last executing test programs: 4m36.96862966s ago: executing program 0 (id=5035): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) 4m36.757447387s ago: executing program 0 (id=5038): set_mempolicy(0x3, &(0x7f0000000240)=0x1020fff, 0x6) r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000780)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e44751170", 0x30}], 0x1) 4m36.510104315s ago: executing program 0 (id=5040): unshare(0x22020600) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0) ppoll(&(0x7f0000008040)=[{r0, 0x90}], 0x1, &(0x7f0000008080)={0x0, 0x989680}, 0x0, 0x0) 4m36.151839196s ago: executing program 0 (id=5044): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000000)={[{@bsdgroups}, {@init_itable}, {@norecovery}]}, 0x3, 0x470, &(0x7f0000000280)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1a42028, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 4m35.599780453s ago: executing program 0 (id=5050): socket$kcm(0xa, 0x1, 0x106) r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000000000029000000", @ANYRES16=r0], 0x18}, 0x0) 4m34.79682729s ago: executing program 0 (id=5057): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000230000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 4m34.422419022s ago: executing program 32 (id=5057): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000230000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m48.154782632s ago: executing program 1 (id=6438): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @dev={0xac, 0x14, 0x14, 0x2a}, @local}, 0xc) close(r0) 1m47.984330487s ago: executing program 1 (id=6440): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceeca11a757cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5cf8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12a0000800100000000b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe39b131cab48d99bd1b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYRES16=0x0, @ANYRES16], 0x1, 0x6246, &(0x7f0000000280)="$eJzs3c2OHFfZB/Cn+ms+/MaxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhceaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoPOeMa5pu99jOdPXM+f2kcdVTp2r6lP5d092uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvuDM1VEXPp5WnAs4v+iH9GLWGnqtYhYWTuW1x9ExAvxoDmej4jhUkSVG5+NeCMiPj4ace/+rfVm0dk99uM7f/zbb3945Pt//f3w1L//dKP/5rT1bt781b/+fPvJ9xcAAABKVNd1XaWP+cfT5/te150CAOYiv/7XSV6uXrh6c8H6o1arD3w9XLD+qOdRt9WT3W4XEbHZ3qZ5z+B0PAAcMJvxSdddoEPyL9ogIo503QlgoVVdd4B9ce/+rfUq5Vu1Xw/WttvztSC78t+sdu7vmDadZfwak3k9v7aiH89N6c/KnPqwSHL+vfH8L223j9J6+53/vEzLf7R961Nxcv798fzHHJ78exPzL1XOf/BY+fflDwAAAAAACyz///+xjs//Lj39ruzJo87/rs2pDwAAAAAAAADwWXva8f92VMb/AwAAgEXVfFZv/Prow2XTvoutWX6xinhmbH2gMOlmmdWu+wEAAAAAAAAAAAAAJRlsX8N7sYoYRsQzq6t1XTc/beP143ra7Q+60vcfStb1H3kAANj28dGxe/mriOWIuJi+62+4urpa18srq/VqvbKU38+Olpbrldbn2jxtli2N9vCGeDCqm1+23Nqubdbn5Vnt47+veaxR3d9Dx+ajw8ABICK2X43ueUU6ZOr62ej6XQ4Hg+P/8HH8sxddP08BAACA/VfXdV2lr/M+ns7597ruFAAwF/n1f/y8gFqtVqvV6sNXt9WT3W4XEbHZ3qZ5z2A4fgA4YDbjk667QIfkX7RBRLzQdSeAhVZ13QH2xb37t9arlG/Vfj1I47vna0F25b9ZPdgubz9pOsv4NSbzen5tRT+em9Kf5+fUh0WS8++N539pu32U1tvv/OdlWv7Nfh7roD9dy/n3x/Mfc3jy703Mv1Q5/8Fj5d+XPwAAAAAALLD8///HFur87+hJd2emR53/Xdu3RwUAAAAAAACA/XXv/q31fN9rPv//uQnruf/zcMr5V/IvUs4/3f+/c+HNK2Pr9Vvzd995mP8/799a/92Nf/x/nu41/6U8U6VnVpWeEVV6pGqQpk+4Y1NsDfuj5pGGVa8/SNf81MP34kpcjY04vWvdXjoeHraf2dXe9HT4oL3ub7ef3dU+2GnP25/b1T5MVzrVK7n9ZKzHT+JqvPugvWlbmrH/yzPa6xntOf++479IOf9B66fJfzW1V2PTxt07vf857tvTSY/z9pXP//L0/u/OTFtxZ+LyZv9emntvYvsvzpFR/Oz6xrWTNy/fuHHtTKTJrqVnI00+Yzn/YfrJ+b/y8nZ7/rvfPl7v3hk9dv6LYisGO8/ttib/l1vzzf6+Oue+dSHnP0o/Of93U/vk4/8g59+fmv9rHfQHAAAAAAAAAAAAAAAAHqWu6we3iL4dEefT/T9d3ZsJAMxXfv2vk7x8XnX/Sbf/w+796Kr/avWc62rB+jPX+tN6sfqjXsj6PwvWn4Wr2+rJ3moXEfGX9jbNe4ZfTPplAMAi+zQi/t51J+iM/AuWv++vmZ7oujPAXF3/8KMfXb56dePa9a57AgAAAAAAAAA8qTz+51pr/OcTdV3fHltv1/iv78Ta047/OcgzOwOMThmouv/4+/QoW71Rv9cabvzFmDb+93Bn7lHjfw9mPN5wRvtoRvvSjPblGe0Tb/Royfm/2Brv/EREHB8bfr2E8V/Hx7wvQc7/pdbzucn/S2PrtfOvf3OQ8+/tyv/UjQ9+eur6hx+9fuWDy+9vvL/x43Nnzpw+d/78hQsXTr135erG6e1/O+zx/sr557GvXQdalpx/zlz+Zcn5fyHV8i9Lzv+LqZZ/WXL++f2e/MuS88+ffeRflpz/q6mWf1ly/l9OtfzLkvN/LdXyL0vO/yupln9Zcv6vp1r+Zcn5n0y1/MuS8z+V6j3mv7Lf/WI+cv75DJfjvyw5/3xlg/zLkvM/m2r5lyXnfy7V8i9Lzv+NVMu/LDn/r6Za/mXJ+Z9PtfzLkvP/WqrlX5ac/4VUy78sOf+vp1r+Zcn5fyPV8i9Lzv/NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/m+lWv5lefj9/2lmOcaXmDFjpriZrv8yAQAAAAAAAAAAAADj5nE5cdf7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27i1Grru+A/iZvXnjQGIgpE5qwsYxwTib7PoSX2hdTLg23EpCKPSC7XrXZsE3vHYJNKodBUokjIoq2oaHtoBQm5cKq+KBVoDygFpVqkTaB/qCqFB5iKqAAlJVWgFbzZz//78zs7Mzu97x+sw5n48U/7wzZ+acOXNmdr/efOcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADN7nzD7KdqWZbVarX8gk1Z9qL6vGFiU+OS117f7QMAAADW7ueNP1+4OV1waAU3alrmn+749lcXFhYWsvcN/+no5xYW0hUTWTa6Icsa10VXvv/+WvMywRPZeG2o6euhHqsf7nH9SI/rR3tcP9bj+g09rh/vcf2SHbDEDVkt3dm2xl835bs0uyUbbVy3rcOtnqhtGKrvu3TbrNa4zcLo8WwuO5nNZtMty+fL1hrLf/3O+rremsV1DTWta0v9CPnxY8fiNtTCPt7Wsq7F+4x++Pps4ic/fuzYX59//rZOs+duaLm/fDu3b61v5yfCJfm21rINaZ/E7Rxq2s4tHZ6T4ZbtrDVuV/97+3a+sMLtHF7czHXV/pyPZ0ONvz/b2E8jtazDftoSLvvpXVmWXVrc7PZllqwrG8o2tlwytPj8jOdHZP0+6ofSS7ORVR2nd67gOK3PmW2tx2n7ayI+/3eG240ssw3NT9MPHx9ret5/tnA1x2lUf9TLvVbaj8F+v1aKcgzG4+LZxoN+suMxuC08/sfuXv4Y7HjsdDgG0+NuOga39joGh8aGG9ucnoRa4zaLx+DOluWHG2uqNeZzd3c/BqfOnzo7Nf+xj987d+roidkTs6d379w5vXvv3v37908dnzs5O53/eZV7u/g2ZkPpNbA17Lv4Gnh127LNh+rCF8eWvP9e7etwvMvrcFPbsv1+HY60P7ja+rwglx7T+WvjPfWdPn55KFvmNdZ4fnas/XWYHnfT63Ck6XXY8XtKh9fhyApeh/Vlzu5Y2c8sI03/ddqG5b8XrO0Y3NR0DLb/PNJ+DPb755GiHIPj4bj47o7lvxdsCdv75ORqfx4ZXnIMpocb3nvql6Sf98f3N0an4/L2+hU3jmUX5mfP3ffo0fPnz+3MwlgXL2s6VtqP141NjylbcrwOrfp4PTR3x5O3d7h8U9hX4/fW/xhf9rmqL7Pnvu7PVeO7W+f92XLpriyMPlvv/dnpu3l9f45l2ee/9fhD33js829Ydn/W8+Ynptb+s3jKpU3vv6PLvP/G3P+LfH3prp4YHh3JX7/Dae+Mtrwftz5VI433rlpj3S9Mrez9eDT8t97vx7d0eT/e3LZsv9+PR9sfXHw/rvX61461aX8+x8NxcnK6+/txfZnNu1Z7TI50fT++K8xa2P+vCUkh5aKmY2e54zata2RkNDyukbiG1uN0d8vyoyGb1df19K6rO06335Xf13B6dIvW6zidaFu238dp+rev5Y7TWq9/fbs67c/neDgubtnd/TitL/PMnrW/d94Q/9r03jnW6xgcHR6rb/NoOggb7/fZwg3xGLwvO5adyU5mM41rxxrHU62xrsn7V3YMjoX/1vu9cnOXY3B727L9PgbT97Hljr3ayNIH3wftz+d4OC6eur/7MVhf5o37+vuz6/ZwSVqm6WfX9n9fW+7fvG5v203X6lgZCdv5rX3d/222vszJ/avNmd330z3hkhs77Kf21+9yr6mZbH320+awnc/vX34/1benvsznDqzweDqUZdnFjzzw7Nb6U5//fuXvLnznqy2/d+n0O52LH3ngRy8+/o+r2X4ABt8v8rEx/17X9Juplfz+HwAAABgIMfcPhZnI/wAAAFAaMffH/ys8kf8BAACgNGLuHwkzqUj+3/zG5+d+cTFLzfyFIF6fdsOD+XKx4zodvp5YWFS//IEvz/73P1xc2bqHsiz72YN/0HH5zQ/G7cpNhO288qbWy5f46r0rWveRRy6m9Tb3178Q7j8+npUeBp0quNNZln395s801jPx/suN+cyDRxrzoUtPPlFf5oUD+dfx9s+9LF/+L0L599Dxoy23fy7shx+EOf22zvsj3u4rl1+zZd97F9cXb1fbelPjYT/1gfx+4+fkfPaJfPm4n5fb/m98+umv1Jd/9FWdt//iUOftfzrc75fD/N9X5Ms3Pwf1r+PtPhm2P64v3u6+L32z4/Zf+VS+/Nk358sdCTOuf3v4etubn59r3l+P1o62PK7sLflycf3T3/njxvXx/uL9t2//+OHLLfuj/fh45t/y+5lqWz5eHtcT/X3b+uv303x8xvU//UdHWvZzr/Vfeei5V9Tvt33997Qtd/YjOxrrX7y/1k9s+stPfqbj+uL2HPrbsy2P59C7w+s4rP+pD4TjMVz/f1fy+2v/dIUj7259/4nLf2HTxZbHE731J/n6r7zuRGNuGL9h440vevFNl15Z33dZ9uyG/P56rf/EX51p2f4v3prvj3h97Oi3r385cf3nPjp5+sz8hbmZtFcfu7nx2Tlvz7cnbu/N4b21/evDZ85/cPbcxPTEdJZNlPcj9K7al8L8UT4udV96Yck76I5HwvN5+59/fePd//rpePm/vye//PLb8u9brw7LfTZcvik8f6tb/1JP3Xlr4/VdeyZs4cLSzwteiy3b/mv/ihYMj7/954J4vJ99+Qcb+6F+XeP7Rnxdr3H7vzeT38/Xwn5dCJ/MvPXWxfU1Lx8/G+Hyw/nrfc37L7zNxef1b8Lz/Y4f5Pcftys+3u+Fn2O+ubn1/S4eH1+7ONR+/41P8bgU3k+yS/n1cam4vy+/cGvHzYufQ5Jduq3x9Z+k+7ltVQ9zOfMfm586OXf6wqNT52fnz0/Nf+zjh0+duXD6/OHGZ3ke/lCv2y++P21svD/NzO7dkzXerc7k4xq73tt/9pFjM/um756ZPX70wvHzj5ydPXfi2Pz8sdmZ+buPHj8++9Fet5+bObhz14Hd+3ZNnpibObj/wIHdBybnTp+pb0a+UT3snf7w5Olzhxs3mT+458DO++/fMz156szM7MF909OTF3rdvvG9abJ+69+fPDd78uj5uVOzk/NzH589uPPA3r27en4a4Kmzx+cnps5dOD11YX723FT+WCbONy6uf+/rdXvKaf4/8p9n29XyD+LL3nXP3vT5rHVffnzZu8oXafsA0efDZ9H880vO7l/J1zH3j4aZVCT/AwAAQBXE3D8WZiL/AwAAQGnE3L8hzET+BwAAgNKIuX88zKQi+b90/f/NF1e0fv3/vvT/Fy7q/+v/D2L//+Gi9f/z9wv9//5Ya/9e/z/Q/9f/1//X/9f/pw+K1v+Puf+GLKtk/gcAAIAqiLl/Y5iJ/A8AAAClEXP/jWEm8j8AAACURsz9LwozqUj+1//X/3f+f/1//f/O69f/H0z6/93p//eg/z+VVav/f6mf26//r//PUkXr/8fc/+Iwk4rkfwAAAKiCmPtvCjOR/wEAAKA0Yu6/OcxE/gcAAIDSiLl/U5hJRfK//r/+v/6//r/+f+f16/8PJv3/7vT/e9D/d/5//X/9f/qqaP3/mPtfEmZSkfwPAAAAVRBz/0vDTOR/AAAAKJ6Rq7tZzP0vCzNZkv+vcgUAAADAdRdz/y1ZWxG8Ir//1//X/y9+/39Duk7/X/8/K2T/fzjT/y8O/f/u9P970P/X/9f/1/+nr4rW/2/k/mw8e3mYSUXyPwAAAFRBzP23hpnI/wAAAFAaMff/UpiJ/A8AAAClEXP/5jCTiuR//X/9/+L3/53/X/+/6P1/5/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf+2MJOK5H8AAACogpj7bw8zkf8BAACgNGLu/+UwE/kfAAAASiPm/i1hJhXJ//r/Be//x+ao/r/+v/6//r/+/4ro/3en/9+D/r/+v/6//j99VbT+f8z9rwgzqUj+BwAAgCqIuf+OMBP5HwAAAEoj5v5XhpnI/wAAAFAaMfdPhJlUJP/r/xe8/5/34Mec/1//X/9f/1//f2X0/7vT/+9B/1//vy/9/4WLHfr/G3rdXv+fMipa/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/87/r/9PXxWt/x9z/6vCTCqS/wEAAKAKYu6/O8xE/gcAAIDSiLn/1WEm8j8AAACURsz928NMKpL/9f/1//X/9f/1/zuvX/9/MK21f1//UUD/X/9f/1//X/9f/5/+KFr/P+b+14SZVCT/AwAAQBXE3L8jzET+BwAAgNKIuf+eMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zuvX/x9Mzv/fnf5/D/r/+v/6//r/9FXR+v8x998bZlKR/A8AAABVEHP/fWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6//r/+v+r6v+/cvF+9f9z+v/Fov/fnf5/DyXp/4+u6kEvut79+bW63tvfn/7/qP4/pVK0/n/M/TvDTCqS/wEAAKAKYu7fFWYi/wMAAEBpxNy/O8xE/gcAAIDSiLl/T5hJRfK//r/+v/6//r/z/3dev/7/YNL/767//f/4EPX/i9T/v1rXuz8/6Nvv/P/6/yxVtP5/zP33h5lUJP8DAABAFcTcvzfMRP4HAACA0oi5f1+YifwPAAAApRFz//4wk4rkf/1//f/r2f/Pskv6//r/+v/6/32l/9+d8//3oP+v/6//r//PGj38h81fFa3/H3P/gTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1/5//X/9f/b9D/H0z6/93p//eg/6//r/+v/09fLdv/D9F7vfv/MfcfDDOpSP4HAACAKoi5/9fCTOR/AAAAKI2Y+18XZiL/AwAAQGnE3H8ozKQi+V//f/DO/x/rM/r/+v/6/+Xq/4/F+9X/X5M19O8bT63+f6D/r/+v/6//r/9PHxTt/P8x978+zKQi+R8AAACqIOb+B8JM5H8AAAAojZj73xBmIv8DAABAacTc/8Ywk4rkf/3/wev/O/+//r/+f65s/X/n/+8P5//vTv+/B/1//X/9f/1/+qpo/f+Y+98UZlKR/A8AAABVEHP/m8NM5H8AAAAojZj73xJmIv8DAABAacTc/9Ywk4rk/3Xv/zcVhfX/9f/1//X/9f/1//tt7f3/n4U9rf+v/6//r/+v/6//z1oVrf8fc/+vh5lUJP8DAABAFcTc/2CYifwPAAAApRFz/9vCTOR/AAAAKI2Y+98eZlKR/O/8//r/+v/6//r/ndev/z+YnP+/uwHr///8pnC5/n9O/7/Y27/a/v9I29fXpP///eX6/wsb2m+v/8+1ULT+f8z97wgzqUj+BwAAgCqIuf+dYSbyPwAAAJRGzP3vCjOR/wEAAKA0Yu7/jTCTiuR//f/6diy2l/X/y9r/H9L/1//X/68I/f/uBqz/Pwjn/x/W/1+k/+/8//r/tCta/z/m/neHmVQk/wMAAEAVxNz/UJiJ/A8AAAClEXP/w2Em8j8AAACURsz97wkzqUj+1/93/v9q9P+d/z/T/9f/rwj9/+70/3tw/n/9/6L1//9T/5/BVrT+f8z9j4SZVCT/AwAAQBXE3P/eMBP5HwAAAEoj5v7fDDOR/wEAAKA0Yu5/X5hJRfK//v+g9P8nBrT//7j+/zXs/99xU76c/r/+P4v0/7vT/+9B/1//v2j9f+f/Z8AVrf8fc//7w0xWnv/HV7wkAAAAcF3E3P9bYSYV+f0/AAAAVEHM/b8dZiL/AwAAQGnE3P87YSYVyf/6/4PS/3f+/0z/3/n/2x6P/r/+fyfr1/+P7zz6//r/+v+R/r/+v/4/7YrW/4+5/3fDTCqS/wEAAKAKYu7/QJiJ/A8AAAADodP/k90u5v7DYSbyPwAAAJRGzP1Hwkwqkv/1//X/9f8L2v//s63/8t1vv/PITv1//X/9/1VZ1/P/11/8zv+v/6//n+j/6//r/9OuaP3/mPuPhplUJP8DAABAFcTc/3thJvI/AAAAlEbM/cfCTOR/AAAAKI2Y+2fCTCqS//X/9f/1/wva/x/g8//H/aH/36pv/f/4pqv/31Hev09H0bXt/793sSeu/7/a/v9Yx0v1//X/B3n79f/1/1mqaP3/mPtnw0wqkv8BAACgCkLuHzqez8Ur5H8AAAAojZj7T4SZyP8AAABQGjH3fzDMpCL5X/9f/1//X//f+f87r79b/7824vz/RZX69z9tvFD0/9sUp//fmf6//v8gb7/+v/4/SxWt/x9z/1yYSUXyPwAAAFRBzP0fCjOR/wEAAKA0Yu7/cJiJ/A8AAAClEXP/yTCTiuR//X/9f/1//X/9/87rL+z5//X/u1pr/17/P9D/r3b//3/0//X/9f/pj6L1/2PuPxVm8v/s3UeTZfV5x/Hb9uDpKbzwzgtvXOWlXwILe22/AC+88cZVLi9wwDbODMY5YCEJZQmBckABBAIkgXIAJSSUQRLKOaCERqJGRffzPNPh9LndM7dvn/P/fz6LeUx7mntFTc3wm54vp5P9DwAAAD3I3X9l3GL/AwAAQDNy9/9Z3GL/AwAAQDNy9/953NLJ/tf/X0r/f6FS1v/vfv+T6P9/R/9/0Ovr//X/LdP/j9P/L6H/9/x//b/+n5WaWv+fu/8v4pZO9j8AAAD0IHf/X8Yt9j8AAAA0I3f/VXGL/Q8AAADNyN3/V3FLJ/t/T/+/seiz/8+M1/P/W+r/Pf//wNfX/+v/W7be/v/aJ3/m0//r//X/Qf9/qP7/9EGfr/+nRVPr/3P3/3Xc0sn+BwAAgB7k7v+buMX+BwAAgGbk7r86brH/AQAAoBm5+/82bulk/6/u+f9ntj4+0/6/6P/1/1sf0P/r//X/s+X5/+N66v+veujyKx+78zfuOsrr6//1/57/f7T+f+d/zED/z5Cp9f+5+/8ubulk/wMAAEAPcvf/fdxi/wMAAEAzcvf/Q9xi/wMAAEAzcvf/Y9zSyf5fXf8/6+f/F/2//n/rA/p//b/+f7b0/+N66v8v5vX1//p//b/n/7NaU+v/c/f/U9zSyf4HAACAHuTu/+e4xf4HAACAZuTuvyZusf8BAACgGbn7z8Ytnex//f/x9/9P6P/1/3H1//p//f/x0/+P0/8vof/X/+v/9f+s1NT6/9z918Ytnex/AAAA6EHu/n+JW+x/AAAAaEbu/uviFvsfAAAAmpG7/1/jlk72v/7f8//1//p//f/w6+v/50n/P07/v4T+/1L7+cv0//p//T87HbH/Pzfy0/ZK+v/c/f8Wt3Sy/wEAAKAHufv/PW6x/wEAAKAZufv/I26x/wEAAKAZufv/M27pZP/r//X/+n/9/0X3//t/6G3R/w/T/6+H/n/cZPr/jVODH9b/z77/9/x//b/+n12m9vz/3P3/Fbd0sv8BAACgB7n7/ztuGdn/R/7NfAAAAOBE5e7/n7jF1/8BAABg9rI6y93/v3FLJ/tf/6//1//r/z3/f/j1x/r/u3a8P/3/tOj/x02m/z+A/l//P+f3r//X/7Pf1Pr/3P3/F7d0sv8BAACgB7n7r49b7H8AAABoRu7+/49b7H8AAABoRu7+p8Qtnez/4f7/wv9f/384+v/d71//P/zjY1X9f/4d9f+j/f/vev5/n/T/49bf/5/W/+/+++v/j9FJv//G+/8zyz5f/8+QqfX/uftviFs62f8AAADQg9z9T41b7H8AAABoRu7+p8Ut9j8AAAA0I3f/0+OWTva/5//r//X/8+v/Pf9/20k+/3+x9v7/lP7/kPT/4zz/fwn9v/5f/+/5/6zU1Pr/3P03xi2d7H8AAADowY2PL7Z2/zMWC/sfAAAA5mjnnx3Y+wdKQ+7+Z8Yt9j8AAAA0I3f/s+KWTva//l//r//X/+v/h19/Wv2/5/8flv5/3Fz6/zP6/8G3N9P+/1Rj/f9NB33+FPr/a/T/TMyu/v/eCx8/qf4/d/+z45ZO9j8AAAD0IHf/c+IW+x8AAACakbv/uXGL/Q8AAADNyN3/vLilk/1/7P3/mYNfW/+v/9f/6//1//r/VdP/j5tL/+/5/031/57/7/n/+v+OXej/d/98eFL9f+7+58ctnex/AAAA6EHu/hfELfY/AAAANCN3/01xi/0PAAAAzcjd/8K4pZP97/n/+n/9v/5f/z/8+vr/edL/j9P/L6H/1//r//X/rNSu5//vcFL9f+7+m+OWTvY/AAAA9CB3/y1xi/0PAAAAzcjd/6K4xf4HAACAZuTuf3Hc0sn+1/8fb/+fH9f/6/8X+n/9v/5/Lbrt/zeGfiXa74D+/4E/Ofv7uz+i/9f/6//1//p/VmAS/f/5C/92mbv/JXFLJ/sfAAAAepC7/6Vxi/0PAAAAzcjd/7K4xf4HAACAZuTuf3nccsT9/2srfVfro//3/H/9v/5f/z/8+vr/eeq2/z8kz/9fQv+v/9f/6/9ZqUn0/zv+Onf/K+IWX/8HAACAZuTuf2XcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/6f/2//l//P/z6R+//t38kbi6G6f/XQ/8/Tv+/hP5f/6//1/+zUlPr/3P33xq3dLL/AQAAoAe5+18Tt9j/AAAA0Izc/a+NW+x/AAAAaEbu/tfFLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//On9f/6f/2//p+LNLX+P3f/6+OWTvY/AAAA9CB3/21xi/0PAAAAzcjdf3vcYv8DAABAM3L3vyFu6WT/6//1//p//b/+f/j19f/zpP8fp/9fwvP/9f/6f/0/KzW1/j93/x1xSyf7HwAAAHqQu//OuMX+BwAAgGbk7n9j3GL/AwAAQDNy998Vt3Sy//X/+n/9v/7/WPr/s/r/vfT/63F8/f9C/6//1/8vof/X/+v/2Wtd/f+5+Pl+Wf+fu//uuKWT/Q8AAAA9yN1/T9xi/wMAAEAzcve/KW6x/wEAAKAZufvfHLd0sv/1//p//b/+3/P/h19f/z9Pnv8/Tv+/hP5f/6//1/+zUuvq/w/q/ff+de7+t8Qtnex/AAAA6EHu/nvjFvsfAAAAmpG7/764xf4HAACAZuTuf2vc0sn+1//r/3f3/4uF/l//r//ftob+f3Oh/185/f84/f8S+v82+/9fWjTU/5858PP1/0zR1Pr/3P1vi1s62f8AAADQg9z9b49b7H8AAABoRu7+d8Qt9j8AAAA0I3f/O+OWlvb/Ewenb/Pv/0/v+UT9/2KxePhqz//X/4+8vv5/Mv1//VPV/6+O/n+c/n8J/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7//3fqL+f3FJz//X/299QP+v/9f/z9al9vc3b8avafp//b/+f7Cf3zjg33sW+n/9v/6fAVPr/3P3vy9u6WT/AwAAQA9y998ft9j/AAAA0Izc/Q/ELfY/AAAANCN3//vjlk72v/5f/6//n2f/v6n/1//r/wdN5fn/V1zxew/q//X/Lfb/Y/T/+n/9P3tNrf/P3f+BuKWT/Q8AAAA9yN3/wbjF/gcAAIBm5O7/UNxi/wMAAEAzcvd/OG7pZP/v7/8vW2wXqtuG+v9o1PT/O+j/d79//f/wjw/P/9f/6/+P31T6/2k8/3//r076/yX0//r/dfX/v7n/8/X/tGhq/X/u/gfjlk72PwAAAPQgd/9H4hb7HwAAAJqRu/+jcYv9DwAAAM3I3f9Q3NLJ/vf8f/2//l//r/8ffn39/zzp/8fp/5fQ/196P58/q+r/5/v8/1/W/7M6U+v/c/d/LG7ZGn6/9asX+T8TAAAAmJDc/R+PWzr5+j8AAAD0IHf/J+IW+x8AAACakbv/k3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8S/fT/m0MfPOl+/lKd9Ptvpv/3/H9WaGr9f+7+T8Utnex/AAAAaNvjW9/m7v903GL/AwAAQDNy938mbrH/AQAAoBm5+x+OWzrZ//p//X/7/f8f6f/3vL7+f+39/3V36//XRv+fv6IP0/8v0U//P+ik+/m5v3/9v/6f/abW/+fufyRu6WT/AwAAQA9y9382brH/AQAAoBm5+z8Xt9j/AAAA0Izc/Z+PWzrZ//r/vvr/jUWP/b/n/+v/T7z/36L/X4/59P+3nBr6qOf/6//1//N9//p//T/7Ta3/z93/6MapLvc/AAAAzNUf/PafPnLY7/vo1rebiy/ELfY/AAAANCN3/xfjFvsfAAAAmpG7/0txSyf7X//fV//f5/P/9f/6f/1/T+bT/w/T/+v/9f/zff/6f/0/+02t/8/d/+W4ZcfwG/wP9AAAAAAn51eO9t1z938lbunk6/8AAADQg9z9X41b9u3/84f8U+0AAADA1OTu/1rc0snX//X/E+//F8fU/8f30/9v0//r/4deX/8/T/r/cZfY/5/f0P/r/0fo//X/+n/2mlr/n7v/njsWXe5/AAAAaNSu31H4+ta3m4tvxC32PwAAADQjd/834xb7HwAAAJqRu/9bcUsn+1//P/H+/6Ke/3+m/i/P/++8/79+c/D19f/6/5bp/8d5/v8S+n/9v/5f/89KHaH/3xqkx93/5+7/dtzSyf4HAACAHuTu/07cYv8DAABAM3L3fzdusf8BAACgGbn7vxe3dLL/9f8n0P/fcHqxONb+/xDP/9f/99H/H/D67fT/v3752fv/8I9vv1X/zwXr7P/zx4L+X/+v/9+m/9f/6//Za2rP/8/d//24pZP9DwAAAD3I3f9Y3GL/AwAAQDNy9/8gbnly/993Uu8KAAAAWKXc/T+MWzr5+r/+v8Xn/8+z/89/1ifQ/5+dX/+fTXHv/b/n/+v/9/P8/3H6/yX0//p//b/+n5WaWv+fu/9HcUsn+x8AAAB6kLv/x3FL7v+NI//WPQAAADAxuft/Erf4+j8AAAA0I3f/43FLJ/t/jv3/uT3vcfcn6v8XM+3/k+f/X/g8z//fpv/X/x+F/n+c/n8J/b/+X/+v/2elptb/5+7/adzSyf4HAACAHuTuPxe32P8AAADQjNz9P4tb7H8AAABoRu7+n8ctnez/Ofb/nv+v/9f/6/8X+n/9/wH0/+P0/0vo//X/+n/9Pys1tf4/d/8vAgAA///bQndU") r0 = open(&(0x7f0000000280)='./file1\x00', 0x1cd142, 0x0) sendfile(r0, r0, 0x0, 0x800000020) 1m46.637537611s ago: executing program 1 (id=6449): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, r1, 0x201, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x4) 1m45.73547319s ago: executing program 1 (id=6453): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0) mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0) 1m45.569026475s ago: executing program 1 (id=6455): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/235, 0xeb}], 0x1) shutdown(r0, 0x2) 1m44.994315934s ago: executing program 1 (id=6460): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m44.510645399s ago: executing program 33 (id=6460): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 4.403649409s ago: executing program 3 (id=7320): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)={0x20, r1, 0x1, 0x0, 0x25dfdbfd, {{0x8}, {@void, @val={0xc, 0x99, {0x1, 0x1}}}}}, 0x20}}, 0x0) 4.117759778s ago: executing program 5 (id=7322): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo\x00') writev(r0, 0x0, 0x0) 3.993071482s ago: executing program 5 (id=7323): capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBTYPE(r0, 0x4b48, 0x0) 3.75301103s ago: executing program 5 (id=7324): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f00003ad000/0x400000)=nil, 0x400000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) 3.340761054s ago: executing program 3 (id=7325): r0 = fsopen(&(0x7f0000000400)='nfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='source', &(0x7f0000000680)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6h\xd1\x1d\xac\xaa\xfb\xc7Y\xcd\xc5n\xeb\xab\xf70\x99\xef\x8b numinos [ 691.749929][T28906] [ 691.765644][ T12] [ 691.765644][ T12] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 691.765644][ T12] [ 691.790007][ T12] [ 691.790007][ T12] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 691.790007][ T12] [ 691.803115][T28907] loop2: detected capacity change from 0 to 32768 [ 691.829754][ T111] [ 691.829754][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 691.829754][ T111] [ 691.840690][T22600] usb 4-1: Using ep0 maxpacket: 16 [ 691.882989][ T5777] [ 691.882989][ T5777] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 691.882989][ T5777] [ 691.919558][T22600] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 691.938941][ T5777] [ 691.938941][ T5777] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 691.938941][ T5777] [ 691.962990][T22600] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 691.982415][T28907] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 692.024931][T22600] usb 4-1: Product: syz [ 692.029191][T22600] usb 4-1: Manufacturer: syz [ 692.098303][T22600] usb 4-1: SerialNumber: syz [ 692.129550][T22600] r8152-cfgselector 4-1: config 0 descriptor?? [ 692.177384][T28907] XFS (loop2): Ending clean mount [ 692.183778][T28941] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6450'. [ 692.193608][T28941] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6450'. [ 692.241032][T28941] netlink: 'syz.4.6450': attribute type 18 has an invalid length. [ 692.261022][T28941] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6450'. [ 692.396897][ T5775] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 692.432637][T22600] r8152-cfgselector 4-1: Needed 1 retries to read version [ 692.454110][T22600] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 692.673192][ T8] usb 4-1: USB disconnect, device number 43 [ 693.143671][T28979] loop2: detected capacity change from 0 to 512 [ 693.167110][T28979] EXT4-fs: Ignoring removed i_version option [ 693.226853][T28979] EXT4-fs (loop2): 1 truncate cleaned up [ 693.245159][T28979] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 693.424204][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.671226][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 693.845318][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 693.993681][T29007] netlink: 'syz.2.6464': attribute type 3 has an invalid length. [ 694.022251][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 694.259825][T29011] loop4: detected capacity change from 0 to 2048 [ 694.295497][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 694.336619][T29011] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 694.961760][T29042] loop2: detected capacity change from 0 to 2048 [ 695.017642][T20359] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 695.033603][T20359] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 695.048531][T20359] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 695.068943][T20359] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 695.082062][T20359] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 695.091261][T20359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 695.151280][T29020] loop3: detected capacity change from 0 to 32768 [ 695.180466][T29042] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 695.257510][T29042] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 695.283276][T29020] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 695.313362][T29020] JBD2: Ignoring recovery information on journal [ 695.367786][T29049] lo speed is unknown, defaulting to 1000 [ 695.462812][T29020] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 695.843487][ T5776] ocfs2: Unmounting device (7,3) on (node local) [ 696.359007][T29048] loop4: detected capacity change from 0 to 40427 [ 696.453018][T29048] F2FS-fs (loop4): invalid crc value [ 696.537509][T29048] F2FS-fs (loop4): Found nat_bits in checkpoint [ 696.615962][T29110] tipc: Started in network mode [ 696.622425][T29110] tipc: Node identity fe800000000000000000000000000014, cluster identity 5 [ 696.653514][T29110] tipc: Enabled bearer , priority 10 [ 696.895217][T29048] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 697.063060][ T1119] kworker/u4:8: attempt to access beyond end of device [ 697.063060][ T1119] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 697.100636][ T1119] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 697.157312][ T5789] Bluetooth: hci0: command tx timeout [ 697.608368][T29049] chnl_net:caif_netlink_parms(): no params data found [ 697.920333][ T8] tipc: Node number set to 4269801492 [ 698.123929][T29214] loop3: detected capacity change from 0 to 512 [ 698.334303][T29214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 698.372712][T29214] ext4 filesystem being mounted at /1627/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 698.617060][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 698.979758][T29049] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.005802][T29049] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.029006][T29049] bridge_slave_0: entered allmulticast mode [ 699.039503][T29049] bridge_slave_0: entered promiscuous mode [ 699.056046][T29049] bridge0: port 2(bridge_slave_1) entered blocking state [ 699.066993][T29049] bridge0: port 2(bridge_slave_1) entered disabled state [ 699.079368][T29049] bridge_slave_1: entered allmulticast mode [ 699.097096][T29049] bridge_slave_1: entered promiscuous mode [ 699.230743][ T5789] Bluetooth: hci0: command tx timeout [ 699.347333][T29232] loop4: detected capacity change from 0 to 32768 [ 699.370691][T29308] loop3: detected capacity change from 0 to 512 [ 699.395683][T29308] EXT4-fs (loop3): Test dummy encryption mode enabled [ 699.428144][T29308] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 699.443748][ T59] hsr_slave_0: left promiscuous mode [ 699.462390][T29232] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 699.472531][ T59] hsr_slave_1: left promiscuous mode [ 699.490676][T29308] EXT4-fs error (device loop3): ext4_orphan_get:1430: comm syz.3.6492: bad orphan inode 131083 [ 699.510163][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 699.519246][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 699.532223][T29308] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 699.555294][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 699.604846][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 699.607191][ T59] bridge_slave_1: left allmulticast mode [ 699.607218][ T59] bridge_slave_1: left promiscuous mode [ 699.607425][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 699.611573][ T59] bridge_slave_0: left allmulticast mode [ 699.611599][ T59] bridge_slave_0: left promiscuous mode [ 699.611796][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.711309][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 699.842280][ T59] bridge0: left promiscuous mode [ 699.848175][ T59] batadv_slave_1: left promiscuous mode [ 699.883452][T29232] XFS (loop4): Ending clean mount [ 699.902873][T29232] XFS (loop4): Quotacheck needed: Please wait. [ 699.949732][ T59] veth1_macvtap: left promiscuous mode [ 699.958398][ T59] veth0_macvtap: left promiscuous mode [ 699.978686][ T59] veth1_vlan: left promiscuous mode [ 700.056961][T29232] XFS (loop4): Quotacheck: Done. [ 700.383222][T21912] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 700.520143][ T59] bond3 (unregistering): Released all slaves [ 700.836522][ T59] bond2 (unregistering): Released all slaves [ 700.853237][ T59] bond1 (unregistering): Released all slaves [ 701.310533][ T5789] Bluetooth: hci0: command tx timeout [ 701.543619][ T59] team0 (unregistering): Port device virt_wifi0 removed [ 702.379641][ T59] team0 (unregistering): Port device team_slave_1 removed [ 702.464110][ T59] team0 (unregistering): Port device team_slave_0 removed [ 702.543279][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 702.627548][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 703.248221][ T59] team0 (unregistering): Port device bond0 removed [ 703.305686][ T59] bond0 (unregistering): Released all slaves [ 703.392672][T20359] Bluetooth: hci0: command tx timeout [ 703.447558][T29049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 703.461248][T29049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 703.624662][T29049] team0: Port device team_slave_0 added [ 703.698650][T29049] team0: Port device team_slave_1 added [ 703.806230][T29049] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 703.819742][T29049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 703.889163][T29049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 703.946013][T29049] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 703.980301][T29049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 704.040752][T29049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 704.040792][T29406] loop4: detected capacity change from 0 to 64 [ 704.324407][T29049] hsr_slave_0: entered promiscuous mode [ 704.383541][T29049] hsr_slave_1: entered promiscuous mode [ 704.450552][T29049] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 704.480459][T29049] Cannot create hsr debugfs directory [ 704.865381][ T59] IPVS: stop unused estimator thread 0... [ 705.156166][T29530] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 705.466286][T29049] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 705.514246][T29049] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 705.574925][T29049] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 705.646485][T29049] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 705.710082][T29570] loop3: detected capacity change from 0 to 64 [ 706.103931][T29049] 8021q: adding VLAN 0 to HW filter on device bond0 [ 706.166193][T29049] 8021q: adding VLAN 0 to HW filter on device team0 [ 706.213546][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state [ 706.220826][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 706.255471][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 706.262712][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 706.381530][T29548] loop2: detected capacity change from 0 to 32768 [ 706.435736][T29548] [ 706.435736][T29548] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 706.435736][T29548] [ 706.514435][T29548] ERROR: (device loop2): diWrite: ixpxd invalid [ 706.514435][T29548] [ 706.540636][ T5784] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 706.573220][T29548] ERROR: (device loop2): txCommit: [ 706.573220][T29548] [ 706.610915][T29605] ERROR: (device loop2): dtSearch: stack overrun! [ 706.610915][T29605] [ 706.681024][T29605] btstack dump: [ 706.691139][T29605] bn = 0, index = 0 [ 706.710412][T29605] bn = 0, index = 0 [ 706.727069][T29605] bn = 0, index = 0 [ 706.741046][T29605] bn = 0, index = 0 [ 706.741847][ T5784] usb 5-1: Using ep0 maxpacket: 32 [ 706.744916][T29605] bn = 0, index = 0 [ 706.761525][T29610] loop3: detected capacity change from 0 to 2048 [ 706.783202][ T5784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 