last executing test programs: 2.615560732s ago: executing program 1 (id=10833): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x60}}, 0x0) 2.320004307s ago: executing program 1 (id=10838): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="28000000101401002cbd7000fedbdf25080003000100000008004ac0"], 0x28}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094) 2.135995101s ago: executing program 1 (id=10843): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000140)={'wg2\x00', @random="0100000000eb"}) 1.941006144s ago: executing program 1 (id=10848): r0 = openat$damon_schemes(0xffffffffffffff9c, &(0x7f0000000280), 0x402, 0x0) write$damon_schemes(r0, 0x0, 0x0) 1.827919676s ago: executing program 3 (id=10849): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) 1.703915219s ago: executing program 1 (id=10853): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000002000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x78, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7fff}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000003}]}]}], {0x14}}, 0xc0}}, 0x0) 1.60025639s ago: executing program 2 (id=10854): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x0, 0x6e8}, 0x8) 1.59890001s ago: executing program 0 (id=10855): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001540)=@raw={'raw\x00', 0x3c1, 0x3, 0x14d8, 0x1290, 0x5802, 0x294, 0x1290, 0x294, 0x1408, 0x325, 0x378, 0x1408, 0x378, 0x3, 0x0, {[{{@ipv6={@loopback, @empty, [0x0, 0x0, 0x0, 0xff000000], [], 'pimreg0\x00', 'macsec0\x00', {0xff}, {}, 0x0, 0x0, 0x3}, 0x0, 0x1228, 0x1290, 0x52020000, {}, [@common=@inet=@hashlimit2={{0x150}, {'gre0\x00', {0x0, 0x4, 0x60, 0x0, 0x0, 0x6, 0x7fffffff, 0x0, 0x8}}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0xfc, 0xfd, 0x0, './cgroup.net/syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x108, 0x178, 0x0, {}, [@common=@ah={{0x30}}, @common=@frag={{0x30}, {[0x0, 0x101]}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0xcfd, 0x8000, 0x8, 0x1, 0x0, "40384e1aa968ae1a869c8ce9a46b9ff41931137193fc6c2a5d28667be0e6c0e8dd7ab2a2560d636022502c16f2d80f7e97c47fa0a3d21b373dc257058a128931"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1538) 1.546583802s ago: executing program 3 (id=10856): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r0, 0x6, 0x1, 0xffffffffffffffff, &(0x7f00000001c0)) 1.463565523s ago: executing program 4 (id=10857): r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$apparmor_exec(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="737461636b203aae86ad47aa0d9495e6d80f7bde2d18ffb36cf152aed2d408fb58e305fc8e2f2f7d91f81b621cc4214d4a27e1614fbee0beac8f4a045070b770212d46d4a2df096b791f2a4ba218e12cb76aa24945b70a7c9dd5edeac52b5a876f73cfbe66371a72f11f3d9544d6b59b4a5541dcef5cbf11ffff37dfd147cca3e5098a207be806ea7167101f8c1b5c8fe41e170fd0c775dbc5be0b6d3ab625ab702e5b1dc15f9c4b3d09be812f340e681e0694f5badf640da3fdfc2f929b4c2beb9a592c577287b6021bfeec24146c7f95608bb60a736207a09d9f47e89c4044eadde57cdefd15f25b822d2eaf2205df0d6b71b63ee0b63cb598f26509af36983578f6f4198a0843cc1b1bd780015007ab9709cc6211e3b5c685b972b5c5e95f054a7a9fe149282f679c8466b9734e3850ec98419dd0c887715902f9e7802842085bc606f30c2654869e9e3701fd0fc69137fe165592689465eebd5cafad7c29de2adadec42a818d8ee389ca1fe33a1ef23617c89116a3a458b56612e4c36c43a9150d5331adbb0beb01a062b1f1349fc2ecea76cb7c40cdfe378185f3099b1d71414d0fda5a47f8593260cc0bd723a4cca81435f041321635f91bcb15aac48883a9617fb4e58c19b18cf3a7e1299a07f45325fcd05a7c30f47e77073dcc584f7e0516cb74c55a0a2a30dc9f3163868f7c233ad1fff87a2c3ad0fb71cc6433e9bd7c3209de0cba9552f5c7c04f24eccf206bdb745564539dd62d655a33d40a507660668c30f7720280c86c104e58d30d6cb65814e00b55ff9a33f3ed375dfb4b47d89a599f31a0d612827a8f6e2a73eb376e11160ddbc0d79e3a11d5a99fa9c98f559efeb1e0a196d6da225f8c145334989fae4eafc05bbad0dc880e923d6b2ed2890eed8255bd2f8296b8d689762aa02e1399045bc0cbec07ec937f2e6dfac960460574e2e00dc39221a4a0c31dbbfa4973e8b056afe87bdfe6bc1405d9ae867d05316247465aceddf5c95825d73a9b119dab89ac982fff04e5d140a8391bd6f1831a9b7519ba86abc94993fe918a1b640d57e276027d9ef490065235935407f7eda36490d0c96a16d276851a27ecd6d5a18a"], 0x564) 1.447737104s ago: executing program 1 (id=10858): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000000)={[{@coherency_buffered}, {@heartbeat_none}, {@nouser_xattr}, {@inode64}, {@heartbeat_none}, {@usrquota}]}, 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") setxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@md5={0x1, "7474919ea04e04917c980c53da46c007"}, 0x1001, 0x0) 1.362821355s ago: executing program 0 (id=10859): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x80080, 0x0) ioctl$RTC_PIE_OFF(r0, 0x7006) 1.310881066s ago: executing program 2 (id=10860): r0 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41) ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r0, 0x40146f2c, &(0x7f0000000000)={0x8001, 0x0, 0x2, 0x1, 0x4}) 1.255911087s ago: executing program 3 (id=10861): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x5d7, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc038563c, &(0x7f0000000340)={0x0, 0x252, "f2ffffffffffffffdcaa932034d61433a5ba437d933eb3221503dc2984dea6e2", 0x0, 0x0, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x8, [0x0, 0x0, 0x0, 0x80000004]}) 1.245267377s ago: executing program 4 (id=10862): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000a00)=ANY=[@ANYBLOB="140400001f0001"], 0x414}], 0x1}, 0x0) 1.158396519s ago: executing program 0 (id=10863): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000006a000d0e25bd7000fcdb4c0f000000040000000008000a"], 0x20}}, 0x0) 1.053859351s ago: executing program 2 (id=10864): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e23, 0x4, @remote}}}, 0x84) 1.018700681s ago: executing program 4 (id=10865): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7ff, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x23, 0x1, 0x0, "9611e6d6ffc88885163200000000000000000300000000000000010083df00", 0x39565559}) 1.018229612s ago: executing program 3 (id=10866): r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip_tables_targets\x00') preadv(r0, &(0x7f00000018c0)=[{&(0x7f00000004c0)=""/73, 0x49}], 0x1, 0x8081f3, 0x0) 927.063323ms ago: executing program 0 (id=10867): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x1f, 0x5, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, [@call={0x85, 0x0, 0x0, 0xd0}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 883.892314ms ago: executing program 2 (id=10868): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000002000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x78, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7fff}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000003}]}]}], {0x14}}, 0xc0}}, 0x0) 803.434685ms ago: executing program 4 (id=10869): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x20004000) 770.456326ms ago: executing program 3 (id=10870): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="7000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c0002800800010000000000080002007f0000010c000280050001"], 0x70}}, 0x0) 764.891846ms ago: executing program 0 (id=10871): mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0) syz_clone(0x640c7000, 0x0, 0x61, 0x0, 0x0, 0x0) 660.827108ms ago: executing program 2 (id=10872): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000070000000000000000000000850000000e000000850000000f0000009500"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r0, 0x0, 0x0}, 0x10) 525.51674ms ago: executing program 4 (id=10873): syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000000)='./file1\x00', 0x8084, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646f74732c646f74732c6e6f636173652c646f74732c636865636b3d72656c617865642c646f74732c6e6f646f74732c646f74732c0032884758edd2e7a17e3c116a014262927783807ed4e210440ddebdf7d64a629cc9e873202c6d1e1d7dbabad279cb290d8a6c81b9ee715a035afdc5af3e15b932174f56cf4f009847fbc0e187d20fe47e50595251e835b306e05bc51afba211073e289eb499be4d726e3efbbeb1eb175e92b262c4ee4cee83e529784e53c874b73bb376876e2f3b2e667330e12c337d3a8b8cacccd9d86bc4c2f3b8971a79fb8f69af7b1d19592bf6a7186f7d4322045a99eaa207c407ab52aeadaaf1d089c278fccfb2138f"], 0x1, 0x16b, &(0x7f0000000600)="$eJzs20GrElEUB/Azab73avPW0WKgTSupVi2LeEE0UBQualVgbTSE3Eyt/BSt+4JBuGrVDZ3QEkWknJHn77fxwB+958rMXO7AfXPzw6A/Gr8fPZ/GaZZF+0Hk8TOL87gSrahMAgC4TH6kFN9TSulkEmdfI6XUdEcAwL5Z/wHg+Gxd/+831BgAsDf2/wBwfF6+ev30YVFcvMjz04hvk7JX9qrPKn/8pLi4k8+dL781Lctea5HfrfL87/xqXPud31ubd+L2rSqfZY+eFSv59ejvf/oAAABwFLr5wtr9fbe7Ka+qP94PrOzf23GjXds0AIAdjD99HrwdDt99rKE4m4+Y1TvobsWXBv6Wgy1acRBtKLYWs0v2f/9yk08loA7Lm77pTgAAAAAAAAAAAAAAgE3+8ahQJyLWRBGdbScLTmqfKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8CgAA//9vQEW+") openat$incfs(0xffffffffffffff9c, &(0x7f0000000540)='.log\x00', 0xc21c2, 0x9c37611dc13d0db7) 372.009023ms ago: executing program 2 (id=10874): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030003110000002cbd7000fcdbdd2503000900800000001cdc0dca1d9f68846960e56de42944af05000600002000000a000000000000000000000000000000000000000000000102000000000000000200010000000000000002160000000005000500000000000a"], 0x88}, 0x1, 0x7}, 0x0) 289.518274ms ago: executing program 3 (id=10875): r0 = syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x1c005, &(0x7f00000000c0)={[{@rescan_uuid_tree}, {@datasum}, {@autodefrag}, {@nossd}, {@acl}, {@user_subvol_rm}, {@noacl}, {@clear_cache}, {@rescue={'rescue', 0x3d, 'idatacsums'}}, {@discard_async}, {@nodatacow}, {@space_cache_v2}, {@nodiscard}, {@enospc_debug}, {@nospace_cache}]}, 0x9, 0x559d, &(0x7f0000004040)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=") syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a5a039, &(0x7f0000002080)=ANY=[@ANYRES32=r0], 0xb, 0x0, &(0x7f0000000000)) 227.257746ms ago: executing program 4 (id=10876): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) write$cgroup_int(r0, &(0x7f0000000280)=0x3, 0x12) 0s ago: executing program 0 (id=10877): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r0, 0x4b45, 0x2) kernel console output (not intermixed with test programs): rror on dev loop0, logical block 4274257920, async page read [ 724.870995][T24923] netlink: 108 bytes leftover after parsing attributes in process `syz.4.9159'. [ 724.891534][T24920] syz.0.9157: attempt to access beyond end of device [ 724.891534][T24920] loop0: rw=0, sector=301989888, nr_sectors = 2 limit=64 [ 724.914563][T24923] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9159'. [ 724.928064][T24920] Buffer I/O error on dev loop0, logical block 150994944, async page read [ 724.955118][T24920] syz.0.9157: attempt to access beyond end of device [ 724.955118][T24920] loop0: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 725.004458][T24920] Buffer I/O error on dev loop0, logical block 117440531, async page read [ 725.018688][ T26] audit: type=1800 audit(724.926:436): pid=24920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9157" name="file2" dev="loop0" ino=6 res=0 errno=0 [ 725.173657][T24932] loop4: detected capacity change from 0 to 16 [ 725.209928][T24932] erofs: (device loop4): mounted with root inode @ nid 36. [ 725.267145][T24932] syz.4.9164: attempt to access beyond end of device [ 725.267145][T24932] loop4: rw=0, sector=1936876908, nr_sectors = 1 limit=16 [ 725.269992][T24938] x_tables: unsorted underflow at hook 3 [ 725.340117][T24932] syz.4.9164: attempt to access beyond end of device [ 725.340117][T24932] loop4: rw=0, sector=3955228672, nr_sectors = 1 limit=16 [ 725.413250][T24942] netlink: 'syz.1.9169': attribute type 16 has an invalid length. [ 725.453068][T24942] netlink: 156 bytes leftover after parsing attributes in process `syz.1.9169'. [ 725.997252][T24966] netlink: 124 bytes leftover after parsing attributes in process `syz.1.9181'. [ 726.154276][ T48] Bluetooth: hci2: command 0x0405 tx timeout [ 726.634303][T24672] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 726.829636][T24672] usb 5-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64 [ 726.864937][T24672] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.893918][T24672] usb 5-1: Product: syz [ 726.898272][T24672] usb 5-1: Manufacturer: syz [ 726.902901][T24672] usb 5-1: SerialNumber: syz [ 726.921574][T25013] loop3: detected capacity change from 0 to 256 [ 726.944951][T24672] usb 5-1: config 0 descriptor?? [ 726.971053][T24672] hub 5-1:0.0: bad descriptor, ignoring hub [ 726.995727][T25013] FAT-fs (loop3): Directory bread(block 1285) failed [ 727.030601][T24672] hub: probe of 5-1:0.0 failed with error -5 [ 727.040770][T25013] FAT-fs (loop3): Directory bread(block 1286) failed [ 727.062505][T24672] f81232 5-1:0.0: f81534a converter detected [ 727.076823][T25013] FAT-fs (loop3): Directory bread(block 1287) failed [ 727.089428][T25019] loop1: detected capacity change from 0 to 2048 [ 727.114743][T25019] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 727.124774][T25013] FAT-fs (loop3): Directory bread(block 1288) failed [ 727.175924][T24672] usb 5-1: f81534a converter now attached to ttyUSB0 [ 727.217842][T25013] FAT-fs (loop3): Directory bread(block 1285) failed [ 727.254527][T25013] FAT-fs (loop3): Directory bread(block 1286) failed [ 727.292606][T25013] FAT-fs (loop3): Directory bread(block 1287) failed [ 727.319580][T25013] FAT-fs (loop3): Directory bread(block 1288) failed [ 727.344407][T25013] FAT-fs (loop3): FAT read failed (blocknr 1281) [ 727.504527][T24672] usb 5-1: USB disconnect, device number 36 [ 727.548719][T24672] f81534a ttyUSB0: f81534a converter now disconnected from ttyUSB0 [ 727.607947][T24672] f81232 5-1:0.0: device disconnected [ 727.928758][T25044] unsupported nla_type 34 [ 728.300111][T25063] loop3: detected capacity change from 0 to 512 [ 728.525996][T25064] loop2: detected capacity change from 0 to 8192 [ 729.077144][T21088] Bluetooth: hci3: command 0x2016 tx timeout [ 729.507155][T25073] loop4: detected capacity change from 0 to 32768 [ 729.552460][T25073] [ 729.552460][T25073] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 729.552460][T25073] [ 729.746197][ T9315] [ 729.746197][ T9315] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 729.746197][ T9315] [ 729.793430][ T9315] [ 729.793430][ T9315] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 729.793430][ T9315] [ 730.154077][T25124] misc userio: The device must be registered before sending interrupts [ 730.184468][T24672] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 730.219528][T25126] loop3: detected capacity change from 0 to 2048 [ 730.298005][T25126] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 730.386386][T24672] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 128, changing to 7 [ 730.426036][T24672] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice= 0.40 [ 730.463508][T24672] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.482756][T24672] usb 3-1: Product: syz [ 730.488001][T25136] libceph: resolve '.‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ £~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð' (ret=-3): failed [ 730.492888][T24672] usb 3-1: Manufacturer: syz [ 730.519352][T24672] usb 3-1: SerialNumber: syz [ 730.647001][T25141] netlink: 124 bytes leftover after parsing attributes in process `syz.0.9268'. [ 730.843865][T24672] usb 3-1: USB disconnect, device number 34 [ 730.923055][T25151] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9272'. [ 730.958558][T25151] netlink: 72 bytes leftover after parsing attributes in process `syz.3.9272'. [ 730.977595][T25151] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 731.129830][ T4353] udevd[4353]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 731.433599][T25164] loop0: detected capacity change from 0 to 8192 [ 731.462306][T25164] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 731.531564][T25178] xt_CT: You must specify a L4 protocol and not use inversions on it [ 731.548493][T25164] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 731.591508][T25164] REISERFS (device loop0): using ordered data mode [ 731.604348][T24672] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 731.639887][T25181] loop3: detected capacity change from 0 to 64 [ 731.659171][T25164] reiserfs: using flush barriers [ 731.698097][T25164] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 731.755216][T25164] REISERFS (device loop0): checking transaction log (loop0) [ 731.770313][T25164] REISERFS (device loop0): Using r5 hash to sort names [ 731.794334][T24672] usb 2-1: Using ep0 maxpacket: 32 [ 731.808028][T24672] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 731.814503][T25164] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 731.857878][T24672] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.909585][T24672] usb 2-1: Product: syz [ 731.913815][T24672] usb 2-1: Manufacturer: syz [ 731.944437][T24672] usb 2-1: SerialNumber: syz [ 731.968625][T24672] usb 2-1: config 0 descriptor?? [ 732.213181][T24672] snd-usb-6fire 2-1:0.0: unknown device firmware state received from device: [ 732.235736][T24672] 00 00 00 00 00 00 00 00 [ 732.240344][T24672] snd-usb-6fire: probe of 2-1:0.0 failed with error -5 [ 732.425202][T24672] usb 2-1: USB disconnect, device number 30 [ 732.626429][T25193] loop3: detected capacity change from 0 to 32768 [ 732.672063][T25193] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 732.672063][T25193] [ 732.685964][ T8309] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 732.710425][T25193] ERROR: (device loop3): remounting filesystem as read-only [ 732.884341][ T8309] usb 1-1: Using ep0 maxpacket: 16 [ 732.897092][ T8309] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 732.930513][ T8309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 732.954456][ T8309] usb 1-1: Product: syz [ 732.958709][ T8309] usb 1-1: Manufacturer: syz [ 732.983701][ T8309] usb 1-1: SerialNumber: syz [ 733.007470][ T8309] r8152-cfgselector 1-1: config 0 descriptor?? [ 733.149173][T25227] libceph: resolve '96' (ret=-3): failed [ 733.298609][T25231] loop4: detected capacity change from 0 to 256 [ 733.390320][T25231] FAT-fs (loop4): Directory bread(block 64) failed [ 733.410180][T25231] FAT-fs (loop4): Directory bread(block 65) failed [ 733.425199][ T8309] r8152-cfgselector 1-1: Unknown version 0x0000 [ 733.442829][ T8309] r8152-cfgselector 1-1: USB disconnect, device number 33 [ 733.467269][T25231] FAT-fs (loop4): Directory bread(block 66) failed [ 733.490256][T25231] FAT-fs (loop4): Directory bread(block 67) failed [ 733.500454][T25231] FAT-fs (loop4): Directory bread(block 68) failed [ 733.520395][T25231] FAT-fs (loop4): Directory bread(block 69) failed [ 733.536102][T25231] FAT-fs (loop4): Directory bread(block 70) failed [ 733.542793][T25231] FAT-fs (loop4): Directory bread(block 71) failed [ 733.580182][T25231] FAT-fs (loop4): Directory bread(block 72) failed [ 733.626174][T25231] FAT-fs (loop4): Directory bread(block 73) failed [ 734.080588][T25233] loop2: detected capacity change from 0 to 32768 [ 734.133115][T25233] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.9308 (25233) [ 734.202817][T25233] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 734.257006][T25233] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 734.294385][T25233] BTRFS info (device loop2): force zlib compression, level 3 [ 734.301843][T25233] BTRFS info (device loop2): turning on flush-on-commit [ 734.314516][T25262] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9321'. [ 734.362340][T25233] BTRFS info (device loop2): max_inline at 4096 [ 734.369181][T25233] BTRFS info (device loop2): using free space tree [ 734.625278][T25233] BTRFS info (device loop2): enabling ssd optimizations [ 734.820178][T25295] loop1: detected capacity change from 0 to 256 [ 734.881044][ T4269] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 735.494141][T25267] loop3: detected capacity change from 0 to 32768 [ 735.521430][T25267] (syz.3.9323,25267,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 735.569658][T25267] (syz.3.9323,25267,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 735.615529][ T8304] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 735.653365][T25267] (syz.3.9323,25267,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 735.678602][T25314] loop2: detected capacity change from 0 to 256 [ 735.693174][T25267] JBD2: Ignoring recovery information on journal [ 735.798903][T25314] FAT-fs (loop2): Directory bread(block 64) failed [ 735.808398][T25267] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 735.826958][ T8304] usb 2-1: Using ep0 maxpacket: 32 [ 735.849166][ T8304] usb 2-1: config 4 has an invalid interface number: 228 but max is 0 [ 735.864710][T25314] FAT-fs (loop2): Directory bread(block 65) failed [ 735.891961][T25314] FAT-fs (loop2): Directory bread(block 66) failed [ 735.894781][ T8304] usb 2-1: config 4 has no interface number 0 [ 735.920700][T25314] FAT-fs (loop2): Directory bread(block 67) failed [ 735.944300][ T8304] usb 2-1: config 4 interface 228 altsetting 68 endpoint 0x7 has an invalid bInterval 147, changing to 11 [ 735.965039][T25314] FAT-fs (loop2): Directory bread(block 68) failed [ 735.982044][T25314] FAT-fs (loop2): Directory bread(block 69) failed [ 735.984339][ T8304] usb 2-1: config 4 interface 228 altsetting 68 endpoint 0x7 has invalid maxpacket 41529, setting to 1024 [ 736.002557][T25314] FAT-fs (loop2): Directory bread(block 70) failed [ 736.029234][T25314] FAT-fs (loop2): Directory bread(block 71) failed [ 736.048285][ T8304] usb 2-1: config 4 interface 228 has no altsetting 0 [ 736.058570][T25314] FAT-fs (loop2): Directory bread(block 72) failed [ 736.071521][ T8304] usb 2-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8 [ 736.084338][T25314] FAT-fs (loop2): Directory bread(block 73) failed [ 736.103534][ T8304] usb 2-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3 [ 736.131287][ T8304] usb 2-1: Product: syz [ 736.145288][ T8304] usb 2-1: Manufacturer: syz [ 736.149975][ T8304] usb 2-1: SerialNumber: syz [ 736.179407][ T4281] ocfs2: Unmounting device (7,3) on (node local) [ 736.362632][T25325] netlink: 'syz.4.9342': attribute type 2 has an invalid length. [ 736.398984][ T8304] usb 2-1: invalid MIDI in EP 0 [ 736.490301][ T8304] snd-usb-audio: probe of 2-1:4.228 failed with error -22 [ 736.541023][ T8304] usb 2-1: USB disconnect, device number 31 [ 736.714419][T25335] loop0: detected capacity change from 0 to 164 [ 736.805998][ T4924] udevd[4924]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 736.841684][T25331] loop2: detected capacity change from 0 to 8192 [ 736.932654][T25331] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 737.062043][T25331] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 737.145315][T25331] REISERFS (device loop2): using ordered data mode [ 737.164593][T25331] reiserfs: using flush barriers [ 737.188674][T25331] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 737.233297][T25331] REISERFS (device loop2): checking transaction log (loop2) [ 737.252304][T25353] loop0: detected capacity change from 0 to 512 [ 737.267148][T25331] REISERFS (device loop2): Using r5 hash to sort names [ 737.286159][T25331] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 737.340808][T25353] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 737.431997][T25353] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 737.520689][T25353] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.9356: Failed to acquire dquot type 0 [ 737.564727][T25353] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 737.604759][T25353] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 737.642754][T25353] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.9356: Failed to acquire dquot type 0 [ 737.772498][T25353] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 737.792327][T25353] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 737.802608][T25353] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.9356: Failed to acquire dquot type 0 [ 737.821865][T25353] EXT4-fs (loop0): 1 orphan inode deleted [ 737.839440][T25353] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 737.933539][T25353] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 737.997419][T25353] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 738.010108][T25353] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.9356: Failed to acquire dquot type 0 [ 738.122586][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 738.338224][T25386] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9370'. [ 738.622459][T25372] loop4: detected capacity change from 0 to 32768 [ 738.662063][T25372] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.9363 (25372) [ 738.700526][T25372] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 738.729468][T25372] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 738.744300][ T9284] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 738.786359][T25372] BTRFS info (device loop4): using free space tree [ 738.951057][ T9284] usb 1-1: too many configurations: 226, using maximum allowed: 8 [ 738.972041][ T9284] usb 1-1: config index 0 descriptor too short (expected 65505, got 72) [ 738.985574][ T9284] usb 1-1: config index 1 descriptor too short (expected 65505, got 72) [ 739.015344][ T9284] usb 1-1: config index 2 descriptor too short (expected 65505, got 72) [ 739.038209][ T26] audit: type=1326 audit(738.956:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25419 comm="syz.1.9381" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 739.061720][ C0] vkms_vblank_simulate: vblank timer overrun [ 739.090830][T25372] BTRFS info (device loop4): enabling ssd optimizations [ 739.111510][ T9284] usb 1-1: config index 3 descriptor too short (expected 65505, got 72) [ 739.168833][ T9284] usb 1-1: config index 4 descriptor too short (expected 65505, got 72) [ 739.194385][ T26] audit: type=1326 audit(738.996:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25419 comm="syz.1.9381" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 739.215735][ T9284] usb 1-1: config index 5 descriptor too short (expected 65505, got 72) [ 739.231191][T25372] BTRFS error (device loop4): balance: invalid convert system profile raid0 [ 739.260858][ T9284] usb 1-1: config index 6 descriptor too short (expected 65505, got 72) [ 739.273889][ T9284] usb 1-1: config index 7 descriptor too short (expected 65505, got 72) [ 739.310854][ T9284] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 739.340434][ T9284] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 739.358771][ T9315] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 739.369155][ T9284] usb 1-1: Product: syz [ 739.369183][ T9284] usb 1-1: Manufacturer: syz [ 739.369200][ T9284] usb 1-1: SerialNumber: syz [ 739.387624][ T9284] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 739.550210][ T9284] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 739.932144][T25440] loop1: detected capacity change from 0 to 8192 [ 739.972473][T25440] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 740.044696][ T14] usb 1-1: USB disconnect, device number 34 [ 740.064299][T25440] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 740.074847][T25440] REISERFS (device loop1): using ordered data mode [ 740.081409][T25440] reiserfs: using flush barriers [ 740.118701][T25440] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 740.154694][T25440] REISERFS (device loop1): checking transaction log (loop1) [ 740.170013][T25440] REISERFS (device loop1): Using r5 hash to sort names [ 740.184693][T25440] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 740.281534][T25457] loop4: detected capacity change from 0 to 1024 [ 740.634517][ T9284] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 740.641561][ T9284] ath9k_htc: Failed to initialize the device [ 740.674756][ T14] usb 1-1: ath9k_htc: USB layer deinitialized [ 740.908692][T25479] loop1: detected capacity change from 0 to 8 [ 741.229564][T25461] loop2: detected capacity change from 0 to 32768 [ 741.262640][T25461] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.9398 (25461) [ 741.316193][T25461] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 741.369565][T25461] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 741.397241][T25461] BTRFS info (device loop2): using free space tree [ 741.604525][T25461] BTRFS info (device loop2): enabling ssd optimizations [ 741.706730][ T4269] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 741.826966][T25528] loop0: detected capacity change from 0 to 256 [ 741.873983][T25528] FAT-fs (loop0): Directory bread(block 64) failed [ 741.889480][T25528] FAT-fs (loop0): Directory bread(block 65) failed [ 741.927541][T25528] FAT-fs (loop0): Directory bread(block 66) failed [ 741.962711][T25528] FAT-fs (loop0): Directory bread(block 67) failed [ 741.997216][T25528] FAT-fs (loop0): Directory bread(block 68) failed [ 742.003816][T25528] FAT-fs (loop0): Directory bread(block 69) failed [ 742.054556][T25528] FAT-fs (loop0): Directory bread(block 70) failed [ 742.061177][T25528] FAT-fs (loop0): Directory bread(block 71) failed [ 742.104547][T25528] FAT-fs (loop0): Directory bread(block 72) failed [ 742.127868][T25528] FAT-fs (loop0): Directory bread(block 73) failed [ 742.293956][T25540] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 742.293956][T25540] SÃȘØÈžZ§6ŸÂ' [ 742.589178][T25547] loop3: detected capacity change from 0 to 128 [ 742.644274][T25547] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 742.959258][T25566] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 743.044442][ T4328] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 743.210482][T25580] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9446'. [ 743.225289][T25579] cgroup: noprefix used incorrectly [ 743.234354][ T4328] usb 3-1: Using ep0 maxpacket: 32 [ 743.241925][ T4328] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 743.260540][T25580] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9446'. [ 743.275755][ T4328] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 743.316112][ T4328] usb 3-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=ba.e3 [ 743.346041][ T4328] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 743.364270][ T4328] usb 3-1: Product: syz [ 743.384267][ T4328] usb 3-1: Manufacturer: syz [ 743.394523][ T4328] usb 3-1: SerialNumber: syz [ 743.416070][ T4328] usb 3-1: config 0 descriptor?? [ 743.449028][T25588] loop1: detected capacity change from 0 to 512 [ 743.475329][T25588] EXT4-fs: Ignoring removed i_version option [ 743.592777][T25588] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 743.648764][ T4328] usb 3-1: USB disconnect, device number 35 [ 743.788787][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 744.072455][T25615] loop1: detected capacity change from 0 to 512 [ 744.148333][T25615] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 744.297079][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 745.181602][T25631] loop0: detected capacity change from 0 to 32768 [ 745.262512][T25631] XFS (loop0): Mounting V5 Filesystem [ 745.291110][T25669] loop2: detected capacity change from 0 to 1024 [ 745.413484][T25631] XFS (loop0): Ending clean mount [ 745.535600][ T4465] hfsplus: b-tree write err: -5, ino 25 [ 745.560283][ T4280] XFS (loop0): Unmounting Filesystem [ 745.561790][ T4465] hfsplus: b-tree write err: -5, ino 4 [ 745.584430][ T4465] hfsplus: b-tree write err: -5, ino 2 [ 