last executing test programs: 2m22.186526672s ago: executing program 2 (id=5230): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000007c0)={0x1, @pix_mp={0xaeb, 0x9a63, 0x3132564e, 0x1, 0x1, [{0x0, 0x100}, {0x3, 0x6}, {0xe, 0xfffffff9}, {0x101, 0x2}, {0x2, 0x7}, {0x8, 0xd59e}, {0xffffff2a, 0x7}, {0xe, 0x3}], 0x40, 0x9, 0x8, 0x0, 0x3}}) 2m22.017556871s ago: executing program 2 (id=5234): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x7, 0x4, 0x3e0, 0x0, 0x200, 0x200, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@multicast1, @loopback, 0xffffff00, 0xff, 0xa, 0x9, {@empty, {[0xff, 0xff, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, 0x3, 0x401, 0x9f, 0x17, 0xfffc, 0x2, 'syz_tun\x00', 'syz_tun\x00', {}, {0xff}, 0x0, 0x1cc}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x2, 0x7, 0xea4, 0x1}}}, {{@arp={@multicast1, @loopback, 0xffffffff, 0xff, 0xc, 0x10, {@empty, {[0xff, 0xff, 0x0, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0xed, 0x5, 0x0, 0x35, 0x6, 0xfffb, 'macvlan0\x00', 'bridge_slave_0\x00', {0xff}, {0xff}, 0x0, 0x2f}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0x1}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x5, {0x5}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 2m21.870701351s ago: executing program 2 (id=5236): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0xc8080) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000040)={0x1e, 0x8, [0x2, 0xffffffff]}) 2m21.624140385s ago: executing program 2 (id=5240): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 2m21.216774209s ago: executing program 2 (id=5245): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0x144, 0x10, 0x713, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@remote}, {@in6=@remote, 0x4d3, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@tfcpad={0x8, 0x16, 0x7c0}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x144}}, 0x0) 2m20.722635088s ago: executing program 2 (id=5252): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="279b0abef4f6f38bfbbbeafc78d7", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 2m20.299018123s ago: executing program 32 (id=5252): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="279b0abef4f6f38bfbbbeafc78d7", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 1.760169396s ago: executing program 0 (id=7226): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a802e8c6394f90324fc601000050008000900053582c1fc0b3e37000c0180fc0b1d00f80b", 0x33fe0}], 0x1}, 0x0) 1.635429353s ago: executing program 0 (id=7228): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x802222, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000000)=0x1) 1.561670878s ago: executing program 1 (id=7230): openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0) close(0x3) 1.448447124s ago: executing program 4 (id=7231): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8400) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000040)={0x0, 0x1, 0xe25c, 0x9, 0xfff, 0xc}) 1.448097864s ago: executing program 0 (id=7232): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000004c0)={'gretap0\x00', &(0x7f0000000480)=@ethtool_eee={0x17, 0xfffffffe, 0x0, 0x0, 0x1fc, 0x800, 0x9f9}}) 1.447904254s ago: executing program 1 (id=7233): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000001c0)={[{@grpjquota, 0x4a}, {@debug}, {@jqfmt_vfsold}, {@usrjquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@user_xattr}, {@grpquota}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO") mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 1.370367188s ago: executing program 3 (id=7234): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000001000ffff25bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="7b8a050000000000440012800b000100697036746e6c000034000280080001e0", @ANYRES32, @ANYBLOB="140003000000000000000000000000000000003414000200fe88"], 0x64}}, 0x4008000) 1.326312472s ago: executing program 0 (id=7235): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="ac00000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000840012800c0001006d6163766c616e007400028006000200000000000600020001000000280005800a000400aaaaaaaaaaaa000009"], 0xac}}, 0x0) 1.304319132s ago: executing program 4 (id=7236): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r0, &(0x7f0000000340)}, 0x20) 1.077770416s ago: executing program 3 (id=7237): set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.076941916s ago: executing program 0 (id=7238): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000fefffffb000000000000000085000000bc000000850000002a00000095"], &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="087143592bf27c57ccf7e249a561", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) 1.00499896s ago: executing program 1 (id=7239): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000040)={0x98f905, 0x3, @name="1084fbb97c424e282f899e3109944d77021637316afec408bc7fdcd7ec199a0a"}) 956.705953ms ago: executing program 4 (id=7240): syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1e5, &(0x7f0000000100)="$eJzslr+v0lAUx7/3tilgNCSOLg6SqIOlLWpcTGRxcjDxB3EwkUglSJUEGITEoH+Bu4mDg7v/gImuru4GnVxwc3GpuT/aXgmFF3jlDe98hsO3t6en555zcwoIgji2/PzxZx6jLPVJ1FDS67+szIcb/t/Lv19+uXWz9ebhh6+luVtZFTOOD/5+G8DnpoVx+uz/T9f0713wVN8Dx0WtW2BwtX4Ejvtah2B4oPVTQw+Ev+s+6UWh+3gQdYTwhPGFCYRpLOe3eM3QMfJjxv3RZNpvR1E4LFBsqt+iyXHdyM/slwuVrWfUzweHr3UDDHe0voZSUhtVEmP/Z+wsvrV2/w6KrogtjuQm52/pyulTua1yAGyXBsDSgO+w03bwSh/ZIs9QjrAgRdLRQ4ps7WkX4qBv8IG996qy3Yq5TS8+3VDPJCvxTF1Ln2pOwHiWrCRDP+cVDrapRjaf4vcM5435pEbJW/lW0cL6aDK91HvW7obd8HkQNK56lz3vSlCXg0jZNfOvIufTiSz+ym+SwGEOXrTH46GvbHodKLtq4nI5/zgunFPXornOUtyy/n4m95nMywZTs7f/MTd7Xs29RRAEUTBnwf7GGjsR+msC47/u7SPMkSAIgiAIgiAIgiCI3fgXAAD//1pAQAE=") openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x101800, 0x190) 938.761654ms ago: executing program 0 (id=7241): syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x1, 0x443a, &(0x7f00000088c0)="$eJzs3c9rHNcdAPA3I7mWXNuVXB9cKHShhpa2CMmntjJUlmXLkq2quLUpuaxX0tpWstIaaRVy8EG5GXIK5BByMAkEQtDJ6JCr8yfkkqNzNiSHXAIBE4XdnZV2RrvRRmil2Hw+4H0777f83Xl6axi/OFG5v7iaW1zNFZZz5fm7qxdyb5ZLa0vFEB+Sox6fznQjTmJ/dGYvX/3v7QshfL7w5fOtra2tUNUbWhppev/dtw/nm9OGONOm2m/r3g7KayGEs7vmVdUTQvj/ZyFEIYRLSd54kvaHEE6Hetnth+/cyR3QbJ48K17Mv5h5tDl6fnrj8Wb7nz0K4YPS7/52b+nrP/aMfvWXAxoeAAAAAAAAAAAAAAAAAICX3OTN2Vv/GR4JT6PQuxHtfl53MklbPB87+2k93ToYfziMHxcAAAAAAAAAAAAAAAAAAAB+kXae/89FZ1o8/z+RpGNt2m/9q/tzpHum/j07cWV4JDn/PdpV/vck65tLPWGwxbnv2fPfL2Xatz7/ffc4+9WYX2PcgRDFQ6nrOB4aCuGj5OD3c9GJuFRerfz1bnlteeHApvHSSse/fnp/KjrJgf6dxn8803/3z///7a5PU/X6zsF9xF5p6fj3tK338dtRR/G/nGl3GPFn/9Lx763l9TdXGKsvANX4v9u7d/wnMv13K/6nQwi5qDrXXGoFqO5hqvnt9iukpeN/rJaXWjqTv8h29//3mfhfyfR/VOv/evYXES2l4/+rWl5fqsbO/T8Y73X/94Wr2+/rH5yjiH91/ut+/3ckHf/j9czeptdkOeh0/Z/M9N+t+N+KkxmejlKfgI2ont/i/6ujhXT8+3aV73z/i39y/9fYM1zLtD+s73+NcRvf/xrL/5+j+vc/WkvHv79tvU7v/6lMu26v/2O1/R/7lY7/iVpeeu88UHvtNP7Tmf67Ff/arqSvEf+d9eSH4/X8D+3/OpKO/6/rmXFzjfXaa23/F+29/7+e6f8o9n/V+a/H3R31VZGO/8m29T5ZjMIXHfz7z41Mu2q/x7oz9W3D9vr7lo7/qbb1avd/397xn8m06/b9/6dudg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwEhhP0oEQxUOp6zgeGgrhcnJ9LpyI5goL+blSef6N1RAmkvxcOBPdK5XnCqX84nJ5oZgvlErl+RCuJOVnQ1+0WipX8kuFB1e3++qP7hcLK5W5YqESQphM8n8fTjX6mlusLBUehBCubZf9Ji6vPLhfWM4vLK78c3h4eDhMbc9hMCq+VSkuV+qj10tDmN5uOxA1Ta5WfH17Liej18trK8uFUi3/RlObUnm+UGpqM5OUvRcGo8rK2vJ8oVLMl8r3GuMdpbEknZi6+b+bN0Z2ld+J6un44U4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ/p6eg/3g8h9Nav4hBCLkreRMmflCfPihfzL2YebY6en954vPm8VR0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmQHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKu3SM0kAQhQH4zYBo6TGslt3OdkURLVwRPIEew8PoUbyEd7BIkTZFCCSzEHan2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5R7fhvfXtotIcbW9jPj9/Ps/zp9L/b6rXL44z4ycztPLcP/QduXf0yy/LUerPu/TzfrrIyp19DPZk+k+Hcz7TFX3rWKcb+x7HSk3EdGX/Cbl3DTL3gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAduzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCvAAAA//8W2x2U") setxattr$trusted_overlay_origin(&(0x7f0000000880)='.\x00', &(0x7f00000008c0), 0x0, 0x0, 0x1) 904.831916ms ago: executing program 3 (id=7242): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) userfaultfd(0x1) 720.643807ms ago: executing program 1 (id=7243): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000001c0)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a19c9d8714060014000000001208000a0043000040a80012001200014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d765dd11683296b7947968c7c0b7a196e6f661", 0x6e}, {&(0x7f0000000140)="aa581ff83dac4a519b67538bfa897e210c31e1446808358248cf2d795634b12c4ce81c3876aff89235b78ea0e5c5badfa122797d62c09ada7441b4f31cd5e6fc4b2a325fb5e811fead55530751e6f4bc4b40d94743ed5bd8ec1fff7b0abcc6eaabeb7a2f5f985467a8db", 0x6a}], 0x2}, 0x0) 635.037522ms ago: executing program 3 (id=7244): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 376.662657ms ago: executing program 3 (id=7245): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4a0, 0xffffffff, 0xe8, 0x0, 0xe8, 0xfeffffff, 0xffffffff, 0x3d0, 0x3d0, 0x3d0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xff000000, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x4000}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x1d0, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500) 332.60055ms ago: executing program 4 (id=7246): r0 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000580)={0x1, 0x0, 0x7, &(0x7f0000000540)={0x1c, "584fc4dfae9a34fb1ffbb539b436cc843759a57bf235d2f60200"}}) 321.961791ms ago: executing program 1 (id=7247): r0 = openat$capi20(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$CAPI_NCCI_OPENCOUNT(r0, 0xc0104307, 0x0) 194.492778ms ago: executing program 4 (id=7248): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001ac0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e22431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f5010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123fad5267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d409baeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d50000000000000001af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d5d40b88d2a810c489fc40e26af417fbd7754961841974230b98fe4c02cbc41eb1a61a4e9c19ab2362b2f0098b60cc1e4b25d5b3fe540a08e6153dd229c935846240ab79451fb359792b4c7103cd3307744477fa78dbb78512cf497dfef5d97245f4c3b34c6b89f072e381a35d1d7d3e0db5629985889ad49c5c9268d269d1e3c14c0ed4f390cd88353fd387fa"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x13, 0x0, &(0x7f0000000580)="072731a0de207a5d0a00000000daf6ec141d8a", 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 135.070642ms ago: executing program 3 (id=7249): poll(&(0x7f0000b2c000)=[{}], 0x1, 0x7e) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000) 134.353342ms ago: executing program 1 (id=7250): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000001300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x2}, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}, {0x0, [0x0, 0x51]}}, &(0x7f00000005c0)=""/240, 0x40, 0xf0, 0x1}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x10000, 0x0, 0xffffffffffffffff, 0x987f, '\x00', 0x0, r0, 0x3, 0x2}, 0x50) 0s ago: executing program 4 (id=7251): iopl(0x3) tkill(0x0, 0x13) kernel console output (not intermixed with test programs): 495.888646][T18916] is_bad_inode(inode)=0 [ 495.892878][T18916] NEXT_ORPHAN(inode)=3254779904 [ 495.897761][T18916] max_ino=32 [ 495.945603][T18916] i_nlink=0 [ 495.983584][T18916] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm syz.0.5730: lblock 2 mapped to illegal pblock 2 (length 1) [ 496.015090][T18916] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 496.024221][T18916] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 48: comm syz.0.5730: lblock 0 mapped to illegal pblock 48 (length 1) [ 496.075512][T18916] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 496.087802][T18916] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.5730: Failed to acquire dquot type 0 [ 496.105447][T18916] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 496.129043][T18916] EXT4-fs error (device loop0): ext4_evict_inode:252: inode #11: comm syz.0.5730: mark_inode_dirty error [ 496.182877][T18916] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 496.196733][T18916] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 496.257262][T18929] loop4: detected capacity change from 0 to 8192 [ 496.278769][ T2959] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 2: comm kworker/u4:10: lblock 2 mapped to illegal pblock 2 (length 1) [ 496.300980][T18929] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 496.336828][T18929] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 496.349034][ T2959] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 496.357375][ T2959] EXT4-fs error (device loop0): ext4_write_dquot:6929: comm kworker/u4:10: Failed to commit dquot type 0 [ 496.372369][ T2959] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 496.411201][T18929] REISERFS (device loop4): using ordered data mode [ 496.417791][T18929] reiserfs: using flush barriers [ 496.434363][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.444629][T18929] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 496.469188][T18929] REISERFS (device loop4): checking