706.812369][T29605] bn = 0, index = 0 [ 706.818944][T29605] bn = 0, index = 0 [ 706.836633][T29605] bn = 0, index = 0 [ 706.851223][ T5784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 706.853088][T29605] jfs_lookup: dtSearch returned -5 [ 706.896439][T29610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 706.910888][ T5784] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 706.920299][T29610] ext4 filesystem being mounted at /1641/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 706.937312][ T5784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 706.955917][ T5784] usb 5-1: config 0 descriptor?? [ 706.968925][ T5784] hub 5-1:0.0: USB hub found [ 707.073165][ T5775] [ 707.073165][ T5775] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 707.073165][ T5775] [ 707.111840][ T5775] [ 707.111840][ T5775] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 707.111840][ T5775] [ 707.155620][T29049] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 707.198392][ T5784] hub 5-1:0.0: 4 ports detected [ 707.207938][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 707.212877][ T5784] hub 5-1:0.0: insufficient power available to use all downstream ports [ 707.405990][ T5784] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 707.436067][ T5784] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 707.492849][ T5784] usbhid 5-1:0.0: can't add hid device: -71 [ 707.499007][ T5784] usbhid: probe of 5-1:0.0 failed with error -71 [ 707.542012][ T5784] usb 5-1: USB disconnect, device number 11 [ 707.752704][T29648] tipc: Enabling of bearer rejected, already enabled [ 707.978521][T29655] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6527'. [ 708.186302][T29049] veth0_vlan: entered promiscuous mode [ 708.273560][T29049] veth1_vlan: entered promiscuous mode [ 708.412918][T29049] veth0_macvtap: entered promiscuous mode [ 708.449337][T29674] loop4: detected capacity change from 0 to 64 [ 708.457662][T29049] veth1_macvtap: entered promiscuous mode [ 708.477069][T29640] loop3: detected capacity change from 0 to 32768 [ 708.520193][T29049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.531238][T29640] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.6526 (29640) [ 708.560780][T29674] syz.4.6530: attempt to access beyond end of device [ 708.560780][T29674] loop4: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 708.576062][T29049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.599619][T29674] Buffer I/O error on dev loop4, logical block 512, async page read [ 708.614148][T29674] syz.4.6530: attempt to access beyond end of device [ 708.614148][T29674] loop4: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 708.627944][T29049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.658049][T29640] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 708.669097][T29674] Buffer I/O error on dev loop4, logical block 56576, async page read [ 708.690469][T29049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.701189][T29640] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 708.729989][T29049] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 708.747191][T29640] BTRFS info (device loop3): using free space tree [ 708.774747][T29049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.831976][T29049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.859879][T29049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.882041][T29049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.899077][T29049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.945501][T29049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.991012][T29640] BTRFS info (device loop3): enabling ssd optimizations [ 708.998086][T29640] BTRFS info (device loop3): auto enabling async discard [ 709.007655][T29049] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 709.049995][T29049] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.100116][T29049] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.122818][T29049] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.170467][T29049] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.391353][ T5776] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 709.450092][T29708] loop4: detected capacity change from 0 to 4096 [ 709.521640][T29708] NILFS (loop4): invalid segment: Checksum error in segment payload [ 709.545147][T29708] NILFS (loop4): trying rollback from an earlier position [ 709.553482][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.602040][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.675267][T29708] NILFS (loop4): recovery complete [ 709.710247][T29730] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 709.777390][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.818029][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.886700][T29708] NILFS (loop4): the device already has a read-only mount. [ 709.892702][T29733] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 709.901732][T29733] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 709.980659][T29733] vhci_hcd vhci_hcd.0: Device attached [ 710.063234][T29735] vhci_hcd: connection closed [ 710.182864][ T42] vhci_hcd: stop threads [ 710.230642][ T5784] usb 37-1: new high-speed USB device number 2 using vhci_hcd [ 710.244073][ T42] vhci_hcd: release socket [ 710.268130][ T42] vhci_hcd: disconnect device [ 711.547820][T29805] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6553'. [ 711.606908][T29809] loop5: detected capacity change from 0 to 1024 [ 712.024422][T29829] loop2: detected capacity change from 0 to 16 [ 712.089638][T29829] erofs: (device loop2): mounted with root inode @ nid 36. [ 712.136916][ T28] audit: type=1326 audit(1781138193.154:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.220703][ T28] audit: type=1326 audit(1781138193.154:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.272425][ T28] audit: type=1326 audit(1781138193.214:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.296614][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.324597][ T28] audit: type=1326 audit(1781138193.214:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.348726][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.461776][ T28] audit: type=1326 audit(1781138193.214:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.485903][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.610444][ T28] audit: type=1326 audit(1781138193.224:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.634569][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.730459][ T28] audit: type=1326 audit(1781138193.224:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.822580][ T28] audit: type=1326 audit(1781138193.224:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29834 comm="syz.5.6559" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 712.846738][ C0] vkms_vblank_simulate: vblank timer overrun [ 713.110793][T29872] loop3: detected capacity change from 0 to 4096 [ 713.136141][T29878] loop5: detected capacity change from 0 to 512 [ 713.143724][T29872] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 713.322072][T29872] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 713.371513][T29878] EXT4-fs (loop5): 1 orphan inode deleted [ 713.378690][T29878] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 713.421311][T29878] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 713.628640][T29878] EXT4-fs (loop5): resizing filesystem from 64 to 2 blocks [ 713.690471][T29878] EXT4-fs warning (device loop5): ext4_resize_fs:2048: can't shrink FS - resize aborted [ 713.888552][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 714.264879][T29924] loop2: detected capacity change from 0 to 64 [ 714.460935][T29931] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6583'. [ 714.658806][T29941] loop2: detected capacity change from 0 to 128 [ 714.718363][T29941] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 714.756029][T29941] ext4 filesystem being mounted at /1641/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 714.951110][ T5775] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 715.152306][T29968] loop5: detected capacity change from 0 to 256 [ 715.165336][T29971] loop2: detected capacity change from 0 to 256 [ 715.331367][T29968] FAT-fs (loop5): Directory bread(block 64) failed [ 715.356133][T29968] FAT-fs (loop5): Directory bread(block 65) failed [ 715.383585][T29968] FAT-fs (loop5): Directory bread(block 66) failed [ 715.403836][ T5784] vhci_hcd: vhci_device speed not set [ 715.424272][T29968] FAT-fs (loop5): Directory bread(block 67) failed [ 715.435831][T29980] team0: Port device vlan0 added [ 715.454714][T29968] FAT-fs (loop5): Directory bread(block 68) failed [ 715.478754][T29968] FAT-fs (loop5): Directory bread(block 69) failed [ 715.499580][T29968] FAT-fs (loop5): Directory bread(block 70) failed [ 715.519815][T29968] FAT-fs (loop5): Directory bread(block 71) failed [ 715.546494][T29968] FAT-fs (loop5): Directory bread(block 72) failed [ 715.574304][T29968] FAT-fs (loop5): Directory bread(block 73) failed [ 715.638974][T29977] loop4: detected capacity change from 0 to 8192 [ 715.695092][T29987] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 715.701805][T29987] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 715.734261][T29987] vhci_hcd vhci_hcd.0: Device attached [ 715.773362][T29994] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 715.877088][T29989] vhci_hcd: cannot find the pending unlink 8 [ 715.901148][T29989] vhci_hcd: connection closed [ 715.908621][ T1137] vhci_hcd: stop threads [ 715.950798][ T1137] vhci_hcd: release socket [ 715.955324][ T1137] vhci_hcd: disconnect device [ 716.011004][ T23] usb 39-1: new high-speed USB device number 2 using vhci_hcd [ 716.018651][ T23] usb 39-1: enqueue for inactive port 0 [ 716.140549][ T23] vhci_hcd: vhci_device speed not set [ 716.469021][T30019] loop2: detected capacity change from 0 to 256 [ 716.594295][T30019] FAT-fs (loop2): Directory bread(block 64) failed [ 716.608006][T30019] FAT-fs (loop2): Directory bread(block 65) failed [ 716.630835][T30019] FAT-fs (loop2): Directory bread(block 66) failed [ 716.657986][T30019] FAT-fs (loop2): Directory bread(block 67) failed [ 716.677112][T30019] FAT-fs (loop2): Directory bread(block 68) failed [ 716.677154][T30019] FAT-fs (loop2): Directory bread(block 69) failed [ 716.677269][T30019] FAT-fs (loop2): Directory bread(block 70) failed [ 716.677299][T30019] FAT-fs (loop2): Directory bread(block 71) failed [ 716.677396][T30019] FAT-fs (loop2): Directory bread(block 72) failed [ 716.677424][T30019] FAT-fs (loop2): Directory bread(block 73) failed [ 717.444225][T30062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6608'. [ 717.772785][T30077] loop3: detected capacity change from 0 to 128 [ 718.054432][T30088] Bluetooth: MGMT ver 1.22 [ 718.177848][T30040] loop5: detected capacity change from 0 to 32768 [ 718.280867][T30040] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 718.284547][T30104] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.6617'. [ 718.496048][T30112] loop3: detected capacity change from 0 to 128 [ 718.528116][T30119] RDS: rds_bind could not find a transport for ::8000:0:20:0, load rds_tcp or rds_rdma? [ 718.542294][T30114] loop2: detected capacity change from 0 to 256 [ 718.548970][T30112] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 718.746525][T30040] XFS (loop5): Ending clean mount [ 718.765157][T30114] FAT-fs (loop2): Directory bread(block 64) failed [ 718.800821][T30114] FAT-fs (loop2): Directory bread(block 65) failed [ 718.818381][T30040] XFS (loop5): Quotacheck needed: Please wait. [ 718.830641][T30114] FAT-fs (loop2): Directory bread(block 66) failed [ 718.837780][T30114] FAT-fs (loop2): Directory bread(block 67) failed [ 718.873560][T30114] FAT-fs (loop2): Directory bread(block 68) failed [ 718.880237][T30114] FAT-fs (loop2): Directory bread(block 69) failed [ 718.900560][T30114] FAT-fs (loop2): Directory bread(block 70) failed [ 718.907188][T30114] FAT-fs (loop2): Directory bread(block 71) failed [ 718.983683][T30114] FAT-fs (loop2): Directory bread(block 72) failed [ 718.998368][T30040] XFS (loop5): Quotacheck: Done. [ 719.006502][T30114] FAT-fs (loop2): Directory bread(block 73) failed [ 719.328661][T29049] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 719.488185][T30150] loop2: detected capacity change from 0 to 2048 [ 719.553071][T30150] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 719.696083][ T28] audit: type=1800 audit(1781138200.714:247): pid=30150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6627" name="file2" dev="loop2" ino=1347 res=0 errno=0 [ 720.335912][T30190] loop4: detected capacity change from 0 to 256 [ 720.464590][T30190] FAT-fs (loop4): Directory bread(block 64) failed [ 720.511113][T30190] FAT-fs (loop4): Directory bread(block 65) failed [ 720.518351][T30190] FAT-fs (loop4): Directory bread(block 66) failed [ 720.570917][T30190] FAT-fs (loop4): Directory bread(block 67) failed [ 720.606274][T30190] FAT-fs (loop4): Directory bread(block 68) failed [ 720.630580][T30190] FAT-fs (loop4): Directory bread(block 69) failed [ 720.650570][T30190] FAT-fs (loop4): Directory bread(block 70) failed [ 720.693904][T30190] FAT-fs (loop4): Directory bread(block 71) failed [ 720.701039][T30190] FAT-fs (loop4): Directory bread(block 72) failed [ 720.714829][T30190] FAT-fs (loop4): Directory bread(block 73) failed [ 720.945128][T30217] loop2: detected capacity change from 0 to 256 [ 721.016103][T30219] tipc: Enabling of bearer rejected, already enabled [ 721.027596][T30217] FAT-fs (loop2): Directory bread(block 64) failed [ 721.048893][T30217] FAT-fs (loop2): Directory bread(block 65) failed [ 721.062048][T30217] FAT-fs (loop2): Directory bread(block 66) failed [ 721.077504][T30217] FAT-fs (loop2): Directory bread(block 67) failed [ 721.101252][T30217] FAT-fs (loop2): Directory bread(block 68) failed [ 721.114745][T30217] FAT-fs (loop2): Directory bread(block 69) failed [ 721.141325][T30217] FAT-fs (loop2): Directory bread(block 70) failed [ 721.160890][T30217] FAT-fs (loop2): Directory bread(block 71) failed [ 721.185366][T30217] FAT-fs (loop2): Directory bread(block 72) failed [ 721.197222][T30217] FAT-fs (loop2): Directory bread(block 73) failed [ 721.730637][ T1193] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 721.945193][ T1193] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 721.971117][ T1193] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 721.991753][ T1193] usb 6-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 722.001393][T30265] loop3: detected capacity change from 0 to 1024 [ 722.037459][ T1193] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.076375][T30265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 722.100831][ T1193] usb 6-1: config 0 descriptor?? [ 722.212381][T30231] loop4: detected capacity change from 0 to 32768 [ 722.258883][T30265] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 722.278870][T30265] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 722.428267][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.576293][ T1193] razer 0003:1532:010E.001D: unknown main item tag 0x5 [ 722.792499][ T1193] razer 0003:1532:010E.001D: failed to enable macro keys: -71 [ 722.827413][ T1193] razer 0003:1532:010E.001D: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.5-1/input0 [ 722.886227][ T1193] usb 6-1: USB disconnect, device number 2 [ 723.071932][T30326] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.6666'. [ 723.138402][T30329] loop4: detected capacity change from 0 to 512 [ 723.146032][T30311] fido_id[30311]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 723.254002][T30329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 723.314814][T30329] ext4 filesystem being mounted at /389/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.386088][T30329] EXT4-fs error (device loop4): ext4_validate_inode_bitmap:106: comm syz.4.6667: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20 [ 723.482083][T30329] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 723.658111][T21912] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.849469][T30361] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6673'. [ 723.858755][ T5784] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 723.953794][T30359] loop5: detected capacity change from 0 to 2048 [ 724.005694][T30359] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 724.048020][ T28] audit: type=1326 audit(1781138205.064:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.064728][ T5784] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 724.092579][ T5784] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 724.102791][ T5784] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 724.113263][ T5784] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 724.125315][ T5784] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 724.134726][ T5784] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 724.159357][ T28] audit: type=1326 audit(1781138205.064:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.183608][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.191471][ T5784] usb 4-1: config 0 descriptor?? [ 724.223579][T30359] UDF-fs: error (device loop5): udf_verify_fi: directory (ino 1408) has entry at pos 0 with incorrect tag 10a [ 724.236484][ T28] audit: type=1326 audit(1781138205.104:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.236540][ T28] audit: type=1326 audit(1781138205.144:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.236615][ T28] audit: type=1326 audit(1781138205.144:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.236663][ T28] audit: type=1326 audit(1781138205.144:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.236789][ T28] audit: type=1326 audit(1781138205.144:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.285568][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.334414][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.372313][T30359] UDF-fs: error (device loop5): udf_rename: failed to find renamed entry again in directory (ino 1408) [ 724.446930][ T5784] hdpvr 4-1:0.0: firmware version 0x1e dated [ 724.466222][ T28] audit: type=1326 audit(1781138205.144:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.509674][ T28] audit: type=1326 audit(1781138205.144:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30369 comm="syz.4.6677" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3a3759ce59 code=0x7ffc0000 [ 724.533857][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.643190][ T5784] hdpvr 4-1:0.0: device init failed [ 724.648599][ T5784] hdpvr: probe of 4-1:0.0 failed with error -12 [ 724.681348][ T5784] usb 4-1: USB disconnect, device number 44 [ 724.864939][T30383] loop2: detected capacity change from 0 to 8192 [ 724.897099][T30383] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 724.936762][T30383] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 724.949042][T30383] REISERFS (device loop2): using ordered data mode [ 724.956658][T30383] reiserfs: using flush barriers [ 724.981115][T30383] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 725.039134][T30383] REISERFS (device loop2): checking transaction log (loop2) [ 725.057060][T30383] REISERFS (device loop2): Using r5 hash to sort names [ 725.080912][T30383] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 725.118626][T30383] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 725.476824][ T5784] libceph: connect (1)[c::]:6789 error -101 [ 725.561353][ T5784] libceph: mon0 (1)[c::]:6789 connect error [ 725.607462][ T5784] libceph: connect (1)[c::]:6789 error -101 [ 725.632804][ T5784] libceph: mon0 (1)[c::]:6789 connect error [ 725.697290][ T5789] Bluetooth: hci1: unexpected event for opcode 0x2041 [ 725.832254][T30441] bridge0: entered promiscuous mode [ 725.843079][T30440] bridge0: left promiscuous mode [ 725.918603][ T5784] libceph: connect (1)[c::]:6789 error -101 [ 725.945466][ T5784] libceph: mon0 (1)[c::]:6789 connect error [ 726.053450][T30451] bridge0: entered promiscuous mode [ 726.059974][T30451] macsec1: entered promiscuous mode [ 726.206423][T30418] ceph: No mds server is up or the cluster is laggy [ 726.485501][ T28] audit: type=1326 audit(1781138207.500:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30469 comm="syz.3.6700" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 726.528053][ T28] audit: type=1326 audit(1781138207.500:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30469 comm="syz.3.6700" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 726.552082][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.587317][ T28] audit: type=1326 audit(1781138207.500:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30469 comm="syz.3.6700" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 726.611495][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.647764][ T28] audit: type=1326 audit(1781138207.500:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30469 comm="syz.3.6700" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 726.877897][T30489] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6706'. [ 726.919074][T30489] netlink: 'syz.4.6706': attribute type 1 has an invalid length. [ 726.941089][T30489] netlink: 'syz.4.6706': attribute type 2 has an invalid length. [ 727.225341][T30506] loop2: detected capacity change from 0 to 1024 [ 727.233149][T30508] loop4: detected capacity change from 0 to 256 [ 727.272889][T30508] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 727.351386][T30515] netlink: 'syz.3.6714': attribute type 2 has an invalid length. [ 727.453921][T30518] syz.5.6715 (30518): /proc/30517/oom_adj is deprecated, please use /proc/30517/oom_score_adj instead. [ 727.620138][T30526] loop4: detected capacity change from 0 to 65 [ 727.673993][T30526] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway [ 728.112301][T30554] loop5: detected capacity change from 0 to 256 [ 728.148204][T30554] exFAT-fs (loop5): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 728.197305][ T28] audit: type=1800 audit(1781138209.210:261): pid=30554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6724" name="file1" dev="loop5" ino=1048846 res=0 errno=0 [ 728.235339][T30554] syz.5.6724: attempt to access beyond end of device [ 728.235339][T30554] loop5: rw=0, sector=4280, nr_sectors = 8 limit=256 [ 728.518387][T30567] loop2: detected capacity change from 0 to 128 [ 728.619031][T30567] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 728.643955][T30567] hpfs: filesystem error: improperly stopped [ 728.651635][T30567] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 728.659535][T30567] hpfs: You really don't want any checks? You are crazy... [ 728.668784][T30567] hpfs: Code page index out of array [ 728.708667][T30567] hpfs: code page support is disabled [ 728.734819][T30567] hpfs: hpfs_map_4sectors(): unaligned read [ 728.761295][T30567] hpfs: hpfs_map_4sectors(): unaligned read [ 728.819440][T30567] hpfs: filesystem error: unable to find root dir [ 728.868601][T30581] loop3: detected capacity change from 0 to 256 [ 728.920075][T30550] loop4: detected capacity change from 0 to 32768 [ 728.976368][T30581] FAT-fs (loop3): Directory bread(block 64) failed [ 728.983328][T30550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.6723 (30550) [ 729.027582][T30581] FAT-fs (loop3): Directory bread(block 65) failed [ 729.058157][T30576] lo speed is unknown, defaulting to 1000 [ 729.082330][T30581] FAT-fs (loop3): Directory bread(block 66) failed [ 729.088951][T30581] FAT-fs (loop3): Directory bread(block 67) failed [ 729.112579][T30550] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 729.120799][T30581] FAT-fs (loop3): Directory bread(block 68) failed [ 729.129335][T30581] FAT-fs (loop3): Directory bread(block 69) failed [ 729.143966][T30550] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 729.185300][T30581] FAT-fs (loop3): Directory bread(block 70) failed [ 729.200475][T30550] BTRFS info (device loop4): setting nodatasum [ 729.206734][T30550] BTRFS info (device loop4): force zlib compression, level 3 [ 729.215852][T30581] FAT-fs (loop3): Directory bread(block 71) failed [ 729.240503][T30550] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 729.247214][T30581] FAT-fs (loop3): Directory bread(block 72) failed [ 729.249857][T30550] BTRFS info (device loop4): use lzo compression, level 0 [ 729.271281][T30601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6732'. [ 729.284345][T30581] FAT-fs (loop3): Directory bread(block 73) failed [ 729.324425][T30550] BTRFS info (device loop4): turning on flush-on-commit [ 729.341675][T30550] BTRFS info (device loop4): enabling auto defrag [ 729.355985][T30550] BTRFS info (device loop4): max_inline at 4096 [ 729.374825][T30550] BTRFS info (device loop4): using free space tree [ 729.487493][T30601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6732'. [ 729.660770][T30550] BTRFS info (device loop4): enabling ssd optimizations [ 729.910765][T30601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6732'. [ 730.053404][T21912] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 730.983125][T22600] usb 4-1: new full-speed USB device number 45 using dummy_hcd [ 731.241509][T22600] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 731.260588][T22600] usb 4-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 731.268941][T22600] usb 4-1: Product: syz [ 731.276983][T22600] usb 4-1: Manufacturer: syz [ 731.290927][T22600] usb 4-1: SerialNumber: syz [ 731.333576][T22600] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 731.394970][T30655] loop2: detected capacity change from 0 to 32768 [ 731.499987][T30655] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 731.598535][T30691] loop5: detected capacity change from 0 to 4096 [ 731.732512][T22600] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 731.761675][T22600] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 731.781414][T30655] XFS (loop2): Ending clean mount [ 731.797957][T30655] XFS (loop2): Quotacheck needed: Please wait. [ 731.961364][T22600] usb 4-1: USB disconnect, device number 45 [ 732.009722][T30655] XFS (loop2): Quotacheck: Done. [ 732.335151][ T5775] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 733.141654][T30780] netlink: 2 bytes leftover after parsing attributes in process `syz.5.6755'. [ 733.218612][T30784] loop4: detected capacity change from 0 to 128 [ 733.282518][T30784] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 733.325179][T30784] hpfs: filesystem error: improperly stopped [ 733.357377][T30784] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 733.391912][T30784] hpfs: You really don't want any checks? You are crazy... [ 733.399438][T30784] hpfs: Code page index out of array [ 733.436425][T30784] hpfs: code page support is disabled [ 733.467891][T30784] hpfs: hpfs_map_4sectors(): unaligned read [ 733.501782][T30784] hpfs: hpfs_map_4sectors(): unaligned read [ 733.507773][T30784] hpfs: filesystem error: unable to find root dir [ 734.363380][T30845] loop5: detected capacity change from 0 to 64 [ 734.416786][T30851] loop2: detected capacity change from 0 to 8 [ 734.565061][T30851] SQUASHFS error: lzo decompression failed, data probably corrupt [ 734.601051][T30851] SQUASHFS error: Failed to read block 0x202: -5 [ 734.624384][T30851] SQUASHFS error: Unable to read metadata cache entry [200] [ 734.683779][T30864] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6774'. [ 735.159261][T30891] binder: 30890:30891 ioctl 4018620d 0 returned -22 [ 735.206485][T30891] binder: 30890:30891 ioctl c0306201 200000000300 returned -11 [ 735.467363][T30898] loop2: detected capacity change from 0 to 4096 [ 735.529140][T30898] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 736.515564][T30958] loop5: detected capacity change from 0 to 256 [ 736.882051][ T28] audit: type=1326 audit(1781138217.900:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 736.984964][ T28] audit: type=1326 audit(1781138217.900:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.036813][ T28] audit: type=1326 audit(1781138217.940:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=324 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.060997][ C0] vkms_vblank_simulate: vblank timer overrun [ 737.072452][ T28] audit: type=1326 audit(1781138217.950:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.096561][ C0] vkms_vblank_simulate: vblank timer overrun [ 737.112490][ T28] audit: type=1326 audit(1781138217.950:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=324 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.203762][ T28] audit: type=1326 audit(1781138217.950:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.228087][ C0] vkms_vblank_simulate: vblank timer overrun [ 737.241560][ T28] audit: type=1326 audit(1781138217.960:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30971 comm="syz.5.6800" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f037a19ce59 code=0x7ffc0000 [ 737.265689][ C0] vkms_vblank_simulate: vblank timer overrun [ 737.343000][T30985] loop5: detected capacity change from 0 to 64 [ 737.452928][T30985] MINIX-fs: mounting file system with errors, running fsck is recommended [ 737.587237][T30947] loop3: detected capacity change from 0 to 32768 [ 737.632956][T30947] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.6794 (30947) [ 737.747751][T30947] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 737.793990][T30947] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 737.837617][T30947] BTRFS info (device loop3): using free space tree [ 738.015518][T30947] BTRFS info (device loop3): enabling ssd optimizations [ 738.041111][T30947] BTRFS info (device loop3): auto enabling async discard [ 738.084662][T31031] loop5: detected capacity change from 0 to 4096 [ 738.130849][T31037] netlink: 'syz.2.6810': attribute type 21 has an invalid length. [ 738.138778][T31037] IPv6: NLM_F_CREATE should be specified when creating new route [ 738.191020][T31037] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 738.199644][T31037] IPv6: NLM_F_CREATE should be set when creating new route [ 738.207115][T31037] IPv6: NLM_F_CREATE should be set when creating new route [ 738.214591][T31037] IPv6: NLM_F_CREATE should be set when creating new route [ 738.229353][T31040] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 738.262556][T31039] netlink: 'syz.2.6810': attribute type 21 has an invalid length. [ 738.293581][T31039] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 738.303711][T31031] NILFS (loop5): nilfs_sufile_do_free: segment 9 is already clean [ 738.964678][ T5776] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 739.195576][T20750] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 10 /dev/loop3 scanned by udevd (20750) [ 739.429858][ C0] vkms_vblank_simulate: vblank timer overrun [ 740.087753][T31108] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6827'. [ 740.127702][T31098] usb usb5: selecting invalid altsetting 1 [ 740.230585][T31105] loop2: detected capacity change from 0 to 4096 [ 740.304390][T31105] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 740.934746][T31086] loop3: detected capacity change from 0 to 32768 [ 741.060311][T31142] loop4: detected capacity change from 0 to 512 [ 741.149176][T31146] ipvlan2: entered promiscuous mode [ 741.208492][T31142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 741.301300][T31142] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 741.606753][T21912] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.624908][T31167] loop2: detected capacity change from 0 to 2048 [ 741.730620][T31175] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 742.608096][T31158] loop3: detected capacity change from 0 to 32768 [ 742.653827][T31205] program syz.4.6846 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 742.851458][T31170] loop5: detected capacity change from 0 to 32768 [ 743.586442][T31235] loop5: detected capacity change from 0 to 8 [ 743.701829][T31235] SQUASHFS error: Failed to read block 0x2d7: -5 [ 743.708300][T31235] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 743.814868][T31247] loop2: detected capacity change from 0 to 2048 [ 743.864467][T31247] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 743.952667][T31256] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 744.012981][ T28] audit: type=1326 audit(1781138225.020:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.140513][ T28] audit: type=1326 audit(1781138225.070:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.230566][ T28] audit: type=1326 audit(1781138225.090:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.320828][ T28] audit: type=1326 audit(1781138225.110:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.460871][ T28] audit: type=1326 audit(1781138225.110:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.535935][ T28] audit: type=1326 audit(1781138225.110:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.599391][ T28] audit: type=1326 audit(1781138225.120:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.660520][ T28] audit: type=1326 audit(1781138225.120:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.708207][ T28] audit: type=1326 audit(1781138225.120:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.786391][ T28] audit: type=1326 audit(1781138225.120:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31257 comm="syz.3.6857" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 744.810506][ C0] vkms_vblank_simulate: vblank timer overrun [ 744.821331][ T23] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 745.020848][ T23] usb 6-1: Using ep0 maxpacket: 16 [ 745.030961][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 745.052776][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 745.097586][ T23] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 745.109099][ T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.123238][ T23] usb 6-1: config 0 descriptor?? [ 745.265504][T31313] loop3: detected capacity change from 0 to 64 [ 745.573941][ T23] ntrig 0003:1B96:0008.001E: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.5-1/input0 [ 745.779716][ T23] usb 6-1: USB disconnect, device number 3 [ 746.079496][T31326] loop2: detected capacity change from 0 to 32768 [ 746.097561][T31326] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 746.243317][T20752] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 746.328764][T31334] loop3: detected capacity change from 0 to 32768 [ 746.463561][T31334] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 746.583529][T31334] XFS (loop3): Ending clean mount [ 746.762277][ T5776] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 746.947068][T31382] loop5: detected capacity change from 0 to 512 [ 746.976767][T31382] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 747.031272][T31382] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 747.054291][T31382] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2002e01c, mo2=0006] [ 747.091801][T31382] System zones: 0-2, 18-18, 34-35 [ 747.105897][T31382] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 747.210668][ T5839] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 747.274654][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 747.397179][T31396] loop2: detected capacity change from 0 to 512 [ 747.420766][ T5839] usb 4-1: Using ep0 maxpacket: 16 [ 747.428901][ T5839] usb 4-1: config 0 interface 0 has no altsetting 0 [ 747.436608][ T5839] usb 4-1: New USB device found, idVendor=056a, idProduct=0059, bcdDevice= 0.00 [ 747.450049][ T5839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.472256][T31396] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 747.486112][ T5839] usb 4-1: config 0 descriptor?? [ 747.514646][T31396] ext4 filesystem being mounted at /1721/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 747.562820][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.569232][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.661372][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 747.765939][ T5839] usbhid 4-1:0.0: can't add hid device: -71 [ 747.802705][ T5839] usbhid: probe of 4-1:0.0 failed with error -71 [ 747.828383][ T5839] usb 4-1: USB disconnect, device number 46 [ 747.870783][T31416] netlink: 11 bytes leftover after parsing attributes in process `syz.5.6889'. [ 748.313187][T31439] loop5: detected capacity change from 0 to 4096 [ 748.473055][T31452] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6898'. [ 748.702274][T31461] loop3: detected capacity change from 0 to 512 [ 748.796508][T31461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 748.859145][T31461] ext4 filesystem being mounted at /1731/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 749.022909][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 749.154992][T31475] loop4: detected capacity change from 0 to 4096 [ 749.168986][T31475] __ntfs_warning: 3 callbacks suppressed [ 749.169004][T31475] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 749.195417][ C0] vkms_vblank_simulate: vblank timer overrun [ 749.269762][T31475] ntfs: (device loop4): check_mft_mirror(): $MFTMirr location mismatch. Run chkdsk. [ 749.302898][T31475] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 749.358749][T31475] ntfs: volume version 3.1. [ 749.459755][T31458] loop2: detected capacity change from 0 to 32768 [ 749.488144][T31458] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.6899 (31458) [ 749.562270][T31458] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 749.598425][T31458] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 749.630192][T31458] BTRFS info (device loop2): force zlib compression, level 3 [ 749.645484][T20359] Bluetooth: hci3: command 0x0406 tx timeout [ 749.681512][T31458] BTRFS info (device loop2): turning on flush-on-commit [ 749.705391][T31458] BTRFS info (device loop2): max_inline at 4096 [ 749.752772][T31458] BTRFS info (device loop2): using free space tree [ 749.908750][T31497] loop4: detected capacity change from 0 to 256 [ 750.007983][T31506] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6907'. [ 750.011971][T31458] BTRFS info (device loop2): enabling ssd optimizations [ 750.060640][T31458] BTRFS info (device loop2): auto enabling async discard [ 750.309828][ T5775] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 751.351614][T31565] loop2: detected capacity change from 0 to 256 [ 751.391815][T31565] exfat: Deprecated parameter 'namecase' [ 751.398224][T31565] exfat: Deprecated parameter 'utf8' [ 751.440169][T31565] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xea424414, utbl_chksum : 0xe619d30d) [ 751.527067][ T28] audit: type=1800 audit(1781138232.540:282): pid=31565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6922" name="file1" dev="loop2" ino=1048876 res=0 errno=0 [ 751.551277][T31562] loop5: detected capacity change from 0 to 8192 [ 751.578965][T31562] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 751.611014][T31562] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 751.620615][T31562] REISERFS (device loop5): using ordered data mode [ 751.640539][T31562] reiserfs: using flush barriers [ 751.660627][T31562] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 751.697858][T31562] REISERFS (device loop5): checking transaction log (loop5) [ 751.961347][T31562] REISERFS (device loop5): Using tea hash to sort names [ 751.980291][T31562] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 752.010562][T31562] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 752.087908][T31559] loop4: detected capacity change from 0 to 32768 [ 752.246705][T31562] REISERFS error (device loop5): vs-7000 search_by_entry_key: search_by_key returned item position == 0 [ 752.267670][T31562] REISERFS (device loop5): Remounting filesystem read-only [ 753.278888][T31603] loop2: detected capacity change from 0 to 32768 [ 753.384438][T31616] loop5: detected capacity change from 0 to 4096 [ 753.426910][T31616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 753.553509][T31616] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.6934: corrupted inode contents [ 753.634145][T31616] EXT4-fs error (device loop5): ext4_dirty_inode:6143: inode #15: comm syz.5.6934: mark_inode_dirty error [ 753.684253][T31616] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.6934: corrupted inode contents [ 753.745456][T31616] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6934: mark_inode_dirty error [ 753.807399][T31616] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.6934: corrupted inode contents [ 753.870685][T31616] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #15: comm syz.5.6934: mark_inode_dirty error [ 753.905078][T31616] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.6934: corrupted inode contents [ 753.944622][T31616] EXT4-fs error (device loop5): ext4_truncate:4301: inode #15: comm syz.5.6934: mark_inode_dirty error [ 754.003095][T31616] EXT4-fs error (device loop5) in ext4_setattr:5682: Corrupt filesystem [ 754.050248][T31631] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #15: comm syz.5.6934: corrupted inode contents [ 754.213799][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 755.304558][T31648] loop2: detected capacity change from 0 to 40427 [ 755.356834][T31648] F2FS-fs (loop2): invalid crc value [ 755.419194][T31648] F2FS-fs (loop2): Found nat_bits in checkpoint [ 755.597750][T31648] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 755.663514][T31648] F2FS-fs (loop2): Inconsistent error blkaddr:4609, sit bitmap:0 [ 755.680946][T31648] CPU: 0 PID: 31648 Comm: syz.2.6941 Not tainted syzkaller #0 [ 755.688544][T31648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 755.698653][T31648] Call Trace: [ 755.702050][T31648] [ 755.705086][T31648] dump_stack_lvl+0x18c/0x250 [ 755.709936][T31648] ? show_regs_print_info+0x20/0x20 [ 755.715215][T31648] ? f2fs_get_meta_page+0x30/0x30 [ 755.720295][T31648] f2fs_is_valid_blkaddr+0xe39/0x1580 [ 755.725726][T31648] f2fs_get_node_info+0x705/0x12b0 [ 755.730882][T31648] read_node_page+0x154/0x990 [ 755.735586][T31648] ? folio_add_lru+0x54f/0xd30 [ 755.740426][T31648] ? f2fs_ra_node_page+0x230/0x230 [ 755.745580][T31648] ? filemap_add_folio+0x192/0x3c0 [ 755.750833][T31648] __get_node_page+0x1fb/0xf40 [ 755.755646][T31648] ? read_node_page+0x990/0x990 [ 755.760558][T31648] ? do_raw_spin_unlock+0x121/0x230 [ 755.765797][T31648] ? _raw_spin_unlock+0x28/0x40 [ 755.770771][T31648] ? iget_locked+0x733/0x840 [ 755.775417][T31648] f2fs_iget+0x77a/0x47e0 [ 755.779798][T31648] ? verify_lock_unused+0x140/0x140 [ 755.785036][T31648] f2fs_nfs_get_inode+0x76/0x110 [ 755.790139][T31648] ? f2fs_fh_to_parent+0x40/0x40 [ 755.795133][T31648] generic_fh_to_dentry+0x93/0xe0 [ 755.800213][T31648] exportfs_decode_fh_raw+0x177/0x6a0 [ 755.805677][T31648] ? do_handle_open+0x5a0/0x5a0 [ 755.810573][T31648] ? exportfs_encode_fh+0x4a0/0x4a0 [ 755.815889][T31648] ? __fget_files+0x28/0x4b0 [ 755.820522][T31648] ? __fget_files+0x43d/0x4b0 [ 755.825237][T31648] ? do_handle_open+0x5a0/0x5a0 [ 755.830119][T31648] exportfs_decode_fh+0x3a/0x70 [ 755.835010][T31648] do_handle_open+0x40e/0x5a0 [ 755.839726][T31648] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80 [ 755.846273][T31648] ? lockdep_hardirqs_on+0x98/0x150 [ 755.851568][T31648] do_syscall_64+0x55/0xb0 [ 755.856022][T31648] ? clear_bhb_loop+0x40/0x90 [ 755.860815][T31648] ? clear_bhb_loop+0x40/0x90 [ 755.865520][T31648] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 755.871505][T31648] RIP: 0033:0x7f8c1819ce59 [ 755.875997][T31648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 755.895690][T31648] RSP: 002b:00007f8c190b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 755.904222][T31648] RAX: ffffffffffffffda RBX: 00007f8c18415fa0 RCX: 00007f8c1819ce59 [ 755.912230][T31648] RDX: 0000000000040000 RSI: 0000200000000080 RDI: 0000000000000004 [ 755.920227][T31648] RBP: 00007f8c18232d6f R08: 0000000000000000 R09: 0000000000000000 [ 755.928228][T31648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.936227][T31648] R13: 00007f8c18416038 R14: 00007f8c18415fa0 R15: 00007ffe441f9c48 [ 755.944281][T31648] [ 755.947486][ C0] vkms_vblank_simulate: vblank timer overrun [ 756.393764][T31699] loop4: detected capacity change from 0 to 40427 [ 756.446671][T31699] F2FS-fs (loop4): invalid crc value [ 756.476549][T31699] F2FS-fs (loop4): Found nat_bits in checkpoint [ 756.662765][T31699] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 756.724064][T31742] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 756.730852][T31742] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 756.772386][T31742] vhci_hcd vhci_hcd.0: Device attached [ 756.823654][T31743] vhci_hcd: connection closed [ 756.839022][ T28] audit: type=1800 audit(1781138237.850:283): pid=31699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.6956" name="file2" dev="loop4" ino=10 res=0 errno=0 [ 756.840469][ T12] vhci_hcd: stop threads [ 756.871258][ T12] vhci_hcd: release socket [ 756.875746][ T12] vhci_hcd: disconnect device [ 757.009938][T21912] syz-executor: attempt to access beyond end of device [ 757.009938][T21912] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 757.035324][T31751] loop5: detected capacity change from 0 to 4096 [ 757.044284][T31751] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 757.078543][T21912] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 757.134498][T31751] ntfs: (device loop5): check_mft_mirror(): $MFTMirr location mismatch. Run chkdsk. [ 757.150297][T31751] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 757.174323][T31756] binder: 31755:31756 ioctl 40046210 0 returned -14 [ 757.242338][T31751] ntfs: volume version 3.1. [ 757.872583][T31778] loop5: detected capacity change from 0 to 512 [ 757.880145][T31778] EXT4-fs: Ignoring removed oldalloc option [ 757.924557][T31778] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 758.008851][T31778] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 758.022972][T31788] netem: change failed [ 758.080704][T31778] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 758.187137][T31799] bridge: RTM_NEWNEIGH with invalid state 0x1 [ 758.202477][T31795] loop3: detected capacity change from 0 to 4096 [ 758.270594][T31801] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 758.309514][T31778] EXT4-fs error (device loop5): ext4_validate_inode_bitmap:106: comm syz.5.6977: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20 [ 758.390531][T31778] EXT4-fs (loop5): Remounting filesystem read-only [ 758.428783][T31795] syz.3.6980: attempt to access beyond end of device [ 758.428783][T31795] loop3: rw=0, sector=26388279066816, nr_sectors = 8 limit=4096 [ 758.460974][T31795] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=1) [ 758.514564][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.089212][T31837] loop4: detected capacity change from 0 to 64 [ 759.346807][T31847] loop5: detected capacity change from 0 to 512 [ 759.369907][T31847] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 759.574912][T31862] loop3: detected capacity change from 0 to 1024 [ 759.650488][T31862] hfsplus: invalid btree flag [ 759.655579][T31862] hfsplus: failed to load extents file [ 759.756106][T31873] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6999'. [ 759.813739][T31877] loop5: detected capacity change from 0 to 256 [ 759.822717][T31873] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6999'. [ 759.849255][T31881] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6999'. [ 760.290081][T31902] sp0: Synchronizing with TNC [ 761.210623][ T1193] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 761.393857][ T1193] usb 4-1: Using ep0 maxpacket: 16 [ 761.405678][ T1193] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 761.436856][ T1193] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 761.457223][ T1193] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 761.490445][ T1193] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 761.509934][ T1193] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.551511][ T1193] usb 4-1: config 0 descriptor?? [ 761.878970][T31986] loop2: detected capacity change from 0 to 4096 [ 761.988575][ T1193] microsoft 0003:045E:07DA.001F: No inputs registered, leaving [ 762.042274][ T1193] microsoft 0003:045E:07DA.001F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 762.091530][ T1193] microsoft 0003:045E:07DA.001F: no inputs found [ 762.097968][ T1193] microsoft 0003:045E:07DA.001F: could not initialize ff, continuing anyway [ 762.199547][T31972] loop5: detected capacity change from 0 to 40427 [ 762.258668][T31972] F2FS-fs (loop5): invalid crc value [ 762.291229][ T23] usb 4-1: USB disconnect, device number 47 [ 762.306389][T31972] F2FS-fs (loop5): Found nat_bits in checkpoint [ 762.460652][T31972] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 762.505490][T32014] loop2: detected capacity change from 0 to 4096 [ 762.545657][ T28] audit: type=1800 audit(1781138243.560:284): pid=31972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7024" name="file2" dev="loop5" ino=10 res=0 errno=0 [ 762.668405][T32014] ntfs3: loop2: ino=5, "/" directory corrupted [ 762.677048][T29049] syz-executor: attempt to access beyond end of device [ 762.677048][T29049] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 762.701566][T32014] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 762.714995][T29049] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 762.720167][T32014] ntfs3: loop2: ino=5, "/" directory corrupted [ 763.448088][T32037] loop2: detected capacity change from 0 to 4096 [ 763.529563][T32037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 763.772349][T32037] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #15: comm syz.2.7035: corrupted inode contents [ 763.862913][T32037] EXT4-fs error (device loop2): ext4_dirty_inode:6143: inode #15: comm syz.2.7035: mark_inode_dirty error [ 763.916242][T32037] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #15: comm syz.2.7035: corrupted inode contents [ 764.010057][T32037] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.7035: mark_inode_dirty error [ 764.029117][T32037] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #15: comm syz.2.7035: corrupted inode contents [ 764.065924][T32037] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #15: comm syz.2.7035: mark_inode_dirty error [ 764.087157][T32037] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #15: comm syz.2.7035: corrupted inode contents [ 764.099807][T32067] smc: net device wlan0 applied user defined pnetid SYZ0 [ 764.099841][T22600] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 764.125228][T32037] EXT4-fs error (device loop2): ext4_truncate:4301: inode #15: comm syz.2.7035: mark_inode_dirty error [ 764.148674][T32037] EXT4-fs error (device loop2) in ext4_setattr:5682: Corrupt filesystem [ 764.169343][T32060] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #15: comm syz.2.7035: corrupted inode contents [ 764.279394][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 764.306604][T32074] netlink: 52 bytes leftover after parsing attributes in process `syz.3.7042'. [ 764.321143][T22600] usb 6-1: Using ep0 maxpacket: 8 [ 764.326492][T32074] netlink: 'syz.3.7042': attribute type 1 has an invalid length. [ 764.342633][T22600] usb 6-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 764.355760][T22600] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 764.370930][T22600] usb 6-1: Product: syz [ 764.375213][T22600] usb 6-1: Manufacturer: syz [ 764.408011][T22600] usb 6-1: SerialNumber: syz [ 764.438469][T22600] usb 6-1: config 0 descriptor?? [ 764.475880][T22600] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 764.488209][T22600] pctv452e: pctv452e_power_ctrl: 1 [ 764.488209][T22600] [ 764.515496][T22600] usb 6-1: selecting invalid altsetting 3 [ 764.535234][T22600] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22 [ 764.535234][T22600] [ 764.560223][T22600] dvb-usb: bulk message failed: -22 (5/0) [ 764.585676][T22600] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 764.613972][T22600] dvbdev: DVB: registering new adapter (Technotrend TT Connect S2-3600) [ 764.624938][T22600] usb 6-1: media controller created [ 764.634471][T22600] dvb-usb: bulk message failed: -22 (8/0) [ 764.645864][T22600] pctv452e: I2C error -22; AA 01 A0 01 14 -> aa 01 31 04 a0 01 14 [ 764.669536][T22600] dvb-usb: MAC address reading failed. [ 764.712402][T32056] pctv452e: I2C error -22; AA 02 00 00 EA -> 00 00 00 00 00 00 00 [ 764.733233][T32092] loop3: detected capacity change from 0 to 64 [ 764.759551][T22600] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 764.983213][T22600] DVB: Unable to find symbol stb0899_attach() [ 764.991210][T32108] [U]  [ 764.997910][T22600] dvb-usb: no frontend was attached by 'Technotrend TT Connect S2-3600' [ 765.101249][T22600] rc_core: IR keymap rc-tt-1500 not found [ 765.107070][T22600] Registered IR keymap rc-empty [ 765.126668][T22600] rc rc0: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0 [ 765.147591][T22600] input: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input31 [ 765.179423][T22600] dvb-usb: schedule remote query interval to 100 msecs. [ 765.190435][T22600] pctv452e: pctv452e_power_ctrl: 0 [ 765.190435][T22600] [ 765.208250][T22600] dvb-usb: Technotrend TT Connect S2-3600 successfully initialized and connected. [ 765.239495][T22600] usb 6-1: USB disconnect, device number 4 [ 765.423913][T22600] dvb-usb: Technotrend TT Connect S2-3600 successfully deinitialized and disconnected. [ 765.882083][T32152] overlayfs: missing 'workdir' [ 765.967395][T32155] loop2: detected capacity change from 0 to 4096 [ 766.099776][T32155] ntfs: volume version 3.1. [ 766.217701][T32155] ntfs: (device loop2): ntfs_setattr(): Changes in user/group/mode are not supported yet, ignoring. [ 766.759318][T32161] loop3: detected capacity change from 0 to 40427 [ 766.781912][T32161] F2FS-fs (loop3): invalid crc value [ 766.818829][T32161] F2FS-fs (loop3): Found nat_bits in checkpoint [ 766.950894][T32161] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 767.005851][T32195] loop5: detected capacity change from 0 to 512 [ 767.042770][T32195] EXT4-fs: Ignoring removed nobh option [ 767.067432][T32195] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 767.095851][ T28] audit: type=1800 audit(1781138248.110:285): pid=32161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.7059" name="file2" dev="loop3" ino=10 res=0 errno=0 [ 767.159207][T32195] EXT4-fs (loop5): 1 truncate cleaned up [ 767.168290][T32195] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 767.294168][ C0] vkms_vblank_simulate: vblank timer overrun [ 767.352678][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.413605][ T5776] syz-executor: attempt to access beyond end of device [ 767.413605][ T5776] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 767.452742][ T5776] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 767.688399][T32216] loop4: detected capacity change from 0 to 2048 [ 767.732910][T32216] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 767.959821][ C0] vkms_vblank_simulate: vblank timer overrun [ 768.627840][T32232] loop4: detected capacity change from 0 to 32768 [ 768.640575][T22600] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 768.820793][T22600] usb 4-1: Using ep0 maxpacket: 8 [ 768.839563][T22600] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 768.861048][T22600] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 768.874590][T22600] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 768.884343][T22600] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.903539][T22600] usb 4-1: config 0 descriptor?? [ 769.166227][T32275] loop2: detected capacity change from 0 to 16 [ 769.199561][T32275] erofs: (device loop2): mounted with root inode @ nid 36. [ 769.370672][T22600] hid (null): unknown global tag 0xd [ 769.385082][T22600] hid-u2fzero 0003:10C4:8ACF.0020: unknown main item tag 0xd [ 769.423523][T22600] hid-u2fzero 0003:10C4:8ACF.0020: collection stack underflow [ 769.438941][T22600] hid-u2fzero 0003:10C4:8ACF.0020: item 0 2 0 12 parsing failed [ 769.452851][T32283] loop5: detected capacity change from 0 to 256 [ 769.481449][T22600] hid-u2fzero: probe of 0003:10C4:8ACF.0020 failed with error -22 [ 769.646166][T32283] FAT-fs (loop5): Directory bread(block 64) failed [ 769.671110][T32283] FAT-fs (loop5): Directory bread(block 65) failed [ 769.677827][T32283] FAT-fs (loop5): Directory