745.757656][T25682] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9489'. [ 745.794596][ T14] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 745.822276][T25682] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9489'. [ 745.987163][ T14] usb 5-1: Using ep0 maxpacket: 32 [ 745.995179][ T14] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 746.021058][ T14] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 746.054349][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 746.072643][ T14] usb 5-1: Product: syz [ 746.077281][ T14] usb 5-1: Manufacturer: syz [ 746.081942][ T14] usb 5-1: SerialNumber: syz [ 746.098800][ T14] usb 5-1: config 0 descriptor?? [ 746.105035][T25676] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 746.138248][ T4364] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 746.144460][ T14] hub 5-1:0.0: bad descriptor, ignoring hub [ 746.172096][ T14] hub: probe of 5-1:0.0 failed with error -5 [ 746.187079][ T14] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input36 [ 746.273794][T25693] loop0: detected capacity change from 0 to 4096 [ 746.346472][ T4364] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 746.368839][ T4364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 746.414123][ T14] usb 5-1: USB disconnect, device number 37 [ 746.420654][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 746.448025][ T4364] usb 4-1: config 0 descriptor?? [ 746.675479][T25705] IPVS: set_ctl: invalid protocol: 60 10.1.1.1:20003 [ 746.875846][ T4364] [drm:udl_init] *ERROR* Selecting channel failed [ 746.920175][ T4364] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 746.951317][ T4364] [drm] Initialized udl on minor 2 [ 746.963279][ T4364] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 746.974981][ T4364] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 746.995843][ T4364] usb 4-1: USB disconnect, device number 32 [ 747.038226][ T4328] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 747.078820][ T4328] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 747.109527][ T4328] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 747.179353][T25722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9508'. [ 747.936525][T25759] netlink: 'syz.0.9525': attribute type 5 has an invalid length. [ 748.067818][T25765] loop2: detected capacity change from 0 to 128 [ 748.242543][T25767] loop3: detected capacity change from 0 to 4096 [ 748.300845][T25767] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 748.391313][T25767] ntfs3: loop3: failed to convert "c46c" to macroman [ 748.671045][T25785] loop0: detected capacity change from 0 to 128 [ 748.926664][T25796] netlink: 'syz.3.9542': attribute type 10 has an invalid length. [ 748.936705][T25796] device macvlan0 left promiscuous mode [ 749.014632][T25796] bond0: (slave macvlan0): Releasing backup interface [ 749.041196][T25796] team0: Port device macvlan0 added [ 749.075626][ T14] usb 5-1: new low-speed USB device number 38 using dummy_hcd [ 749.290633][ T14] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 749.326587][ T14] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 749.348007][ T14] usb 5-1: config 0 has no interface number 0 [ 749.401414][ T14] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 749.425747][ T14] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 749.470725][T25817] netlink: 'syz.3.9552': attribute type 2 has an invalid length. [ 749.475287][ T14] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 749.521554][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 749.552206][ T14] usb 5-1: config 0 descriptor?? [ 749.714343][ T4364] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 749.906056][ T4364] usb 3-1: config 0 has an invalid interface number: 0 but max is -1 [ 749.934311][ T4364] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 749.954142][ T4364] usb 3-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice=f5.01 [ 749.978812][ T4364] usb 3-1: New USB device strings: Mfr=192, Product=0, SerialNumber=0 [ 749.989911][ T14] usb 5-1: USB disconnect, device number 38 [ 750.010733][ T4364] usb 3-1: Manufacturer: syz [ 750.038249][ T4364] usb 3-1: config 0 descriptor?? [ 750.065657][ T4364] usb-storage 3-1:0.0: USB Mass Storage device detected [ 750.225953][T25829] loop0: detected capacity change from 0 to 32768 [ 750.265515][T25829] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.9558 (25829) [ 750.283335][T25823] loop3: detected capacity change from 0 to 32768 [ 750.295428][T25829] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 750.317749][T25829] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 750.338918][T24672] usb 3-1: USB disconnect, device number 36 [ 750.351131][T25829] BTRFS info (device loop0): using free space tree [ 750.383811][T25841] device bridge7 entered promiscuous mode [ 750.393534][T25823] XFS (loop3): Mounting V5 Filesystem [ 750.545834][T25823] XFS (loop3): Ending clean mount [ 750.618735][ T4281] XFS (loop3): Unmounting Filesystem [ 750.756161][T25829] BTRFS info (device loop0): enabling ssd optimizations [ 750.777821][T25829] BTRFS error (device loop0): balance: invalid convert system profile raid0 [ 750.809256][ T4280] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 751.096666][T25878] loop4: detected capacity change from 0 to 256 [ 751.188769][T25878] FAT-fs (loop4): Directory bread(block 64) failed [ 751.218493][T25878] FAT-fs (loop4): Directory bread(block 65) failed [ 751.257402][T25878] FAT-fs (loop4): Directory bread(block 66) failed [ 751.264014][T25878] FAT-fs (loop4): Directory bread(block 67) failed [ 751.319693][T25878] FAT-fs (loop4): Directory bread(block 68) failed [ 751.347504][T25878] FAT-fs (loop4): Directory bread(block 69) failed [ 751.384319][T25878] FAT-fs (loop4): Directory bread(block 70) failed [ 751.390912][T25878] FAT-fs (loop4): Directory bread(block 71) failed [ 751.435588][T25878] FAT-fs (loop4): Directory bread(block 72) failed [ 751.442184][T25878] FAT-fs (loop4): Directory bread(block 73) failed [ 751.551212][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 751.551226][ T26] audit: type=1800 audit(751.466:442): pid=25878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9571" name="blkio.bfq.idle_time" dev="loop4" ino=1048729 res=0 errno=0 [ 751.591512][T25878] FAT-fs (loop4): error, invalid access to FAT (entry 0x00006a61) [ 752.545427][T25935] loop4: detected capacity change from 0 to 64 [ 752.554339][ C0] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured! [ 752.562012][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 752.571021][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.577437][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.588995][ T1276] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 752.847620][T25945] loop3: detected capacity change from 0 to 512 [ 752.880112][T25945] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 752.900815][T25949] netlink: 'syz.1.9603': attribute type 11 has an invalid length. [ 752.914914][T25949] netlink: 'syz.1.9603': attribute type 5 has an invalid length. [ 752.933019][T25949] netlink: 140 bytes leftover after parsing attributes in process `syz.1.9603'. [ 752.943405][T25945] EXT4-fs (loop3): 1 truncate cleaned up [ 752.964236][T25945] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 752.989236][T25953] CIFS mount error: No usable UNC path provided in device string! [ 752.989236][T25953] [ 752.999473][T25953] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 753.094393][ T4328] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 753.137208][ T4281] EXT4-fs (loop3): unmounting filesystem. [ 753.195955][ T26] audit: type=1326 audit(753.116:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.276910][ T26] audit: type=1326 audit(753.126:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.294660][ T4328] usb 3-1: Using ep0 maxpacket: 32 [ 753.335834][ T4328] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 753.358587][ T4328] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 753.388837][ T4328] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 753.390967][ T26] audit: type=1326 audit(753.126:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.421452][ T4328] usb 3-1: Product: syz [ 753.437858][ T4328] usb 3-1: Manufacturer: syz [ 753.442593][ T4328] usb 3-1: SerialNumber: syz [ 753.489043][ T26] audit: type=1326 audit(753.126:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.513491][ T4328] usb 3-1: config 0 descriptor?? [ 753.528023][T25944] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 753.553830][ T4328] hub 3-1:0.0: bad descriptor, ignoring hub [ 753.562036][ T4328] hub: probe of 3-1:0.0 failed with error -5 [ 753.572096][ T4328] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input38 [ 753.623470][ T26] audit: type=1326 audit(753.126:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.755833][ T26] audit: type=1326 audit(753.146:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.890849][ T8297] usb 3-1: USB disconnect, device number 37 [ 753.891686][ C1] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 753.919930][ T26] audit: type=1326 audit(753.146:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 753.985477][ T26] audit: type=1326 audit(753.146:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 754.044235][ T26] audit: type=1326 audit(753.146:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25958 comm="syz.1.9607" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 754.086438][ T4328] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 754.207638][T25989] (unnamed net_device) (uninitialized): peer notification delay (315) is not a multiple of miimon (100), value rounded to 300 ms [ 754.307084][ T4328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 754.324653][ T4328] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 754.344644][ T4328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 754.354484][ T4328] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 754.385259][ T4328] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 754.394864][ T4328] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 754.403100][ T4328] usb 2-1: Product: syz [ 754.408653][ T4328] usb 2-1: Manufacturer: syz [ 754.413295][ T4328] usb 2-1: SerialNumber: syz [ 754.420541][ T4328] usb 2-1: config 0 descriptor?? [ 754.431092][ T4328] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 754.641363][T26000] netlink: 'syz.0.9628': attribute type 2 has an invalid length. [ 754.651997][T26000] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9628'. [ 754.669743][T26002] netlink: 56 bytes leftover after parsing attributes in process `syz.2.9625'. [ 754.679970][T26002] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9625'. [ 754.702977][ T4328] ums-isd200: probe of 2-1:0.0 failed with error -22 [ 754.709852][T26002] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9625'. [ 754.893518][ T4328] usb 2-1: USB disconnect, device number 32 [ 755.021005][T26014] netlink: 44 bytes leftover after parsing attributes in process `syz.0.9633'. [ 755.297828][T26028] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9640'. [ 755.343720][T26032] xt_CT: You must specify a L4 protocol and not use inversions on it [ 755.699484][T26046] netlink: 'syz.4.9649': attribute type 24 has an invalid length. [ 756.335905][T26079] netlink: 'syz.2.9665': attribute type 21 has an invalid length. [ 756.378791][T26079] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 756.388715][T26079] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 756.397936][T26079] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 756.406739][T26079] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 756.986221][T26110] loop0: detected capacity change from 0 to 128 [ 757.073229][T26110] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000c00) [ 757.138049][T26118] netlink: 'syz.3.9685': attribute type 5 has an invalid length. [ 757.419201][T26129] loop3: detected capacity change from 0 to 1024 [ 757.430426][T26120] loop0: detected capacity change from 0 to 4096 [ 757.478806][T26120] ntfs: volume version 3.1. [ 757.544557][T26120] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 757.595328][T26120] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 757.727450][T26120] overlayfs: failed to resolve './bus': -2 [ 758.422362][T26133] loop2: detected capacity change from 0 to 32768 [ 758.488209][T26133] JBD2: Ignoring recovery information on journal [ 758.618119][T26133] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 758.879994][ T4269] ocfs2: Unmounting device (7,2) on (node local) [ 759.227744][T26158] loop3: detected capacity change from 0 to 32768 [ 759.868935][T26204] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9725'. [ 760.116865][T26215] loop2: detected capacity change from 0 to 512 [ 760.191063][T26215] EXT4-fs: Ignoring removed orlov option [ 760.291209][T26215] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 760.314465][T24672] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 760.391334][T26227] netlink: 'syz.3.9734': attribute type 2 has an invalid length. [ 760.504350][T24672] usb 5-1: Using ep0 maxpacket: 16 [ 760.523182][T24672] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=81.0c [ 760.553694][T24672] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 760.572779][T24672] usb 5-1: Product: syz [ 760.578024][T24672] usb 5-1: Manufacturer: syz [ 760.582663][T24672] usb 5-1: SerialNumber: syz [ 760.592410][T24672] r8152-cfgselector 5-1: config 0 descriptor?? [ 760.630321][ T4269] EXT4-fs (loop2): unmounting filesystem. [ 760.678742][T26234] netlink: 300 bytes leftover after parsing attributes in process `syz.1.9736'. [ 760.769623][ T4489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.783120][ T4489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 760.798601][ T4465] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 760.822761][T26242] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 761.027336][ T8297] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 761.041016][T24672] r8152-cfgselector 5-1: Unknown version 0x0000 [ 761.067326][T24672] r8152-cfgselector 5-1: USB disconnect, device number 39 [ 761.214262][ T8297] usb 1-1: Using ep0 maxpacket: 8 [ 761.229895][ T8297] usb 1-1: unable to get BOS descriptor set [ 761.247486][ T8297] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 761.275152][ T8297] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 761.300018][ T8297] usb 1-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 761.319545][ T8297] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 761.338175][ T8297] usb 1-1: Product: syz [ 761.362711][ T8297] usb 1-1: Manufacturer: syz [ 761.372815][ T8297] usb 1-1: SerialNumber: syz [ 761.388290][ T8297] usb 1-1: config 0 descriptor?? [ 761.477737][T26265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9751'. [ 761.616519][ T8297] usb 1-1: USB disconnect, device number 35 [ 761.682705][T26271] QAT: Stopping all acceleration devices. [ 761.760587][T26273] loop4: detected capacity change from 0 to 2048 [ 761.786487][T26275] loop1: detected capacity change from 0 to 256 [ 761.799313][T26258] loop2: detected capacity change from 0 to 32768 [ 761.821393][T26276] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 761.866890][T26278] loop3: detected capacity change from 0 to 164 [ 761.874082][T26275] FAT-fs (loop1): Directory bread(block 64) failed [ 761.888241][T26258] read_mapping_page failed! [ 761.915147][T26258] ERROR: (device loop2): txCommit: [ 761.915147][T26258] [ 761.922761][T26275] FAT-fs (loop1): Directory bread(block 65) failed [ 761.964501][T26275] FAT-fs (loop1): Directory bread(block 