transaction log (loop4) [ 496.479235][ T5776] EXT4-fs error (device loop0): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 496.502872][T18929] REISERFS (device loop4): Using r5 hash to sort names [ 496.510309][ T5776] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 496.526506][T18929] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 496.548919][ T5776] EXT4-fs error (device loop0): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 496.589873][T18929] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 496.972889][T18952] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5752'. [ 496.984570][T18954] loop4: detected capacity change from 0 to 256 [ 496.988316][T18952] netlink: 140 bytes leftover after parsing attributes in process `syz.1.5752'. [ 497.185653][T18958] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5755'. [ 497.626041][T18977] loop4: detected capacity change from 0 to 1024 [ 497.638322][T18979] loop3: detected capacity change from 0 to 256 [ 497.655769][T18979] exfat: Deprecated parameter 'namecase' [ 497.656849][T18977] EXT4-fs: Ignoring removed bh option [ 497.689001][T18977] EXT4-fs: inline encryption not supported [ 497.689020][T18979] exfat: Deprecated parameter 'namecase' [ 497.716810][T18977] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 497.748482][T18979] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 497.758733][T18977] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 497.828872][T18979] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 497.856838][T18977] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.5764: lblock 2 mapped to illegal pblock 2 (length 1) [ 497.950888][T18977] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 498.009579][T18977] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.5764: lblock 0 mapped to illegal pblock 48 (length 1) [ 498.055518][T18977] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 498.084813][T18977] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.5764: Failed to acquire dquot type 0 [ 498.128349][T18977] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 498.151732][T18977] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.5764: mark_inode_dirty error [ 498.177646][T18977] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 498.205914][T18977] EXT4-fs (loop4): 1 orphan inode deleted [ 498.219417][T18977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 498.221741][T18997] loop0: detected capacity change from 0 to 1024 [ 498.248906][ T38] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 498.278144][ T38] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 498.315942][ T38] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:2: Failed to release dquot type 0 [ 498.379971][T18977] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.390527][ T2959] hfsplus: b-tree write err: -5, ino 4 [ 498.458055][T18977] EXT4-fs error (device loop4): __ext4_get_inode_loc:4489: comm syz.4.5764: Invalid inode table block 1 in block_group 0 [ 498.500957][T18977] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 498.546008][T18977] EXT4-fs error (device loop4): ext4_quota_off:7233: inode #3: comm syz.4.5764: mark_inode_dirty error [ 498.982242][T19022] netlink: 'syz.0.5785': attribute type 1 has an invalid length. [ 499.171565][ T28] audit: type=1326 audit(1769468056.327:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19027 comm="syz.3.5788" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc9739aeb9 code=0x0 [ 499.352264][T19016] loop1: detected capacity change from 0 to 32768 [ 499.364683][T19016] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 499.541348][ T5765] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 499.669405][T19030] loop0: detected capacity change from 0 to 32768 [ 499.711055][T19030] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 499.955730][ T5776] ocfs2: Unmounting device (7,0) on (node local) [ 500.085934][T19048] loop1: detected capacity change from 0 to 1024 [ 500.136954][T19048] EXT4-fs: Ignoring removed mblk_io_submit option [ 500.185955][T19048] EXT4-fs: inline encryption not supported [ 500.244896][T19048] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 500.298046][T19048] EXT4-fs error (device loop1): ext4_orphan_get:1424: comm syz.1.5798: bad orphan inode 11 [ 500.401697][T19048] EXT4-fs (loop1): Remounting filesystem read-only [ 500.441242][T19048] ext4_test_bit(bit=10, block=4) = 1 [ 500.447014][T19048] is_bad_inode(inode)=0 [ 500.477668][T19064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5805'. [ 500.487113][T19064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5805'. [ 500.518436][T19048] NEXT_ORPHAN(inode)=3254779904 [ 500.523545][T19048] max_ino=32 [ 500.526830][T19048] i_nlink=0 [ 500.559339][T19048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 500.709324][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 501.083755][T19050] loop4: detected capacity change from 0 to 32768 [ 501.108095][T19050] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 501.305967][ T5767] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 501.445482][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.451996][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.546668][T19087] netlink: 144 bytes leftover after parsing attributes in process `syz.0.5815'. [ 501.833511][T19092] loop0: detected capacity change from 0 to 4096 [ 501.859107][T19092] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 501.922619][T19092] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 501.955479][T19092] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 501.978081][T19092] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 502.022005][T19092] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 502.042390][T19092] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 502.087967][T19092] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 502.096843][T19092] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 502.185170][T19092] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 502.215030][T19092] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 502.254342][T19068] loop3: detected capacity change from 0 to 32768 [ 502.268582][T19092] ntfs: volume version 3.1. [ 502.433963][T19068] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 502.630661][T19104] loop1: detected capacity change from 0 to 4096 [ 502.647381][T19104] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 502.759972][T19104] ntfs3: loop1: failed to convert "c46c" to maccroatian [ 502.806513][T19114] loop0: detected capacity change from 0 to 512 [ 502.938419][ T5777] ocfs2: Unmounting device (7,3) on (node local) [ 502.998014][T19117] usb usb8: usbfs: process 19117 (syz.0.5831) did not claim interface 0 before use [ 503.384575][T19126] loop1: detected capacity change from 0 to 4096 [ 503.456064][T19126] ntfs: volume version 3.1. [ 503.813789][T19137] netlink: 'syz.1.5839': attribute type 9 has an invalid length. [ 504.010534][T19143] loop1: detected capacity change from 0 to 8 [ 504.106146][T19143] SQUASHFS error: Unable to read inode 0xe3 [ 504.202852][T19129] loop0: detected capacity change from 0 to 32768 [ 504.278914][T19129] JBD2: Ignoring recovery information on journal [ 504.378152][T19129] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 504.577941][ T5776] ocfs2: Unmounting device (7,0) on (node local) [ 504.667982][T13647] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 504.803476][T19165] xt_HMARK: spi-set and port-set can't be combined [ 504.854255][T19168] loop3: detected capacity change from 0 to 8 [ 504.878129][T13647] usb 2-1: Using ep0 maxpacket: 32 [ 504.901231][T13647] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 504.924304][T13647] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 504.941284][T13647] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 504.968045][T13647] usb 2-1: Product: syz [ 504.982581][T13647] usb 2-1: Manufacturer: syz [ 504.987232][T13647] usb 2-1: SerialNumber: syz [ 505.022972][T19168] SQUASHFS error: Unable to read inode 0xa7 [ 505.025670][T13647] usb 2-1: config 0 descriptor?? [ 505.052991][T19172] netlink: zone id is out of range [ 505.064926][T13647] usb 2-1: bad CDC descriptors [ 505.083549][T13647] usb 2-1: unsupported MDLM descriptors [ 505.322994][T13647] usb 2-1: USB disconnect, device number 26 [ 506.108137][T19209] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5869'. [ 506.866262][T19244] netlink: 'syz.1.5886': attribute type 2 has an invalid length. [ 507.074509][T19249] bond4: entered allmulticast mode [ 507.080966][T19249] 8021q: adding VLAN 0 to HW filter on device bond4 [ 507.134943][T19253] loop3: detected capacity change from 0 to 164 [ 507.238656][T19260] loop4: detected capacity change from 0 to 512 [ 507.245585][T19253] Symlink component flag not implemented [ 507.254677][T19260] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 507.266100][T19253] Symlink component flag not implemented (7) [ 507.364778][T19260] EXT4-fs (loop4): 1 truncate cleaned up [ 507.387316][T19260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 507.620982][T17624] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.772211][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 507.772225][ T28] audit: type=1326 audit(1769468064.927:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.1.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 507.858104][ T28] audit: type=1326 audit(1769468064.957:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.1.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 507.941469][ T28] audit: type=1326 audit(1769468064.967:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.1.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 507.990039][T19289] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5904'. [ 508.007989][T19289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5904'. [ 508.027349][ T28] audit: type=1326 audit(1769468064.967:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19280 comm="syz.1.5900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 508.238052][ T2130] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 508.315340][T19301] netlink: 304 bytes leftover after parsing attributes in process `syz.4.5910'. [ 508.332124][T19299] loop3: detected capacity change from 0 to 1024 [ 508.353262][T19299] EXT4-fs: Ignoring removed bh option [ 508.370072][T19299] EXT4-fs: inline encryption not supported [ 508.409115][T19299] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 508.448608][T19299] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000] [ 508.465899][T19299] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.5908: lblock 2 mapped to illegal pblock 2 (length 1) [ 508.496450][T19299] EXT4-fs (loop3): Remounting filesystem read-only [ 508.516173][T19299] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 508.533103][ T2130] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 508.571428][T19299] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 508.598178][ T2130] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.610015][T19299] EXT4-fs (loop3): 1 orphan inode deleted [ 508.654399][T19312] loop0: detected capacity change from 0 to 64 [ 508.661787][T19299] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 508.675511][ T2130] usb 2-1: config 0 descriptor?? [ 508.691672][ T2130] cp210x 2-1:0.0: cp210x converter detected [ 508.725872][T19299] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.109861][ T2130] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 509.138177][ T2130] cp210x 2-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 509.145709][ T2130] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 509.185759][ T2130] usb 2-1: cp210x converter now attached to ttyUSB0 [ 509.204529][ T2130] usb 2-1: USB disconnect, device number 27 [ 509.242032][ T2130] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 509.268800][ T2130] cp210x 2-1:0.0: device disconnected [ 509.351732][T19322] loop0: detected capacity change from 0 to 4096 [ 509.355123][T19310] loop4: detected capacity change from 0 to 32768 [ 509.376970][T19322] ntfs: (device loop0): is_boot_sector_ntfs(): Invalid end of sector marker. [ 509.400718][T19310] (syz.4.5914,19310,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 509.442445][T19310] (syz.4.5914,19310,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 509.511946][T19310] JBD2: Ignoring recovery information on journal [ 509.527636][T19322] ntfs: volume version 3.1. [ 509.695796][T19310] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 509.719339][T19322] ntfs: (device loop0): parse_options(): Unrecognized mount option ÿÿ184467440737095516150xffffffffffffffff18446744073709551615±ñV?