bread(block 66) failed [ 769.706420][ T5784] usb 4-1: USB disconnect, device number 48 [ 769.726407][T32283] FAT-fs (loop5): Directory bread(block 67) failed [ 769.750771][T32283] FAT-fs (loop5): Directory bread(block 68) failed [ 769.756052][T32296] loop2: detected capacity change from 0 to 512 [ 769.777138][T32283] FAT-fs (loop5): Directory bread(block 69) failed [ 769.786329][T32283] FAT-fs (loop5): Directory bread(block 70) failed [ 769.797047][T32283] FAT-fs (loop5): Directory bread(block 71) failed [ 769.817738][T32296] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 769.827954][T32283] FAT-fs (loop5): Directory bread(block 72) failed [ 769.827994][T32283] FAT-fs (loop5): Directory bread(block 73) failed [ 769.856839][T32296] EXT4-fs error (device loop2): ext4_iget_extra_inode:4739: inode #15: comm syz.2.7090: corrupted in-inode xattr: e_value out of bounds [ 769.876383][T32296] EXT4-fs error (device loop2): ext4_orphan_get:1409: comm syz.2.7090: couldn't read orphan inode 15 (err -117) [ 769.892731][T32296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 769.923078][T32296] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 770.033842][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 770.387496][T32330] syz_tun: entered promiscuous mode [ 770.398183][T32330] macsec2: entered promiscuous mode [ 770.413654][T32330] syz_tun: left promiscuous mode [ 770.671161][T32346] netlink: 'syz.2.7099': attribute type 2 has an invalid length. [ 770.802901][ T28] audit: type=1326 audit(1781138251.820:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 770.835303][ T28] audit: type=1326 audit(1781138251.820:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 770.878875][ T28] audit: type=1326 audit(1781138251.820:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 770.944711][ T28] audit: type=1326 audit(1781138251.840:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 771.048586][ T28] audit: type=1326 audit(1781138251.840:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 771.115034][ T28] audit: type=1326 audit(1781138251.840:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 771.143403][T32366] loop4: detected capacity change from 0 to 128 [ 771.160009][T32366] EXT4-fs: Ignoring removed mblk_io_submit option [ 771.174097][ T28] audit: type=1326 audit(1781138251.840:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 771.205013][ T28] audit: type=1326 audit(1781138251.840:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32351 comm="syz.3.7101" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4cb1b9ce59 code=0x7ffc0000 [ 771.283590][T32366] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 771.297605][T32366] ext4 filesystem being mounted at /480/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 771.385913][ T28] audit: type=1800 audit(1781138252.400:294): pid=32366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.7105" name="file1" dev="loop4" ino=12 res=0 errno=0 [ 771.541203][T21912] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 771.751742][T32393] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7109'. [ 771.766068][T32392] loop2: detected capacity change from 0 to 256 [ 771.821698][T32392] exfat: Deprecated parameter 'utf8' [ 771.827141][T32392] exfat: Deprecated parameter 'namecase' [ 771.894857][T32392] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 771.909282][T32396] loop3: detected capacity change from 0 to 4096 [ 771.982462][T32402] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 772.071760][T32396] NILFS (loop3): nilfs_sufile_do_free: segment 9 is already clean [ 772.671179][T32428] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7120'. [ 772.843840][T32434] syz_tun: entered promiscuous mode [ 772.849221][T32434] macsec1: entered promiscuous mode [ 772.894985][T32434] syz_tun: left promiscuous mode [ 772.918242][T32441] loop2: detected capacity change from 0 to 1024 [ 773.031787][T32441] hfsplus: invalid xattr key length: 0 [ 773.123917][ T12] hfsplus: b-tree write err: -5, ino 8 [ 773.354679][T32417] loop3: detected capacity change from 0 to 32768 [ 773.568042][T32465] loop4: detected capacity change from 0 to 256 [ 773.924756][T32475] loop5: detected capacity change from 0 to 2048 [ 774.052839][T32475] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 774.308112][T32474] loop3: detected capacity change from 0 to 8192 [ 774.337552][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.371446][T32474] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 774.397153][T32474] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 774.407019][T32474] REISERFS (device loop3): using ordered data mode [ 774.413966][T32474] reiserfs: using flush barriers [ 774.423178][ C0] vkms_vblank_simulate: vblank timer overrun [ 774.470047][T32474] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 774.576145][T32474] REISERFS (device loop3): checking transaction log (loop3) [ 774.631628][T32474] REISERFS (device loop3): Using r5 hash to sort names [ 774.682454][T32474] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 774.860730][T32474] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option "dax=never" [ 774.971571][T32513] loop4: detected capacity change from 0 to 4096 [ 774.994143][T32513] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 775.199949][T32513] ntfs: volume version 3.1. [ 775.448310][T32540] loop3: detected capacity change from 0 to 16 [ 775.502924][T32540] erofs: (device loop3): mounted with root inode @ nid 36. [ 775.563702][T32540] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 775.585204][T32546] loop2: detected capacity change from 0 to 256 [ 775.670638][T32540] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 775.712510][T32551] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 775.744206][T32551] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 775.785631][T32548] loop4: detected capacity change from 0 to 64 [ 776.051348][T32565] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7153'. [ 776.077866][T32566] loop3: detected capacity change from 0 to 512 [ 776.152920][T32566] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 776.211072][T32566] EXT4-fs (loop3): orphan cleanup on readonly fs [ 776.231713][T32566] EXT4-fs warning (device loop3): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 776.232556][T32566] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 776.248448][T32566] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2971: inode #16: comm syz.3.7152: corrupted xattr block 31: invalid header [ 776.266904][T32566] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 776.266996][T32566] EXT4-fs (loop3): 1 orphan inode deleted [ 776.268614][T32566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 776.403983][T32566] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.7152: bg 0: block 15: invalid block bitmap [ 776.528332][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 776.845285][T32604] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 776.912259][T32594] NILFS (loop3): nilfs_sufile_do_free: segment 9 is already clean [ 777.236911][T32618] EXT4-fs: inline encryption not supported [ 777.285021][T32618] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 777.369950][T32618] EXT4-fs error (device loop4): ext4_free_blocks:6694: comm syz.4.7167: Freeing blocks not in datazone - block = 0, count = 4096 [ 777.444184][T32618] EXT4-fs (loop4): Remounting filesystem read-only [ 777.482540][T32618] EXT4-fs (loop4): 1 orphan inode deleted [ 777.512725][ T12] EXT4-fs (loop4): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 777.532260][T32618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 777.566295][ T12] __quota_error: 2 callbacks suppressed [ 777.566311][ T12] Quota error (device loop4): write_blk: dquota write failed [ 777.590190][ T12] Quota error (device loop4): remove_free_dqentry: Can't write block (2) with free entries [ 777.650534][ T12] EXT4-fs (loop4): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 777.672089][ T12] Quota error (device loop4): write_blk: dquota write failed [ 777.710547][ T12] Quota error (device loop4): free_dqentry: Can't move quota data block (2) to free list [ 777.750253][ T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started [ 777.768443][T21912] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.779271][ T12] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 778.630538][T32677] set_capacity_and_notify: 2 callbacks suppressed [ 778.630560][T32677] loop2: detected capacity change from 0 to 512 [ 778.646673][T32679] netlink: 104 bytes leftover after parsing attributes in process `syz.5.7185'. [ 778.689478][T32673] loop3: detected capacity change from 0 to 4096 [ 778.702362][T32677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 778.742948][T32673] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 778.758614][T32677] fs-verity: sha512 using implementation "sha512-avx2" [ 778.775306][T32677] EXT4-fs warning (device loop2): ext4_begin_enable_verity:135: inode #15: comm syz.2.7184: verity is only allowed on extent-based files [ 778.783458][T32686] loop4: detected capacity change from 0 to 64 [ 778.865759][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 778.978655][T32673] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 779.009871][T32673] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 779.206362][T32696] loop2: detected capacity change from 0 to 2048 [ 779.240132][T32696] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 779.344833][T32703] loop4: detected capacity change from 0 to 1024 [ 779.359924][T32706] loop5: detected capacity change from 0 to 1024 [ 779.527191][T32713] netlink: 'syz.3.7191': attribute type 1 has an invalid length. [ 779.739796][T32725] loop5: detected capacity change from 0 to 512 [ 779.787165][T32725] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 779.966966][T32729] loop4: detected capacity change from 0 to 4096 [ 780.011520][T32729] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 780.132160][T32729] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 780.163715][T32729] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 780.746963][ T312] loop2: detected capacity change from 0 to 256 [ 780.771924][ T312] exfat: Deprecated parameter 'utf8' [ 780.883917][ T312] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 781.268363][ T337] loop3: detected capacity change from 0 to 512 [ 781.323737][ T337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 781.373909][ T344] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7217'. [ 781.473932][T20359] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 781.490495][T20359] Bluetooth: hci0: Injecting HCI hardware error event [ 781.501913][ T5789] Bluetooth: hci0: hardware error 0x00 [ 781.588341][ T355] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7219'. [ 781.606171][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.951734][ T373] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 781.993181][ T373] EXT4-fs error (device loop5): ext4_orphan_get:1430: comm syz.5.7225: bad orphan inode 131083 [ 782.017052][ T373] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 782.399157][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 782.514596][ T368] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 782.654785][ T368] XFS (loop3): Ending clean mount [ 782.906276][ T5776] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 783.085167][ T383] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.7227 (383) [ 783.135275][ T383] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 783.194697][ T383] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 783.241469][ T383] BTRFS info (device loop4): setting nodatasum [ 783.248709][ T383] BTRFS info (device loop4): force zlib compression, level 3 [ 783.295742][ T383] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 783.326716][ T383] BTRFS info (device loop4): use lzo compression, level 0 [ 783.352721][ T383] BTRFS info (device loop4): turning on flush-on-commit [ 783.407831][ T383] BTRFS info (device loop4): enabling auto defrag [ 783.441945][ T383] BTRFS info (device loop4): max_inline at 4096 [ 783.473763][ T383] BTRFS info (device loop4): using free space tree [ 783.570872][ T427] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 783.613718][ T427] NILFS (loop2): mounting unchecked fs [ 783.630555][ T5789] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 783.666202][ T383] BTRFS info (device loop4): enabling ssd optimizations [ 783.676741][T20750] udevd[20750]: incorrect nilfs2 checksum on /dev/loop2 [ 783.704010][ T427] NILFS (loop2): recovery complete [ 783.737535][ T445] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 784.313341][T21912] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 784.420617][ T28] audit: type=1326 audit(1781138265.430:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.528600][ T28] audit: type=1326 audit(1781138265.430:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.680443][ T28] audit: type=1326 audit(1781138265.430:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.762523][ T28] audit: type=1326 audit(1781138265.440:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.840894][ T28] audit: type=1326 audit(1781138265.470:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.920615][ T5789] Bluetooth: hci3: command 0x0406 tx timeout [ 784.945022][ T28] audit: type=1326 audit(1781138265.470:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 784.968981][ T452] set_capacity_and_notify: 5 callbacks suppressed [ 784.969044][ T452] loop3: detected capacity change from 0 to 32768 [ 785.024760][ T452] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.7237 (452) [ 785.103056][ T452] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 785.141046][ T28] audit: type=1326 audit(1781138265.470:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=468 comm="syz.2.7244" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1819ce59 code=0x7ffc0000 [ 785.167026][ T452] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 785.196615][ T452] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 