967295 (level 1) [ 151.178376][ T6884] loop0: detected capacity change from 0 to 4096 [ 151.188001][ T6872] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1027: invalid indirect mapped block 4294967295 (level 1) [ 151.254830][ T6884] ntfs: volume version 3.1. [ 151.257996][ T6872] EXT4-fs (loop3): 2 truncates cleaned up [ 151.324069][ T6872] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 151.409643][ T6889] loop4: detected capacity change from 0 to 256 [ 151.488541][ T6891] loop2: detected capacity change from 0 to 1024 [ 151.505669][ T6889] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 151.570956][ T6891] EXT4-fs (loop2): Test dummy encryption mode enabled [ 151.593731][ T6891] EXT4-fs (loop2): inline encryption not supported [ 151.600843][ T6895] loop0: detected capacity change from 0 to 2048 [ 151.608402][ T6889] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 151.624055][ T6891] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,stripe=0x0000000000000007,commit=0x0000000000000005,inlinecrypt,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 151.641243][ T6889] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf32de3a7, utbl_chksum : 0xe619d30d) [ 151.720664][ T26] kauditd_printk_skb: 28 callbacks suppressed [ 151.720680][ T26] audit: type=1800 audit(1734867654.585:10): pid=6889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1026" name="file1" dev="loop4" ino=1048730 res=0 errno=0 [ 152.027758][ T6902] loop3: detected capacity change from 0 to 4096 [ 152.055251][ T6910] loop2: detected capacity change from 0 to 2048 [ 152.109063][ T6914] loop4: detected capacity change from 0 to 512 [ 152.164144][ T6902] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 152.185606][ T6914] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 152.196910][ T6910] NILFS (loop2): invalid segment: Inconsistency found [ 152.203724][ T6910] NILFS (loop2): trying rollback from an earlier position [ 152.251533][ T6914] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=8003e119, mo2=0000] [ 152.293868][ T6910] NILFS (loop2): recovery complete [ 152.313206][ T6900] loop1: detected capacity change from 0 to 32768 [ 152.345215][ T6914] EXT4-fs (loop4): 1 truncate cleaned up [ 152.361111][ T6914] EXT4-fs (loop4): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,noblock_validity,nombcache,norecovery,barrier=0x000000000000000c,resgid=0x000000000000ee01,barrier,noauto_da_alloc,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 152.396667][ T6917] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 152.405300][ T1292] Quota error (device loop4): free_dqentry: Quota structure has offset to other block (1) than it should (5) [ 152.483728][ T1292] EXT4-fs error (device loop4): ext4_release_dquot:6220: comm kworker/u4:5: Failed to release dquot type 1 [ 152.506721][ T6910] NILFS (loop2): unrecognized mount option "iocharset=iso8859e=00000000000000000000005" [ 152.669582][ T6914] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.1043: Allocating blocks 43-57 which overlap fs metadata [ 152.885273][ T6912] loop0: detected capacity change from 0 to 32768 [ 153.012798][ T6929] syz_tun: refused to change device tx_queue_len [ 153.029878][ T6929] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 153.102284][ T6912] XFS (loop0): Mounting V5 Filesystem [ 153.138892][ T6936] loop2: detected capacity change from 0 to 4096 [ 153.218030][ T6912] XFS (loop0): Ending clean mount [ 153.228487][ T6943] loop4: detected capacity change from 0 to 1764 [ 153.261539][ T6912] XFS (loop0): Quotacheck needed: Please wait. [ 153.290207][ T6946] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.355781][ T6912] XFS (loop0): Quotacheck: Done. [ 153.454186][ T4172] XFS (loop0): Unmounting Filesystem [ 153.570768][ T6952] loop4: detected capacity change from 0 to 2048 [ 153.688208][ T6952] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 153.741326][ T6957] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 154.087714][ T5219] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 154.217727][ T6964] loop0: detected capacity change from 0 to 4096 [ 154.292848][ T6955] loop1: detected capacity change from 0 to 40427 [ 154.307667][ T6964] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 154.344727][ T6955] F2FS-fs (loop1): invalid crc value [ 154.355534][ T5219] usb 3-1: Using ep0 maxpacket: 8 [ 154.366153][ T6955] F2FS-fs (loop1): Found nat_bits in checkpoint [ 154.458179][ T6955] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 154.505637][ T5219] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 154.519557][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.532649][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 154.560273][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 154.600781][ T6955] attempt to access beyond end of device [ 154.600781][ T6955] loop1: rw=2049, want=45184, limit=40427 [ 154.631155][ T4168] attempt to access beyond end of device [ 154.631155][ T4168] loop1: rw=2049, want=45192, limit=40427 [ 154.685554][ T5219] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 154.693001][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.704755][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 154.716384][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 154.817267][ T5219] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 154.824711][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.837981][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 154.849729][ T5219] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 155.115706][ T5219] usb 3-1: string descriptor 0 read error: -22 [ 155.122113][ T5219] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 155.131597][ T5219] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.190693][ T5219] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 155.406250][ T1108] usb 3-1: USB disconnect, device number 10 [ 155.849209][ T6977] loop3: detected capacity change from 0 to 4096 [ 155.935851][ T6986] loop4: detected capacity change from 0 to 512 [ 155.981544][ T6986] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 156.002440][ T6986] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 156.104586][ T6986] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002] [ 156.130054][ T6986] System zones: 1-12 [ 156.176561][ T6986] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.1068: corrupted in-inode xattr [ 156.238466][ T6986] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1068: couldn't read orphan inode 15 (err -117) [ 156.278973][ T6986] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000006,barrier,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: none. [ 156.437982][ T6984] loop1: detected capacity change from 0 to 40427 [ 156.481321][ T6984] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 156.497660][ T6984] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 156.537918][ T6984] F2FS-fs (loop1): invalid crc value [ 156.595278][ T6984] F2FS-fs (loop1): Found nat_bits in checkpoint [ 156.622382][ T7006] netlink: 468 bytes leftover after parsing attributes in process `syz.3.1076'. [ 156.656931][ T7006] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1076'. [ 156.770573][ T6984] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 156.787181][ T7013] syz_tun: refused to change device tx_queue_len [ 156.801932][ T6984] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 156.810640][ T7013] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 156.996073][ T7021] loop3: detected capacity change from 0 to 512 [ 157.034260][ T144] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 157.075812][ T7021] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 157.079899][ T7031] loop0: detected capacity change from 0 to 512 [ 157.097871][ T144] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 157.128053][ T7021] Quota error (device loop3): v2_read_file_info: Free block number too big (58381 >= 6). [ 157.197287][ T7021] EXT4-fs warning (device loop3): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 157.217427][ T7031] EXT4-fs (loop0): Ignoring removed nobh option [ 157.254766][ T7021] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 157.297356][ T7021] Quota error (device loop3): v2_read_file_info: Free block number too big (58381 >= 6). [ 157.321169][ T7031] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,noauto_da_alloc,delalloc,nobh,dioread_lock,. Quota mode: writeback. [ 157.360279][ T7021] EXT4-fs warning (device loop3): ext4_enable_quotas:6432: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 157.378626][ T7031] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.427112][ T7031] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz.0.1087: path /202/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 157.461056][ T7031] EXT4-fs (loop0): Remounting filesystem read-only [ 158.057100][ T7060] syz_tun: refused to change device tx_queue_len [ 158.077041][ T7054] loop0: detected capacity change from 0 to 32768 [ 158.099742][ T7060] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 158.135954][ T7054] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 158.144251][ T7054] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 158.183026][ T7054] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 158.249255][ T7066] loop2: detected capacity change from 0 to 1024 [ 158.337889][ T7054] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 158.741655][ T7086] netlink: 'syz.3.1109': attribute type 3 has an invalid length. [ 158.920939][ T7096] loop2: detected capacity change from 0 to 512 [ 159.035042][ T7098] loop1: detected capacity change from 0 to 1024 [ 159.067283][ T7096] EXT4-fs (loop2): orphan cleanup on readonly fs [ 159.076396][ T7096] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present [ 159.096879][ T7058] loop4: detected capacity change from 0 to 40427 [ 159.121690][ T7096] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 159.175089][ T7098] EXT4-fs (loop1): Ignoring removed nobh option [ 159.197745][ T7096] EXT4-fs error (device loop2): ext4_acquire_dquot:6197: comm syz.2.1111: Failed to acquire dquot type 1 [ 159.220123][ T7058] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 159.246979][ T7096] EXT4-fs (loop2): 1 truncate cleaned up [ 159.276125][ T7058] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 159.298397][ T7096] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 159.340056][ T7098] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #11: comm syz.1.1114: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 159.357254][ T7058] F2FS-fs (loop4): invalid crc value [ 159.372817][ T7098] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.1114: couldn't read orphan inode 11 (err -117) [ 159.388939][ T7096] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 159.401682][ T7096] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 8 [ 159.419814][ T7098] EXT4-fs (loop1): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 159.462390][ T7058] F2FS-fs (loop4): Found nat_bits in checkpoint [ 159.624071][ T7098] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.1114: Invalid block bitmap block 0 in block_group 0 [ 159.646250][ T7098] Quota error (device loop1): write_blk: dquota write failed [ 159.663136][ T7058] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 159.692257][ T7058] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 159.715582][ T7098] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 159.775150][ T7098] EXT4-fs error (device loop1): ext4_acquire_dquot:6197: comm syz.1.1114: Failed to acquire dquot type 0 [ 159.954445][ T1292] Quota error (device loop1): remove_tree: Getting block too big (0 >= 9) [ 159.973459][ T9] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 159.988245][ T1292] EXT4-fs error (device loop1): ext4_release_dquot:6220: comm kworker/u4:5: Failed to release dquot type 0 [ 160.015164][ T9] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 160.156767][ T7122] loop0: detected capacity change from 0 to 8192 [ 160.192934][ T7132] netlink: 'syz.1.1123': attribute type 2 has an invalid length. [ 160.248493][ T7122] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 160.283310][ T7122] REISERFS (device loop0): using ordered data mode [ 160.310089][ T7122] reiserfs: using flush barriers [ 160.329641][ T7122] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 160.446078][ T7122] REISERFS (device loop0): checking transaction log (loop0) [ 160.739310][ T7122] REISERFS (device loop0): Using tea hash to sort names [ 160.801310][ T7122] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 160.867395][ T7122] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 160.989640][ T7155] loop3: detected capacity change from 0 to 512 [ 161.063596][ T7155] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 161.077214][ T7130] loop2: detected capacity change from 0 to 40427 [ 161.103811][ T7155] EXT4-fs (loop3): 1 truncate cleaned up [ 161.143419][ T7130] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 161.150612][ T7155] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,grpquota,nobarrier,nodiscard,nolazytime,init_itable=0x0000000000002a96,,errors=continue. Quota mode: writeback. [ 161.168216][ T7130] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 161.194889][ T7130] F2FS-fs (loop2): invalid crc value [ 161.240965][ T5219] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 161.262748][ T7130] F2FS-fs (loop2): Found nat_bits in checkpoint [ 161.448881][ T7130] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 161.465466][ T7130] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 161.653440][ T9] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 161.665888][ T5219] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.670639][ T9] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 161.683236][ T5219] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 161.695133][ T5219] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 161.734186][ T5219] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.786517][ T5219] usb 5-1: config 0 descriptor?? [ 162.150634][ T4208] usb 5-1: USB disconnect, device number 11 [ 162.219035][ T7187] mkiss: ax0: crc mode is auto. [ 162.243851][ T7189] loop1: detected capacity change from 0 to 512 [ 162.359177][ T7189] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 162.426314][ T7189] EXT4-fs (loop1): 1 truncate cleaned up [ 162.446810][ T7189] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000006,lazytime,noblock_validity,quota,,errors=continue. Quota mode: writeback. [ 162.500275][ T7185] loop3: detected capacity change from 0 to 32768 [ 162.578075][ T7185] XFS (loop3): Mounting V5 Filesystem [ 162.730475][ T7185] XFS (loop3): Ending clean mount [ 162.742253][ T7185] XFS (loop3): Quotacheck needed: Please wait. [ 162.784782][ T7185] XFS (loop3): Quotacheck: Done. [ 162.818892][ T4174] XFS (loop3): Unmounting Filesystem [ 162.922197][ T7206] loop1: detected capacity change from 0 to 8192 [ 163.011618][ T7206] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 163.100808][ T7214] loop4: detected capacity change from 0 to 256 [ 163.272413][ T7214] FAT-fs (loop4): Directory bread(block 64) failed [ 163.289015][ T7214] FAT-fs (loop4): Directory bread(block 65) failed [ 163.315668][ T7214] FAT-fs (loop4): Directory bread(block 66) failed [ 163.322243][ T7214] FAT-fs (loop4): Directory bread(block 67) failed [ 163.355650][ T7220] loop1: detected capacity change from 0 to 1024 [ 163.368376][ T7214] FAT-fs (loop4): Directory bread(block 68) failed [ 163.374976][ T7214] FAT-fs (loop4): Directory bread(block 69) failed [ 163.445718][ T7214] FAT-fs (loop4): Directory bread(block 70) failed [ 163.452455][ T7214] FAT-fs (loop4): Directory bread(block 71) failed [ 163.469265][ T7214] FAT-fs (loop4): Directory bread(block 72) failed [ 163.505735][ T7214] FAT-fs (loop4): Directory bread(block 73) failed [ 163.603999][ T7226] loop0: detected capacity change from 0 to 128 [ 163.815034][ T7230] netlink: 'syz.1.1163': attribute type 1 has an invalid length. [ 163.828265][ T7232] loop4: detected capacity change from 0 to 256 [ 163.842816][ T7230] netlink: 9284 bytes leftover after parsing attributes in process `syz.1.1163'. [ 163.963585][ T7232] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 164.016011][ T7232] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 164.176610][ T4177] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000006) [ 164.210588][ T4177] exFAT-fs (loop4): Filesystem has been set read-only [ 164.246359][ T4177] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000006) [ 164.312133][ T7246] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 164.407833][ T4252] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 164.583118][ T7222] loop3: detected capacity change from 0 to 40427 [ 164.607801][ T7254] loop1: detected capacity change from 0 to 4096 [ 164.672303][ T7222] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 164.673751][ T4252] usb 1-1: Using ep0 maxpacket: 16 [ 164.690418][ T7222] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 164.739005][ T7222] F2FS-fs (loop3): invalid crc value [ 164.794956][ T7222] F2FS-fs (loop3): Found nat_bits in checkpoint [ 164.819786][ T7263] lo speed is unknown, defaulting to 1000 [ 164.835822][ T4252] usb 1-1: config 1 has too many interfaces: 129, using maximum allowed: 32 [ 164.850162][ T4252] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 129 [ 164.875556][ T7263] lo speed is unknown, defaulting to 1000 [ 164.875805][ T4252] usb 1-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.886660][ T7263] lo speed is unknown, defaulting to 1000 [ 164.908755][ T4252] usb 1-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 164.919661][ T4252] usb 1-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8 [ 164.934268][ T4252] usb 1-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 164.949907][ T4252] usb 1-1: config 1 interface 0 has no altsetting 0 [ 164.950250][ T7263] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 164.975081][ T7222] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 164.985459][ T7222] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 165.036584][ T4252] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a2, bcdDevice= 0.40 [ 165.053153][ T7251] loop4: detected capacity change from 0 to 32768 [ 165.058348][ T4252] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 165.064299][ T7263] lo speed is unknown, defaulting to 1000 [ 165.100416][ T4252] usb 1-1: SerialNumber: syz [ 165.106367][ T7263] lo speed is unknown, defaulting to 1000 [ 165.123435][ T7263] lo speed is unknown, defaulting to 1000 [ 165.143958][ T7263] lo speed is unknown, defaulting to 1000 [ 165.146856][ T7240] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 165.163201][ T7263] lo speed is unknown, defaulting to 1000 [ 165.172821][ T7240] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 165.226485][ T4252] usb 1-1: bad CDC descriptors [ 165.262047][ T7251] XFS (loop4): Mounting V5 Filesystem [ 165.415163][ T7251] XFS (loop4): Ending clean mount [ 165.427113][ T7251] XFS (loop4): Quotacheck needed: Please wait. [ 165.431113][ T7240] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 165.457955][ T7240] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 165.491655][ T4252] cdc_subset 1-1:1.0 usb0: register 'cdc_subset' at usb-dummy_hcd.0-1, Linux Device, 22:62:cf:ba:9f:54 [ 165.514992][ T7266] loop1: detected capacity change from 0 to 32768 [ 165.539239][ T1292] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 165.548567][ T7251] XFS (loop4): Quotacheck: Done. [ 165.597648][ T1292] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 165.607327][ T7266] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 scanned by syz.1.1178 (7266) [ 165.693338][ T7266] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 165.719689][ T7280] netlink: 468 bytes leftover after parsing attributes in process `syz.2.1180'. [ 165.723549][ T4208] usb 1-1: USB disconnect, device number 12 [ 165.739829][ T7266] BTRFS info (device loop1): enabling disk space caching [ 165.743627][ T4208] cdc_subset 1-1:1.0 usb0: unregister 'cdc_subset' usb-dummy_hcd.0-1, Linux Device [ 165.756307][ T7280] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1180'. [ 165.765469][ T7266] BTRFS info (device loop1): force clearing of disk cache [ 165.797405][ T7266] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 165.875588][ T7266] BTRFS info (device loop1): use zstd compression, level 3 [ 165.883371][ T4177] XFS (loop4): Unmounting Filesystem [ 165.901491][ T7266] BTRFS info (device loop1): disk space caching is enabled [ 165.939624][ T7266] BTRFS info (device loop1): has skinny extents [ 166.251707][ T7266] BTRFS info (device loop1): enabling ssd optimizations [ 166.276394][ T7266] BTRFS info (device loop1): clearing free space tree [ 166.303114][ T7266] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 166.367910][ T7266] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 167.018663][ T7283] loop2: detected capacity change from 0 to 32768 [ 167.369846][ T7351] loop4: detected capacity change from 0 to 512 [ 167.464980][ T7351] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 167.605660][ T7351] EXT4-fs (loop4): 1 truncate cleaned up [ 167.611360][ T7351] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 167.721132][ T26] audit: type=1326 audit(1734867670.585:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 167.835731][ T26] audit: type=1326 audit(1734867670.615:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 167.945438][ T26] audit: type=1326 audit(1734867670.615:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 168.041871][ T7377] loop0: detected capacity change from 0 to 1024 [ 168.078624][ T26] audit: type=1326 audit(1734867670.615:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 168.156148][ T26] audit: type=1326 audit(1734867670.615:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 168.197677][ T26] audit: type=1326 audit(1734867670.615:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7362 comm="syz.1.1197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b2cd6cd29 code=0x7ffc0000 [ 168.517130][ T7382] loop2: detected capacity change from 0 to 8192 [ 168.572677][ T7382] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 168.623637][ T7382] REISERFS (device loop2): using ordered data mode [ 168.628447][ T7393] loop0: detected capacity change from 0 to 8192 [ 168.690917][ T7382] reiserfs: using flush barriers [ 168.713072][ T7393] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 168.733961][ T7382] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.750881][ T7382] REISERFS (device loop2): checking transaction log (loop2) [ 168.755606][ T7393] REISERFS (device loop0): using ordered data mode [ 168.813983][ T7393] reiserfs: using flush barriers [ 168.880370][ T7393] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 168.934279][ T7393] REISERFS (device loop0): checking transaction log (loop0) [ 168.957519][ T7382] REISERFS (device loop2): Using tea hash to sort names [ 168.977091][ T7382] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 168.998011][ T7393] REISERFS (device loop0): Using r5 hash to sort names [ 169.070070][ T7382] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 169.073251][ T7393] reiserfs: enabling write barrier flush mode [ 169.156721][ T7393] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 169.326785][ T26] audit: type=1326 audit(1734867672.195:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7408 comm="syz.1.1213" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6b2cd6cd29 code=0x0 [ 169.348305][ T7388] loop4: detected capacity change from 0 to 40427 [ 169.436744][ T7388] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 169.470603][ T7388] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 169.532576][ T7388] F2FS-fs (loop4): invalid crc value [ 169.564948][ T7388] F2FS-fs (loop4): Found nat_bits in checkpoint [ 169.664298][ T7388] F2FS-fs (loop4): recover fsync data on readonly fs [ 