Œù³ßCp~'~8pٻ젌|ž^½Ö(cŸoö—ÈêM ) Çÿÿÿÿÿÿÿÿÿ. [ 510.054867][T19342] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5929'. [ 510.150508][T17624] ocfs2: Unmounting device (7,4) on (node local) [ 510.222435][T19347] netlink: 'syz.3.5932': attribute type 5 has an invalid length. [ 510.287722][T19344] loop0: detected capacity change from 0 to 4096 [ 510.677925][ T28] audit: type=1326 audit(1769468067.817:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19358 comm="syz.0.5937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 510.734512][ T28] audit: type=1326 audit(1769468067.817:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19358 comm="syz.0.5937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 510.899833][T19369] loop1: detected capacity change from 0 to 64 [ 510.903879][T19367] netlink: 'syz.0.5942': attribute type 5 has an invalid length. [ 511.384311][T19380] netlink: 'syz.1.5944': attribute type 2 has an invalid length. [ 511.731544][T19374] loop0: detected capacity change from 0 to 32768 [ 511.775984][T19389] loop3: detected capacity change from 0 to 764 [ 511.800610][T19374] (syz.0.5946,19374,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 511.829643][T19390] loop1: detected capacity change from 0 to 2048 [ 511.848702][T19374] (syz.0.5946,19374,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 511.874079][T19389] rock: directory entry would overflow storage [ 511.897930][T19389] rock: sig=0x4654, size=5, remaining=4 [ 511.908362][T19393] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 511.979910][T19374] JBD2: Ignoring recovery information on journal [ 512.146191][T19374] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 512.350311][T19397] snd_dummy snd_dummy.0: control 0:8:0:syz0:0 is already present [ 512.451377][T19399] xfrm0: left promiscuous mode [ 512.468698][T19399] xfrm0: left allmulticast mode [ 512.588605][ T5776] ocfs2: Unmounting device (7,0) on (node local) [ 512.704436][T19405] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5960'. [ 512.780775][T19407] netlink: 'syz.3.5961': attribute type 3 has an invalid length. [ 512.818001][T19407] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.5961'. [ 513.079368][T19415] Cannot find add_set index 3 as target [ 513.753732][T19437] loop0: detected capacity change from 0 to 4096 [ 513.908841][T19437] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 513.948022][T19437] ntfs3: loop0: Failed to load $Extend (-22). [ 513.954761][T19437] ntfs3: loop0: Failed to initialize $Extend. [ 514.188759][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.201874][T19455] SET target dimension over the limit! [ 514.202317][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.213059][T19429] loop1: detected capacity change from 0 to 32768 [ 514.218315][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.242775][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.254301][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.279360][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.289212][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.352508][T19429] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 514.370884][T19457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5985'. [ 514.448863][T19429] XFS (loop1): Ending clean mount [ 514.694466][ T5772] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 514.750494][T19473] loop4: detected capacity change from 0 to 4096 [ 514.818400][T19473] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 514.868053][T19473] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 4096) [ 514.968892][T19483] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 515.204932][T19473] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 515.252720][T19473] Remounting filesystem read-only [ 515.330391][T19491] loop1: detected capacity change from 0 to 512 [ 515.337742][T17624] NILFS (loop4): discard dirty page: offset=0, ino=6 [ 515.357301][T17624] NILFS (loop4): discard dirty block: blocknr=23, size=4096 [ 515.366403][T17624] NILFS (loop4): discard dirty page: offset=4096, ino=6 [ 515.375011][T17624] NILFS (loop4): discard dirty block: blocknr=24, size=4096 [ 515.388110][T17624] NILFS (loop4): discard dirty page: offset=8192, ino=6 [ 515.390166][T19491] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 515.405306][T17624] NILFS (loop4): discard dirty block: blocknr=25, size=4096 [ 515.405934][T17624] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 515.424494][T13647] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 515.437495][T17624] NILFS (loop4): discard dirty page: offset=0, ino=3 [ 515.464027][T17624] NILFS (loop4): discard dirty block: blocknr=28, size=4096 [ 515.474256][T19491] EXT4-fs (loop1): 1 truncate cleaned up [ 515.481641][T19491] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 515.484522][T17624] NILFS (loop4): discard dirty page: offset=4096, ino=3 [ 515.532720][T19491] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 515.546116][T17624] NILFS (loop4): discard dirty block: blocknr=29, size=4096 [ 515.577956][T17624] NILFS (loop4): discard dirty page: offset=270336, ino=3 [ 515.592900][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.602159][T17624] NILFS (loop4): discard dirty block: blocknr=0, size=4096 [ 515.627993][T13647] usb 1-1: Using ep0 maxpacket: 32 [ 515.639024][T13647] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 515.668755][T13647] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 515.688584][T13647] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 515.722381][T13647] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.746566][T13647] usb 1-1: config 0 descriptor?? [ 515.777309][T13647] hub 1-1:0.0: USB hub found [ 515.982617][T13647] hub 1-1:0.0: 1 port detected [ 516.190738][T13647] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 516.218031][T13647] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 516.252241][T13647] usbhid 1-1:0.0: can't add hid device: -71 [ 516.282388][T13647] usbhid: probe of 1-1:0.0 failed with error -71 [ 516.333904][T13647] usb 1-1: USB disconnect, device number 26 [ 516.448127][T19518] loop4: detected capacity change from 0 to 16 [ 516.480547][T19518] erofs: (device loop4): mounted with root inode @ nid 36. [ 516.616162][T19523] netlink: 'syz.3.6011': attribute type 1 has an invalid length. [ 516.644529][T19523] netlink: 'syz.3.6011': attribute type 1 has an invalid length. [ 517.065426][T19542] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 517.554007][T19554] loop4: detected capacity change from 0 to 4096 [ 517.575852][T19554] __ntfs_error: 4 callbacks suppressed [ 517.575866][T19554] ntfs: (device loop4): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 517.612223][T19554] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 517.649770][T19554] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 517.666455][T19554] ntfs: volume version 3.1. [ 517.683785][T19554] ntfs: (device loop4): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 517.717773][T19562] loop1: detected capacity change from 0 to 4096 [ 517.818320][T13647] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 517.984533][T19572] IPv6: sit2: Disabled Multicast RS [ 518.017937][T13647] usb 1-1: Using ep0 maxpacket: 16 [ 518.029317][T13647] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 518.038779][T13647] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.072205][T13647] usb 1-1: config 0 descriptor?? [ 518.093032][T13647] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 518.138131][T13648] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 518.168078][T19574] netlink: 'syz.3.6037': attribute type 12 has an invalid length. [ 518.296858][T13647] usb 1-1: Detected FT232B [ 518.318121][T13648] usb 5-1: Using ep0 maxpacket: 16 [ 518.320931][T13648] usb 5-1: config 254 has an invalid interface number: 235 but max is 0 [ 518.320956][T13648] usb 5-1: config 254 has no interface number 0 [ 518.320991][T13648] usb 5-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 518.321043][T13648] usb 5-1: config 254 interface 235 has no altsetting 0 [ 518.327298][T13648] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 518.382268][T13648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 518.390395][T13648] usb 5-1: Product: syz [ 518.394851][T13648] usb 5-1: Manufacturer: syz [ 518.423109][T13648] usb 5-1: SerialNumber: syz [ 518.451653][T19570] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 518.496929][T13647] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 518.509436][T13647] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 518.519595][T19582] __nla_validate_parse: 67 callbacks suppressed [ 518.519610][T19582] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6049'. [ 518.543281][T13647] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 518.552730][T19582] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6049'. [ 518.582352][T13647] usb 1-1: USB disconnect, device number 27 [ 518.594727][T13647] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 518.629681][T13647] ftdi_sio 1-1:0.0: device disconnected [ 518.697048][T13648] usbtest 5-1:254.235: couldn't get endpoints, -71 [ 518.708305][T13648] usbtest: probe of 5-1:254.235 failed with error -71 [ 518.714118][T19586] loop3: detected capacity change from 0 to 2048 [ 518.741758][T13648] usb 5-1: USB disconnect, device number 2 [ 518.756062][T19588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6043'. [ 518.773516][T19588] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6043'. [ 518.788754][T19589] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 519.201450][ T28] audit: type=1326 audit(1769468076.357:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.1.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 519.277892][ T28] audit: type=1326 audit(1769468076.357:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.1.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 519.351276][ T28] audit: type=1326 audit(1769468076.407:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.1.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 519.394557][ T28] audit: type=1326 audit(1769468076.407:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.1.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 519.477972][ T28] audit: type=1326 audit(1769468076.407:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.1.6051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 519.644542][T19619] loop4: detected capacity change from 0 to 512 [ 519.654760][T19619] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 519.694478][T19619] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 519.703058][T19619] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.6058: invalid indirect mapped block 2683928664 (level 1) [ 519.718324][T13648] usb 2-1: new full-speed USB device number 28 using dummy_hcd [ 519.733286][T19619] EXT4-fs (loop4): Remounting filesystem read-only [ 519.748174][T19619] EXT4-fs (loop4): 1 truncate cleaned up [ 519.755023][T19619] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 519.802692][T19623] loop3: detected capacity change from 0 to 4096 [ 519.831788][T17624] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.840981][T19623] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 519.851965][ T2130] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 519.870794][T19623] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096) [ 519.934265][T13648] usb 2-1: config 0 has an invalid interface number: 29 but max is 0 [ 519.954563][T19624] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 519.966364][T13648] usb 2-1: config 0 has no interface number 0 [ 519.988445][T13648] usb 2-1: config 0 interface 29 has no altsetting 0 [ 520.005202][T13648] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 520.026004][T13648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.046123][T13648] usb 2-1: Product: syz [ 520.052798][T19623] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 520.058021][ T2130] usb 1-1: Using ep0 maxpacket: 16 [ 520.067498][T13648] usb 2-1: Manufacturer: syz [ 520.067534][T13648] usb 2-1: SerialNumber: syz [ 520.073491][T13648] usb 2-1: config 0 descriptor?? [ 520.095268][T19623] Remounting filesystem read-only [ 520.106127][ T2130] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 520.126976][ T2130] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 520.139507][ T2130] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 520.158271][ T2130] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 520.173329][ T2130] usb 1-1: Product: syz [ 520.177556][ T2130] usb 1-1: Manufacturer: syz [ 520.184456][ T2130] usb 1-1: SerialNumber: syz [ 520.205199][ T5777] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 520.226238][ T5777] NILFS (loop3): discard dirty block: blocknr=23, size=4096 [ 520.244951][ T5777] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 520.252833][ T5777] NILFS (loop3): discard dirty block: blocknr=24, size=4096 [ 520.265604][ T5777] NILFS (loop3): discard dirty page: offset=8192, ino=6 [ 520.272945][ T5777] NILFS (loop3): discard dirty block: blocknr=25, size=4096 [ 520.287305][ T5777] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 520.321319][ T5777] NILFS (loop3): discard dirty page: offset=0, ino=3 [ 520.328604][T13648] peak_usb 2-1:0.29: PEAK-System PCAN-USB X6 v184 fw v210.0.0 (2 channels) [ 520.349569][ T5777] NILFS (loop3): discard dirty block: blocknr=28, size=4096 [ 520.356986][ T5777] NILFS (loop3): discard dirty page: offset=4096, ino=3 [ 520.371390][ T5777] NILFS (loop3): discard dirty block: blocknr=29, size=4096 [ 520.406155][ T2130] usb 1-1: 0:2 : does not exist [ 520.421442][ T5777] NILFS (loop3): discard dirty page: offset=270336, ino=3 [ 520.432103][ T5777] NILFS (loop3): discard dirty block: blocknr=0, size=4096 [ 520.443187][ T2130] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 520.489663][ T2130] usb 1-1: USB disconnect, device number 28 [ 520.542419][T13648] peak_usb 2-1:0.29 can0: unable to request usb[type=2 value=5] err=-71 [ 520.559746][T13648] peak_usb 2-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71) [ 520.585099][ T5765] udevd[5765]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 520.601634][T19630] loop4: detected capacity change from 0 to 4096 [ 520.641537][T19630] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 520.666384][T19632] loop3: detected capacity change from 0 to 4096 [ 520.680130][T13648] peak_usb: probe of 2-1:0.29 failed with error -71 [ 520.687384][T19630] ntfs: volume version 0.0. [ 520.713209][T13648] usb 2-1: USB disconnect, device number 28 [ 520.775361][T19633] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 521.307059][T19650] netlink: 1 bytes leftover after parsing attributes in process `syz.3.6073'. [ 521.327960][T19653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6072'. [ 521.358334][T19650] netlink: 1 bytes leftover after parsing attributes in process `syz.3.6073'. [ 522.043857][T19652] loop1: detected capacity change from 0 to 32768 [ 522.056855][T19652] (syz.1.6074,19652,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 522.100573][T19678] netdevsim netdevsim4: Direct firmware load for ..