66) failed [ 761.971182][T26275] FAT-fs (loop1): Directory bread(block 67) failed [ 762.028338][T26275] FAT-fs (loop1): Directory bread(block 68) failed [ 762.047086][T26273] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 762.063872][T26275] FAT-fs (loop1): Directory bread(block 69) failed [ 762.073876][T26275] FAT-fs (loop1): Directory bread(block 70) failed [ 762.097112][T26273] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=16) [ 762.114489][T26275] FAT-fs (loop1): Directory bread(block 71) failed [ 762.121148][T26275] FAT-fs (loop1): Directory bread(block 72) failed [ 762.146453][T26275] FAT-fs (loop1): Directory bread(block 73) failed [ 762.154722][T26273] Remounting filesystem read-only [ 762.159853][T26273] NILFS (loop4): error -5 truncating bmap (ino=16) [ 762.395168][ T9315] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 762.626067][ T4364] usb 3-1: new full-speed USB device number 38 using dummy_hcd [ 762.647658][T26291] loop1: detected capacity change from 0 to 128 [ 762.678084][T26291] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000c00) [ 762.829162][ T4364] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 762.868898][ T4364] usb 3-1: config 0 interface 0 has no altsetting 0 [ 762.895892][ T4364] usb 3-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 762.934283][ T4364] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 762.970816][ T4364] usb 3-1: Product: syz [ 762.987686][ T4364] usb 3-1: Manufacturer: syz [ 762.992344][ T4364] usb 3-1: SerialNumber: syz [ 763.027606][ T4364] usb 3-1: config 0 descriptor?? [ 763.057082][ T4364] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 763.087910][ T4364] pctv452e: pctv452e_power_ctrl: 1 [ 763.087910][ T4364] [ 763.150613][T26297] loop1: detected capacity change from 0 to 8192 [ 763.261346][ T4364] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -71 [ 763.261346][ T4364] [ 763.285447][ T4364] dvb-usb: bulk message failed: -22 (5/0) [ 763.335262][ T4364] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 763.380452][ T4364] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19) [ 763.431038][ T4364] usb 3-1: USB disconnect, device number 38 [ 763.453028][T26287] loop3: detected capacity change from 0 to 32768 [ 763.536080][T26287] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.9760 (26287) [ 763.641414][T26287] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 763.671905][T26287] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 763.708511][T26287] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 763.768970][T26287] BTRFS info (device loop3): use zstd compression, level 3 [ 763.813324][T26287] BTRFS info (device loop3): using free space tree [ 764.059736][T26332] loop2: detected capacity change from 0 to 1024 [ 764.084865][T26332] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 764.209989][T26332] hfsplus: filesystem is marked journaled, leaving read-only. [ 764.307096][T26287] BTRFS info (device loop3): enabling ssd optimizations [ 764.598538][ T4281] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 764.920175][ T4643] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 9 /dev/loop3 scanned by udevd (4643) [ 765.141686][T26377] netlink: 140 bytes leftover after parsing attributes in process `syz.0.9797'. [ 765.236797][T26384] ptrace attach of "ci2-linux-6-1-kasan/syz-executor exec"[4281] was attempted by "ci2-linux-6-1-kasan/syz-executor exec"[26384] [ 765.485040][T26394] netlink: 'syz.3.9804': attribute type 5 has an invalid length. [ 765.725296][T26404] loop3: detected capacity change from 0 to 512 [ 765.790305][T26404] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 765.816038][T26404] EXT4-fs (loop3): orphan cleanup on readonly fs [ 765.827335][T26404] Quota error (device loop3): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6). [ 765.878908][T26404] EXT4-fs warning (device loop3): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 765.916999][T26404] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 765.978017][T26404] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.9809: bg 0: block 15: invalid block bitmap [ 766.052122][T26404] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 766.112421][T26404] EXT4-fs (loop3): 1 truncate cleaned up [ 766.124513][T26404] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 766.172806][T26419] loop0: detected capacity change from 0 to 512 [ 766.195026][T26419] EXT4-fs: Ignoring removed orlov option [ 766.315906][ T4281] EXT4-fs (loop3): unmounting filesystem. [ 766.342388][T26419] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 766.463282][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 766.475111][T26429] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (8) [ 766.564456][ T8300] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 766.774383][ T8300] usb 5-1: Using ep0 maxpacket: 16 [ 766.781394][ T8300] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 766.810143][ T8300] usb 5-1: config 0 has no interface number 0 [ 766.843187][ T8300] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 766.883406][ T8300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 766.909756][ T8300] usb 5-1: Product: syz [ 766.914733][ T8300] usb 5-1: Manufacturer: syz [ 766.931972][T26446] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9827'. [ 766.934494][ T8300] usb 5-1: SerialNumber: syz [ 766.987180][ T8300] usb 5-1: config 0 descriptor?? [ 767.012360][ T8300] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 767.411792][ T8300] gspca_spca1528: reg_w err -71 [ 767.444306][ T8300] spca1528: probe of 5-1:0.1 failed with error -71 [ 767.464456][ T8300] usb 5-1: USB disconnect, device number 40 [ 767.586232][T26472] loop3: detected capacity change from 0 to 4096 [ 767.620282][T26472] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 767.660603][T26472] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 767.693304][T26472] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 767.734726][T26472] ntfs: volume version 3.1. [ 767.850407][ T4281] ntfs: (device loop3): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 768.181126][T26494] netlink: 'syz.4.9852': attribute type 30 has an invalid length. [ 768.483870][T26511] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9861'. [ 768.751779][T26524] loop4: detected capacity change from 0 to 2048 [ 768.792663][T26524] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 768.914299][ T8300] usb 1-1: new low-speed USB device number 36 using dummy_hcd [ 769.050526][T26534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9872'. [ 769.146178][ T8300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 769.159720][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 769.174857][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 769.185116][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 769.196946][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 769.209762][T26534] netlink: set zone limit has 4 unknown bytes [ 769.219754][ T8300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 769.228088][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 769.247430][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 769.274375][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 769.305651][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 769.359348][ T8300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 769.396404][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 769.430032][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 769.450555][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 769.465109][ T8300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 769.500099][ T8300] usb 1-1: string descriptor 0 read error: -22 [ 769.508794][ T8300] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 769.533040][ T8300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 769.564086][ T8300] adutux 1-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 769.654138][T26548] loop2: detected capacity change from 0 to 4096 [ 769.669898][T26548] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 769.710140][T26548] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 769.752644][T26554] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 769.773902][ T8300] usb 1-1: USB disconnect, device number 36 [ 769.795209][T26548] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 769.801529][T26554] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 769.803979][T26548] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 769.863488][T26554] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 769.903661][T26554] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 769.929929][T26548] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 769.934092][T26554] device geneve4 entered promiscuous mode [ 769.955941][T26548] ntfs: volume version 3.1. [ 769.968047][T26554] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 769.987509][T26554] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 770.037343][T26554] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 770.058492][T26554] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 770.468101][T26574] x_tables: duplicate entry at hook 3 [ 770.664431][T26582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9896'. [ 770.729585][T26588] netlink: 2 bytes leftover after parsing attributes in process `syz.0.9899'. [ 770.911240][T26596] loop2: detected capacity change from 0 to 128 [ 770.958868][T26596] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 770.984417][T26596] hpfs: filesystem error: improperly stopped [ 770.990761][T26596] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 771.039765][T26596] hpfs: You really don't want any checks? You are crazy... [ 771.076946][T26596] hpfs: hpfs_map_sector(): read error [ 771.082380][T26596] hpfs: code page support is disabled [ 771.174454][T26596] hpfs: hpfs_map_4sectors(): unaligned read [ 771.180507][T26596] hpfs: hpfs_map_4sectors(): unaligned read [ 771.208091][T26606] loop0: detected capacity change from 0 to 2048 [ 771.226200][T26596] hpfs: filesystem error: unable to find root dir [ 771.274266][T26609] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 771.305704][T26596] hpfs: bad mount options. [ 771.359565][T26606] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 771.400443][T26606] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16) [ 771.429436][T26613] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9911'. [ 771.448997][T26606] Remounting filesystem read-only [ 771.466170][T26606] NILFS (loop0): error -5 truncating bmap (ino=16) [ 771.493140][T26615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9912'. [ 771.637191][ T4280] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 771.719823][T26622] loop1: detected capacity change from 0 to 1024 [ 771.864675][ T4491] hfsplus: b-tree write err: -5, ino 25 [ 771.870462][ T4491] hfsplus: b-tree write err: -5, ino 4 [ 771.894028][ T4491] hfsplus: b-tree write err: -5, ino 2 [ 771.969461][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 771.969478][ T26] audit: type=1326 audit(771.886:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26629 comm="syz.3.9920" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 772.084236][ T26] audit: type=1326 audit(771.916:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26629 comm="syz.3.9920" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 772.107759][ C0] vkms_vblank_simulate: vblank timer overrun [ 772.244254][ T26] audit: type=1326 audit(771.916:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26629 comm="syz.3.9920" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 772.267792][ C0] vkms_vblank_simulate: vblank timer overrun [ 772.320154][T26642] loop1: detected capacity change from 0 to 736 [ 772.327161][ T26] audit: type=1326 audit(771.916:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26629 comm="syz.3.9920" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 772.422226][ T26] audit: type=1326 audit(771.916:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26629 comm="syz.3.9920" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 772.612407][T26620] loop2: detected capacity change from 0 to 32768 [ 772.669739][T26620] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.9913 (26620) [ 772.734642][T26620] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 772.754336][T26620] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 772.785151][T26620] BTRFS info (device loop2): using free space tree [ 773.077985][T26675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9934'. [ 773.145006][T26620] BTRFS info (device loop2): enabling ssd optimizations [ 773.338877][ T4269] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 773.553393][T26691] netlink: 112 bytes leftover after parsing attributes in process `syz.1.9941'. [ 774.586023][T26726] loop2: detected capacity change from 0 to 512 [ 774.593038][T26726] EXT4-fs: inline encryption not supported [ 774.621041][T26727] netlink: 'syz.4.9956': attribute type 21 has an invalid length. [ 774.642391][T26726] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 774.760157][T26726] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 774.834830][T26726] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.9957: bg 0: block 248: padding at end of block bitmap is not set [ 774.850450][T26726] Quota error (device loop2): write_blk: dquota write failed [ 774.858264][T26726] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 774.868404][T26726] EXT4-fs error (device loop2): ext4_acquire_dquot:6841: comm syz.2.9957: Failed to acquire dquot type 1 [ 774.890923][T26726] EXT4-fs (loop2): 1 truncate cleaned up [ 774.896735][T26726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 774.938081][T26726] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 774.962289][T26726] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 774.985941][ T8297] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 775.008866][T26726] EXT4-fs error (device loop2): ext4_acquire_dquot:6841: comm syz.2.9957: Failed to acquire dquot type 1 [ 775.140326][ T4269] EXT4-fs (loop2): unmounting filesystem. [ 775.157760][ T4491] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5 [ 775.167850][ T4491] EXT4-fs error (device loop2): ext4_release_dquot:6877: comm kworker/u4:25: Failed to release dquot type 1 [ 775.184980][ T8297] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 775.204276][ T8297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 775.216441][ T8297] usb 1-1: config 0 descriptor?? [ 775.250160][T26745] netlink: 392 bytes leftover after parsing attributes in process `syz.4.9964'. [ 775.434092][T26751] loop2: detected capacity change from 0 to 2048 [ 775.498973][T26751] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 775.555803][T26751] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 775.598665][T26751] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 775.615210][T26751] UDF-fs: Scanning with blocksize 512 failed [ 775.644035][ T8297] [drm:udl_init] *ERROR* Selecting channel failed [ 775.658574][T26751] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 775.703254][ T8297] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 775.722054][ T8297] [drm] Initialized udl on minor 2 [ 775.744249][ T8297] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 775.784448][ T8297] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 775.820478][ T8297] usb 1-1: USB disconnect, device number 37 [ 775.856029][ T9284] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 775.884569][ T9284] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 775.913005][ T9284] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 776.129673][T26773] IPVS: set_ctl: invalid protocol: 115 10.1.1.1:20001 [ 776.825571][T26794] loop2: detected capacity change from 0 to 4096 [ 776.877526][T26794] ntfs: volume version 3.1. [ 776.949497][T26801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9992'. [ 777.004342][ T9284] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 777.204281][ T9284] usb 4-1: Using ep0 maxpacket: 16 [ 777.211262][ T9284] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 777.247433][ T9284] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 777.281253][T26809] tmpfs: Bad value for 'mpol' [ 777.290882][ T9284] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 777.334245][ T9284] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 777.352761][ T9284] usb 4-1: Product: syz [ 777.364245][ T9284] usb 4-1: Manufacturer: syz [ 777.374525][ T9284] usb 4-1: SerialNumber: syz [ 777.431554][T26811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 777.454790][T26811] bond0: (slave sit0): The slave device specified does not support setting the MAC address [ 777.471322][T26816] loop0: detected capacity change from 0 to 512 [ 777.479015][T26811] bond0: (slave sit0): Error -95 calling set_mac_address [ 777.562841][T26816] EXT4-fs error (device loop0): ext4_do_update_inode:5279: inode #15: comm syz.0.9999: corrupted inode contents [ 777.606122][ T9284] usb 4-1: 0:2 : does not exist [ 777.611114][ T9284] usb 4-1: unit 9 not found! [ 777.636798][T26816] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 777.661893][ T9284] usb 4-1: 4:0: cannot get min/max values for control 3 (id 4) [ 777.677768][T26819] Cannot find del_set index 4 as target [ 777.685469][T26771] loop4: detected capacity change from 0 to 32768 [ 777.693399][T26816] EXT4-fs error (device loop0): ext4_do_update_inode:5279: inode #15: comm syz.0.9999: corrupted inode contents [ 777.718392][ T9284] usb 4-1: 4:0: cannot get min/max values for control 9 (id 4) [ 777.749434][T26771] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.9976 (26771) [ 777.762293][T26816] EXT4-fs error (device loop0): ext4_evict_inode:329: inode #15: comm syz.0.9999: mark_inode_dirty error [ 777.807930][ T9284] usb 4-1: USB disconnect, device number 33 [ 777.824377][T26816] EXT4-fs (loop0): 1 orphan inode deleted [ 777.858612][T26816] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 777.944320][T26771] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 778.028848][T26771] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 778.059655][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 778.068290][ T4778] udevd[4778]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 778.131040][T26771] BTRFS info (device loop4): using free space tree [ 778.261185][T26826] loop1: detected capacity change from 0 to 4096 [ 778.666615][T26851] loop0: detected capacity change from 0 to 4096 [ 778.755432][T26861] netlink: 'syz.2.10011': attribute type 1 has an invalid length. [ 778.796021][T26771] BTRFS info (device loop4): enabling ssd optimizations [ 778.974459][T26869] netlink: 'syz.1.10010': attribute type 5 has an invalid length. [ 779.056547][T26871] loop2: detected capacity change from 0 to 256 [ 779.182841][T26871] FAT-fs (loop2): Directory bread(block 64) failed [ 779.210081][T26871] FAT-fs (loop2): Directory bread(block 65) failed [ 779.262213][T26871] FAT-fs (loop2): Directory bread(block 66) failed [ 779.324470][T26871] FAT-fs (loop2): Directory bread(block 67) failed [ 779.331147][T26871] FAT-fs (loop2): Directory bread(block 68) failed [ 779.384395][ T9315] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 779.412547][T26871] FAT-fs (loop2): Directory bread(block 69) failed [ 779.498872][T26871] FAT-fs (loop2): Directory bread(block 70) failed [ 779.558844][T26871] FAT-fs (loop2): Directory bread(block 71) failed [ 779.615231][T26871] FAT-fs (loop2): Directory bread(block 72) failed [ 779.621827][T26871] FAT-fs (loop2): Directory bread(block 73) failed [ 779.758873][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 779.758888][ T26] audit: type=1326 audit(779.676:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 779.842481][T26891] bridge7: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 779.927510][ T26] audit: type=1326 audit(779.726:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.112038][ T26] audit: type=1326 audit(779.726:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.220806][ T26] audit: type=1326 audit(779.736:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.363030][ T26] audit: type=1326 audit(779.736:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.442262][T26905] loop1: detected capacity change from 0 to 256 [ 780.507612][ T26] audit: type=1326 audit(779.736:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.577628][T26905] FAT-fs (loop1): Directory bread(block 64) failed [ 780.624367][T26905] FAT-fs (loop1): Directory bread(block 65) failed [ 780.631153][T26905] FAT-fs (loop1): Directory bread(block 66) failed [ 780.638062][ T26] audit: type=1326 audit(779.736:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.705334][T26905] FAT-fs (loop1): Directory bread(block 67) failed [ 780.712008][T26905] FAT-fs (loop1): Directory bread(block 68) failed [ 780.749058][ T26] audit: type=1326 audit(779.736:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26887 comm="syz.0.10021" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 780.764793][T26905] FAT-fs (loop1): Directory bread(block 69) failed [ 780.800617][T26908] loop3: detected capacity change from 0 to 4096 [ 780.824551][T26905] FAT-fs (loop1): Directory bread(block 70) failed [ 780.831147][T26905] FAT-fs (loop1): Directory bread(block 71) failed [ 780.918076][T26905] FAT-fs (loop1): Directory bread(block 72) failed [ 780.934595][T26915] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 780.955260][T26905] FAT-fs (loop1): Directory bread(block 73) failed [ 780.991643][T26908] NILFS error (device loop3): nilfs_find_entry: dir 2 size 2147487744 exceeds block count 1 [ 781.078440][T26908] Remounting filesystem read-only [ 781.253769][T26919] loop4: detected capacity change from 0 to 1024 [ 781.560566][ T4491] hfsplus: b-tree write err: -5, ino 25 [ 781.567087][ T4491] hfsplus: b-tree write err: -5, ino 4 [ 781.572659][ T4491] hfsplus: b-tree write err: -5, ino 2 [ 781.748868][T26933] loop0: detected capacity change from 0 to 4096 [ 781.914476][T26941] xt_CT: You must specify a L4 protocol and not use inversions on it [ 782.214604][T26950] netlink: 'syz.0.10043': attribute type 29 has an invalid length. [ 782.260746][T26950] netlink: 'syz.0.10043': attribute type 29 has an invalid length. [ 783.004345][ T4328] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 783.074508][ T8297] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 783.204080][ T4328] usb 2-1: Using ep0 maxpacket: 8 [ 783.227020][ T4328] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb [ 783.264239][ T4328] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 783.272377][ T4328] usb 2-1: Product: syz [ 783.289902][ T8297] usb 1-1: Using ep0 maxpacket: 16 [ 783.309519][ T8297] usb 1-1: config 0 has too many interfaces: 66, using maximum allowed: 32 [ 783.325768][ T4328] usb 2-1: Manufacturer: syz [ 783.329817][ T8297] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 66 [ 783.340859][ T4328] usb 2-1: SerialNumber: syz [ 783.368739][ T8297] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 783.393558][ T8297] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 783.404408][ T8306] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 783.428617][T26998] loop2: detected capacity change from 0 to 256 [ 783.444359][ T8297] usb 1-1: Product: syz [ 783.454308][ T8297] usb 1-1: Manufacturer: syz [ 783.465079][T26998] exfat: Deprecated parameter 'utf8' [ 783.473678][ T8297] usb 1-1: SerialNumber: syz [ 783.492270][T26998] exfat: Deprecated parameter 'namecase' [ 783.512776][ T8297] r8152-cfgselector 1-1: config 0 descriptor?? [ 783.519515][T26998] exfat: Deprecated parameter 'namecase' [ 783.554378][T26998] exfat: Deprecated parameter 'utf8' [ 783.611794][T26998] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 783.634392][ T8306] usb 5-1: Using ep0 maxpacket: 16 [ 783.649955][ T8306] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 783.680330][ T8306] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 783.723496][ T26] audit: type=1800 audit(783.636:465): pid=26998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10061" name="file1" dev="loop2" ino=1048734 res=0 errno=0 [ 783.748814][ T8297] r8152-cfgselector 1-1: Unknown version 0x0000 [ 783.765227][ T8297] r8152-cfgselector 1-1: USB disconnect, device number 38 [ 783.788088][ T26] audit: type=1326 audit(783.676:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27003 comm="syz.3.10063" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 783.797218][ T4328] mxuport 2-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71) [ 783.835698][ T8306] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 783.860536][ T8306] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 783.884889][ T8306] usb 5-1: Product: syz [ 783.889190][ T8306] usb 5-1: Manufacturer: syz [ 783.900307][ T4328] mxuport: probe of 2-1:254.0 failed with error -5 [ 783.913732][ T8306] usb 5-1: SerialNumber: syz [ 783.930167][ T8306] usb 5-1: config 0 descriptor?? [ 783.941303][T26989] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 783.967586][ T4328] usb 2-1: USB disconnect, device number 33 [ 784.187677][ T8306] usb 5-1: USB disconnect, device number 41 [ 784.732103][T27031] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10075'. [ 784.940158][T27038] loop3: detected capacity change from 0 to 16 [ 784.965021][T27038] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 785.431003][T27027] loop0: detected capacity change from 0 to 32768 [ 785.464665][T27027] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.10073 (27027) [ 785.546457][T27027] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 785.581329][T27027] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 785.615478][T27027] BTRFS info (device loop0): turning on async discard [ 785.622364][T27027] BTRFS info (device loop0): metadata ratio 0 [ 785.654357][T27027] BTRFS info (device loop0): enabling ssd optimizations [ 785.673574][T27027] BTRFS info (device loop0): using spread ssd allocation scheme [ 785.712181][T27027] BTRFS info (device loop0): using free space tree [ 785.886105][T27071] loop4: detected capacity change from 0 to 4096 [ 786.274367][T27089] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967180 out of range (51000000..2150000000) [ 786.348137][ T4280] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 786.421786][T27053] loop3: detected capacity change from 0 to 32768 [ 786.468625][T27053] XFS: noikeep mount option is deprecated. [ 786.798797][T27053] XFS (loop3): Mounting V5 Filesystem [ 786.879297][T27053] XFS (loop3): invalid iclog size (4096 bytes), using lsunit (32768 bytes) [ 786.942144][T27053] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 787.017694][T27053] XFS (loop3): Starting recovery (logdev: internal) [ 787.078455][T27053] XFS (loop3): Ending recovery (logdev: internal) [ 787.110231][T27122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10106'. [ 787.338980][ T4281] XFS (loop3): Unmounting Filesystem [ 787.403964][T27132] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 787.979881][T27150] loop1: detected capacity change from 0 to 4096 [ 788.045278][T27150] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 788.097400][T27150] ntfs3: loop1: Failed to load $Extend. [ 788.610688][T27180] loop4: detected capacity change from 0 to 256 [ 788.708784][T27184] netlink: 'syz.3.10138': attribute type 32 has an invalid length. [ 788.834866][ T1043] block nbd4: Attempted send on invalid socket [ 788.841119][ T1043] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 788.866478][T27186] F2FS-fs (nbd4): Unable to read 1th superblock [ 788.883618][ T52] block nbd4: Attempted send on invalid socket [ 788.889970][ T52] I/O error, dev nbd4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 788.902386][T27186] F2FS-fs (nbd4): Unable to read 2th superblock [ 789.249747][T27198] loop4: detected capacity change from 0 to 4096 [ 789.304038][T27198] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 789.704276][ T4364] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 789.897616][ T4364] usb 4-1: Using ep0 maxpacket: 8 [ 789.905820][ T4364] usb 4-1: unable to get BOS descriptor or descriptor too short [ 789.932463][ T4364] usb 4-1: config 0 has an invalid interface number: 88 but max is 0 [ 789.967500][ T4364] usb 4-1: config 0 has no interface number 0 [ 789.983947][ T4364] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 790.024257][ T4364] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0 [ 790.045110][T27219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10156'. [ 790.058525][ T4364] usb 4-1: config 0 interface 88 has no altsetting 0 [ 790.065985][T27219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10156'. [ 790.087098][ T4364] usb 4-1: string descriptor 0 read error: -22 [ 790.093571][ T4364] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 790.115096][ T4364] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 790.142049][ T4364] usb 4-1: config 0 descriptor?? [ 790.162772][ T4364] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input39 [ 790.220122][T27208] loop0: detected capacity change from 0 to 32768 [ 790.268004][T27208] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.10150 (27208) [ 790.347717][ T4399] udevd[4399]: Error opening device "/dev/input/event4": Input/output error [ 790.360138][T27208] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 790.377288][ T4399] udevd[4399]: Unable to EVIOCGABS device "/dev/input/event4" [ 790.387501][T27208] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 790.397897][ T4399] udevd[4399]: Unable to EVIOCGABS device "/dev/input/event4" [ 790.405699][T27208] BTRFS info (device loop0): using free space tree [ 790.438697][T27210] loop1: detected capacity change from 0 to 32768 [ 790.470640][ T128] usb 4-1: USB disconnect, device number 34 [ 790.502881][T27230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10159'. [ 790.555333][T27210] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 790.627221][T27210] XFS (loop1): Mounting V5 Filesystem [ 790.706606][T27208] BTRFS info (device loop0): enabling ssd optimizations [ 790.716162][T27210] XFS (loop1): Ending clean mount [ 790.770111][T27210] XFS (loop1): Quotacheck needed: Please wait. [ 790.865851][ T4280] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 790.887693][T27210] XFS (loop1): Quotacheck: Done. [ 791.262558][T27266] netlink: 292 bytes leftover after parsing attributes in process `syz.3.10168'. [ 791.311034][ T4270] XFS (loop1): Unmounting Filesystem [ 791.415843][T27271] ALSA: mixer_oss: invalid OSS volume 'w' [ 791.512119][T27274] binder: 27273:27274 ioctl c00c6211 ffffffffffffffff returned -14 [ 791.783407][T27288] ceph: No source [ 791.923484][T27295] loop3: detected capacity change from 0 to 64 [ 791.967898][T27295] MINIX-fs: mounting file system with errors, running fsck is recommended [ 792.749631][T27330] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10199'. [ 792.914280][ T4364] usb 4-1: new full-speed USB device number 35 using dummy_hcd [ 793.120415][T27322] loop0: detected capacity change from 0 to 32768 [ 793.148012][ T4364] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 793.158077][T27338] loop2: detected capacity change from 0 