169.672446][ T7388] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30 [ 169.680491][ T7388] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 169.895525][ T6328] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 170.085478][ T5219] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 170.095203][ T7428] loop4: detected capacity change from 0 to 64 [ 170.325792][ T6328] usb 1-1: unable to get BOS descriptor or descriptor too short [ 170.406047][ T6328] usb 1-1: config 13 has an invalid interface number: 50 but max is 3 [ 170.414717][ T6328] usb 1-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config [ 170.435846][ T6328] usb 1-1: config 13 has 1 interface, different from the descriptor's value: 4 [ 170.453797][ T6328] usb 1-1: config 13 has no interface number 0 [ 170.464593][ T6328] usb 1-1: config 13 interface 50 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 9 [ 170.492300][ T6328] usb 1-1: config 13 interface 50 has no altsetting 0 [ 170.531549][ T7440] loop1: detected capacity change from 0 to 2048 [ 170.685968][ T5219] usb 3-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19 [ 170.705424][ T6328] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=a9.e8 [ 170.714503][ T6328] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.723713][ T5219] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.755417][ T6328] usb 1-1: Product: syz [ 170.759728][ T5219] usb 3-1: Product: syz [ 170.768778][ T6328] usb 1-1: Manufacturer: syz [ 170.773626][ T5219] usb 3-1: Manufacturer: syz [ 170.778977][ T7450] mkiss: ax0: crc mode is auto. [ 170.789088][ T6328] usb 1-1: SerialNumber: syz [ 170.794692][ T5219] usb 3-1: SerialNumber: syz [ 170.834046][ T5219] usb 3-1: config 0 descriptor?? [ 171.146783][ T6145] usb 3-1: USB disconnect, device number 11 [ 171.186489][ T6328] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 171.214078][ T1292] usb 1-1: Failed to submit usb control message: -71 [ 171.214547][ T6328] usb 1-1: USB disconnect, device number 13 [ 171.270707][ T1292] usb 1-1: unable to send the bmi data to the device: -71 [ 171.287157][ T1292] usb 1-1: unable to get target info from device [ 171.325474][ T1292] usb 1-1: could not get target info (-71) [ 171.332517][ T1292] usb 1-1: could not probe fw (-71) [ 171.352592][ T4486] udevd[4486]: setting owner of /dev/bus/usb/001/013 to uid=0, gid=0 failed: No such file or directory [ 171.463364][ T7484] netlink: 'syz.4.1245': attribute type 1 has an invalid length. [ 171.479826][ T7484] netlink: 9284 bytes leftover after parsing attributes in process `syz.4.1245'. [ 171.495866][ T7484] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1245'. [ 171.539886][ T7487] program syz.3.1247 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 171.631492][ T7492] loop1: detected capacity change from 0 to 64 [ 172.059621][ T7514] loop4: detected capacity change from 0 to 128 [ 172.122309][ T7514] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 172.170982][ T7514] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 172.273627][ T7524] loop1: detected capacity change from 0 to 512 [ 172.289975][ T7525] UDF-fs: error (device loop4): udf_fiiter_advance_blk: extent after position 264 not allocated in directory (ino 87) [ 172.325225][ T7525] UDF-fs: error (device loop4): udf_fiiter_advance_blk: extent after position 264 not allocated in directory (ino 87) [ 172.361884][ T7514] UDF-fs: error (device loop4): udf_fiiter_advance_blk: extent after position 328 not allocated in directory (ino 87) [ 172.397047][ T7514] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 87) has entry at pos 328 with incorrect tag 6161 [ 172.416965][ T7524] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 172.431876][ T7524] EXT4-fs (loop1): 1 truncate cleaned up [ 172.440816][ T7524] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_dev=0x0000000000000009,noblock_validity,usrquota,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000008,jqfmt=vfsold,usrjquota=min_batch_time=0x0000000000000a9f,nodiscard,,errors=continue. Quota mode: writeback. [ 172.652108][ T7500] loop0: detected capacity change from 0 to 32768 [ 172.754502][ T7500] XFS: ikeep mount option is deprecated. [ 172.943162][ T7552] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1273'. [ 173.001519][ T7555] netlink: 'syz.3.1275': attribute type 18 has an invalid length. [ 173.030609][ T7500] XFS (loop0): Mounting V5 Filesystem [ 173.050141][ T7555] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.059917][ T7555] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.068714][ T7555] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.077485][ T7555] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 173.292428][ T7500] XFS (loop0): Ending clean mount [ 173.309492][ T7500] XFS (loop0): Quotacheck needed: Please wait. [ 173.309773][ T7540] loop1: detected capacity change from 0 to 32768 [ 173.378958][ T7572] loop2: detected capacity change from 0 to 256 [ 173.461496][ T7500] XFS (loop0): Quotacheck: Done. [ 173.480702][ T7500] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x33d/0xce0, inode 0x42b dinode [ 173.492739][ T7540] MetaData crosses page boundary!! [ 173.505548][ T7540] lblock = 622900, size = 28672 [ 173.515909][ T7500] XFS (loop0): Unmount and run xfs_repair [ 173.525770][ T7540] CPU: 0 PID: 7540 Comm: syz.1.1267 Not tainted 5.15.175-syzkaller #0 [ 173.534156][ T7540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 173.544702][ T7540] Call Trace: [ 173.548093][ T7540] [ 173.551049][ T7540] dump_stack_lvl+0x1e3/0x2d0 [ 173.555771][ T7540] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 173.561446][ T7540] ? panic+0x860/0x860 [ 173.565562][ T7540] ? __lock_acquire+0x1295/0x1ff0 [ 173.570633][ T7540] __get_metapage+0xc16/0x1070 [ 173.575443][ T7540] dtReadFirst+0xe0/0xc40 [ 173.579862][ T7540] jfs_readdir+0x824/0x3bc0 [ 173.584398][ T7540] ? rcu_lock_release+0x5/0x20 [ 173.589216][ T7540] ? __lock_acquire+0x1295/0x1ff0 [ 173.594321][ T7540] ? dtInitRoot+0x690/0x690 [ 173.598887][ T7540] ? end_current_label_crit_section+0x147/0x170 [ 173.605170][ T7540] ? common_file_perm+0x17d/0x1d0 [ 173.610250][ T7540] iterate_dir+0x224/0x570 [ 173.614723][ T7540] __se_sys_getdents64+0x209/0x4f0 [ 173.619883][ T7540] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 173.625912][ T7540] ? __x64_sys_getdents64+0x80/0x80 [ 173.631283][ T7540] ? filldir+0x720/0x720 [ 173.635561][ T7540] ? syscall_enter_from_user_mode+0x2e/0x240 [ 173.641673][ T7540] ? lockdep_hardirqs_on+0x94/0x130 [ 173.647007][ T7540] ? syscall_enter_from_user_mode+0x2e/0x240 [ 173.653141][ T7540] do_syscall_64+0x3b/0xb0 [ 173.657602][ T7540] ? clear_bhb_loop+0x15/0x70 [ 173.662314][ T7540] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 173.668329][ T7540] RIP: 0033:0x7f6b2cd6cd29 [ 173.672776][ T7540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.692410][ T7540] RSP: 002b:00007f6b2abdd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 173.700864][ T7540] RAX: ffffffffffffffda RBX: 00007f6b2cf5cfa0 RCX: 00007f6b2cd6cd29 [ 173.708870][ T7540] RDX: 000000000000009a RSI: 00000000200000c0 RDI: 0000000000000005 [ 173.716865][ T7540] RBP: 00007f6b2cde8aa8 R08: 0000000000000000 R09: 0000000000000000 [ 173.724849][ T7540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.733035][ T7540] R13: 0000000000000000 R14: 00007f6b2cf5cfa0 R15: 00007ffeaa3ab6c8 [ 173.741054][ T7540] [ 173.744108][ C0] vkms_vblank_simulate: vblank timer overrun [ 173.765096][ T7500] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 173.785502][ T7500] 00000000: 49 4e 00 00 03 00 00 00 00 00 00 00 00 00 00 00 IN.............. [ 173.794551][ T7540] bread failed! [ 173.844416][ T7500] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 173.867529][ T7500] 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 173.882369][ T7500] 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 173.924446][ T7500] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 173.938459][ T7500] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 173.965527][ T7500] 00000060: ff ff ff ff 65 3f 0d b5 00 00 00 00 00 00 00 00 ....e?.......... [ 173.986302][ T7500] 00000070: 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 ................ [ 174.006106][ T7500] XFS (loop0): Internal error xfs_trans_cancel at line 954 of file fs/xfs/xfs_trans.c. Caller xfs_create+0x9f7/0x1370 [ 174.065458][ T7500] CPU: 1 PID: 7500 Comm: syz.0.1253 Not tainted 5.15.175-syzkaller #0 [ 174.074014][ T7500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 174.084098][ T7500] Call Trace: [ 174.087399][ T7500] [ 174.090345][ T7500] dump_stack_lvl+0x1e3/0x2d0 [ 174.095047][ T7500] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 174.100860][ T7500] ? xfs_init_new_inode+0x1e8/0x1100 [ 174.106192][ T7500] ? rwsem_write_trylock+0x166/0x210 [ 174.111527][ T7500] ? xfs_error_report+0x8e/0xd0 [ 174.116407][ T7500] ? xfs_create+0x9f7/0x1370 [ 174.121021][ T7500] ? xfs_create+0x9f7/0x1370 [ 174.125677][ T7500] xfs_trans_cancel+0x1c9/0x410 [ 174.131251][ T7500] ? xfs_create+0x9f7/0x1370 [ 174.135871][ T7500] xfs_create+0x9f7/0x1370 [ 174.140408][ T7500] ? xfs_inode_inherit_flags2+0x340/0x340 [ 174.146172][ T7500] ? posix_acl_create+0x155/0x420 [ 174.151231][ T7500] xfs_generic_create+0x426/0xd00 [ 174.156291][ T7500] ? xfs_vn_tmpfile+0x40/0x40 [ 174.160988][ T7500] ? from_kgid+0x1a3/0x730 [ 174.165428][ T7500] ? common_perm+0x16a/0x1c0 [ 174.170050][ T7500] ? apparmor_path_mkdir+0x204/0x2a0 [ 174.175399][ T7500] ? generic_permission+0x21c/0x4f0 [ 174.180635][ T7500] ? inode_permission+0xf7/0x450 [ 174.185602][ T7500] ? bpf_lsm_inode_mkdir+0x5/0x10 [ 174.190652][ T7500] ? security_inode_mkdir+0xb4/0x100 [ 174.195965][ T7500] vfs_mkdir+0x3b6/0x590 [ 174.200351][ T7500] do_mkdirat+0x260/0x520 [ 174.204711][ T7500] ? vfs_mkdir+0x590/0x590 [ 174.209154][ T7500] ? getname_flags+0x1ec/0x4e0 [ 174.213953][ T7500] __x64_sys_mkdirat+0x85/0x90 [ 174.218749][ T7500] do_syscall_64+0x3b/0xb0 [ 174.223188][ T7500] ? clear_bhb_loop+0x15/0x70 [ 174.227887][ T7500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 174.233803][ T7500] RIP: 0033:0x7f9af53cf597 [ 174.238241][ T7500] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.258392][ T7500] RSP: 002b:00007f9af3240e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 174.266846][ T7500] RAX: ffffffffffffffda RBX: 00007f9af3240ef0 RCX: 00007f9af53cf597 [ 174.274845][ T7500] RDX: 00000000000001ff RSI: 0000000020000040 RDI: 00000000ffffff9c [ 174.282839][ T7500] RBP: 0000000020000000 R08: 00000000200000c0 R09: 0000000000000000 [ 174.290835][ T7500] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000020000040 [ 174.298926][ T7500] R13: 00007f9af3240eb0 R14: 0000000000000000 R15: 0000000000000000 [ 174.306944][ T7500] [ 174.351997][ T7500] XFS (loop0): Corruption of in-memory data (0x8) detected at xfs_trans_cancel+0x1e2/0x410 (fs/xfs/xfs_trans.c:955). Shutting down filesystem. [ 174.372718][ T7500] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 174.399571][ T7575] loop3: detected capacity change from 0 to 40427 [ 174.444055][ T4172] XFS (loop0): Unmounting Filesystem [ 174.529202][ T7575] F2FS-fs (loop3): invalid crc value [ 174.591741][ T7575] F2FS-fs (loop3): Found nat_bits in checkpoint [ 174.608698][ T7577] loop4: detected capacity change from 0 to 40427 [ 174.733360][ T7577] F2FS-fs (loop4): invalid crc value [ 174.774641][ T7577] F2FS-fs (loop4): Found nat_bits in checkpoint [ 174.937630][ T7575] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 175.074891][ T7596] loop1: detected capacity change from 0 to 256 [ 175.092934][ T7577] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 175.095456][ T7593] loop2: detected capacity change from 0 to 32768 [ 175.130052][ T7577] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 175.162648][ T7596] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 175.183390][ T4174] attempt to access beyond end of device [ 175.183390][ T4174] loop3: rw=2049, want=45104, limit=40427 [ 175.204026][ T7593] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 