€ failed with error -2 [ 522.115802][T19652] (syz.1.6074,19652,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 522.134717][T19678] netdevsim netdevsim4: Falling back to sysfs fallback for: ..€ [ 522.202501][T19652] JBD2: Ignoring recovery information on journal [ 522.250931][T19685] xt_CT: No such helper "netbios-ns" [ 522.364012][T19690] loop0: detected capacity change from 0 to 256 [ 522.382565][T19652] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 522.670565][T19699] tc_dump_action: action bad kind [ 522.763649][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 522.776602][T19701] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6096'. [ 523.064891][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 523.064906][ T28] audit: type=1326 audit(1769468080.217:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19704 comm="syz.4.6099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 523.093448][ C1] vkms_vblank_simulate: vblank timer overrun [ 523.198453][ T28] audit: type=1326 audit(1769468080.217:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19704 comm="syz.4.6099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 523.237419][T19712] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6101'. [ 523.295577][ T28] audit: type=1326 audit(1769468080.257:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19704 comm="syz.4.6099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 523.334469][ T28] audit: type=1326 audit(1769468080.257:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19704 comm="syz.4.6099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 523.359251][ T28] audit: type=1326 audit(1769468080.257:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19704 comm="syz.4.6099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 523.382961][T19715] binder: 19714:19715 ioctl c018620b 0 returned -14 [ 523.654505][T19723] netlink: 76 bytes leftover after parsing attributes in process `syz.4.6108'. [ 523.756702][T19728] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6109'. [ 523.812759][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.845221][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.854787][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.864296][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.873658][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.883711][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.893087][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 523.902860][T19731] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6110'. [ 524.788225][T13648] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 524.978019][T13648] usb 5-1: Using ep0 maxpacket: 16 [ 525.010448][T13648] usb 5-1: config 0 has an invalid interface number: 237 but max is 0 [ 525.023685][T13648] usb 5-1: config 0 has no interface number 0 [ 525.031484][T13648] usb 5-1: config 0 interface 237 has no altsetting 0 [ 525.046895][T13648] usb 5-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 525.066489][T13648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.096934][T13648] usb 5-1: Product: syz [ 525.115312][T13648] usb 5-1: Manufacturer: syz [ 525.135087][T13648] usb 5-1: SerialNumber: syz [ 525.154339][T13648] usb 5-1: config 0 descriptor?? [ 525.159825][T19783] xt_TPROXY: Can be used only with -p tcp or -p udp [ 525.173348][T13648] snd_usb_podhd 5-1:0.237: Line 6 POD HD300 found [ 525.391573][T13648] snd_usb_podhd 5-1:0.237: cannot get proper max packet size [ 525.405490][T13648] snd_usb_podhd 5-1:0.237: Line 6 POD HD300 now disconnected [ 525.414240][T19793] netlink: 'syz.3.6140': attribute type 9 has an invalid length. [ 525.424612][T13648] snd_usb_podhd: probe of 5-1:0.237 failed with error -22 [ 525.432779][T19793] netlink: 'syz.3.6140': attribute type 6 has an invalid length. [ 525.443605][T19793] netlink: 'syz.3.6140': attribute type 7 has an invalid length. [ 525.451847][T19793] netlink: 'syz.3.6140': attribute type 8 has an invalid length. [ 525.513943][T19795] usb usb7: usbfs: process 19795 (syz.1.6142) did not claim interface 0 before use [ 525.641469][ T5856] usb 5-1: USB disconnect, device number 3 [ 525.663175][T19800] loop1: detected capacity change from 0 to 256 [ 525.724400][T19800] FAT-fs (loop1): Directory bread(block 64) failed [ 525.748313][T19800] FAT-fs (loop1): Directory bread(block 65) failed [ 525.754981][T19800] FAT-fs (loop1): Directory bread(block 66) failed [ 525.787945][T19800] FAT-fs (loop1): Directory bread(block 67) failed [ 525.794616][T19800] FAT-fs (loop1): Directory bread(block 68) failed [ 525.806712][T19800] FAT-fs (loop1): Directory bread(block 69) failed [ 525.816296][T19800] FAT-fs (loop1): Directory bread(block 70) failed [ 525.828259][T19800] FAT-fs (loop1): Directory bread(block 71) failed [ 525.835515][T19800] FAT-fs (loop1): Directory bread(block 72) failed [ 525.857942][T19800] FAT-fs (loop1): Directory bread(block 73) failed [ 526.364652][T19818] qrtr: Invalid version 0 [ 526.508150][ T5856] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 526.614235][T19828] loop1: detected capacity change from 0 to 1764 [ 526.676388][T19832] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 526.697922][T19828] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 526.728279][ T5856] usb 4-1: Using ep0 maxpacket: 8 [ 526.735641][ T5856] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 526.747900][ T5856] usb 4-1: config 179 has no interface number 0 [ 526.781312][ T5856] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 526.815113][ T5856] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 526.851405][ T5856] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 526.893757][ T5856] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 526.927636][ T5856] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 526.971708][ T5856] usb 4-1: config 179 interface 65 has no altsetting 0 [ 526.998298][ T5856] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 527.026847][ T5856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 527.084282][ T5856] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input20 [ 527.361655][ T5837] usb 4-1: USB disconnect, device number 33 [ 527.367667][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 527.380793][ T5837] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 527.398340][ T5856] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 527.582695][ T5856] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 527.596272][ T5856] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 527.605237][ T5856] usb 2-1: Product: syz [ 527.620395][ T5856] usb 2-1: Manufacturer: syz [ 527.628238][ T5856] usb 2-1: SerialNumber: syz [ 527.652304][ T5856] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 527.690282][ T5837] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 528.127029][T13648] usb 2-1: USB disconnect, device number 29 [ 528.695202][T19900] loop3: detected capacity change from 0 to 256 [ 528.814883][ T5837] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 528.836834][ T5837] ath9k_htc: Failed to initialize the device [ 528.858774][T13648] usb 2-1: ath9k_htc: USB layer deinitialized [ 528.860603][T19905] Unsupported ieee802154 address type: 0 [ 529.019028][T19909] loop4: detected capacity change from 0 to 2048 [ 529.055342][T19909] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 529.134565][T19909] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 529.227973][T13648] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 529.418197][T19927] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 529.430099][T13648] usb 2-1: Using ep0 maxpacket: 32 [ 529.469899][T13648] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 529.501029][T13648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.513130][T13648] usb 2-1: Product: syz [ 529.518692][T13648] usb 2-1: Manufacturer: syz [ 529.523452][T13648] usb 2-1: SerialNumber: syz [ 529.547088][T13648] usb 2-1: config 0 descriptor?? [ 529.603110][T19931] loop0: detected capacity change from 0 to 8 [ 529.651968][T19931] SQUASHFS error: Failed to read block 0x2d7: -5 [ 529.668229][T19931] SQUASHFS error: Unable to read metadata cache entry [2d5] [ 529.676019][T19931] SQUASHFS error: Failed to read block 0x8f: -5 [ 529.705529][ T28] audit: type=1800 audit(1769468086.857:342): pid=19931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6209" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 529.779482][T13648] snd-usb-6fire 2-1:0.0: unknown device firmware state received from device: [ 529.804785][T13648] eb 9a 47 80 9b f8 7a f0 [ 529.814907][T13648] snd-usb-6fire: probe of 2-1:0.0 failed with error -5 [ 529.945300][T19925] loop3: detected capacity change from 0 to 32768 [ 529.958127][T19925] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 529.997056][ T5856] usb 2-1: USB disconnect, device number 30 [ 530.005964][T19939] __nla_validate_parse: 281 callbacks suppressed [ 530.005979][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.067185][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.084866][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.094217][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.105841][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.126086][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.140403][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.149812][ T5767] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 530.160715][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.177747][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.190674][T19939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6213'. [ 530.376615][T19947] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 530.734897][T19957] netlink: 'syz.3.6222': attribute type 21 has an invalid length. [ 530.784678][T19955] loop1: detected capacity change from 0 to 4096 [ 530.947398][T19963] netlink: 'syz.4.6225': attribute type 32 has an invalid length. [ 531.118066][T19965] netlink: zone id is out of range [ 531.123249][T19965] netlink: zone id is out of range [ 531.188087][T19965] netlink: zone id is out of range [ 531.197675][T19965] netlink: zone id is out of range [ 531.208069][T19965] netlink: zone id is out of range [ 531.213228][T19965] netlink: get zone limit has 4 unknown bytes [ 531.265404][T19971] bridge5: entered promiscuous mode [ 531.354908][T19946] loop0: detected capacity change from 0 to 40427 [ 531.390327][T19946] F2FS-fs (loop0): invalid crc value [ 531.417962][T19946] F2FS-fs (loop0): Found nat_bits in checkpoint [ 531.430058][T13650] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 531.543925][T19946] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 531.618052][T13650] usb 5-1: Using ep0 maxpacket: 8 [ 531.624514][T19983] xt_hashlimit: invalid interval [ 531.631649][T13650] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 531.648019][T13650] usb 5-1: config 179 has no interface number 0 [ 531.664579][T13650] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 531.688005][T13650] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 531.731052][T13650] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 531.773978][T13650] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 531.784951][T13650] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 531.800978][T13650] usb 5-1: config 179 interface 65 has no altsetting 0 [ 531.810876][T13650] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 