to 4096 [ 793.173924][ T4364] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 793.202371][ T4364] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 793.243939][ T4364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 793.284593][ T4364] usb 4-1: SerialNumber: syz [ 793.310629][ T4364] usb 4-1: 0:2 : does not exist [ 793.345954][T27338] ntfs3: loop2: Failed to load $Extend. [ 793.722509][ T4364] usb 4-1: USB disconnect, device number 35 [ 793.911285][T27360] loop4: detected capacity change from 0 to 4096 [ 793.943346][T27360] __ntfs_error: 4 callbacks suppressed [ 793.943363][T27360] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 794.024475][T27360] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 794.057578][T27360] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 794.072873][T27364] loop2: detected capacity change from 0 to 4096 [ 794.083410][T27360] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 794.102106][T27364] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 794.138981][T27360] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 794.172821][T27364] ntfs3: loop2: failed to convert "c46c" to cp737 [ 794.184986][T27360] ntfs: volume version 3.1. [ 794.206119][T27364] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 794.216828][T27360] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 794.262056][T27360] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 794.318453][T27360] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 794.346453][T27368] netlink: 'syz.0.10208': attribute type 1 has an invalid length. [ 794.355631][T27360] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 794.383990][T27360] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 795.171332][T27366] loop1: detected capacity change from 0 to 32768 [ 795.215072][T27366] XFS: noikeep mount option is deprecated. [ 795.300401][T27366] XFS (loop1): Mounting V5 Filesystem [ 795.486540][T27366] XFS (loop1): Ending clean mount [ 795.541755][T27366] XFS (loop1): Quotacheck needed: Please wait. [ 795.661841][T27366] XFS (loop1): Quotacheck: Done. [ 795.833321][ T4270] XFS (loop1): Unmounting Filesystem [ 795.989414][T27429] loop2: detected capacity change from 0 to 16 [ 796.023236][T27433] loop0: detected capacity change from 0 to 16 [ 796.028220][T27401] loop4: detected capacity change from 0 to 32768 [ 796.043023][T27429] erofs: (device loop2): mounted with root inode @ nid 36. [ 796.063798][T27433] erofs: (device loop0): mounted with root inode @ nid 36. [ 796.077502][T27429] erofs: (device loop2): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 796.126063][T27429] erofs: (device loop2): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 796.135668][T27429] erofs: (device loop2): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 796.151073][T27401] XFS (loop4): Mounting V5 Filesystem [ 796.157098][T27429] erofs: (device loop2): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 796.167864][T27429] syz.2.10243: attempt to access beyond end of device [ 796.167864][T27429] loop2: rw=524288, sector=537395200, nr_sectors = 8 limit=16 [ 796.182604][T27429] erofs: (device loop2): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 796.192334][T27429] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 796.227739][T27401] XFS (loop4): Ending clean mount [ 796.264228][T24672] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 796.454335][T24672] usb 4-1: Using ep0 maxpacket: 16 [ 796.465716][T24672] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 796.476812][T27445] device team0 entered promiscuous mode [ 796.483186][T27445] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 796.503352][ T9315] XFS (loop4): Unmounting Filesystem [ 796.510633][T24672] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 796.541586][T24672] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 796.590573][T24672] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 796.620538][T24672] usb 4-1: Product: syz [ 796.634257][T24672] usb 4-1: Manufacturer: syz [ 796.655241][T24672] usb 4-1: SerialNumber: syz [ 796.782382][T27449] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10249'. [ 796.813248][T27451] loop1: detected capacity change from 0 to 64 [ 796.890975][T24672] usb 4-1: 0:2 : does not exist [ 796.909524][T24672] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 796.974937][T24672] usb 4-1: USB disconnect, device number 36 [ 797.265639][ T4778] udevd[4778]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 797.468174][T27469] loop2: detected capacity change from 0 to 2048 [ 797.505715][T27469] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 797.530812][T27469] NILFS (loop2): mounting unchecked fs [ 797.565624][T27469] NILFS (loop2): recovery complete [ 797.594906][T27478] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 797.678088][T27480] netlink: 'syz.1.10263': attribute type 1 has an invalid length. [ 797.737456][T27480] netlink: 'syz.1.10263': attribute type 2 has an invalid length. [ 797.763145][T27480] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10263'. [ 798.017682][T27493] x_tables: duplicate underflow at hook 2 [ 798.437742][T27516] SET target dimension over the limit! [ 799.101571][ T26] kauditd_printk_skb: 9 callbacks suppressed [ 799.101586][ T26] audit: type=1326 audit(799.016:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27541 comm="syz.2.10294" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 799.184387][ T26] audit: type=1326 audit(799.056:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27541 comm="syz.2.10294" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 799.302201][ T26] audit: type=1326 audit(799.056:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27541 comm="syz.2.10294" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 799.364486][ T26] audit: type=1326 audit(799.056:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27541 comm="syz.2.10294" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 799.511269][T27526] loop0: detected capacity change from 0 to 32768 [ 799.605096][T27526] jfs_rename: dtInsert returned -EIO [ 799.965415][T27566] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.10306'. [ 800.049857][T27540] loop1: detected capacity change from 0 to 32768 [ 800.106316][T27540] [ 800.106316][T27540] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 800.106316][T27540] [ 800.194792][T27540] ERROR: (device loop1): diWrite: ixpxd invalid [ 800.194792][T27540] [ 800.267311][T27540] ERROR: (device loop1): txCommit: [ 800.267311][T27540] [ 800.364603][T27574] device wlan0 entered promiscuous mode [ 800.384633][T27574] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 800.504108][ T4270] [ 800.504108][ T4270] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 800.504108][ T4270] [ 800.529904][ T4270] [ 800.529904][ T4270] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 800.529904][ T4270] [ 800.723401][T27585] loop3: detected capacity change from 0 to 256 [ 800.807771][T27562] loop4: detected capacity change from 0 to 32768 [ 800.834983][T27585] FAT-fs (loop3): Directory bread(block 64) failed [ 800.839057][T27562] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.10303 (27562) [ 800.869121][T27585] FAT-fs (loop3): Directory bread(block 65) failed [ 800.898292][T27585] FAT-fs (loop3): Directory bread(block 66) failed [ 800.924659][T27562] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 800.934384][T27585] FAT-fs (loop3): Directory bread(block 67) failed [ 800.954464][T27585] FAT-fs (loop3): Directory bread(block 68) failed [ 800.963781][T27583] loop0: detected capacity change from 0 to 8192 [ 800.972048][T27562] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 800.981459][T27585] FAT-fs (loop3): Directory bread(block 69) failed [ 800.999438][T27585] FAT-fs (loop3): Directory bread(block 70) failed [ 801.020405][T27562] BTRFS info (device loop4): turning on async discard [ 801.025626][T27585] FAT-fs (loop3): Directory bread(block 71) failed [ 801.035474][T27585] FAT-fs (loop3): Directory bread(block 72) failed [ 801.042060][T27585] FAT-fs (loop3): Directory bread(block 73) failed [ 801.049966][T27583] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 801.077127][T27583] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 801.088168][T27562] BTRFS info (device loop4): metadata ratio 0 [ 801.092201][T27583] REISERFS (device loop0): using ordered data mode [ 801.102350][T27583] reiserfs: using flush barriers [ 801.118008][T27583] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 801.145080][T27583] REISERFS (device loop0): checking transaction log (loop0) [ 801.164548][T27562] BTRFS info (device loop4): enabling ssd optimizations [ 801.200358][T27583] REISERFS (device loop0): Using r5 hash to sort names [ 801.221028][T27562] BTRFS info (device loop4): using spread ssd allocation scheme [ 801.233570][T27583] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 801.295745][T27562] BTRFS info (device loop4): using free space tree [ 801.395799][ T26] audit: type=1326 audit(801.316:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.2.10319" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 801.449687][ T26] audit: type=1326 audit(801.346:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.2.10319" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 801.671241][ T26] audit: type=1326 audit(801.346:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.2.10319" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 801.884915][ T26] audit: type=1326 audit(801.346:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.2.10319" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 801.958863][ T26] audit: type=1326 audit(801.346:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27597 comm="syz.2.10319" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faeeb59cdd9 code=0x7ffc0000 [ 802.014403][ T4364] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 802.091470][ T9315] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 802.218420][ T4364] usb 3-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 802.245363][ T4364] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 802.305093][ T4364] usb 3-1: Product: syz [ 802.314775][ T4364] usb 3-1: Manufacturer: syz [ 802.319431][ T4364] usb 3-1: SerialNumber: syz [ 802.371035][ T4364] usb 3-1: config 0 descriptor?? [ 802.602573][ T4364] int51x1: probe of 3-1:0.0 failed with error -22 [ 802.826738][ T4364] usb 3-1: USB disconnect, device number 39 [ 802.893838][T27657] loop0: detected capacity change from 0 to 1024 [ 802.923529][T27657] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 803.005070][T27657] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 803.068820][T27657] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 803.144687][T27657] EXT4-fs (loop0): Remounting filesystem read-only [ 803.164896][T27657] EXT4-fs error (device loop0) in ext4_setattr:5695: error 28 [ 803.184777][T27657] EXT4-fs (loop0): Remounting filesystem read-only [ 803.278334][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 803.430073][T27670] loop0: detected capacity change from 0 to 4096 [ 803.487895][T27670] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 803.602559][T27670] ntfs3: loop0: mft corrupted [ 803.924059][T27656] loop3: detected capacity change from 0 to 40427 [ 803.987184][T27656] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 803.993640][T27656] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 804.021969][T27656] F2FS-fs (loop3): invalid crc value [ 804.056327][T27656] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 804.352594][T27656] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 804.373172][T27656] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 804.400423][T27699] netlink: 'syz.1.10358': attribute type 1 has an invalid length. [ 804.443980][T27701] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 804.451576][T27701] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 804.504616][T27705] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(6) [ 804.511228][T27705] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 804.559291][T27701] vhci_hcd vhci_hcd.0: Device attached [ 804.611614][T27705] vhci_hcd vhci_hcd.0: Device attached [ 804.655882][T27703] vhci_hcd: connection closed [ 804.655927][T27706] vhci_hcd: connection closed [ 804.669392][ T4465] vhci_hcd: stop threads [ 804.709073][ T4465] vhci_hcd: release socket [ 804.734270][ T4465] vhci_hcd: disconnect device [ 804.748797][ T4465] vhci_hcd: stop threads [ 804.753099][ T4465] vhci_hcd: release socket [ 804.764237][ T4364] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 804.782773][ T4364] usb 37-1: enqueue for inactive port 0 [ 804.817520][ T4465] vhci_hcd: disconnect device [ 804.874336][ T4364] vhci_hcd: vhci_device speed not set [ 805.366887][T27739] vivid-007: disconnect [ 805.373971][T27737] vivid-007: reconnect [ 805.609156][T27749] loop2: detected capacity change from 0 to 256 [ 806.352808][ T26] audit: type=1326 audit(806.266:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.376529][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.395108][T27745] loop1: detected capacity change from 0 to 32768 [ 806.424425][T27745] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.10376 (27745) [ 806.450611][ T26] audit: type=1326 audit(806.326:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.474309][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.514520][T27745] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 806.534254][ T26] audit: type=1326 audit(806.326:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.557832][ C0] vkms_vblank_simulate: vblank timer overrun [ 806.578989][T27745] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 806.604237][T27745] BTRFS info (device loop1): turning on async discard [ 806.621426][T27745] BTRFS info (device loop1): metadata ratio 0 [ 806.638617][T27745] BTRFS info (device loop1): enabling ssd optimizations [ 806.657263][ T26] audit: type=1326 audit(806.326:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.686467][T27745] BTRFS info (device loop1): using spread ssd allocation scheme [ 806.702066][T27745] BTRFS info (device loop1): using free space tree [ 806.712831][ T26] audit: type=1326 audit(806.326:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.762299][ T26] audit: type=1326 audit(806.326:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.795367][ T26] audit: type=1326 audit(806.326:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.819549][ T26] audit: type=1326 audit(806.326:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.4.10395" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 806.951796][T27803] loop0: detected capacity change from 0 to 164 [ 806.978293][T27803] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 806.991781][T27803] isofs: Unable to find the ".." directory for NFS. [ 807.385998][ T4270] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 807.810192][T27826] device batadv_slave_0 entered promiscuous mode [ 807.839647][T27826] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 807.879227][T27834] loop4: detected capacity change from 0 to 2048 [ 807.919532][T27838] ipt_ECN: cannot use operation on non-tcp rule [ 807.937446][T27834] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 808.124010][T27843] netlink: 'syz.2.10418': attribute type 3 has an invalid length. [ 809.296828][T27895] loop1: detected capacity change from 0 to 1024 [ 809.315089][ T26] audit: type=1326 audit(809.236:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27897 comm="syz.0.10445" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 