785.239586][ T452] BTRFS info (device loop3): use zstd compression, level 3 [ 785.256214][ T452] BTRFS info (device loop3): using free space tree [ 785.480519][ T452] BTRFS info (device loop3): enabling ssd optimizations [ 785.482051][ T5765] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 785.487636][ T452] BTRFS info (device loop3): auto enabling async discard [ 785.518961][ T505] loop4: detected capacity change from 0 to 2048 [ 785.578490][ T515] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 785.692128][ T5765] usb 6-1: Using ep0 maxpacket: 32 [ 785.733377][ T5765] usb 6-1: config 0 has an invalid interface number: 12 but max is 0 [ 785.746491][ T5765] usb 6-1: config 0 has no interface number 0 [ 785.770814][ T5765] usb 6-1: config 0 interface 12 has no altsetting 0 [ 785.798100][ T518] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7249'. [ 785.813721][ T5765] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 785.823604][ T5776] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 785.835073][ T5765] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 785.879297][ T5765] usb 6-1: Product: syz [ 785.903526][ T5765] usb 6-1: Manufacturer: syz [ 785.908217][ T5765] usb 6-1: SerialNumber: syz [ 785.994517][ T5765] usb 6-1: config 0 descriptor?? [ 786.523960][ T543] sp0: Synchronizing with TNC [ 786.575848][ T549] loop4: detected capacity change from 0 to 256 [ 786.622742][ T549] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbd11d127, utbl_chksum : 0xe619d30d) [ 786.663201][ T5765] f81534 6-1:0.12: f81534_set_register: reg: 1003 data: 28 failed: -71 [ 786.684042][ T5765] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71 [ 786.709697][ T5765] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 786.748147][ T5765] f81534: probe of 6-1:0.12 failed with error -71 [ 786.800294][ T5765] usb 6-1: USB disconnect, device number 5 [ 787.058904][ T573] support for the xor transformation has been removed. [ 787.186560][ T578] loop4: detected capacity change from 0 to 4096 [ 787.243743][ T585] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 787.764995][ T604] netlink: 68 bytes leftover after parsing attributes in process `syz.4.7268'. [ 787.792826][ T604] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7268'. [ 787.812753][ T604] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7268'. [ 787.822437][ T604] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7268'. [ 788.148117][ T587] loop2: detected capacity change from 0 to 40427 [ 788.166225][ T587] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 788.184933][ T587] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 788.213700][ T587] F2FS-fs (loop2): invalid crc_offset: 33558524 [ 788.238350][ T617] loop4: detected capacity change from 0 to 4096 [ 788.252364][ T587] F2FS-fs (loop2): Found nat_bits in checkpoint [ 788.313567][ T617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 788.402548][ T28] audit: type=1800 audit(1781138269.410:302): pid=617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.7272" name="file0" dev="loop4" ino=13 res=0 errno=0 [ 788.577270][T21912] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 788.618580][ T587] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 788.643673][ T587] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 788.830707][ T587] F2FS-fs (loop2): f2fs_fill_dentries: corrupted namelen=27648, run fsck to fix. [ 788.947076][ T649] loop3: detected capacity change from 0 to 512 [ 788.968381][ T649] EXT4-fs: Ignoring removed nobh option [ 788.998233][ T649] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 789.044972][ T649] EXT4-fs (loop3): 1 truncate cleaned up [ 789.094588][ T649] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 789.387990][ T659] loop4: detected capacity change from 0 to 512 [ 789.421650][ T659] EXT4-fs: Ignoring removed nomblk_io_submit option [ 789.460625][ T659] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 789.563986][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 789.595487][ T659] EXT4-fs (loop4): 1 truncate cleaned up [ 789.611531][ T655] loop5: detected capacity change from 0 to 32768 [ 789.656029][ T659] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 789.730138][ T670] loop3: detected capacity change from 0 to 512 [ 789.738813][ T655] (syz.5.7281,655,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 789.765383][ T655] (syz.5.7281,655,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 789.847714][ T670] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 789.860946][ T670] ext4 filesystem being mounted at /1820/file3 supports timestamps until 2038-01-19 (0x7fffffff) [ 789.861632][ T655] (syz.5.7281,655,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 789.973179][ T655] JBD2: Ignoring recovery information on journal [ 790.083873][T21912] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.087319][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.117340][ T655] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 790.250940][ T683] loop2: detected capacity change from 0 to 64 [ 790.500102][ T655] (syz.5.7281,655,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC. [ 790.553893][ T655] (syz.5.7281,655,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae [ 790.584797][ T655] (syz.5.7281,655,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 790.638389][ T655] (syz.5.7281,655,0):ocfs2_quota_read:201 ERROR: status = -5 [ 790.671605][ T655] Quota error (device loop5): find_tree_dqentry: Can't read quota tree block 5 [ 790.700064][ T655] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 790.763985][ T655] (syz.5.7281,655,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 790.788151][ T655] (syz.5.7281,655,1):ocfs2_symlink:1882 ERROR: status = -5 [ 790.820951][ T655] (syz.5.7281,655,1):ocfs2_symlink:2068 ERROR: status = -5 [ 791.085263][ T718] loop2: detected capacity change from 0 to 128 [ 791.393508][ T706] loop4: detected capacity change from 0 to 32768 [ 791.532444][T29049] ocfs2: Unmounting device (7,5) on (node local) [ 791.630183][ T736] sg_write: data in/out 124/1 bytes for SCSI command 0x75-- guessing data in; [ 791.630183][ T736] program syz.3.7299 not setting count and/or reply_len properly [ 791.788295][ T743] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 792.435277][ T741] loop2: detected capacity change from 0 to 32768 [ 792.484184][ T741] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 792.606056][ T741] XFS (loop2): Ending clean mount [ 792.616445][ T793] loop5: detected capacity change from 0 to 2048 [ 792.628795][ T741] XFS (loop2): Quotacheck needed: Please wait. [ 792.705140][ T797] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 792.789849][ T741] XFS (loop2): Quotacheck: Done. [ 793.098503][ T5775] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 793.422332][ T822] loop3: detected capacity change from 0 to 256 [ 793.462661][ T822] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xa7bc3a1f, utbl_chksum : 0xe619d30d) [ 793.491731][ T822] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 2199023255554) [ 793.829210][ T835] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7318'. [ 795.148156][ T877] loop2: detected capacity change from 0 to 4096 [ 795.237490][ T877] NILFS (loop2): invalid segment: Checksum error in segment payload [ 795.274818][ T877] NILFS (loop2): trying rollback from an earlier position [ 795.328499][ T877] NILFS (loop2): recovery complete [ 795.358201][ T897] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 795.611308][ T1193] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 795.766726][ T911] loop4: detected capacity change from 0 to 128 [ 795.794793][ T911] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 795.836435][ T911] hpfs: filesystem error: improperly stopped [ 795.843706][ T911] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 795.851480][ T1193] usb 4-1: Using ep0 maxpacket: 32 [ 795.856644][ T1193] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 795.888149][ T911] hpfs: You really don't want any checks? You are crazy... [ 795.920853][ T911] hpfs: hpfs_map_sector(): read error [ 795.926316][ T911] hpfs: code page support is disabled [ 795.954009][ T1193] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 795.962730][ T911] hpfs: hpfs_map_4sectors(): unaligned read [ 795.976375][ T1193] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 795.986210][ T911] hpfs: hpfs_map_4sectors(): unaligned read [ 796.017931][ T1193] usb 4-1: Product: syz [ 796.021503][ T911] hpfs: filesystem error: unable to find root dir [ 796.046768][ T1193] usb 4-1: Manufacturer: syz [ 796.062905][ T1193] usb 4-1: SerialNumber: syz [ 796.099349][ T1193] usb 4-1: config 0 descriptor?? [ 796.125962][ T891] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 796.403048][ T5765] usb 4-1: USB disconnect, device number 49 [ 796.493075][ T958] loop2: detected capacity change from 0 to 1024 [ 796.565048][ T947] loop5: detected capacity change from 0 to 2048 [ 796.580295][ T958] hfsplus: bad catalog entry type [ 796.681630][ T947] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a840c018, mo2=0002] [ 796.689935][ T947] System zones: 0-4 [ 796.703127][ T1119] hfsplus: b-tree write err: -5, ino 25 [ 796.708915][ T1119] hfsplus: b-tree write err: -5, ino 4 [ 796.765326][ T947] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 796.773753][ T1119] hfsplus: b-tree write err: -5, ino 2 [ 796.827044][ T947] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 796.895842][ T947] fs-verity: sha256 using implementation "sha256-avx2" [ 796.983395][ T947] fs-verity (loop5, inode 18): fs-verity keyring is empty, rejecting signed file! [ 797.155135][T29049] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.560394][ T1009] loop4: detected capacity change from 0 to 8 [ 798.146494][ T1038] loop4: detected capacity change from 0 to 64 [ 798.349096][ T1119] ------------[ cut here ]------------ [ 798.354864][ T1119] kernel BUG at fs/hfs/inode.c:449! [ 798.370834][ T1119] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 798.377178][ T1119] CPU: 0 PID: 1119 Comm: kworker/u4:8 Not tainted syzkaller #0 [ 798.384783][ T1119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 798.394895][ T1119] Workqueue: writeback wb_workfn (flush-7:4) [ 798.400952][ T1119] RIP: 0010:hfs_write_inode+0x87a/0x880 [ 798.406596][ T1119] Code: c7 c1 00 73 31 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 73 31 97 e8 f0 f2 83 ff e9 62 fe ff ff e8 e6 b2 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49 [ 798.426271][ T1119] RSP: 0018:ffffc9000488f340 EFLAGS: 00010293 [ 798.432400][ T1119] RAX: ffffffff825b78aa RBX: ffff888059fe8828 RCX: ffff888023da5a00 [ 798.440417][ T1119] RDX: 0000000000000000 RSI: ffffffff8d33a040 RDI: 0000000000000000 [ 798.448439][ T1119] RBP: ffffc9000488f4d0 R08: ffff888023da5a00 R09: 0000000000000003 [ 798.456461][ T1119] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 798.464479][ T1119] R13: 1ffff92000911e6c R14: ffff888059fe87d8 R15: 0000000000000000 [ 798.472539][ T1119] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 798.481517][ T1119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 798.488163][ T1119] CR2: 00007f9c39587000 CR3: 000000007ea88000 CR4: 00000000003506f0 [ 798.496201][ T1119] Call Trace: [ 798.499524][ T1119] [ 798.502501][ T1119] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 798.507950][ T1119] ? __rwlock_init+0x150/0x150 [ 798.512872][ T1119] __writeback_single_inode+0x705/0xec0 [ 798.518489][ T1119] writeback_sb_inodes+0x7cd/0xf50 [ 798.523955][ T1119] ? queue_io+0x550/0x550 [ 798.528374][ T1119] ? rcu_is_watching+0x15/0xb0 [ 798.533219][ T1119] wb_writeback+0x46a/0xbf0 [ 798.537789][ T1119] ? queue_io+0x3d1/0x550 [ 798.542264][ T1119] ? percpu_ref_tryget+0x250/0x250 [ 798.547474][ T1119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 798.553520][ T1119] ? _raw_spin_unlock_irq+0x23/0x50 [ 798.558793][ T1119] wb_workfn+0x400/0xe60 [ 798.563107][ T1119] ? inode_wait_for_writeback+0x230/0x230 [ 798.568991][ T1119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 798.575036][ T1119] ? read_lock_is_recursive+0x20/0x20 [ 798.580477][ T1119] ? _raw_spin_unlock_irq+0x23/0x50 [ 798.586011][ T1119] ? process_scheduled_works+0x96f/0x15d0 [ 798.591834][ T1119] ? process_scheduled_works+0x96f/0x15d0 [ 798.597624][ T1119] process_scheduled_works+0xa5d/0x15d0 [ 798.603280][ T1119] ? worker_attach_to_pool+0x380/0x380 [ 798.608805][ T1119] ? assign_work+0x3d2/0x5d0 [ 798.613465][ T1119] worker_thread+0xa55/0xfc0 [ 798.618134][ T1119] kthread+0x2fa/0x390 [ 798.622254][ T1119] ? pr_cont_work+0x560/0x560 [ 798.627082][ T1119] ? kthread_blkcg+0xd0/0xd0 [ 798.631727][ T1119] ret_from_fork+0x48/0x80 [ 798.636270][ T1119] ? kthread_blkcg+0xd0/0xd0 [ 798.640918][ T1119] ret_from_fork_asm+0x11/0x20 [ 798.645804][ T1119] [ 798.649085][ T1119] Modules linked in: [ 798.665387][ T1119] ---[ end trace 0000000000000000 ]--- [ 798.671773][ T1119] RIP: 0010:hfs_write_inode+0x87a/0x880 [ 798.683921][ T993] loop2: detected capacity change from 0 to 40427 [ 798.690485][ T1119] Code: c7 c1 00 73 31 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 73 31 97 e8 f0 f2 83 ff e9 62 fe ff ff e8 e6 b2 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49 [ 798.690511][ T1119] RSP: 0018:ffffc9000488f340 EFLAGS: 00010293 [ 798.690599][ T1119] RAX: ffffffff825b78aa RBX: ffff888059fe8828 RCX: ffff888023da5a00 [ 798.690617][ T1119] RDX: 0000000000000000 RSI: ffffffff8d33a040 RDI: 0000000000000000 [ 798.690632][ T1119] RBP: ffffc9000488f4d0 R08: ffff888023da5a00 R09: 0000000000000003 [ 798.690647][ T1119] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000 [ 798.690660][ T1119] R13: 1ffff92000911e6c R14: ffff888059fe87d8 R15: 0000000000000000 [ 798.690676][ T1119] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 798.690694][ T1119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 798.690708][ T1119] CR2: 00007f3d3b8f2008 CR3: 0000000060f13000 CR4: 00000000003506f0 [ 798.690797][ T1119] Kernel panic - not syncing: Fatal exception [ 798.691384][ T1119] Kernel Offset: disabled