531.833451][T13650] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.874436][T13650] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input21 [ 532.088004][T13647] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 532.123877][T13650] usb 5-1: USB disconnect, device number 4 [ 532.129855][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 532.144981][T13650] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 532.289893][T13647] usb 2-1: config 40 has an invalid interface number: 33 but max is 0 [ 532.310833][T13647] usb 2-1: config 40 has no interface number 0 [ 532.317073][T13647] usb 2-1: config 40 interface 33 has no altsetting 0 [ 532.336355][T13647] usb 2-1: New USB device found, idVendor=04cb, idProduct=0113, bcdDevice=25.0c [ 532.346358][T13647] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 532.354658][T13647] usb 2-1: Product: syz [ 532.360016][T13647] usb 2-1: Manufacturer: syz [ 532.364953][T13647] usb 2-1: SerialNumber: syz [ 532.529953][T20003] loop0: detected capacity change from 0 to 2048 [ 532.550874][T20003] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 532.573048][T20003] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 532.591387][T13647] gspca_main: finepix-2.14.0 probing 04cb:0113 [ 532.625985][T13647] usb 2-1: USB disconnect, device number 31 [ 533.148177][T13650] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 533.383935][T13650] usb 1-1: Using ep0 maxpacket: 16 [ 533.401962][T13650] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 533.441688][T13650] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 533.475556][T13650] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.494907][T13650] usb 1-1: Product: syz [ 533.503168][T13650] usb 1-1: Manufacturer: syz [ 533.513764][T13650] usb 1-1: SerialNumber: syz [ 533.524419][T13650] usb 1-1: config 0 descriptor?? [ 533.545591][T13650] asix: probe of 1-1:0.0 failed with error -22 [ 533.771573][ T5856] usb 1-1: USB disconnect, device number 29 [ 534.024475][T20056] loop4: detected capacity change from 0 to 16 [ 534.044914][T20056] erofs: (device loop4): mounted with root inode @ nid 36. [ 534.075976][T20056] erofs: (device loop4): z_erofs_read_folio: read error -95 @ 8200 of nid 36 [ 534.425564][T20067] loop3: detected capacity change from 0 to 512 [ 534.449564][T20067] EXT4-fs: Ignoring removed orlov option [ 534.513393][T20067] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 534.570239][T20067] EXT4-fs (loop3): orphan cleanup on readonly fs [ 534.611951][T20067] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.6274: bg 0: block 248: padding at end of block bitmap is not set [ 534.748055][T20067] Quota error (device loop3): write_blk: dquota write failed [ 534.755597][T20067] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 534.799517][T20067] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.6274: Failed to acquire dquot type 1 [ 534.856116][T20067] EXT4-fs (loop3): 1 truncate cleaned up [ 534.863887][T20067] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 534.956028][T20067] EXT4-fs: Ignoring removed orlov option [ 535.027586][T20067] EXT4-fs: can't change dax mount option while remounting [ 535.103505][T20086] batman_adv: batadv0: Interface deactivated: wlan0 [ 535.118292][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.283352][T20098] loop3: detected capacity change from 0 to 1024 [ 535.420141][T20098] afs: Unexpected value for 'dyn' [ 535.801539][T20112] netlink: 'syz.4.6291': attribute type 10 has an invalid length. [ 535.828136][T20112] __nla_validate_parse: 64 callbacks suppressed [ 535.828154][T20112] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6291'. [ 535.864807][T20112] bridge0: port 3(ipvlan1) entered blocking state [ 535.872224][T20112] bridge0: port 3(ipvlan1) entered disabled state [ 535.888639][T20112] ipvlan1: entered allmulticast mode [ 535.916913][T20112] veth0_vlan: entered allmulticast mode [ 535.950829][T20112] ipvlan1: left allmulticast mode [ 535.971638][T20112] veth0_vlan: left allmulticast mode [ 535.996998][T20112] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 536.424521][T20136] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 536.677972][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.698115][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.707546][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.717615][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.727364][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.737052][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.746855][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.762239][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 536.788428][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6302'. [ 537.920781][T20201] loop1: detected capacity change from 0 to 256 [ 537.938902][T13650] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 537.958783][T20204] loop4: detected capacity change from 0 to 8 [ 537.980924][T20204] SQUASHFS error: Unknown inode type 257 in squashfs_iget! [ 538.029076][T20201] FAT-fs (loop1): Directory bread(block 64) failed [ 538.035662][T20201] FAT-fs (loop1): Directory bread(block 65) failed [ 538.058687][ T5765] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 538.068134][T20201] FAT-fs (loop1): Directory bread(block 66) failed [ 538.074756][T20201] FAT-fs (loop1): Directory bread(block 67) failed [ 538.095594][T20201] FAT-fs (loop1): Directory bread(block 68) failed [ 538.126130][T20201] FAT-fs (loop1): Directory bread(block 69) failed [ 538.141726][T20201] FAT-fs (loop1): Directory bread(block 70) failed [ 538.148301][T13650] usb 1-1: Using ep0 maxpacket: 8 [ 538.158912][T13650] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 538.167321][T20201] FAT-fs (loop1): Directory bread(block 71) failed [ 538.167587][T20201] FAT-fs (loop1): Directory bread(block 72) failed [ 538.167644][T20201] FAT-fs (loop1): Directory bread(block 73) failed [ 538.257206][T13650] usb 1-1: config 179 has no interface number 0 [ 538.283418][T13650] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 538.313893][T13650] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 538.362517][T13650] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 538.384866][T13650] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 538.407433][T13650] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 538.449726][T13650] usb 1-1: config 179 interface 65 has no altsetting 0 [ 538.479741][T13650] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 538.506094][T13650] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 538.569462][T13650] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input22 [ 538.629823][T20220] SET target dimension over the limit! [ 538.665731][T20221] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 538.894934][ T5837] IPVS: starting estimator thread 0... [ 538.966805][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 538.977407][T13648] usb 1-1: USB disconnect, device number 30 [ 538.998074][T20227] IPVS: using max 25 ests per chain, 60000 per kthread [ 538.999855][T13648] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 539.388011][ T5837] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 539.477980][T20248] loop4: detected capacity change from 0 to 4096 [ 539.606397][ T5837] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 539.630617][ T5837] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 539.657921][ T5837] usb 4-1: config 0 interface 0 has no altsetting 0 [ 539.676316][ T5837] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 539.690995][ T5837] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 539.699516][ T5837] usb 4-1: Product: syz [ 539.703715][ T5837] usb 4-1: Manufacturer: syz [ 539.708828][ T5837] usb 4-1: SerialNumber: syz [ 539.741992][ T5837] usb 4-1: config 0 descriptor?? [ 539.772876][ T5837] hub 4-1:0.0: bad descriptor, ignoring hub [ 539.787082][ T5837] hub: probe of 4-1:0.0 failed with error -5 [ 539.802776][ T5837] usb 4-1: selecting invalid altsetting 0 [ 540.248106][T20273] program syz.4.6354 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 540.249594][ T5856] usb 4-1: USB disconnect, device number 34 [ 540.396194][T20278] netlink: 'syz.0.6357': attribute type 1 has an invalid length. [ 540.457456][T20282] loop4: detected capacity change from 0 to 1024 [ 540.521064][T20282] hfsplus: invalid extended attribute record [ 540.621992][ T2959] hfsplus: b-tree write err: -5, ino 4 [ 541.024896][T20300] loop1: detected capacity change from 0 to 128 [ 541.079690][T20302] syz.3.6368: attempt to access beyond end of device [ 541.079690][T20302] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 541.110949][T20300] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 541.273004][ T5772] sysv_free_block: flc_count > flc_size [ 541.283816][ T5772] sysv_free_block: flc_count > flc_size [ 541.299348][ T5772] sysv_free_block: flc_count > flc_size [ 541.305008][ T5772] sysv_free_block: flc_count > flc_size [ 541.315112][ T5772] sysv_free_block: flc_count > flc_size [ 541.320801][T20286] loop0: detected capacity change from 0 to 32768 [ 541.350100][T20286] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 541.371367][ T5772] sysv_free_block: flc_count > flc_size [ 541.393160][ T5772] sysv_free_block: flc_count > flc_size [ 541.419919][ T5772] sysv_free_block: flc_count > flc_size [ 541.433821][ T5772] sysv_free_block: flc_count > flc_size [ 541.446032][ T5772] sysv_free_block: flc_count > flc_size [ 541.470392][ T5772] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 541.489931][ T5765] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 541.628227][T20315] ERROR: device name not specified. [ 541.770958][T20320] ieee802154 phy0 wpan0: encryption failed: -22 [ 542.205463][T20334] loop0: detected capacity change from 0 to 4096 [ 542.218200][T20334] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 542.595041][ T28] audit: type=1326 audit(1769468099.747:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20351 comm="syz.1.6392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 542.678079][ T28] audit: type=1326 audit(1769468099.777:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20351 comm="syz.1.6392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 542.768003][ T28] audit: type=1326 audit(1769468099.797:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20351 comm="syz.1.6392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 542.844688][ T28] audit: type=1326 audit(1769468099.797:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20351 comm="syz.1.6392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 542.922365][ T28] audit: type=1326 audit(1769468099.797:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20351 comm="syz.1.6392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 542.951426][ T28] audit: type=1326 audit(1769468100.107:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.0.6396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 543.012233][ T28] audit: type=1326 audit(1769468100.107:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.0.6396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 543.040544][ T28] audit: type=1326 audit(1769468100.107:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.0.6396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 543.062985][ C0] vkms_vblank_simulate: vblank timer overrun [ 543.153232][ T28] audit: type=1326 audit(1769468100.107:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.0.6396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 543.217737][ T28] audit: type=1326 audit(1769468100.107:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20360 comm="syz.0.6396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 543.288252][T20368] batadv1: entered promiscuous mode [ 543.339020][T20368] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 543.413390][T20349] loop4: detected capacity change from 0 to 40427 [ 543.443792][T20373] misc userio: Invalid payload size [ 543.463378][T20349] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x7ffff [ 543.484259][T20349] F2FS-fs (loop4): Image doesn't support compression [ 543.495404][T20349] F2FS-fs (loop4): Image doesn't support compression [ 543.573330][T20349] F2FS-fs (loop4): invalid crc value [ 543.581224][T20349] F2FS-fs (loop4): Found nat_bits in checkpoint [ 543.718098][T20349] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 544.587077][T20412] virtiofs: Unknown parameter 'always' [ 545.125234][T20439] netlink: 'syz.3.6435': attribute type 1 has an invalid length. [ 545.162159][T20439] netlink: 'syz.3.6435': attribute type 1 has an invalid length. [ 545.216284][T20444] __nla_validate_parse: 84 callbacks suppressed [ 545.216304][T20444] netlink: 256 bytes leftover after parsing attributes in process `syz.0.6437'. [ 545.606544][T20462] xt_recent: Unsupported userspace flags (000000b1) [ 545.905616][T20478] comedi comedi0: Minor 3 could not be opened [ 546.030953][T20482] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6455'. [ 546.099835][T20482] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6455'. [ 