175.212921][ T7593] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 175.236085][ T7593] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 175.281419][ T4177] attempt to access beyond end of device [ 175.281419][ T4177] loop4: rw=2049, want=45104, limit=40427 [ 175.380325][ T7593] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 176.352548][ T7628] netlink: 'syz.4.1304': attribute type 18 has an invalid length. [ 176.418106][ T7628] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.427023][ T7628] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.436563][ T7628] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.445299][ T7628] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 176.690897][ T7635] loop3: detected capacity change from 0 to 128 [ 176.821075][ T7615] loop0: detected capacity change from 0 to 32768 [ 176.993821][ T7621] loop2: detected capacity change from 0 to 32768 [ 177.042288][ T7615] XFS (loop0): Mounting V5 Filesystem [ 177.140989][ T7621] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1303 (7621) [ 177.206315][ T7621] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 177.275745][ T7621] BTRFS info (device loop2): using free space tree [ 177.296123][ T7615] XFS (loop0): Ending clean mount [ 177.354839][ T7621] BTRFS info (device loop2): has skinny extents [ 177.355745][ T7619] loop1: detected capacity change from 0 to 65536 [ 177.366268][ T7615] XFS (loop0): Quotacheck needed: Please wait. [ 177.466003][ T7615] XFS (loop0): Quotacheck: Done. [ 177.525822][ T7619] XFS (loop1): Mounting V5 Filesystem [ 177.613724][ T4172] XFS (loop0): Unmounting Filesystem [ 177.631757][ T7621] BTRFS info (device loop2): enabling ssd optimizations [ 177.690357][ T7619] XFS (loop1): Ending clean mount [ 177.733595][ T7619] XFS (loop1): Quotacheck needed: Please wait. [ 177.850612][ T7619] XFS (loop1): Quotacheck: Done. [ 177.996792][ T4168] XFS (loop1): Unmounting Filesystem [ 178.081238][ T7641] loop4: detected capacity change from 0 to 32768 [ 178.135780][ T7641] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.1311 (7641) [ 178.436427][ T7641] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 178.445178][ T7641] BTRFS info (device loop4): enabling disk space caching [ 178.511013][ T7641] BTRFS info (device loop4): force clearing of disk cache [ 178.531502][ T7641] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 178.562124][ T7641] BTRFS info (device loop4): use zstd compression, level 3 [ 178.574472][ T7699] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 178.590225][ T7641] BTRFS info (device loop4): disk space caching is enabled [ 178.601668][ T7641] BTRFS info (device loop4): has skinny extents [ 178.741993][ T7722] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1332'. [ 178.754311][ T7641] BTRFS info (device loop4): enabling ssd optimizations [ 178.764118][ T7722] bridge0: port 3(vlan2) entered blocking state [ 178.787357][ T7641] BTRFS info (device loop4): clearing free space tree [ 178.794254][ T7641] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 178.805587][ T5220] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 178.813599][ T7722] bridge0: port 3(vlan2) entered disabled state [ 178.823496][ T7641] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 178.885550][ T2426] pvrusb2: request_firmware fatal error with code=-110 [ 178.919190][ T2426] pvrusb2: Failure uploading firmware1 [ 178.954890][ T2426] pvrusb2: Device initialization was not successful. [ 178.993855][ T2426] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 179.022981][ T2426] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 179.057570][ T2426] pvrusb2: Failed to submit write-control URB status=-19 [ 179.059820][ T5222] pvrusb2: Device being rendered inoperable [ 179.068769][ T2426] usb 4-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 179.095095][ T2426] usb 4-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 179.267752][ T5219] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 179.426119][ T5220] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 179.459303][ T5220] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.473001][ T5220] usb 1-1: Product: syz [ 179.477265][ T5220] usb 1-1: Manufacturer: syz [ 179.482238][ T5220] usb 1-1: SerialNumber: syz [ 179.488863][ T5220] usb 1-1: config 0 descriptor?? [ 179.585572][ T5219] usb 3-1: Using ep0 maxpacket: 16 [ 179.620396][ T7732] loop3: detected capacity change from 0 to 32768 [ 179.669020][ T7732] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 179.718108][ T5219] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.745527][ T5219] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 179.759029][ T5219] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 179.764484][ T7732] JBD2: Ignoring recovery information on journal [ 179.768878][ T5219] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.785932][ T5219] usb 3-1: config 0 descriptor?? [ 179.914347][ T5220] usb 1-1: USB disconnect, device number 14 [ 179.975526][ T7732] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 180.167867][ T7742] loop4: detected capacity change from 0 to 256 [ 180.202120][ T4174] ocfs2: Unmounting device (7,3) on (node local) [ 180.277416][ T5219] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0013/input/input12 [ 180.402779][ T5219] microsoft 0003:045E:07DA.0013: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 180.582965][ T7752] loop3: detected capacity change from 0 to 128 [ 180.627957][ T7756] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1336'. [ 180.713369][ T5221] usb 3-1: USB disconnect, device number 12 [ 180.758921][ T7752] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 180.787984][ T7752] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 180.795215][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1340'. [ 180.844925][ T7752] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 264 not allocated in directory (ino 87) [ 180.880036][ T7752] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 264 not allocated in directory (ino 87) [ 180.934520][ T7769] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 328 not allocated in directory (ino 87) [ 180.975429][ T7769] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 87) has entry at pos 328 with incorrect tag 6161 [ 181.005688][ T7771] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1342'. [ 181.095852][ T7773] loop4: detected capacity change from 0 to 256 [ 181.159142][ T7773] CUSE: info not properly terminated [ 181.693759][ T7790] lo speed is unknown, defaulting to 1000 [ 181.879796][ T7764] loop0: detected capacity change from 0 to 40427 [ 182.033054][ T7764] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 182.065466][ T26] audit: type=1326 audit(1734867684.925:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.080740][ T7775] loop1: detected capacity change from 0 to 32768 [ 182.113636][ T7802] loop2: detected capacity change from 0 to 256 [ 182.120327][ T7764] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 182.159216][ T7764] F2FS-fs (loop0): invalid crc value [ 182.188167][ T26] audit: type=1326 audit(1734867684.985:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.235213][ T7764] F2FS-fs (loop0): Found nat_bits in checkpoint [ 182.313457][ T26] audit: type=1326 audit(1734867685.005:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.335643][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.382954][ T26] audit: type=1326 audit(1734867685.005:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.423269][ T26] audit: type=1326 audit(1734867685.005:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.451402][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.502965][ T7764] F2FS-fs (loop0): recover fsync data on readonly fs [ 182.548438][ T7764] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30 [ 182.579110][ T7764] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 182.595563][ T26] audit: type=1326 audit(1734867685.005:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.617766][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.695586][ T26] audit: type=1326 audit(1734867685.005:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7799 comm="syz.4.1356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d95504d29 code=0x7ffc0000 [ 182.717855][ C0] vkms_vblank_simulate: vblank timer overrun [ 182.991677][ T7822] loop4: detected capacity change from 0 to 512 [ 183.097970][ T7822] EXT4-fs (loop4): Mount option "nodelalloc" incompatible with ext3 [ 183.332614][ T7837] siw: device registration error -23 [ 183.365290][ T7840] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1372'. [ 183.404815][ T7840] bridge0: port 3(vlan2) entered blocking state [ 183.432653][ T7840] bridge0: port 3(vlan2) entered disabled state [ 183.625474][ T13] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 183.908892][ T7858] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1379'. [ 183.986293][ T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.015620][ T13] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 184.045200][ T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.084570][ T13] usb 5-1: config 0 descriptor?? [ 184.164119][ T7863] netlink: 1028 bytes leftover after parsing attributes in process `syz.0.1383'. [ 184.208184][ T7863] sch_tbf: burst 0 is lower than device bridge_slave_0 mtu (1514) ! [ 184.553030][ T7877] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1388'. [ 184.584270][ T7877] bridge0: port 3(vlan2) entered blocking state [ 184.587689][ T13] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0 [ 184.603843][ T7877] bridge0: port 3(vlan2) entered disabled state [ 184.635464][ T13] cm6533_jd 0003:0D8C:0022.0014: item fetching failed at offset 4/5 [ 184.651694][ T13] cm6533_jd 0003:0D8C:0022.0014: parse failed [ 184.676114][ T13] cm6533_jd: probe of 0003:0D8C:0022.0014 failed with error -22 [ 184.778192][ T7882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1392'. [ 184.819032][ T13] usb 5-1: USB disconnect, device number 12 [ 184.858962][ T7847] loop1: detected capacity change from 0 to 40427 [ 184.911965][ T7887] loop2: detected capacity change from 0 to 512 [ 184.992045][ T7847] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 185.015161][ T7847] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 185.024814][ T7887] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1395: Invalid inode bitmap blk 4 in block_group 0 [ 185.088839][ T7887] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none. [ 185.129751][ T7847] F2FS-fs (loop1): invalid crc value [ 185.175161][ T7847] F2FS-fs (loop1): Found nat_bits in checkpoint [ 185.296926][ T7887] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 185.396169][ T7847] F2FS-fs (loop1): recover fsync data on readonly fs [ 185.441111][ T7847] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 185.500844][ T7847] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 185.550345][ T7906] tun0: tun_chr_ioctl cmd 2147767507 [ 185.712787][ T7910] loop4: detected capacity change from 0 to 512 [ 185.860552][ T7910] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.1402: casefold flag without casefold feature [ 185.937950][ T7910] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1402: couldn't read orphan inode 15 (err -117) [ 186.019871][ T7910] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000002,,errors=continue. Quota mode: none. [ 186.055547][ T1108] Bluetooth: hci2: command 0x0406 tx timeout [ 186.065815][ T5221] Bluetooth: hci0: command 0x0406 tx timeout [ 186.071905][ T5221] Bluetooth: hci3: command 0x0406 tx timeout [ 186.095071][ T5221] Bluetooth: hci4: command 0x0406 tx timeout [ 186.114500][ T7910] ext4 filesystem being mounted at /256/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 186.134348][ T5221] Bluetooth: hci1: command 0x0406 tx timeout [ 186.165849][ T7910] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz.4.1402: Directory hole found for htree leaf block 0 [ 186.443998][ T7923] loop4: detected capacity change from 0 to 1024 [ 186.579136][ T7916] loop2: detected capacity change from 0 to 32768 [ 186.668470][ T7916] XFS: ikeep mount option is deprecated. [ 186.674153][ T7916] XFS: attr2 mount option is deprecated. [ 186.686037][ T7927] libceph: resolve 'a' (ret=-3): failed [ 186.872644][ T7916] XFS (loop2): Mounting V5 Filesystem [ 186.907908][ T7944] loop3: detected capacity change from 0 to 2048 [ 187.010301][ T7952] loop4: detected capacity change from 0 to 4096 [ 187.037040][ T7916] XFS (loop2): Ending clean mount [ 187.063383][ T7916] XFS (loop2): Quotacheck needed: Please wait. [ 187.096699][ T7952] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 187.241806][ T7954] loop1: detected capacity change from 0 to 2048 [ 187.286157][ T7952] ntfs: (device loop4): parse_options(): NLS character set macgre not found. Using previous one utf8. [ 187.289742][ T7916] XFS (loop2): Quotacheck: Done. [ 187.306254][ T7944] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,minixdf,nolazytime,stripe=0x0000000000000020,,errors=continue. Quota mode: none. [ 187.330333][ T7952] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 187.345792][ T7952] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 187.370686][ T7916] XFS (loop2): User initiated shutdown received. [ 187.382825][ T7952] ntfs: volume version 3.1. [ 187.399908][ T7916] XFS (loop2): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:487). Shutting down filesystem. [ 187.413543][ T7944] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.446103][ T7916] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 187.478651][ T7944] fs-verity: sha512 using implementation "sha512-avx2" [ 187.513523][ T7954] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 187.527022][ T4851] udevd[4851]: incorrect nilfs2 checksum on /dev/loop1 [ 187.605816][ T7944] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1415: bg 0: block 345: padding at end of block bitmap is not set [ 187.626141][ T4178] XFS (loop2): Unmounting Filesystem [ 187.646122][ T4851] udevd[4851]: incorrect nilfs2 checksum on /dev/loop1 [ 187.682165][ T7954] ptrace attach of "./syz-executor exec"[4168] was attempted by "׼dfhMF!fjfaFfeFcX3ތ7D3L6S3L5430,31s\x5c33&7B,6MI1&,5KMYffYeV5fYg֙\x0dfd64l5v4n5>7&0\x07As2as1GQs3qsܜ0')sʜ6sƜ3ys\x5c0Es1/P\x0aL`,A !H\x07كA g3 W+\x5c\x09AbP (6 \x0a\x0axpCP$1H\x0ał\x0bJ%RALpkP6-(*ۃJAJP53Tj5ZANpoP7/\x0dFAI4h4Z?13f>a_?\x0c\x07/W!pX8<|-\x0cG1p\x5c8>N\x0c'÷)pZ8=\x0cg9p^~~\x0bE0%\x5cKÏôpY<\x5c\x0cW5p]>n\x0c7-p[=\x0cw=p_i?,L?}\x0a_GocDx2<~τgsBsx1'odPB\x09@);rRbrQnMy(|HT\x0aR&BT\x22T(Q1r$RTJSi*Ce,rT*Pn;BUNSuI5բTPKuգTPjH\x0d5ԘPjFͨԒZQ+jCm-vԎS{@# [ 187.778605][ T4851] udevd[4851]: incorrect nilfs2 checksum on /dev/loop1 [ 187.792765][ T7944] fs-verity (loop3, inode 13): Error -117 writing Merkle tree block 0 [ 187.865783][ C0] vkms_vblank_simulate: vblank timer overrun [ 187.962582][ T7945] loop0: detected capacity change from 0 to 32768 [ 188.136165][ T7945] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 188.143941][ T7964] loop1: detected capacity change from 0 to 512 [ 188.193170][ T7945] JBD2: Ignoring recovery information on journal [ 188.346469][ T7964] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.1.1421: corrupted xattr block 95 [ 188.372867][ T7964] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.1421: bg 0: block 7: invalid block bitmap [ 188.376903][ T7945] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 188.385819][ T7944] fs-verity (loop3, inode 13): Error -117 building Merkle tree [ 188.405625][ T7964] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 188.415849][ T7964] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2932: inode #11: comm syz.1.1421: corrupted xattr block 95 [ 188.482062][ T7964] EXT4-fs warning (device loop1): ext4_evict_inode:302: xattr delete (err -117) [ 188.536128][ T7964] EXT4-fs (loop1): 1 orphan inode deleted [ 188.565669][ T7964] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 188.687416][ T4172] ocfs2: Unmounting device (7,0) on (node local) [ 189.067370][ T7972] loop2: detected capacity change from 0 to 32768 [ 189.292087][ T7972] XFS (loop2): Mounting V5 Filesystem [ 189.378597][ T8000] lo speed is unknown, defaulting to 1000 [ 189.423438][ T8013] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1438'. [ 189.499736][ T7972] XFS (loop2): Ending clean mount [ 189.512378][ T7972] XFS (loop2): Quotacheck needed: Please wait. [ 189.655007][ T7972] XFS (loop2): Quotacheck: Done. [ 189.925622][ T8030] loop4: detected capacity change from 0 to 512 [ 189.970275][ T8030] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 189.996882][ T4178] XFS (loop2): Unmounting Filesystem [ 189.998767][ T8030] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 190.089802][ T8030] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 190.110335][ T8030] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 190.185875][ T8030] EXT4-fs (loop4): 1 truncate cleaned up [ 190.191572][ T8030] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 190.393060][ T8030] EXT4-fs (loop4): re-mounted. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpquota,noquota,quota,noload,noload,. Quota mode: writeback. [ 190.435985][ T8030] EXT4-fs (loop4): re-mounted. Opts: . Quota mode: writeback. [ 190.643149][ T7983] loop3: detected capacity change from 0 to 32768 [ 190.733363][ T8046] loop4: detected capacity change from 0 to 512 [ 190.953442][ T8046] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1451: Invalid inode bitmap blk 4 in block_group 0 [ 191.056268][ T8046] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none. [ 191.206630][ T8046] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 191.724083][ T8051] loop0: detected capacity change from 0 to 32768 [ 191.828481][ T8048] loop1: detected capacity change from 0 to 40427 [ 191.886026][ T8048] F2FS-fs (loop1): invalid crc value [ 191.911762][ T8051] XFS (loop0): Mounting V5 Filesystem [ 192.000661][ T8048] F2FS-fs (loop1): Found nat_bits in checkpoint [ 192.106399][ T8074] device veth0_to_team entered promiscuous mode [ 192.147465][ T8051] XFS (loop0): Ending clean mount [ 192.255518][ T8048] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 192.382867][ T4172] XFS (loop0): Unmounting Filesystem [ 192.467959][ T8058] loop4: detected capacity change from 0 to 32768 [ 192.629606][ T4851] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 8 /dev/loop4 scanned by udevd (4851) [ 193.084942][ T8087] digital: digital_start_poll: Unknown protocol [ 193.268460][ T8091] netlink: 'syz.1.1465': attribute type 3 has an invalid length. [ 193.309505][ T8093] loop0: detected capacity change from 0 to 256 [ 193.331124][ T8091] netlink: 'syz.1.1465': attribute type 1 has an invalid length. [ 193.365617][ T8091] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1465'. [ 193.723133][ T8102] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1470'. [ 193.727852][ T8103] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1471'. [ 194.192584][ T8085] loop4: detected capacity change from 0 to 32768 [ 194.220660][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.231212][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.352938][ T8085] XFS (loop4): Mounting V5 Filesystem [ 194.354390][ T8076] loop3: detected capacity change from 0 to 32768 [ 194.472683][ T8076] XFS (loop3): Mounting V5 Filesystem [ 194.506882][ T8085] XFS (loop4): Ending clean mount [ 194.687729][ T4177] XFS (loop4): Unmounting Filesystem [ 194.797402][ T8076] XFS (loop3): Ending clean mount [ 194.860788][ T8076] XFS (loop3): Quotacheck needed: Please wait. [ 194.998800][ T8143] loop2: detected capacity change from 0 to 16 [ 195.010817][ T8076] XFS (loop3): Quotacheck: Done. [ 195.076597][ T8143] erofs: (device loop2): mounted with root inode @ nid 36. [ 195.138415][ T4181] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[9000] [ 195.144997][ T4174] XFS (loop3): Unmounting Filesystem [ 195.176712][ T8143] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192] [ 195.336118][ T26] audit: type=1800 audit(1734867698.205:25): pid=8143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1483" name="file3" dev="loop2" ino=89 res=0 errno=0 [ 195.443396][ T8112] loop0: detected capacity change from 0 to 40427 [ 195.559552][ T8112] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 195.602928][ T8112] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 195.659374][ T8112] F2FS-fs (loop0): invalid crc value [ 195.758678][ T8112] F2FS-fs (loop0): Found nat_bits in checkpoint [ 195.989455][ T8112] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 196.005403][ T8112] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 196.292485][ T8170] loop1: detected capacity change from 0 to 64 [ 196.716464][ T8152] loop2: detected capacity change from 0 to 40427 [ 196.810415][ T8152] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 196.832872][ T8152] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 196.862695][ T8182] input: syz1 as /devices/virtual/input/input13 [ 196.916701][ T8152] F2FS-fs (loop2): Found nat_bits in checkpoint [ 196.972179][ T8189] device veth0_to_team entered promiscuous mode [ 197.068562][ T8152] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 197.077500][ T8152] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 197.652037][ T8206] loop2: detected capacity change from 0 to 256 [ 197.706490][ T8206] exfat: Deprecated parameter 'namecase' [ 197.756438][ T8206] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 197.801918][ T8193] loop1: detected capacity change from 0 to 32768 [ 197.914222][ T8198] loop0: detected capacity change from 0 to 32768 [ 197.975000][ T8193] XFS (loop1): Mounting V5 Filesystem [ 198.189787][ T8193] XFS (loop1): Ending clean mount [ 198.211015][ T8193] XFS (loop1): Quotacheck needed: Please wait. [ 198.257467][ T8207] loop4: detected capacity change from 0 to 32768 [ 198.345889][ T8193] XFS (loop1): Quotacheck: Done. [ 198.378849][ T8193] XFS (loop1): User initiated shutdown received. [ 198.426306][ T8193] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 198.495490][ T8193] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 198.591177][ T4168] XFS (loop1): Unmounting Filesystem [ 198.616590][ T8217] loop2: detected capacity change from 0 to 32768 [ 198.763189][ T8217] XFS (loop2): Mounting V5 Filesystem [ 198.972430][ T8217] XFS (loop2): Starting recovery (logdev: internal) [ 199.013533][ T8241] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1516'. [ 199.086961][ T8217] XFS (loop2): Ending recovery (logdev: internal) [ 199.139526][ T8241] netlink: 89 bytes leftover after parsing attributes in process `syz.0.1516'. [ 199.304009][ T4178] XFS (loop2): Unmounting Filesystem [ 199.559379][ T8259] device veth0_to_team entered promiscuous mode [ 199.822482][ T8258] loop0: detected capacity change from 0 to 8192 [ 199.930451][ T8258] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 199.939989][ T8258] REISERFS (device loop0): using ordered data mode [ 199.947573][ T8258] reiserfs: using flush barriers [ 199.953904][ T8258] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 199.971965][ T8258] REISERFS (device loop0): checking transaction log (loop0) [ 200.168836][ T8258] REISERFS (device loop0): Using tea hash to sort names [ 200.183434][ T8258] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 200.261984][ T8277] loop2: detected capacity change from 0 to 2048 [ 200.349665][ T8277] loop2: p1 < > p3 < > p4 < > [ 200.355037][ T8277] loop2: partition table partially beyond EOD, truncated [ 200.358517][ T8255] loop4: detected capacity change from 0 to 32768 [ 200.399195][ T8277] loop2: p3 start 4284289 is beyond EOD, truncated [ 200.419100][ T8255] XFS: ikeep mount option is deprecated. [ 200.438520][ T8255] XFS: attr2 mount option is deprecated. [ 200.566893][ T8255] XFS (loop4): Mounting V5 Filesystem [ 200.682402][ T8255] XFS (loop4): Ending clean mount [ 200.712411][ T4276] udevd[4276]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 200.763280][ T4851] udevd[4851]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 200.781648][ T8255] XFS (loop4): Quotacheck needed: Please wait. [ 200.798478][ T4276] udevd[4276]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 200.866995][ T8255] XFS (loop4): Quotacheck: Done. [ 201.000119][ T8255] XFS (loop4): User initiated shutdown received. [ 201.022311][ T8255] XFS (loop4): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:487). Shutting down filesystem. [ 201.056827][ T8255] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 201.129797][ T4177] XFS (loop4): Unmounting Filesystem [ 201.217283][ T8303] loop0: detected capacity change from 0 to 512 [ 201.367046][ T8303] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 201.388617][ T8303] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 201.804164][ T8313] loop0: detected capacity change from 0 to 1024 [ 201.811281][ T8305] loop2: detected capacity change from 0 to 32768 [ 201.927924][ T8307] loop1: detected capacity change from 0 to 40427 [ 201.953110][ T8305] JBD2: Ignoring recovery information on journal [ 202.016650][ T8307] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 202.024600][ T8307] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 202.133610][ T8305] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 202.173451][ T8307] F2FS-fs (loop1): invalid crc value [ 202.266911][ T8307] F2FS-fs (loop1): Found nat_bits in checkpoint [ 202.291564][ T1274] hfsplus: b-tree write err: -5, ino 4 [ 202.375757][ T8305] (syz.2.1537,8305,1):ocfs2_verify_group_and_input:420 ERROR: add a group which is in the current volume. [ 202.411722][ T8305] (syz.2.1537,8305,1):ocfs2_group_add:503 ERROR: status = -22 [ 202.451155][ T8307] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 202.469418][ T8307] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 202.532543][ T4178] ocfs2: Unmounting device (7,2) on (node local) [ 202.634033][ T8317] loop3: detected capacity change from 0 to 40427 [ 202.724294][ T8317] F2FS-fs (loop3): Found nat_bits in checkpoint [ 202.928868][ T8317] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 203.042991][ T4174] attempt to access beyond end of device [ 203.042991][ T4174] loop3: rw=2049, want=45104, limit=40427 [ 203.059437][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1544'. [ 203.098657][ T8325] loop4: detected capacity change from 0 to 32768 [ 203.183872][ T8344] loop0: detected capacity change from 0 to 8192 [ 203.190386][ T8325] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1542 (8325) [ 203.271396][ T8344] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 203.290793][ T8344] REISERFS (device loop0): using ordered data mode [ 203.322155][ T8325] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 203.335432][ T8344] reiserfs: using flush barriers [ 203.362462][ T8325] BTRFS info (device loop4): using free space tree [ 203.372572][ T8325] BTRFS info (device loop4): has skinny extents [ 203.384840][ T8344] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 203.416107][ T8344] REISERFS (device loop0): checking transaction log (loop0) [ 203.437219][ T8325] BTRFS info (device loop4): enabling ssd optimizations [ 203.456244][ T8344] REISERFS (device loop0): Using rupasov hash to sort names [ 203.464406][ T8344] REISERFS (device loop0): using 3.5.x disk format [ 203.474750][ T8344] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 203.486372][ T8344] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 203.526404][ T8344] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 203.552157][ T8344] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 203.928332][ T8377] loop2: detected capacity change from 0 to 128 [ 204.724451][ T8370] loop1: detected capacity change from 0 to 32768 [ 204.876352][ T8370] XFS: ikeep mount option is deprecated. [ 204.882051][ T8370] XFS: attr2 mount option is deprecated. [ 204.992938][ T8390] loop0: detected capacity change from 0 to 2048 [ 205.050616][ T8390] loop0: p1 < > p3 < > p4 < > [ 205.055562][ T8390] loop0: partition table partially beyond EOD, truncated [ 205.083327][ T8370] XFS (loop1): Mounting V5 Filesystem [ 205.196265][ T8390] loop0: p3 start 4284289 is beyond EOD, truncated [ 205.241208][ T8386] loop4: detected capacity change from 0 to 131072 [ 205.271793][ T8370] XFS (loop1): Ending clean mount [ 205.309608][ T8386] F2FS-fs (loop4): Segment count (31) mismatch with total segments from devices (0) [ 205.319094][ T8386] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 205.338280][ T8386] F2FS-fs (loop4): invalid crc value [ 205.346945][ T8370] XFS (loop1): Quotacheck needed: Please wait. [ 205.354775][ T8386] F2FS-fs (loop4): Found nat_bits in checkpoint [ 205.484846][ T8386] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 205.492134][ T8386] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 205.536869][ T8370] XFS (loop1): Quotacheck: Done. [ 205.585772][ T8412] program syz.0.1560 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 205.618810][ T8386] F2FS-fs (loop4): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891 [ 205.655625][ T8370] XFS (loop1): User initiated shutdown received. [ 205.703871][ T8370] XFS (loop1): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:487). Shutting down filesystem. [ 205.755501][ T8370] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 205.827987][ T8416] loop0: detected capacity change from 0 to 512 [ 205.885928][ T4168] XFS (loop1): Unmounting Filesystem [ 205.969591][ T8416] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 206.006895][ T8416] EXT4-fs (loop0): invalid journal inode [ 206.012668][ T8416] EXT4-fs (loop0): can't get journal size [ 206.087457][ T8416] EXT4-fs (loop0): 1 truncate cleaned up [ 206.101687][ T8416] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 206.158693][ T8416] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 570425344 > max in inode 18 [ 206.319708][ T8409] loop2: detected capacity change from 0 to 40427 [ 206.451881][ T8409] F2FS-fs (loop2): invalid crc value [ 206.466726][ T8420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1565'. [ 206.505890][ T8409] F2FS-fs (loop2): Found nat_bits in checkpoint [ 206.711485][ T8409] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 206.935780][ T8429] loop4: detected capacity change from 0 to 2048 [ 206.936224][ T4178] attempt to access beyond end of device [ 206.936224][ T4178] loop2: rw=2049, want=45112, limit=40427 [ 207.030862][ T8429] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 207.073880][ T8429] UDF-fs: Scanning with blocksize 512 failed [ 207.134165][ T8429] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 207.471130][ T8424] loop0: detected capacity change from 0 to 40427 [ 207.636368][ T8424] F2FS-fs (loop0): Found nat_bits in checkpoint [ 207.655510][ T5219] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 207.797430][ T8424] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 207.948095][ T4172] attempt to access beyond end of device [ 207.948095][ T4172] loop0: rw=2049, want=45104, limit=40427 [ 208.125746][ T5219] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.145408][ T5219] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.160423][ T8462] loop3: detected capacity change from 0 to 512 [ 208.175696][ T5219] usb 5-1: New USB device found, idVendor=056a, idProduct=00da, bcdDevice= 0.00 [ 208.208463][ T5219] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.243203][ T5219] usb 5-1: config 0 descriptor?? [ 208.296967][ T8462] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 208.385099][ T8462] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 208.387433][ T8456] loop2: detected capacity change from 0 to 32768 [ 208.444261][ T8462] EXT4-fs (loop3): 1 truncate cleaned up [ 208.489353][ T8462] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000002e,nombcache,quota,quota,,errors=continue. Quota mode: writeback. [ 208.604410][ T8456] XFS (loop2): Mounting V5 Filesystem [ 208.702936][ T8486] input: syz0 as /devices/virtual/input/input14 [ 208.762131][ T5219] wacom 0003:056A:00DA.0015: Unknown device_type for 'HID 056a:00da'. Assuming pen. [ 208.790022][ T8490] loop1: detected capacity change from 0 to 64 [ 208.822084][ T5219] wacom 0003:056A:00DA.0015: hidraw0: USB HID v0.00 Device [HID 056a:00da] on usb-dummy_hcd.4-1/input0 [ 208.863279][ T26] audit: type=1800 audit(1734867711.725:26): pid=8490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1589" name="file2" dev="loop1" ino=19 res=0 errno=0 [ 208.868315][ T5219] input: Wacom Bamboo 2FG 4x5 SE Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00DA.0015/input/input15 [ 208.943453][ T8456] XFS (loop2): Ending clean mount [ 208.954381][ T8456] XFS (loop2): Quotacheck needed: Please wait. [ 209.075878][ T5219] usb 5-1: USB disconnect, device number 13 [ 209.192008][ T8456] XFS (loop2): Quotacheck: Done. [ 209.574116][ T4178] XFS (loop2): Unmounting Filesystem [ 210.142757][ T8521] loop4: detected capacity change from 0 to 2048 [ 210.292070][ T8529] loop2: detected capacity change from 0 to 1024 [ 210.329910][ T8511] loop3: detected capacity change from 0 to 32768 [ 210.356789][ T8521] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 210.426116][ T8511] XFS: ikeep mount option is deprecated. [ 210.432184][ T8511] XFS: attr2 mount option is deprecated. [ 210.643735][ T8511] XFS (loop3): Mounting V5 Filesystem [ 210.762290][ T8550] loop0: detected capacity change from 0 to 256 [ 210.835585][ T1292] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 210.885806][ T8511] XFS (loop3): Ending clean mount [ 210.893902][ T8511] XFS (loop3): Quotacheck needed: Please wait. [ 210.906214][ T8550] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x0e5ad3fb, utbl_chksum : 0xe619d30d) [ 210.941343][ T1292] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 210.965928][ T8511] XFS (loop3): Quotacheck: Done. [ 211.061409][ T1292] EXT4-fs (loop4): This should not happen!! Data will be lost [ 211.061409][ T1292] [ 211.087029][ T8511] XFS (loop3): User initiated shutdown received. [ 211.107250][ T1292] EXT4-fs (loop4): Total free blocks count 0 [ 211.129359][ T1292] EXT4-fs (loop4): Free/Dirty block details [ 211.141278][ T8511] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:487). Shutting down filesystem. [ 211.161710][ T1292] EXT4-fs (loop4): free_blocks=4096 [ 211.204756][ T1292] EXT4-fs (loop4): dirty_blocks=976 [ 211.217261][ T8511] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 211.226391][ T1292] EXT4-fs (loop4): Block reservation details [ 211.232503][ T1292] EXT4-fs (loop4): i_reserved_data_blocks=61 [ 211.248226][ T1292] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 944 with error 28 [ 211.268041][ T1292] EXT4-fs (loop4): This should not happen!! Data will be lost [ 211.268041][ T1292] [ 211.338274][ T8565] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1617'. [ 211.351607][ T4174] XFS (loop3): Unmounting Filesystem [ 211.772649][ T8558] loop2: detected capacity change from 0 to 32768 [ 211.936019][ T8558] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.1613 (8558) [ 212.003560][ T8558] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 212.016247][ T8571] loop4: detected capacity change from 0 to 32768 [ 212.022878][ T8558] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 212.057895][ T8558] BTRFS info (device loop2): use zstd compression, level 3 [ 212.065150][ T8558] BTRFS info (device loop2): using free space tree [ 212.084221][ T8574] loop3: detected capacity change from 0 to 1764 [ 212.092786][ T8558] BTRFS info (device loop2): has skinny extents [ 212.128907][ T8571] XFS (loop4): Mounting V5 Filesystem [ 212.221861][ T8558] BTRFS info (device loop2): enabling ssd optimizations [ 212.222634][ T8571] XFS (loop4): Ending clean mount [ 212.290218][ T8571] XFS (loop4): Quotacheck needed: Please wait. [ 212.532450][ T8571] XFS (loop4): Quotacheck: Done. [ 212.589467][ T8612] loop3: detected capacity change from 0 to 256 [ 212.619603][ T8571] XFS (loop4): User initiated shutdown received. [ 212.646134][ T8571] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 212.695595][ T8571] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 212.818019][ T8612] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 212.919686][ T8612] exFAT-fs (loop3): hint_cluster is invalid (17) [ 212.998691][ T4177] XFS (loop4): Unmounting Filesystem [ 213.576195][ T8607] loop0: detected capacity change from 0 to 32768 [ 213.668833][ T8631] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1635'. [ 214.104368][ T8624] loop1: detected capacity change from 0 to 40427 [ 214.230288][ T8624] F2FS-fs (loop1): invalid crc value [ 214.298919][ T8624] F2FS-fs (loop1): Found nat_bits in checkpoint [ 214.441601][ T8624] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 214.612571][ T8653] device lo entered promiscuous mode [ 214.624462][ T8653] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 214.659725][ T6328] lo speed is unknown, defaulting to 1000 [ 214.692792][ T4168] attempt to access beyond end of device [ 214.692792][ T4168] loop1: rw=2049, want=45112, limit=40427 [ 214.719410][ T8653] syz.2.1642 (8653) used greatest stack depth: 18936 bytes left [ 214.859505][ T8657] loop2: detected capacity change from 0 to 256 [ 214.964125][ T8650] loop0: detected capacity change from 0 to 32768 [ 214.966303][ T8657] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 215.007290][ T8657] attempt to access beyond end of device [ 215.007290][ T8657] loop2: rw=524288, want=408, limit=256 [ 215.062736][ T8657] attempt to access beyond end of device [ 215.062736][ T8657] loop2: rw=524288, want=664, limit=256 [ 215.101616][ T8657] attempt to access beyond end of device [ 215.101616][ T8657] loop2: rw=0, want=288, limit=256 [ 215.129521][ T26] audit: type=1800 audit(1734867717.995:27): pid=8657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1645" name="file1" dev="loop2" ino=1048772 res=0 errno=0 [ 215.279645][ T8666] loop4: detected capacity change from 0 to 1024 [ 215.411177][ T8666] EXT4-fs (loop4): Test dummy encryption mode enabled [ 215.485999][ T8666] EXT4-fs (loop4): Test dummy encryption mode enabled [ 215.492857][ T8666] EXT4-fs (loop4): Ignoring removed orlov option [ 215.605826][ T8666] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 215.958852][ T8666] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 215.969638][ T8690] device lo entered promiscuous mode [ 216.005258][ T8690] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 216.074392][ T8671] loop2: detected capacity change from 0 to 32768 [ 216.294810][ T8671] XFS (loop2): Mounting V5 Filesystem [ 216.313990][ T8707] loop4: detected capacity change from 0 to 512 [ 216.383172][ T8711] loop0: detected capacity change from 0 to 256 [ 216.402586][ T8696] loop1: detected capacity change from 0 to 32768 [ 216.445249][ T8671] XFS (loop2): Ending clean mount [ 216.474372][ T8715] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 216.486366][ T8671] XFS (loop2): Quotacheck needed: Please wait. [ 216.532936][ T8707] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 216.552873][ T8707] EXT4-fs (loop4): 1 truncate cleaned up [ 216.559924][ T8711] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 216.561876][ T8707] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,noblock_validity,usrquota,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000008,jqfmt=vfsold,usrjquota=min_batch_time=0x0000000000000a9b,nodiscard,,errors=continue. Quota mode: writeback. [ 216.695582][ T8711] exFAT-fs (loop0): hint_cluster is invalid (17) [ 216.943247][ T8671] XFS (loop2): Quotacheck: Done. [ 217.108765][ T26] audit: type=1800 audit(1734867719.975:28): pid=8671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1651" name="bus" dev="loop2" ino=9291 res=0 errno=0 [ 217.187385][ T8671] XFS (loop2): User initiated shutdown received. [ 217.193957][ T8671] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 217.260453][ T8671] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 217.372543][ T4178] XFS (loop2): Unmounting Filesystem [ 218.321084][ T8785] loop1: detected capacity change from 0 to 128 [ 218.375676][ T8787] loop0: detected capacity change from 0 to 512 [ 218.465929][ T8773] loop2: detected capacity change from 0 to 32768 [ 218.534000][ T8787] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 1024: comm syz.0.1697: invalid block [ 218.556992][ T8787] EXT4-fs (loop0): Remounting filesystem read-only [ 218.563754][ T8787] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1697: invalid indirect mapped block 1024 (level 0) [ 218.585128][ T8787] EXT4-fs (loop0): Remounting filesystem read-only [ 218.609601][ T8787] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1697: bg 0: block 35: padding at end of block bitmap is not set [ 218.635877][ T8787] EXT4-fs (loop0): Remounting filesystem read-only [ 218.642448][ T8787] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 218.666263][ T8787] EXT4-fs (loop0): Remounting filesystem read-only [ 218.688431][ T8787] EXT4-fs (loop0): 1 truncate cleaned up [ 218.719908][ T8787] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,dioread_lock,bsddf,. Quota mode: none. [ 218.859487][ T8802] loop1: detected capacity change from 0 to 256 [ 218.901015][ T8800] loop4: detected capacity change from 0 to 1024 [ 219.023338][ T8802] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 219.042612][ T8806] loop2: detected capacity change from 0 to 64 [ 219.069900][ T154] hfsplus: b-tree write err: -5, ino 4 [ 219.079455][ T8802] exFAT-fs (loop1): hint_cluster is invalid (17) [ 219.220963][ T8813] loop1: detected capacity change from 0 to 1024 [ 219.271074][ T8813] EXT4-fs (loop1): Test dummy encryption mode enabled [ 219.284442][ T8813] EXT4-fs (loop1): Test dummy encryption mode enabled [ 219.311574][ T8813] EXT4-fs (loop1): Ignoring removed orlov option [ 219.347171][ T8813] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 220.086647][ T8819] loop2: detected capacity change from 0 to 32768 [ 220.151226][ T8819] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1710 (8819) [ 220.266296][ T8819] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 220.305794][ T8819] BTRFS info (device loop2): using free space tree [ 220.312351][ T8819] BTRFS info (device loop2): has skinny extents [ 220.426100][ T8846] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 220.579581][ T8864] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 220.671347][ T8819] BTRFS info (device loop2): enabling ssd optimizations [ 220.775671][ T5220] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 220.841152][ T8883] loop4: detected capacity change from 0 to 512 [ 221.166027][ T5220] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 221.175117][ T5220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.247320][ T5220] usb 1-1: config 0 descriptor?? [ 221.268403][ T8883] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #16: comm syz.4.1730: corrupted inode contents [ 221.306634][ T5220] cp210x 1-1:0.0: cp210x converter detected [ 221.319079][ T8883] EXT4-fs error (device loop4): ext4_dirty_inode:6010: inode #16: comm syz.4.1730: mark_inode_dirty error [ 221.352257][ T8883] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #16: comm syz.4.1730: corrupted inode contents [ 221.383814][ T8883] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.1730: mark_inode_dirty error [ 221.406063][ T8883] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #16: comm syz.4.1730: corrupted inode contents [ 221.465806][ T8883] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 221.499133][ T8883] EXT4-fs error (device loop4): ext4_do_update_inode:5174: inode #16: comm syz.4.1730: corrupted inode contents [ 221.526230][ T8883] EXT4-fs error (device loop4): ext4_truncate:4272: inode #16: comm syz.4.1730: mark_inode_dirty error [ 221.556004][ T8883] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 221.586688][ T8883] EXT4-fs (loop4): 1 truncate cleaned up [ 221.592546][ T8883] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 221.622335][ T8883] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.723330][ T26] audit: type=1326 audit(1734867724.585:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 221.746466][ T5220] cp210x 1-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 221.754080][ T5220] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 221.764029][ T5220] usb 1-1: cp210x converter now attached to ttyUSB0 [ 221.781515][ T26] audit: type=1326 audit(1734867724.625:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 221.820061][ T5220] usb 1-1: USB disconnect, device number 15 [ 221.840821][ T5220] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 221.849455][ T5220] cp210x 1-1:0.0: device disconnected [ 221.856994][ T26] audit: type=1326 audit(1734867724.645:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 221.956660][ T26] audit: type=1326 audit(1734867724.645:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 221.990763][ T26] audit: type=1326 audit(1734867724.645:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.024741][ T8904] device bridge_slave_0 left promiscuous mode [ 222.047869][ T8904] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.071652][ T26] audit: type=1326 audit(1734867724.645:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.113113][ T26] audit: type=1326 audit(1734867724.645:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.142789][ T26] audit: type=1326 audit(1734867724.645:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.177256][ T8904] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 222.180751][ T8910] loop1: detected capacity change from 0 to 512 [ 222.223272][ T8904] syz.3.1739 (8904) used greatest stack depth: 18136 bytes left [ 222.248246][ T26] audit: type=1326 audit(1734867724.645:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.351454][ T26] audit: type=1326 audit(1734867724.645:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8891 comm="syz.2.1731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f1f9f0d29 code=0x7ffc0000 [ 222.400786][ T8910] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 222.419110][ T8910] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 1)! [ 222.456481][ T8910] EXT4-fs (loop1): group descriptors corrupted! [ 222.741231][ T8932] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 222.835881][ T8890] Bluetooth: hci0: command 0x0401 tx timeout [ 222.963278][ T8944] loop3: detected capacity change from 0 to 1024 [ 222.995200][ T8945] sp0: Synchronizing with TNC [ 223.076525][ T8948] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.1759'. [ 223.282576][ T8953] loop3: detected capacity change from 0 to 2048 [ 223.341626][ T8953] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 223.385805][ T8953] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.439459][ T8953] fs-verity: sha256 using implementation "sha256-avx2" [ 223.455476][ T1108] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 223.533336][ T8973] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1769'. [ 223.544617][ T8973] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1769'. [ 223.687241][ T8979] loop1: detected capacity change from 0 to 2048 [ 223.695505][ T1108] usb 5-1: Using ep0 maxpacket: 16 [ 223.821341][ T1108] usb 5-1: config 0 has no interfaces? [ 223.871113][ T8979] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 223.985657][ T1108] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06 [ 223.991992][ T8977] loop0: detected capacity change from 0 to 32768 [ 223.995057][ T1108] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 224.013839][ T1108] usb 5-1: Product: syz [ 224.018210][ T1108] usb 5-1: Manufacturer: syz [ 224.022843][ T1108] usb 5-1: SerialNumber: syz [ 224.035976][ T1108] r8152-cfgselector 5-1: config 0 descriptor?? [ 224.126797][ T8977] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 224.156736][ T6437] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 224.206391][ T8977] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 224.228847][ T6437] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 