809.378387][T27895] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5 [ 809.399339][T27895] EXT4-fs error (device loop1): ext4_acquire_dquot:6841: comm syz.1.10443: Failed to acquire dquot type 0 [ 809.440990][T27903] loop0: detected capacity change from 0 to 1024 [ 809.491848][T27903] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 809.517888][T27895] EXT4-fs error (device loop1): mb_free_blocks:1839: group 0, inode 13: block 160:freeing already freed block (bit 10); block bitmap corrupt. [ 809.589212][T27853] loop2: detected capacity change from 0 to 32768 [ 809.620793][T27895] EXT4-fs (loop1): 1 truncate cleaned up [ 809.627953][T27895] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 809.726308][T27914] netlink: 'syz.3.10449': attribute type 1 has an invalid length. [ 809.728071][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 809.801917][T27853] XFS (loop2): Mounting V5 Filesystem [ 809.843158][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 809.858959][T27914] netlink: 'syz.3.10449': attribute type 2 has an invalid length. [ 810.000771][T27853] XFS (loop2): Ending clean mount [ 810.241147][ T4269] XFS (loop2): Unmounting Filesystem [ 810.399546][T27940] PM: Enabling pm_trace changes system date and time during resume. [ 810.399546][T27940] PM: Correct system time has to be restored manually after resume. [ 810.422413][ C0] vkms_vblank_simulate: vblank timer overrun [ 811.215678][T27974] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10477'. [ 811.588089][T27992] loop1: detected capacity change from 0 to 1024 [ 811.617080][T27992] EXT4-fs: Ignoring removed mblk_io_submit option [ 811.633024][T27992] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 811.657486][T27992] EXT4-fs (loop1): Test dummy encryption mode enabled [ 811.755289][T27992] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 811.779901][T27992] EXT4-fs: Ignoring removed mblk_io_submit option [ 811.797200][T27992] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 811.817368][T27992] EXT4-fs: Cannot change quota options when quota turned on [ 811.943384][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 812.700692][T28040] No such timeout policy "syz1" [ 812.717934][T28043] comedi comedi4: bad chanlist[0]=0x00006c7f chan=27775 range length=2 [ 812.901222][T28051] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10514'. [ 813.734249][T24672] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 813.815784][T28091] loop3: detected capacity change from 0 to 256 [ 813.910843][T28091] FAT-fs (loop3): Directory bread(block 64) failed [ 813.924230][T24672] usb 2-1: Using ep0 maxpacket: 32 [ 813.931849][T24672] usb 2-1: unable to get BOS descriptor or descriptor too short [ 813.950408][T28091] FAT-fs (loop3): Directory bread(block 65) failed [ 813.961601][T24672] usb 2-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 813.982828][T28091] FAT-fs (loop3): Directory bread(block 66) failed [ 813.992953][T24672] usb 2-1: too many endpoints for config 1 interface 2 altsetting 1: 255, using maximum allowed: 30 [ 814.007419][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.013761][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.022421][ T1276] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 814.044456][T24672] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 814.051904][T28091] FAT-fs (loop3): Directory bread(block 67) failed [ 814.075431][T24672] usb 2-1: New USB device found, idVendor=2b53, idProduct=0024, bcdDevice= 0.40 [ 814.090290][T28091] FAT-fs (loop3): Directory bread(block 68) failed [ 814.095002][T24672] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.124237][T28091] FAT-fs (loop3): Directory bread(block 69) failed [ 814.124827][T24672] usb 2-1: Product: syz [ 814.140873][T28091] FAT-fs (loop3): Directory bread(block 70) failed [ 814.164280][T24672] usb 2-1: Manufacturer: syz [ 814.174660][T24672] usb 2-1: SerialNumber: syz [ 814.198851][T28091] FAT-fs (loop3): Directory bread(block 71) failed [ 814.219958][T28091] FAT-fs (loop3): Directory bread(block 72) failed [ 814.239469][T28091] FAT-fs (loop3): Directory bread(block 73) failed [ 814.290834][T28103] netlink: 'syz.2.10540': attribute type 8 has an invalid length. [ 814.301884][T28103] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.10540'. [ 814.423252][T24672] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 814.501283][T24672] snd-usb-audio: probe of 2-1:1.1 failed with error -22 [ 814.618862][T24672] snd-usb-audio: probe of 2-1:1.2 failed with error -22 [ 814.658831][ T6080] udevd[6080]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 814.682416][T24672] usb 2-1: USB disconnect, device number 34 [ 814.824259][ T4317] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 815.035473][ T4317] usb 3-1: Using ep0 maxpacket: 32 [ 815.045320][ T4317] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 815.091106][ T4317] usb 3-1: too many endpoints for config 0 interface 0 altsetting 5: 69, using maximum allowed: 30 [ 815.122685][ T4317] usb 3-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 69 [ 815.156767][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 815.156782][ T26] audit: type=1326 audit(815.076:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28131 comm="syz.4.10554" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 815.164298][ T4317] usb 3-1: config 0 interface 0 has no altsetting 1 [ 815.186503][ C1] vkms_vblank_simulate: vblank timer overrun [ 815.272602][ T4317] usb 3-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00 [ 815.298753][ T26] audit: type=1326 audit(815.146:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28131 comm="syz.4.10554" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 815.314316][ T4317] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 815.353241][T28138] loop1: detected capacity change from 0 to 256 [ 815.378556][ T4317] usb 3-1: SerialNumber: syz [ 815.385510][ T26] audit: type=1326 audit(815.146:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28131 comm="syz.4.10554" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 815.413193][ T4317] usb 3-1: config 0 descriptor?? [ 815.431264][ T4317] usb-storage 3-1:0.0: USB Mass Storage device detected [ 815.459290][T28138] FAT-fs (loop1): Directory bread(block 64) failed [ 815.477080][T28138] FAT-fs (loop1): Directory bread(block 65) failed [ 815.489843][ T4317] usb-storage 3-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 815.528079][T28138] FAT-fs (loop1): Directory bread(block 66) failed [ 815.538324][ T26] audit: type=1326 audit(815.146:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28131 comm="syz.4.10554" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47d179cdd9 code=0x7ffc0000 [ 815.562615][T28138] FAT-fs (loop1): Directory bread(block 67) failed [ 815.570252][T28138] FAT-fs (loop1): Directory bread(block 68) failed [ 815.577313][T28138] FAT-fs (loop1): Directory bread(block 69) failed [ 815.584817][T28138] FAT-fs (loop1): Directory bread(block 70) failed [ 815.591484][T28138] FAT-fs (loop1): Directory bread(block 71) failed [ 815.598279][T28138] FAT-fs (loop1): Directory bread(block 72) failed [ 815.605012][T28138] FAT-fs (loop1): Directory bread(block 73) failed [ 815.665316][T24672] usb 3-1: USB disconnect, device number 40 [ 815.750530][T28149] loop0: detected capacity change from 0 to 8 [ 815.772913][T28149] SQUASHFS error: Failed to read block 0x62: -5 [ 815.814440][T28149] squashfs image failed sanity check [ 815.864203][ T4399] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 815.893338][T28149] Invalid option length (1047337) for dns_resolver key [ 816.061732][T28157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10566'. [ 816.085754][T28155] device bridge0 entered promiscuous mode [ 816.264280][T28163] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10569'. [ 816.294423][T28163] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10569'. [ 816.311961][T28163] netlink: 48 bytes leftover after parsing attributes in process `syz.0.10569'. [ 816.630763][T28181] netlink: 'syz.4.10578': attribute type 1 has an invalid length. [ 816.840381][ T26] audit: type=1326 audit(816.756:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28192 comm="syz.1.10584" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 816.906599][ T26] audit: type=1326 audit(816.786:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28192 comm="syz.1.10584" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 817.028757][ T26] audit: type=1326 audit(816.786:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28192 comm="syz.1.10584" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 817.060385][T28199] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10587'. [ 817.121590][T28199] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10587'. [ 817.171709][ T26] audit: type=1326 audit(816.786:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28192 comm="syz.1.10584" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 817.274539][ T26] audit: type=1326 audit(816.786:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28192 comm="syz.1.10584" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2df259cdd9 code=0x7ffc0000 [ 817.372878][T28211] loop0: detected capacity change from 0 to 1024 [ 817.421121][T28211] EXT4-fs error (device loop0): ext4_map_blocks:637: inode #3: block 2: comm syz.0.10596: lblock 2 mapped to illegal pblock 2 (length 1) [ 817.439342][T28211] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 817.449695][T28211] EXT4-fs error (device loop0): ext4_map_blocks:637: inode #3: block 48: comm syz.0.10596: lblock 0 mapped to illegal pblock 48 (length 1) [ 817.466525][T28211] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.10596: Failed to acquire dquot type 0 [ 817.478552][T28211] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5952: Corrupt filesystem [ 817.490133][T28211] EXT4-fs error (device loop0): ext4_evict_inode:281: inode #11: comm syz.0.10596: mark_inode_dirty error [ 817.507123][T28211] EXT4-fs warning (device loop0): ext4_evict_inode:284: couldn't mark inode dirty (err -117) [ 817.518038][T28211] EXT4-fs (loop0): 1 orphan inode deleted [ 817.523860][T28211] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 817.548157][T28211] EXT4-fs error (device loop0): ext4_map_blocks:637: inode #3: block 1: comm syz.0.10596: lblock 1 mapped to illegal pblock 1 (length 1) [ 817.587912][ T4491] EXT4-fs error (device loop0): ext4_map_blocks:637: inode #3: block 1: comm kworker/u4:25: lblock 1 mapped to illegal pblock 1 (length 1) [ 817.640661][ T4491] EXT4-fs error (device loop0): ext4_release_dquot:6877: comm kworker/u4:25: Failed to release dquot type 0 [ 817.681421][ T4280] EXT4-fs (loop0): unmounting filesystem. [ 817.696834][ T4280] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 817.727146][ T4280] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5952: Corrupt filesystem [ 817.764408][ T4280] EXT4-fs error (device loop0): ext4_quota_off:7147: inode #3: comm syz-executor: mark_inode_dirty error [ 817.973418][T28233] loop2: detected capacity change from 0 to 1024 [ 817.981743][T28233] EXT4-fs: Ignoring removed bh option [ 818.041785][T28233] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 818.140408][T28233] EXT4-fs warning (device loop2): ext4_empty_dir:3147: inode #11: comm syz.2.10603: directory missing '.' [ 818.273386][T28241] loop4: detected capacity change from 0 to 4096 [ 818.300991][ T4269] EXT4-fs (loop2): unmounting filesystem. [ 818.319530][T28241] EXT4-fs: Ignoring removed bh option [ 818.328430][T28249] netlink: 256 bytes leftover after parsing attributes in process `syz.3.10609'. [ 818.392245][T28241] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 818.530034][T28256] loop1: detected capacity change from 0 to 128 [ 818.579254][ T9315] EXT4-fs (loop4): unmounting filesystem. [ 819.088626][T28278] netlink: 10 bytes leftover after parsing attributes in process `syz.0.10623'. [ 819.518787][T28297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10632'. [ 819.530417][T28298] netlink: 'syz.0.10633': attribute type 41 has an invalid length. [ 819.548590][T28297] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10632'. [ 819.572880][T28297] netlink: 'syz.1.10632': attribute type 6 has an invalid length. [ 819.582539][T28298] netlink: 'syz.0.10633': attribute type 41 has an invalid length. [ 819.881739][T28306] loop3: detected capacity change from 0 to 4096 [ 819.944126][T28306] ntfs: volume version 3.1. [ 820.120314][T28282] loop2: detected capacity change from 0 to 32768 [ 820.259878][T28323] printk: syz.3.10646 (28323): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). [ 820.412725][T28326] ieee802154 phy0 wpan0: encryption failed: -22 [ 820.730560][T28336] loop3: detected capacity change from 0 to 1024 [ 820.770586][T28338] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10652'. [ 821.105807][T28320] loop1: detected capacity change from 0 to 32768 [ 821.188243][T28320] JBD2: Ignoring recovery information on journal [ 821.410540][T28320] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 821.642817][ T4270] ocfs2: Unmounting device (7,1) on (node local) [ 821.916000][T28372] ax25_connect(): syz.2.10670 uses autobind, please contact jreuter@yaina.de [ 821.970637][T28376] loop4: detected capacity change from 0 to 64 [ 822.151416][T28357] loop0: detected capacity change from 0 to 32768 [ 822.267959][T28357] XFS (loop0): Mounting V5 Filesystem [ 822.388339][T28395] nft_compat: unsupported protocol 1 [ 822.448592][T28357] XFS (loop0): Ending clean mount [ 822.470218][T28402] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 822.635349][ T4280] XFS (loop0): Unmounting Filesystem [ 822.718907][T28409] AppArmor: change_hat: Invalid input '0' [ 823.052427][T28423] loop1: detected capacity change from 0 to 512 [ 823.100838][T28425] ipt_REJECT: TCP_RESET invalid for non-tcp [ 823.148980][T28423] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 823.335885][T28436] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 823.439087][T28439] netlink: 'syz.4.10696': attribute type 10 has an invalid length. [ 823.480924][ T4270] EXT4-fs (loop1): unmounting filesystem. [ 823.883197][T28460] overlayfs: unrecognized mount option "\" or missing value [ 824.125720][T28470] dns_resolver: Unsupported content type (240) [ 824.294299][T28478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10716'. [ 824.829617][T28498] device bond5 entered promiscuous mode [ 824.848105][T28498] 8021q: adding VLAN 0 to HW filter on device bond5 [ 824.898445][T28504] netlink: 'syz.4.10728': attribute type 11 has an invalid length. [ 825.408025][T28519] loop3: detected capacity change from 0 to 4096 [ 825.444212][T28519] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 825.525171][T28519] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 825.553425][T28519] ntfs3: loop3: mft corrupted [ 825.560552][T28519] ntfs3: loop3: Failed to load $Extend. [ 825.638336][T28519] ntfs3: loop3: ino=1b, "file0" attr_set_size [ 825.984875][T28543] loop3: detected capacity change from 0 to 1024 [ 826.080209][T28543] hfsplus: invalid length 32517 has been corrected to 255 [ 826.337740][ T128] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 826.392791][ T4465] hfsplus: b-tree write err: -5, ino 20 [ 826.398515][ T128] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 826.849566][T28562] fido_id[28562]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 826.980199][T28579] loop4: detected capacity change from 0 to 512 [ 827.047927][T28579] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 827.064012][T28579] EXT4-fs (loop4): orphan cleanup on