546.157955][ T5762] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 546.341952][ T5762] usb 2-1: Using ep0 maxpacket: 32 [ 546.362613][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 546.382033][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 546.400092][ T5762] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 546.419484][ T5762] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 546.456174][ T5762] usb 2-1: config 0 descriptor?? [ 546.463917][ T5762] hub 2-1:0.0: USB hub found [ 546.544805][T20502] loop3: detected capacity change from 0 to 64 [ 546.696483][ T5762] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 546.747972][T20508] loop0: detected capacity change from 0 to 16 [ 546.756462][T20508] erofs: (device loop0): mounted with root inode @ nid 36. [ 546.929439][ T5762] usbhid 2-1:0.0: can't add hid device: -71 [ 546.935651][ T5762] usbhid: probe of 2-1:0.0 failed with error -71 [ 546.988926][ T5762] usb 2-1: USB disconnect, device number 32 [ 547.217233][T20525] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 547.562127][T20540] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 547.894895][T20550] loop0: detected capacity change from 0 to 4096 [ 547.911099][T20554] bridge0: port 1(bridge_slave_0) entered disabled state [ 547.978216][T20554] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 548.385877][T20570] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 548.420346][T20570] 8021q: adding VLAN 0 to HW filter on device bond0 [ 548.464767][T20570] bond0: (slave lo): making interface the new active one [ 548.478283][T13648] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 548.489528][T20570] lo: entered promiscuous mode [ 548.500436][T20570] bond0: (slave lo): Enslaving as an active interface with an up link [ 548.527979][T20577] x_tables: unsorted underflow at hook 4 [ 548.669208][T13648] usb 2-1: Using ep0 maxpacket: 8 [ 548.687121][T13648] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 548.710439][T13648] usb 2-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 548.728114][T13648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.740090][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 548.740103][ T28] audit: type=1107 audit(1769468105.877:358): pid=20582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 548.756481][T13648] usb 2-1: Product: syz [ 548.868218][T13648] usb 2-1: Manufacturer: syz [ 548.873004][T13648] usb 2-1: SerialNumber: syz [ 548.877779][T20585] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6507'. [ 548.898997][T13648] usb 2-1: config 0 descriptor?? [ 548.912315][T13648] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 548.948140][T13648] usb 2-1: selecting invalid altsetting 1 [ 549.372840][ T5762] usb 2-1: USB disconnect, device number 33 [ 549.742584][T20618] sctp: [Deprecated]: syz.3.6523 (pid 20618) Use of struct sctp_assoc_value in delayed_ack socket option. [ 549.742584][T20618] Use struct sctp_sack_info instead [ 549.768405][ T5856] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 549.968322][ T5856] usb 5-1: Using ep0 maxpacket: 32 [ 550.008277][ T5856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 550.035602][ T5856] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 550.053225][ T5856] usb 5-1: New USB device found, idVendor=ae6f, idProduct=79f4, bcdDevice=8f.99 [ 550.098510][ T5856] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.106566][ T5856] usb 5-1: Product: syz [ 550.141324][ T5856] usb 5-1: Manufacturer: syz [ 550.146061][ T5856] usb 5-1: SerialNumber: syz [ 550.178570][ T5856] usb 5-1: config 0 descriptor?? [ 550.319739][T20632] loop3: detected capacity change from 0 to 4096 [ 550.387351][T20632] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 550.403851][ T5856] usb 5-1: USB disconnect, device number 5 [ 550.444292][T20632] ntfs3: loop3: Failed to load $Extend (-22). [ 550.462624][T20632] ntfs3: loop3: Failed to initialize $Extend. [ 550.698215][T20648] netlink: 'syz.1.6538': attribute type 1 has an invalid length. [ 551.521336][ T5762] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 551.722535][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.735112][ T5762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 551.745767][ T5762] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 551.770505][ T5762] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 551.790549][ T5762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.810184][ T5762] usb 1-1: config 0 descriptor?? [ 551.828939][ T5762] hub 1-1:0.0: USB hub found [ 551.846245][T20696] veth5: entered allmulticast mode [ 551.998560][ T1327] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 552.048328][ T5762] hub 1-1:0.0: 9 ports detected [ 552.053659][ T5762] hub 1-1:0.0: insufficient power available to use all downstream ports [ 552.250201][ T5762] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 552.256626][ T5762] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 552.329025][ T5762] usb 1-1: USB disconnect, device number 31 [ 552.495048][T20720] loop1: detected capacity change from 0 to 512 [ 552.502635][T20720] EXT4-fs: Ignoring removed nobh option [ 552.579258][T20720] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #3: comm syz.1.6573: corrupted inode contents [ 552.638316][ C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 552.663466][ T1327] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 552.685793][T20720] EXT4-fs (loop1): Remounting filesystem read-only [ 552.712944][T20731] loop3: detected capacity change from 0 to 64 [ 552.725304][T20720] Quota error (device loop1): write_blk: dquota write failed [ 552.756097][T20720] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 552.792904][T20720] EXT4-fs (loop1): 1 truncate cleaned up [ 552.820045][T20720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 552.867164][T20720] ext4 filesystem being mounted at /1662/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 552.894241][T20733] netlink: 'syz.4.6578': attribute type 1 has an invalid length. [ 553.032479][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.380612][T20751] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6586'. [ 553.409888][T20751] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 554.886927][T20814] loop0: detected capacity change from 0 to 2048 [ 554.912444][T20816] 9p: Unknown access argument `: -22 [ 555.009253][T20814] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 555.068143][T20814] ext4 filesystem being mounted at /1630/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 555.084729][T20827] netlink: 108 bytes leftover after parsing attributes in process `syz.4.6625'. [ 555.178719][T20814] fscrypt (loop0, inode 14): Error -61 getting encryption context [ 555.311988][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.783599][T20860] netlink: 'syz.3.6639': attribute type 1 has an invalid length. [ 555.795535][T20860] netlink: 248 bytes leftover after parsing attributes in process `syz.3.6639'. [ 556.113034][T20872] netlink: 'syz.1.6645': attribute type 10 has an invalid length. [ 556.128899][T20872] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6645'. [ 556.145330][T20872] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 556.267991][T13648] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 556.458475][T13648] usb 4-1: Using ep0 maxpacket: 32 [ 556.483028][T13648] usb 4-1: config 0 has an invalid interface number: 85 but max is 0 [ 556.507945][T13648] usb 4-1: config 0 has no interface number 0 [ 556.514089][T13648] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 556.538637][T13648] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0 [ 556.549195][T13648] usb 4-1: config 0 interface 85 has no altsetting 0 [ 556.568370][T13648] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 556.577655][T13648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 556.591161][T13648] usb 4-1: Product: syz [ 556.595369][T13648] usb 4-1: Manufacturer: syz [ 556.600428][T13648] usb 4-1: SerialNumber: syz [ 556.617062][T13648] usb 4-1: config 0 descriptor?? [ 556.905125][T20903] netlink: 'syz.0.6660': attribute type 64 has an invalid length. [ 556.913578][T20903] netlink: 9 bytes leftover after parsing attributes in process `syz.0.6660'. [ 557.134559][T13648] appletouch 4-1:0.85: Failed to request geyser raw mode [ 557.142740][T13648] appletouch: probe of 4-1:0.85 failed with error -5 [ 557.184897][T13648] usb 4-1: USB disconnect, device number 35 [ 557.250153][ T28] audit: type=1326 audit(1769468114.407:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20910 comm="syz.1.6672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 557.317979][ T28] audit: type=1326 audit(1769468114.407:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20910 comm="syz.1.6672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 557.381276][ T28] audit: type=1326 audit(1769468114.437:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20910 comm="syz.1.6672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 557.446288][ T28] audit: type=1326 audit(1769468114.437:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20910 comm="syz.1.6672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 557.507970][ T28] audit: type=1326 audit(1769468114.447:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20910 comm="syz.1.6672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4b3d9aeb9 code=0x7ffc0000 [ 557.533877][T20920] loop0: detected capacity change from 0 to 512 [ 557.560013][T20920] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 557.572388][ T28] audit: type=1326 audit(1769468114.577:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20915 comm="syz.4.6666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 557.601456][ T28] audit: type=1326 audit(1769468114.577:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20915 comm="syz.4.6666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 557.631732][T20922] netlink: 288 bytes leftover after parsing attributes in process `syz.4.6668'. [ 557.694720][ T28] audit: type=1326 audit(1769468114.577:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20915 comm="syz.4.6666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 557.738390][T20920] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 557.763032][ T1327] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 557.784248][ T28] audit: type=1326 audit(1769468114.577:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20915 comm="syz.4.6666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 557.837871][ T28] audit: type=1326 audit(1769468114.577:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20915 comm="syz.4.6666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 558.354396][T20947] usb usb9: usbfs: process 20947 (syz.3.6683) did not claim interface 6 before use [ 558.399872][ T38] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 558.756979][T20967] loop4: detected capacity change from 0 to 512 [ 558.795089][T20967] EXT4-fs error (device loop4): ext4_orphan_get:1424: comm syz.4.6693: bad orphan inode 13 [ 558.850652][T20967] ext4_test_bit(bit=12, block=4) = 1 [ 558.889098][T20967] is_bad_inode(inode)=0 [ 558.893335][T20967] NEXT_ORPHAN(inode)=0 [ 558.926384][T20967] max_ino=32 [ 558.938011][T20967] i_nlink=1 [ 558.942452][T20967] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 559.026693][T20967] EXT4-fs warning (device loop4): dx_probe:845: inode #2: comm syz.4.6693: Hash code is SIPHASH, but hash not in dirent [ 559.057989][T20967] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.6693: Corrupt directory, running e2fsck is recommended [ 559.098410][T20967] EXT4-fs warning (device loop4): dx_probe:845: inode #2: comm syz.4.6693: Hash code is SIPHASH, but hash not in dirent [ 559.137999][T20967] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.6693: Corrupt directory, running e2fsck is recommended [ 559.269045][T17624] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.374461][T20992] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6704'. [ 559.433149][T20994] loop4: detected capacity change from 0 to 164 [ 559.462958][T20996] netlink: 'syz.3.6705': attribute type 10 has an invalid length. [ 559.471696][T20996] netlink: 210880 bytes leftover after parsing attributes in process `syz.3.6705'. [ 559.494763][T20994] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 559.548642][T20994] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 559.580042][T20994] Symlink component flag not implemented [ 559.585747][T20994] Symlink component flag not implemented [ 559.618224][T21000] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6707'. [ 559.642751][T21000] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6707'. [ 559.726281][T21002] netlink: 'syz.3.6708': attribute type 1 has an invalid length. [ 559.774563][T21002] netlink: 154788 bytes leftover after parsing attributes in process `syz.3.6708'. [ 559.979231][T21014] binder: 21013:21014 ioctl c00c620f 2000000000c0 returned -22 [ 560.011143][T21016] IPv6: NLM_F_CREATE should be specified when creating new route [ 560.034314][T21018] loop0: detected