224.307528][ T1108] usbip-host 5-1: 5-1 is not in match_busid table... skip! [ 224.345412][ T6437] EXT4-fs (loop1): This should not happen!! Data will be lost [ 224.345412][ T6437] [ 224.366684][ T8977] [ 224.369049][ T8977] ====================================================== [ 224.372579][ T6437] EXT4-fs (loop1): Total free blocks count 0 [ 224.376068][ T8977] WARNING: possible circular locking dependency detected [ 224.376079][ T8977] 5.15.175-syzkaller #0 Not tainted [ 224.376090][ T8977] ------------------------------------------------------ [ 224.376097][ T8977] syz.0.1772/8977 is trying to acquire lock: [ 224.376108][ T8977] ffff8880713b22e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_read_virt_blocks+0x2b3/0xa10 [ 224.376167][ T8977] [ 224.376167][ T8977] but task is already holding lock: [ 224.376172][ T8977] ffff88802a4f8990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x12b9/0x1570 [ 224.389584][ T6437] EXT4-fs (loop1): Free/Dirty block details [ 224.394808][ T8977] [ 224.394808][ T8977] which lock already depends on the new lock. [ 224.394808][ T8977] [ 224.394816][ T8977] [ 224.394816][ T8977] the existing dependency chain (in reverse order) is: [ 224.394824][ T8977] [ 224.394824][ T8977] -> #2 (jbd2_handle){++++}-{0:0} [ 224.402692][ T6437] EXT4-fs (loop1): free_blocks=4096 [ 224.407825][ T8977] : [ 224.407834][ T8977] lock_acquire+0x1db/0x4f0 [ 224.407859][ T8977] start_this_handle+0x12e1/0x1570 [ 224.407883][ T8977] jbd2__journal_start+0x2d1/0x5c0 [ 224.407904][ T8977] __ext4_journal_start_sb+0x175/0x370 [ 224.407925][ T8977] ext4_dirty_inode+0x8b/0x100 [ 224.407945][ T8977] __mark_inode_dirty+0x2fd/0xd60 [ 224.407965][ T8977] touch_atime+0x3fa/0x680 [ 224.422802][ T6437] EXT4-fs (loop1): dirty_blocks=688 [ 224.426321][ T8977] ext4_file_mmap+0x18e/0x370 [ 224.426357][ T8977] mmap_file+0x5a/0xb0 [ 224.426376][ T8977] mmap_region+0x1035/0x1870 [ 224.426393][ T8977] do_mmap+0x78d/0xe00 [ 224.426408][ T8977] vm_mmap_pgoff+0x1ca/0x2d0 [ 224.440443][ T6437] EXT4-fs (loop1): Block reservation details [ 224.441567][ T8977] ksys_mmap_pgoff+0x559/0x780 [ 224.441596][ T8977] do_syscall_64+0x3b/0xb0 [ 224.452564][ T6437] EXT4-fs (loop1): i_reserved_data_blocks=43 [ 224.461017][ T8977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 224.461049][ T8977] [ 224.461049][ T8977] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 224.461081][ T8977] lock_acquire+0x1db/0x4f0 [ 224.461099][ T8977] __might_fault+0xb4/0x110 [ 224.461128][ T8977] _copy_to_user+0x28/0x130 [ 224.461146][ T8977] fiemap_fill_next_extent+0x231/0x410 [ 224.461168][ T8977] ocfs2_fiemap+0xc1d/0xf80 [ 224.461189][ T8977] do_vfs_ioctl+0x1934/0x2b70 [ 224.461208][ T8977] __se_sys_ioctl+0x81/0x160 [ 224.461227][ T8977] do_syscall_64+0x3b/0xb0 [ 224.461245][ T8977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 224.461269][ T8977] [ 224.461269][ T8977] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}: [ 224.461299][ T8977] validate_chain+0x1649/0x5930 [ 224.461318][ T8977] __lock_acquire+0x1295/0x1ff0 [ 224.475148][ T6437] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 656 with error 28 [ 224.476118][ T8977] lock_acquire+0x1db/0x4f0 [ 224.476143][ T8977] down_read+0x45/0x2e0 [ 224.476163][ T8977] ocfs2_read_virt_blocks+0x2b3/0xa10 [ 224.481742][ T6437] EXT4-fs (loop1): This should not happen!! Data will be lost [ 224.481742][ T6437] [ 224.486805][ T8977] ocfs2_read_dir_block+0x102/0x5b0 [ 224.486835][ T8977] ocfs2_dir_foreach_blk+0x2a8/0x1ba0 [ 224.486858][ T8977] ocfs2_empty_dir+0x1d1/0x8c0 [ 224.486878][ T8977] ocfs2_rename+0x25d5/0x3ea0 [ 224.486895][ T8977] vfs_rename+0xd32/0x10f0 [ 224.486913][ T8977] do_renameat2+0xe0f/0x1700 [ 224.486931][ T8977] __x64_sys_rename+0x82/0x90 [ 224.486948][ T8977] do_syscall_64+0x3b/0xb0 [ 224.486966][ T8977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 224.486990][ T8977] [ 224.486990][ T8977] other info that might help us debug this: [ 224.486990][ T8977] [ 224.486996][ T8977] Chain exists of: [ 224.486996][ T8977] &ocfs2_file_ip_alloc_sem_key --> &mm->mmap_lock --> jbd2_handle [ 224.486996][ T8977] [ 224.487035][ T8977] Possible unsafe locking scenario: [ 224.487035][ T8977] [ 224.487040][ T8977] CPU0 CPU1 [ 224.487046][ T8977] ---- ---- [ 224.487052][ T8977] lock(jbd2_handle); [ 224.487066][ T8977] lock(&mm->mmap_lock); [ 224.487082][ T8977] lock(jbd2_handle); [ 224.487097][ T8977] lock(&ocfs2_file_ip_alloc_sem_key); [ 224.487119][ T8977] [ 224.487119][ T8977] *** DEADLOCK *** [ 224.487119][ T8977] [ 224.487124][ T8977] 7 locks held by syz.0.1772/8977: [ 224.487137][ T8977] #0: ffff88807e34e460 (sb_writers#34){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 224.487199][ T8977] #1: ffff8880712e5108 (&type->i_mutex_dir_key#23/1){+.+.}-{3:3}, at: do_renameat2+0x67e/0x1700 [ 224.487262][ T8977] #2: ffff8880713b2648 (&sb->s_type->i_mutex_key#39){+.+.}-{3:3}, at: vfs_rename+0x814/0x10f0 [ 224.510038][ T6145] usb 5-1: USB disconnect, device number 14 [ 224.514815][ T8977] #3: ffff8880712e6d88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}, at: ocfs2_lookup_lock_orphan_dir+0xfe/0x340 [ 224.861362][ T8977] #4: ffff88807e34e650 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_rename+0x1e36/0x3ea0 [ 224.870775][ T8977] #5: ffff888060f20ce8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3b7/0x6f0 [ 224.881477][ T8977] #6: ffff88802a4f8990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x12b9/0x1570 [ 224.891134][ T8977] [ 224.891134][ T8977] stack backtrace: [ 224.897034][ T8977] CPU: 1 PID: 8977 Comm: syz.0.1772 Not tainted 5.15.175-syzkaller #0 [ 224.905290][ T8977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 224.915347][ T8977] Call Trace: [ 224.918629][ T8977] [ 224.921554][ T8977] dump_stack_lvl+0x1e3/0x2d0 [ 224.926235][ T8977] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 224.932215][ T8977] ? print_circular_bug+0x12b/0x1a0 [ 224.937432][ T8977] check_noncircular+0x2f8/0x3b0 [ 224.942381][ T8977] ? add_chain_block+0x850/0x850 [ 224.947318][ T8977] ? lockdep_lock+0x11f/0x2a0 [ 224.951992][ T8977] validate_chain+0x1649/0x5930 [ 224.956845][ T8977] ? reacquire_held_locks+0x660/0x660 [ 224.962213][ T8977] ? ocfs2_prepare_dir_for_insert+0x3573/0x5eb0 [ 224.968453][ T8977] ? validate_chain+0x112/0x5930 [ 224.973385][ T8977] ? ocfs2_buffer_cached+0x3b1/0x7b0 [ 224.978667][ T8977] ? __lock_acquire+0x1ff0/0x1ff0 [ 224.983693][ T8977] ? mark_lock+0x98/0x340 [ 224.988017][ T8977] __lock_acquire+0x1295/0x1ff0 [ 224.992887][ T8977] lock_acquire+0x1db/0x4f0 [ 224.997494][ T8977] ? ocfs2_read_virt_blocks+0x2b3/0xa10 [ 225.003150][ T8977] ? read_lock_is_recursive+0x10/0x10 [ 225.008553][ T8977] ? __might_sleep+0xc0/0xc0 [ 225.013258][ T8977] ? reacquire_held_locks+0x660/0x660 [ 225.018632][ T8977] ? __lock_acquire+0x1295/0x1ff0 [ 225.023666][ T8977] down_read+0x45/0x2e0 [ 225.027933][ T8977] ? ocfs2_read_virt_blocks+0x2b3/0xa10 [ 225.033498][ T8977] ocfs2_read_virt_blocks+0x2b3/0xa10 [ 225.038876][ T8977] ? ocfs2_validate_dx_leaf+0x210/0x210 [ 225.044428][ T8977] ? mark_lock+0x98/0x340 [ 225.048755][ T8977] ? ocfs2_seek_data_hole_offset+0xd10/0xd10 [ 225.054743][ T8977] ? __lock_acquire+0x1295/0x1ff0 [ 225.059790][ T8977] ocfs2_read_dir_block+0x102/0x5b0 [ 225.065019][ T8977] ? ocfs2_check_dir_trailer+0x230/0x230 [ 225.070759][ T8977] ? __lock_acquire+0x1ff0/0x1ff0 [ 225.075905][ T8977] ? __kasan_slab_alloc+0xa5/0xc0 [ 225.080957][ T8977] ? __kasan_slab_alloc+0x8e/0xc0 [ 225.085987][ T8977] ? slab_post_alloc_hook+0x53/0x380 [ 225.091304][ T8977] ocfs2_dir_foreach_blk+0x2a8/0x1ba0 [ 225.096682][ T8977] ? start_this_handle+0x12e1/0x1570 [ 225.101975][ T8977] ? ocfs2_dir_foreach+0x1a0/0x1a0 [ 225.107102][ T8977] ? jbd2__journal_start+0x5c0/0x5c0 [ 225.112399][ T8977] ? ocfs2_empty_dir+0xb7/0x8c0 [ 225.117250][ T8977] ocfs2_empty_dir+0x1d1/0x8c0 [ 225.122014][ T8977] ? rcu_is_watching+0x11/0xa0 [ 225.127471][ T8977] ? ocfs2_check_dir_for_entry+0x460/0x460 [ 225.133286][ T8977] ? jbd2__journal_start+0x3af/0x5c0 [ 225.138571][ T8977] ? jbd2_journal_start+0x25/0x30 [ 225.143598][ T8977] ? ocfs2_start_trans+0x4dc/0x6f0 [ 225.148707][ T8977] ? ocfs2_empty_dir+0x8c0/0x8c0 [ 225.153644][ T8977] ? ocfs2_recovery_exit+0x280/0x280 [ 225.159195][ T8977] ? rcu_is_watching+0x11/0xa0 [ 225.163971][ T8977] ocfs2_rename+0x25d5/0x3ea0 [ 225.168667][ T8977] ? ocfs2_mknod+0x2cd0/0x2cd0 [ 225.173427][ T8977] ? ocfs2_inode_lock_full_nested+0x177/0x1bf0 [ 225.179592][ T8977] ? reacquire_held_locks+0x5f0/0x660 [ 225.184982][ T8977] ? do_raw_spin_lock+0x14a/0x370 [ 225.190030][ T8977] ? mark_lock+0x98/0x340 [ 225.194360][ T8977] ? validate_chain+0x112/0x5930 [ 225.199412][ T8977] ? validate_chain+0x112/0x5930 [ 225.204369][ T8977] ? __lock_acquire+0x1295/0x1ff0 [ 225.209405][ T8977] ? reacquire_held_locks+0x660/0x660 [ 225.214878][ T8977] ? register_lock_class+0x100/0x9a0 [ 225.220158][ T8977] ? read_lock_is_recursive+0x10/0x10 [ 225.225673][ T8977] ? is_dynamic_key+0x1f0/0x1f0 [ 225.230519][ T8977] ? mark_lock+0x98/0x340 [ 225.234845][ T8977] ? __lock_acquire+0x1295/0x1ff0 [ 225.239881][ T8977] ? read_lock_is_recursive+0x10/0x10 [ 225.245253][ T8977] ? rwsem_write_trylock+0x166/0x210 [ 225.250543][ T8977] ? clear_nonspinnable+0x60/0x60 [ 225.255568][ T8977] ? do_raw_spin_unlock+0x137/0x8b0 [ 225.260849][ T8977] ? memcpy+0x3c/0x60 [ 225.264829][ T8977] vfs_rename+0xd32/0x10f0 [ 225.269258][ T8977] ? tomoyo_path_link+0x81/0x170 [ 225.274289][ T8977] ? __ia32_sys_link+0x90/0x90 [ 225.279049][ T8977] ? rcu_is_watching+0x11/0xa0 [ 225.283812][ T8977] ? security_path_rename+0x207/0x2a0 [ 225.289184][ T8977] do_renameat2+0xe0f/0x1700 [ 225.293781][ T8977] ? fsnotify_move+0x4f0/0x4f0 [ 225.298547][ T8977] ? __virt_addr_valid+0x3bb/0x460 [ 225.303658][ T8977] ? 0xffffffff81000000 [ 225.307913][ T8977] ? __check_object_size+0x300/0x410 [ 225.313224][ T8977] ? getname_flags+0x1ec/0x4e0 [ 225.318005][ T8977] ? lockdep_hardirqs_on+0x94/0x130 [ 225.323216][ T8977] __x64_sys_rename+0x82/0x90 [ 225.327897][ T8977] do_syscall_64+0x3b/0xb0 [ 225.332500][ T8977] ? clear_bhb_loop+0x15/0x70 [ 225.337177][ T8977] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 225.343084][ T8977] RIP: 0033:0x7f9af53d0d29 [ 225.347498][ T8977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.367099][ T8977] RSP: 002b:00007f9af3241038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 225.375599][ T8977] RAX: ffffffffffffffda RBX: 00007f9af55c0fa0 RCX: 00007f9af53d0d29 [ 225.383570][ T8977] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000200 [ 225.391631][ T8977] RBP: 00007f9af544caa8 R08: 0000000000000000 R09: 0000000000000000 [ 225.399682][ T8977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.407649][ T8977] R13: 0000000000000000 R14: 00007f9af55c0fa0 R15: 00007ffc8aa151e8 [ 225.415719][ T8977] [ 225.418782][ C1] vkms_vblank_simulate: vblank timer overrun [ 225.449944][ T8985] loop3: detected capacity change from 0 to 32768 [ 225.476547][ T8985] ERROR: (device loop3): dtReadFirst: btstack overrun [ 225.476547][ T8985] [ 225.493718][ T8985] ERROR: (device loop3): remounting filesystem as read-only [ 225.504170][ T8985] btstack dump: [ 225.507912][ T8985] bn = 0, index = 0 [ 225.512302][ T8985] bn = 0, index = 0 [ 225.514465][ T4172] ocfs2: Unmounting device (7,0) on (node local) [ 225.516340][ T8985] bn = 0, index = 0 [ 225.516360][ T8985] bn = 0, index = 0 [ 225.516370][ T8985] bn = 0, index = 0 [ 225.516379][ T8985] bn = 0, index = 0 [ 225.516388][ T8985] bn = 0, index = 0 [ 225.516398][ T8985] bn = 0, index = 0 [ 225.519843][ T8985] ERROR: (device loop3): dtSearch: stack overrun! [ 225.519843][ T8985] [ 225.565393][ T8985] btstack dump: [ 225.590296][ T8985] bn = 0, index = 4 [ 225.614490][ T8985] bn = 0, index = 4 [ 225.621937][ T8985] bn = 0, index = 4 [ 225.626982][ T8985] bn = 0, index = 4 [ 225.630984][ T8985] bn = 0, index = 4 [ 225.634906][ T8985] bn = 0, index = 4 [ 225.640948][ T8985] bn = 0, index = 4 [ 225.644828][ T8985] bn = 0, index = 0 [ 225.649429][ T8985] jfs_lookup: dtSearch returned -5