readonly fs [ 827.124945][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 827.124959][ T26] audit: type=1326 audit(827.046:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28590 comm="syz.0.10769" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 827.180784][T28579] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 827.238709][T28579] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 827.238722][ T26] audit: type=1326 audit(827.076:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28590 comm="syz.0.10769" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f699ff9cdd9 code=0x7ffc0000 [ 827.413026][T28579] EXT4-fs error (device loop4): ext4_acquire_dquot:6841: comm syz.4.10764: Failed to acquire dquot type 1 [ 827.441734][T28579] EXT4-fs (loop4): Remounting filesystem read-only [ 827.458806][T28579] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.10764: bg 0: block 40: padding at end of block bitmap is not set [ 827.467429][T28600] netlink: 154788 bytes leftover after parsing attributes in process `syz.0.10773'. [ 827.493347][T28600] openvswitch: netlink: Message has 48126 unknown bytes. [ 827.535730][T28579] EXT4-fs (loop4): Remounting filesystem read-only [ 827.557622][T28579] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 827.596752][T28579] EXT4-fs (loop4): Remounting filesystem read-only [ 827.606887][T28579] EXT4-fs (loop4): 1 truncate cleaned up [ 827.634449][T28579] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 827.818807][T28613] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10780'. [ 827.831450][ T9315] EXT4-fs (loop4): unmounting filesystem. [ 828.641025][T28646] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 828.721090][T28617] loop4: detected capacity change from 0 to 32768 [ 828.770344][T28617] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.10782 (28617) [ 828.846765][T28617] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 828.879256][T28617] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 828.912786][T28617] BTRFS info (device loop4): using free space tree [ 829.019527][T28617] BTRFS info (device loop4): enabling ssd optimizations [ 829.063790][ T9315] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 829.212667][T28682] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10805'. [ 829.292752][T28682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10805'. [ 829.328191][T28682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10805'. [ 829.904254][ T128] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 830.104269][ T128] usb 5-1: Using ep0 maxpacket: 32 [ 830.111075][ T128] usb 5-1: config 0 has an invalid interface number: 61 but max is 1 [ 830.154257][ T128] usb 5-1: config 0 has no interface number 1 [ 830.166778][ T128] usb 5-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6 [ 830.207777][ T128] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.224252][ T128] usb 5-1: Product: syz [ 830.228671][ T128] usb 5-1: Manufacturer: syz [ 830.233316][ T128] usb 5-1: SerialNumber: syz [ 830.281644][ T128] usb 5-1: config 0 descriptor?? [ 830.424797][ T128] viperboard 5-1:0.61: version 0.00 found at bus 005 address 042 [ 830.448449][T28693] loop2: detected capacity change from 0 to 32768 [ 830.476563][T28693] [ 830.476563][T28693] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 830.476563][T28693] [ 830.506929][ T128] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 830.531655][ T128] viperboard-i2c: probe of viperboard-i2c.2.auto failed with error -5 [ 830.549908][T28693] ERROR: (device loop2): xtSearch: XT_GETPAGE: xtree page corrupt [ 830.549908][T28693] [ 830.585032][ T128] viperboard 5-1:0.0: version 0.00 found at bus 005 address 042 [ 830.619574][ T128] viperboard-i2c viperboard-i2c.5.auto: failure setting i2c_bus_freq to 100 [ 830.642327][ T128] viperboard-i2c: probe of viperboard-i2c.5.auto failed with error -5 [ 830.643341][T28693] xtLookup: xtSearch returned -5 [ 830.673070][T28693] ERROR: (device loop2): xtTruncate: XT_GETPAGE: xtree page corrupt [ 830.673070][T28693] [ 830.734385][ T128] usb 5-1: USB disconnect, device number 42 [ 830.842190][ T4491] [ 830.842190][ T4491] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 830.842190][ T4491] [ 830.888218][ T4491] [ 830.888218][ T4491] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 830.888218][ T4491] [ 830.948754][ T107] [ 830.948754][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 830.948754][ T107] [ 830.989898][ T4269] [ 830.989898][ T4269] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 830.989898][ T4269] [ 831.014516][ T4269] [ 831.014516][ T4269] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 831.014516][ T4269] [ 831.227591][T28745] xt_TCPMSS: Only works on TCP SYN packets [ 831.789824][ T26] audit: type=1326 audit(831.706:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 831.868138][ T26] audit: type=1326 audit(831.706:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 831.893256][T28779] netlink: 'syz.4.10852': attribute type 2 has an invalid length. [ 831.911750][T28779] netlink: 'syz.4.10852': attribute type 1 has an invalid length. [ 831.999923][ T26] audit: type=1326 audit(831.736:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f44dc19e647 code=0x7ffc0000 [ 832.068421][T28785] xt_hashlimit: overflow, rate too high: 0 [ 832.097380][ T26] audit: type=1326 audit(831.736:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f44dc15d60e code=0x7ffc0000 [ 832.182167][ T26] audit: type=1326 audit(831.736:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f44dc15d60e code=0x7ffc0000 [ 832.245595][ T26] audit: type=1326 audit(831.736:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f44dc15d60e code=0x7ffc0000 [ 832.352954][ T26] audit: type=1326 audit(831.736:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f44dc15d60e code=0x7ffc0000 [ 832.400248][T28797] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 832.434451][ T26] audit: type=1326 audit(831.736:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 832.540197][ T26] audit: type=1326 audit(831.736:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28772 comm="syz.3.10849" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44dc19cdd9 code=0x7ffc0000 [ 832.608436][ T26] audit: type=1400 audit(832.066:524): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F [ 832.886618][T28815] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10870'. [ 833.010973][T28817] lo speed is unknown, defaulting to 1000 [ 833.104524][T28815] netlink: 'syz.3.10870': attribute type 1 has an invalid length. [ 833.127280][T28821] loop4: detected capacity change from 0 to 128 [ 833.185619][T28791] loop1: detected capacity change from 0 to 32768 [ 833.250970][T28791] (syz.1.10858,28791,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 833.308564][T28791] (syz.1.10858,28791,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 833.399096][T28791] JBD2: Ignoring recovery information on journal [ 833.519351][T28791] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 833.559487][T28791] [ 833.561896][T28791] ====================================================== [ 833.568980][T28791] WARNING: possible circular locking dependency detected [ 833.576038][T28791] syzkaller #0 Not tainted [ 833.580483][T28791] ------------------------------------------------------ [ 833.587529][T28791] syz.1.10858/28791 is trying to acquire lock: [ 833.593704][T28791] ffff88804d45d108 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_xattr_set+0xba0/0x13e0 [ 833.605934][T28791] [ 833.605934][T28791] but task is already holding lock: [ 833.613319][T28791] ffff88804d584e38 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x472/0x13e0 [ 833.622846][T28791] [ 833.622846][T28791] which lock already depends on the new lock. [ 833.622846][T28791] [ 833.633255][T28791] [ 833.633255][T28791] the existing dependency chain (in reverse order) is: [ 833.642274][T28791] [ 833.642274][T28791] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 833.650103][T28791] down_read+0x42/0x2d0 [ 833.654815][T28791] ocfs2_init_acl+0x307/0x770 [ 833.660038][T28791] ocfs2_mknod+0x15e8/0x25b0 [ 833.665187][T28791] ocfs2_create+0x1b6/0x4b0 [ 833.670237][T28791] path_openat+0x1181/0x2ee0 [ 833.675369][T28791] do_filp_open+0x1f1/0x430 [ 833.680418][T28791] do_sys_openat2+0x150/0x4b0 [ 833.685655][T28791] __x64_sys_openat+0x135/0x160 [ 833.691062][T28791] do_syscall_64+0x4c/0xa0 [ 833.696020][T28791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 833.702459][T28791] [ 833.702459][T28791] -> #1 (jbd2_handle){++++}-{0:0}: [ 833.709773][T28791] jbd2_journal_lock_updates+0xa8/0x390 [ 833.715873][T28791] __ocfs2_flush_truncate_log+0x2cf/0x1220 [ 833.722250][T28791] ocfs2_flush_truncate_log+0x4b/0x60 [ 833.728177][T28791] ocfs2_sync_fs+0x119/0x330 [ 833.733307][T28791] sync_filesystem+0x1be/0x220 [ 833.738631][T28791] ocfs2_remount+0x115/0xb70 [ 833.743767][T28791] reconfigure_super+0x219/0x8a0 [ 833.749252][T28791] path_mount+0xe13/0x1020 [ 833.754214][T28791] __se_sys_mount+0x2e3/0x3d0 [ 833.759443][T28791] do_syscall_64+0x4c/0xa0 [ 833.764406][T28791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 833.770848][T28791] [ 833.770848][T28791] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 833.781379][T28791] __lock_acquire+0x2d07/0x7d10 [ 833.786772][T28791] lock_acquire+0x1bb/0x4a0 [ 833.791899][T28791] down_write+0x36/0x60 [ 833.796634][T28791] ocfs2_xattr_set+0xba0/0x13e0 [ 833.802028][T28791] __vfs_setxattr+0x3e0/0x420 [ 833.807266][T28791] __vfs_setxattr_noperm+0x129/0x5e0 [ 833.813094][T28791] vfs_setxattr+0x167/0x2e0 [ 833.818152][T28791] setxattr+0x346/0x360 [ 833.822859][T28791] path_setxattr+0x147/0x290 [ 833.828005][T28791] __x64_sys_setxattr+0xb7/0xd0 [ 833.833405][T28791] do_syscall_64+0x4c/0xa0 [ 833.838372][T28791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 833.844812][T28791] [ 833.844812][T28791] other info that might help us debug this: [ 833.844812][T28791] [ 833.855057][T28791] Chain exists of: [ 833.855057][T28791] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> jbd2_handle --> &oi->ip_xattr_sem [ 833.855057][T28791] [ 833.870844][T28791] Possible unsafe locking scenario: [ 833.870844][T28791] [ 833.878327][T28791] CPU0 CPU1 [ 833.883704][T28791] ---- ---- [ 833.889084][T28791] lock(&oi->ip_xattr_sem); [ 833.893712][T28791] lock(jbd2_handle); [ 833.900320][T28791] lock(&oi->ip_xattr_sem); [ 833.907445][T28791] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 833.914753][T28791] [ 833.914753][T28791] *** DEADLOCK *** [ 833.914753][T28791] [ 833.922920][T28791] 3 locks held by syz.1.10858/28791: [ 833.928232][T28791] #0: ffff8880594ae460 (sb_writers#15){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 833.937512][T28791] #1: ffff88804d585108 (&type->i_mutex_dir_key#20){++++}-{3:3}, at: vfs_setxattr+0x140/0x2e0 [ 833.947819][T28791] #2: ffff88804d584e38 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x472/0x13e0 [ 833.957764][T28791] [ 833.957764][T28791] stack backtrace: [ 833.963744][T28791] CPU: 0 PID: 28791 Comm: syz.1.10858 Not tainted syzkaller #0 [ 833.971299][T28791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 833.981365][T28791] Call Trace: [ 833.984662][T28791] [ 833.987649][T28791] dump_stack_lvl+0x188/0x24e [ 833.992360][T28791] ? load_image+0x400/0x400 [ 833.996883][T28791] ? show_regs_print_info+0x12/0x12 [ 834.002105][T28791] ? print_circular_bug+0x12b/0x1a0 [ 834.007331][T28791] check_noncircular+0x296/0x330 [ 834.012298][T28791] ? look_up_lock_class+0x75/0x140 [ 834.017437][T28791] ? add_chain_block+0x940/0x940 [ 834.022401][T28791] ? lockdep_lock+0x15c/0x1f0 [ 834.027096][T28791] ? lockdep_unlock+0x142/0x2e0 [ 834.031976][T28791] ? _find_first_zero_bit+0xcf/0x100 [ 834.037277][T28791] __lock_acquire+0x2d07/0x7d10 [ 834.042169][T28791] ? verify_lock_unused+0x140/0x140 [ 834.047391][T28791] ? ocfs2_downconvert_lock+0x530/0x530 [ 834.052964][T28791] ? verify_lock_unused+0x140/0x140 [ 834.058181][T28791] ? ocfs2_inode_lock_tracker+0x433/0x700 [ 834.063951][T28791] ? do_raw_spin_lock+0x128/0x2f0 [ 834.069010][T28791] lock_acquire+0x1bb/0x4a0 [ 834.073549][T28791] ? ocfs2_xattr_set+0xba0/0x13e0 [ 834.078587][T28791] ? _raw_spin_unlock+0x24/0x40 [ 834.083457][T28791] ? ocfs2_xattr_block_find+0x157/0x4d0 [ 834.089050][T28791] ? __might_sleep+0xd0/0xd0 [ 834.093674][T28791] ? read_lock_is_recursive+0x10/0x10 [ 834.099076][T28791] ? rwsem_write_trylock+0x135/0x1c0 [ 834.104412][T28791] ? ocfs2_xattr_ibody_find+0x7c0/0x7c0 [ 834.109984][T28791] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 834.115466][T28791] down_write+0x36/0x60 [ 834.119664][T28791] ? ocfs2_xattr_set+0xba0/0x13e0 [ 834.124711][T28791] ocfs2_xattr_set+0xba0/0x13e0 [ 834.129601][T28791] ? __ocfs2_xattr_set_handle+0xf30/0xf30 [ 834.135360][T28791] ? aa_get_newest_label+0xf9/0x5b0 [ 834.140581][T28791] ? end_current_label_crit_section+0x170/0x170 [ 834.146840][T28791] ? __up_read+0x2b2/0x6b0 [ 834.151322][T28791] ? evm_protected_xattr_common+0x170/0x190 [ 834.157241][T28791] ? evm_protect_xattr+0x7e9/0x9d0 [ 834.162368][T28791] ? ocfs2_xattr_security_get+0x40/0x40 [ 834.167934][T28791] __vfs_setxattr+0x3e0/0x420 [ 834.172643][T28791] __vfs_setxattr_noperm+0x129/0x5e0 [ 834.177957][T28791] vfs_setxattr+0x167/0x2e0 [ 834.182491][T28791] ? xattr_permission+0x500/0x500 [ 834.187530][T28791] ? _copy_from_user+0x10b/0x170 [ 834.192484][T28791] ? setxattr+0x2ce/0x360 [ 834.196841][T28791] setxattr+0x346/0x360 [ 834.201016][T28791] ? path_setxattr+0x290/0x290 [ 834.205815][T28791] ? __mnt_want_write+0x21f/0x2a0 [ 834.210916][T28791] path_setxattr+0x147/0x290 [ 834.215531][T28791] ? simple_xattr_list_add+0xf0/0xf0 [ 834.220850][T28791] ? lock_chain_count+0x20/0x20 [ 834.225734][T28791] __x64_sys_setxattr+0xb7/0xd0 [ 834.230617][T28791] do_syscall_64+0x4c/0xa0 [ 834.235092][T28791] ? clear_bhb_loop+0x60/0xb0 [ 834.239798][T28791] ? clear_bhb_loop+0x60/0xb0 [ 834.244504][T28791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 834.250437][T28791] RIP: 0033:0x7f2df259cdd9 [ 834.254865][T28791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 834.274485][T28791] RSP: 002b:00007f2df34e2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 834.282912][T28791] RAX: ffffffffffffffda RBX: 00007f2df2815fa0 RCX: 00007f2df259cdd9 [ 834.290902][T28791] RDX: 00002000000001c0 RSI: 0000200000000180 RDI: 00002000000000c0 [ 834.298917][T28791] RBP: 00007f2df2632d69 R08: 0000000000000000 R09: 0000000000000000 [ 834.306906][T28791] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000000 [ 834.314898][T28791] R13: 00007f2df2816038 R14: 00007f2df2815fa0 R15: 00007fff5bc626a8 [ 834.322887][T28791] [ 834.486757][ T4270] ocfs2: Unmounting device (7,1) on (node local) [ 834.607587][T28827] loop3: detected capacity change from 0 to 32768 [ 834.622919][T28827] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.10875 (28827) [ 834.645660][T28827] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 834.658618][T28827] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 834.668829][T28827] BTRFS info (device loop3): enabling auto defrag [ 834.677283][T28827] BTRFS info (device loop3): force clearing of disk cache [ 834.684923][T28827] BTRFS info (device loop3): ignoring data csums [ 834.691380][T28827] BTRFS info (device loop3): turning on async discard [ 834.699228][T28827] BTRFS info (device loop3): setting nodatacow, compression disabled [ 834.707590][T28827] BTRFS info (device loop3): turning off async discard [ 834.716288][T28827] BTRFS info (device loop3): disabling free space tree [ 834.854989][ T4281] BTRFS info (device loop3: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6