capacity change from 0 to 64 [ 560.044178][T21016] netlink: 1 bytes leftover after parsing attributes in process `syz.3.6713'. [ 560.314164][T21030] netlink: 'syz.1.6720': attribute type 21 has an invalid length. [ 560.354009][T21030] IPv6: NLM_F_CREATE should be specified when creating new route [ 560.388289][T21030] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 560.395586][T21030] IPv6: NLM_F_CREATE should be set when creating new route [ 560.402953][T21030] IPv6: NLM_F_CREATE should be set when creating new route [ 560.410254][T21030] IPv6: NLM_F_CREATE should be set when creating new route [ 560.423527][T21033] loop3: detected capacity change from 0 to 64 [ 560.644841][T21043] xt_cgroup: xt_cgroup: no path or classid specified [ 561.050783][T21059] xt_limit: Overflow, try lower: 65536/2147483648 [ 561.089056][T21061] loop0: detected capacity change from 0 to 64 [ 561.766793][T21091] loop0: detected capacity change from 0 to 256 [ 561.809075][T21091] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 562.118351][ T5837] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 562.231189][T21111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6761'. [ 562.328319][ T5837] usb 4-1: Using ep0 maxpacket: 32 [ 562.344459][ T5837] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 562.362576][ T5837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 562.378121][T21118] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6763'. [ 562.403977][ T5837] usb 4-1: config 0 descriptor?? [ 562.421025][ T5837] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 562.657697][T21128] netlink: 'syz.0.6769': attribute type 2 has an invalid length. [ 562.666955][T21128] netlink: 723 bytes leftover after parsing attributes in process `syz.0.6769'. [ 562.825681][ T5837] gspca_vc032x: reg_w err -71 [ 562.842061][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.854807][T21134] loop0: detected capacity change from 0 to 128 [ 562.861302][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.861316][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.882636][ T961] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 562.892748][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.899543][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.909270][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.915815][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.921488][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.926941][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.932736][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.945909][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.968101][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.983759][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 562.997884][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.010690][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.016262][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.038036][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.043427][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.082895][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.098713][ T5837] gspca_vc032x: I2c Bus Busy Wait 00 [ 563.108165][ T5837] gspca_vc032x: Unknown sensor... [ 563.131486][ T5837] vc032x: probe of 4-1:0.0 failed with error -22 [ 563.146879][T21138] usb usb9: usbfs: process 21138 (syz.4.6776) did not claim interface 0 before use [ 563.160689][ T5837] usb 4-1: USB disconnect, device number 36 [ 563.296152][T21147] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 563.308102][T21147] overlayfs: missing 'lowerdir' [ 563.496270][ T28] audit: type=1326 audit(1769468120.647:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.578023][ T28] audit: type=1326 audit(1769468120.647:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.660166][ T28] audit: type=1326 audit(1769468120.647:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.716345][ T28] audit: type=1326 audit(1769468120.647:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.778070][ T28] audit: type=1326 audit(1769468120.677:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.829887][ T28] audit: type=1326 audit(1769468120.677:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.890848][ T28] audit: type=1326 audit(1769468120.677:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 563.933873][ T28] audit: type=1326 audit(1769468120.677:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21152 comm="syz.4.6780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 564.098819][T13648] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 564.159934][T17828] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 564.287956][T13648] usb 2-1: Using ep0 maxpacket: 32 [ 564.309129][T13648] usb 2-1: config 0 has an invalid interface number: 188 but max is 0 [ 564.317369][T13648] usb 2-1: config 0 has no interface number 0 [ 564.328037][ T5837] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 564.342477][T13648] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 564.361711][T13648] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 564.381670][T13648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.395740][T13648] usb 2-1: Product: syz [ 564.406603][T13648] usb 2-1: Manufacturer: syz [ 564.417936][T13648] usb 2-1: SerialNumber: syz [ 564.429767][T13648] usb 2-1: config 0 descriptor?? [ 564.436171][T21167] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 564.531855][ T5837] usb 4-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=31.00 [ 564.556662][ T5837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.578835][ T5837] usb 4-1: Product: syz [ 564.583053][ T5837] usb 4-1: Manufacturer: syz [ 564.587678][ T5837] usb 4-1: SerialNumber: syz [ 564.601332][ T5837] usb 4-1: config 0 descriptor?? [ 564.619239][ T5837] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 564.639622][ T5837] usb 4-1: Detected FT4232HP [ 564.668764][T21167] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 564.891942][T13648] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 564.918122][T13648] asix: probe of 2-1:0.188 failed with error -71 [ 564.938994][T13648] usb 2-1: USB disconnect, device number 34 [ 565.020147][ T5837] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 565.093824][ T5837] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 565.112371][ T5837] usb 4-1: USB disconnect, device number 37 [ 565.144170][ T5837] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 565.176908][ T5837] ftdi_sio 4-1:0.0: device disconnected [ 566.088283][T21237] loop3: detected capacity change from 0 to 2048 [ 566.160904][T21237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 566.217993][T21237] ext4 filesystem being mounted at /1675/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 566.309509][T21237] fscrypt (loop3, inode 14): Error -61 getting encryption context [ 566.405826][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.018818][T21270] gtp0: entered promiscuous mode [ 567.036377][T21270] gtp0: entered allmulticast mode [ 567.037503][T21239] loop0: detected capacity change from 0 to 32768 [ 567.041634][T21273] syz.4.6835 (21273): /proc/21272/oom_adj is deprecated, please use /proc/21272/oom_score_adj instead. [ 567.089855][T21239] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop0 scanned by syz.0.6820 (21239) [ 567.132633][T21239] BTRFS info (device loop0): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 567.162712][T21239] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 567.193141][T21239] BTRFS info (device loop0): enabling ssd optimizations [ 567.202460][T21275] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.6836'. [ 567.222452][T21239] BTRFS info (device loop0): not using ssd optimizations [ 567.235025][T21239] BTRFS info (device loop0): turning off barriers [ 567.266042][T21239] BTRFS info (device loop0): using free space tree [ 567.608155][ T5776] BTRFS info (device loop0): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 567.636428][T21295] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 567.941185][T21308] loop3: detected capacity change from 0 to 512 [ 567.948803][ T5765] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 9 /dev/loop0 scanned by udevd (5765) [ 568.002001][ T2959] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 568.038143][T21308] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 568.107898][T21308] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 568.133580][T21308] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 568.200857][T21308] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 568.238369][T21319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6849'. [ 568.275045][T21308] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0080] [ 568.283447][T21308] EXT4-fs (loop3): orphan cleanup on readonly fs [ 568.336105][T21308] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.6845: bg 0: block 34: padding at end of block bitmap is not set [ 568.414098][T21308] Quota error (device loop3): write_blk: dquota write failed [ 568.448211][T21308] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 568.495239][T21308] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.6845: Failed to acquire dquot type 1 [ 568.578760][T21308] EXT4-fs (loop3): 1 truncate cleaned up [ 568.586097][T21308] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 568.706104][T21308] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 568.728087][T21308] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0080] [ 568.745321][T21335] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6855'. [ 568.933398][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.947990][T21338] netlink: 300 bytes leftover after parsing attributes in process `syz.4.6859'. [ 569.194521][ T28] audit: type=1326 audit(2000000000.620:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21346 comm="syz.0.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 569.256672][ T28] audit: type=1326 audit(2000000000.620:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21346 comm="syz.0.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 569.333372][ T28] audit: type=1326 audit(2000000000.670:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21346 comm="syz.0.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 569.408507][ T28] audit: type=1326 audit(2000000000.670:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21346 comm="syz.0.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 569.468957][ T28] audit: type=1326 audit(2000000000.670:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21346 comm="syz.0.6863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3bf79aeb9 code=0x7ffc0000 [ 569.778502][T21367] cgroup: name respecified [ 569.924272][ T2959] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 569.939765][T21373] loop4: detected capacity change from 0 to 16 [ 569.972885][T21373] erofs: (device loop4): mounted with root inode @ nid 36. [ 570.023444][T21373] erofs: (device loop4): z_erofs_readahead: readahead error at folio 3 @ nid 89 [ 570.059736][T21373] erofs: (device loop4): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 570.069071][T21373] erofs: (device loop4): z_erofs_do_map_blocks: inconsistent algorithmtype 1 for nid 89 [ 570.079252][T21373] erofs: (device loop4): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 570.088643][T21373] erofs: (device loop4): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 570.098960][T21373] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 0 of nid 89 [ 570.127912][ T28] audit: type=1800 audit(2000000001.530:382): pid=21373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6876" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 570.274953][T21383] loop4: detected capacity change from 0 to 256 [ 570.315774][T21383] FAT-fs (loop4): Directory bread(block 64) failed [ 570.337989][T21383] FAT-fs (loop4): Directory bread(block 65) failed [ 570.353857][T21383] FAT-fs (loop4): Directory bread(block 66) failed [ 570.377729][T21383] FAT-fs (loop4): Directory bread(block 67) failed [ 570.397953][T21383] FAT-fs (loop4): Directory bread(block 68) failed [ 570.404553][T21383] FAT-fs (loop4): Directory bread(block 69) failed [ 570.445363][T21358] loop0: detected capacity change from 0 to 32768 [ 570.449310][T21383] FAT-fs (loop4): Directory bread(block 70) failed [ 570.474455][T21383] FAT-fs (loop4): Directory bread(block 71) failed [ 570.511404][T21383] FAT-fs (loop4): Directory bread(block 72) failed [ 570.543612][T21383] FAT-fs (loop4): Directory bread(block 73) failed [ 570.940892][T21399] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 571.018738][T21401] loop3: detected capacity change from 0 to 1024 [ 571.024411][T13650] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 571.070280][T21401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.152770][T21401] EXT4-fs error (device loop3): ext4_get_first_dir_block:3606: inode #11: comm syz.3.6890: directory missing '..' [ 571.204474][ T5777] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.227962][T13650] usb 1-1: Using ep0 maxpacket: 16 [ 571.236713][T13650] usb 1-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 571.278095][ T28] audit: type=1326 audit(2000000002.700:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21409 comm="syz.4.6893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 571.306401][T13650] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 571.335897][T13650] usb 1-1: New USB device found, idVendor=046b, idProduct=0000, bcdDevice= 0.00 [ 571.363796][ T28] audit: type=1326 audit(2000000002.700:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21409 comm="syz.4.6893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 571.377360][T13650] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.427023][ T28] audit: type=1326 audit(2000000002.740:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21409 comm="syz.4.6893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 571.459906][T13650] usb 1-1: 0:2 : does not exist [ 571.507887][ T28] audit: type=1326 audit(2000000002.740:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21409 comm="syz.4.6893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4486d9aeb9 code=0x7ffc0000 [ 571.681331][ T2130] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 571.702387][T13650] usb 1-1: USB disconnect, device number 32 [ 571.812837][T21426] loop1: detected capacity change from 0 to 256 [ 571.868321][ T2130] usb 4-1: Using ep0 maxpacket: 8 [ 571.879257][ T2130] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 571.899955][ T2130] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 571.909833][ T2130] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 571.936661][ T2130] usb 4-1: Product: syz [ 571.945622][ T2130] usb 4-1: Manufacturer: syz [ 571.953577][ T2130] usb 4-1: SerialNumber: syz [ 572.043374][T21432] trusted_key: encrypted_key: master key parameter '' is invalid [ 572.198019][ T2130] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 572.205906][ T2130] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 572.224358][ T2130] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 572.258138][T21438] loop4: detected capacity change from 0 to 512 [ 572.335049][T21438] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.6908: error while reading EA inode 32 err=-116 [ 572.405983][T21438] EXT4-fs (loop4): Remounting filesystem read-only [ 572.419175][ T2130] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 572.427531][ T2130] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 572.441674][T21438] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 572.461007][T21438] EXT4-fs (loop4): 1 orphan inode deleted [ 572.465745][ T2130] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 572.481334][ T2130] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 572.496957][T21438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.510590][ T2130] usb 4-1: USB disconnect, device number 38 [ 572.521813][T21438] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.543891][ T2130] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 572.572970][ T2130] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 572.584580][T21447] netlink: 4168 bytes leftover after parsing attributes in process `syz.1.6910'. [ 572.599793][ T2130] visor 4-1:1.0: device disconnected [ 573.077483][T21463] netlink: 'syz.3.6918': attribute type 1 has an invalid length. [ 573.116201][T21463] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6918'. [ 573.179185][T21467] netlink: 'syz.0.6919': attribute type 1 has an invalid length. [ 573.462839][T21477] loop4: detected capacity change from 0 to 256 [ 573.759029][ T2972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 574.258006][T21506] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 574.517942][ T5762] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 574.529620][T21514] loop1: detected capacity change from 0 to 4096 [ 574.569474][T21514] ntfs3: loop1: ino=3, Correct links count -> 2. [ 574.686872][T21514] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 574.730614][ T5762] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 574.756052][ T5762] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 574.788645][ T5762] usb 5-1: config 0 has no interface number 0 [ 574.794803][ T5762] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 574.825655][ T5762] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 574.870098][ T5762] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 574.879637][ T5762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 574.887719][ T5762] usb 5-1: Product: syz [ 574.897907][ T5762] usb 5-1: Manufacturer: syz [ 574.903446][ T5762] usb 5-1: SerialNumber: syz [ 574.919434][ T5762] usb 5-1: config 0 descriptor?? [ 575.141398][ T5762] usbtouchscreen: probe of 5-1:0.117 failed with error -71 [ 575.169918][ T5762] usb 5-1: USB disconnect, device number 6 [ 575.220291][T21531] loop1: detected capacity change from 0 to 1024 [ 575.295701][T21531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.387815][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.392270][T21538] loop0: detected capacity change from 0 to 1024 [ 575.430070][T21538] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 575.450261][T21538] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 575.464678][T21538] EXT4-fs (loop0): orphan cleanup on readonly fs [ 575.486492][T21538] __quota_error: 1 callbacks suppressed [ 575.486509][T21538] Quota error (device loop0): v2_read_file_info: Free block number 2147483648 out of range (1, 6). [ 575.506039][T21538] EXT4-fs warning (device loop0): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 575.522749][T21538] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 575.530150][T21538] EXT4-fs error (device loop0): ext4_free_blocks:6692: comm syz.0.6954: Freeing blocks not in datazone - block = 0, count = 4096 [ 575.549511][T21538] EXT4-fs (loop0): Remounting filesystem read-only [ 575.556260][T21538] EXT4-fs (loop0): 1 truncate cleaned up [ 575.563199][T21538] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 575.623943][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.653199][T21521] loop3: detected capacity change from 0 to 32768 [ 575.679396][ T2972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 575.713312][T21521] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 575.713312][T21521] [ 575.789153][T21521] xtLookup: xtSearch returned -5 [ 575.808154][T21521] free_index: error reading directory table [ 575.818181][T21521] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 575.818181][T21521] [ 575.848871][T21521] xtLookup: xtSearch returned -5 [ 575.853870][T21521] free_index: error reading directory table [ 575.871761][T21521] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 575.871761][T21521] [ 575.900255][T21521] xtLookup: xtSearch returned -5 [ 575.905239][T21521] free_index: error reading directory table [ 575.955965][T21547] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6958'. [ 575.988905][T21549] loop0: detected capacity change from 0 to 2048 [ 576.012324][T21549] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 576.059888][T21551] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 576.061095][T21549] syz.0.6959: attempt to access beyond end of device [ 576.061095][T21549] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 576.286111][T21549] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 576.305406][T21549] Remounting filesystem read-only [ 576.311544][T21549] NILFS error (device loop0): nilfs_bmap_last_key: broken bmap (inode number=16) [ 576.321490][T21549] NILFS (loop0): error -5 truncating bmap (ino=16) [ 576.395345][ T5776] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 576.417964][ T5776] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 576.442146][ T5776] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 576.452592][ T5776] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 576.462587][ T5776] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 576.471871][ T5776] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 576.585196][T21561] netlink: 'syz.4.6965': attribute type 21 has an invalid length. [ 576.887736][T21569] loop0: detected capacity change from 0 to 1024 [ 576.986836][T21573] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6969'. [ 577.001775][T21575] loop3: detected capacity change from 0 to 16 [ 577.018958][T21573] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6969'. [ 577.044762][T21575] erofs: (device loop3): mounted with root inode @ nid 36. [ 577.111939][ T38] hfsplus: b-tree write err: -5, ino 4 [ 577.138600][T21575] cifs: Unknown parameter 'cache_strategy' [ 577.464797][T21588] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6976'. [ 577.617317][T21593] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6979'. [ 578.628086][ T5837] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 578.720870][T21644] xt_TPROXY: Can be used only with -p tcp or -p udp [ 578.838236][ T5837] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 578.848884][ T5837] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 578.879253][ T5837] usb 4-1: config 0 has no interface number 0 [ 578.891755][ T5837] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 578.915693][ T5837] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 578.977559][ T5837] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 578.987549][ T5837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 579.007860][ T5837] usb 4-1: Product: syz [ 579.012076][ T5837] usb 4-1: Manufacturer: syz [ 579.016704][ T5837] usb 4-1: SerialNumber: syz [ 579.036073][ T5837] usb 4-1: config 0 descriptor?? [ 579.061555][T21656] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7009'. [ 579.070981][T21656] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 579.284638][ T5837] usbtouchscreen: probe of 4-1:0.117 failed with error -71 [ 579.326349][ T5837] usb 4-1: USB disconnect, device number 39 [ 579.522198][T21671] 8021q: adding VLAN 0 to HW filter on device bond2 [ 579.522966][ T961] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 580.032008][T21689] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 580.184009][T21668] loop4: detected capacity change from 0 to 32768 [ 580.238124][T21668] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 580.427949][T21668] XFS (loop4): Ending clean mount [ 580.452248][T21668] XFS (loop4): Quotacheck needed: Please wait. [ 580.535051][T21668] XFS (loop4): Quotacheck: Done. [ 580.544126][T21668] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 580.803493][ T2972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 580.937228][T21717] loop4: detected capacity change from 0 to 256 [ 581.020940][T21693] loop1: detected capacity change from 0 to 32768 [ 581.634842][T21736] RDS: rds_bind could not find a transport for 0:0:200::1, load rds_tcp or rds_rdma? [ 581.857931][ T5762] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 581.936250][T21749] loop0: detected capacity change from 0 to 512 [ 581.989256][T21751] bridge3: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms) [ 582.020622][T21749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 582.065069][T21749] ext4 filesystem being mounted at /1737/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 582.108579][ T5762] usb 5-1: config 0 has an invalid interface number: 172 but max is 0 [ 582.116825][ T5762] usb 5-1: config 0 has no interface number 0 [ 582.176270][ T5762] usb 5-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1 [ 582.187876][ T5762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.195923][ T5762] usb 5-1: Product: syz [ 582.222029][T21749] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.7051: corrupted xattr block 33: invalid ea_ino [ 582.237329][ T5762] usb 5-1: Manufacturer: syz [ 582.248682][ T5762] usb 5-1: SerialNumber: syz [ 582.262966][T21749] fscrypt (loop0, inode 15): Error -117 getting encryption context [ 582.278823][ T5762] usb 5-1: config 0 descriptor?? [ 582.299527][ T5762] qmi_wwan 5-1:0.172: bogus CDC Union: master=0, slave=0 [ 582.382927][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.482677][T21764] loop3: detected capacity change from 0 to 8192 [ 582.498488][ T5762] qmi_wwan: probe of 5-1:0.172 failed with error -22 [ 582.608004][T21766] loop1: detected capacity change from 0 to 4096 [ 582.630496][T21766] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 582.704679][ T5762] usb 5-1: USB disconnect, device number 7 [ 582.713719][T21766] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 582.989658][T21777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7063'. [ 582.999231][T21777] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7063'. [ 583.008380][T21777] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7063'. [ 583.110878][T21783] loop1: detected capacity change from 0 to 128 [ 583.124086][T21783] FAT-fs (loop1): Directory bread(block 162) failed [ 583.142135][T21783] FAT-fs (loop1): Directory bread(block 163) failed [ 583.150466][T21783] FAT-fs (loop1): Directory bread(block 164) failed [ 583.157140][T21783] FAT-fs (loop1): Directory bread(block 165) failed [ 583.170186][T21783] FAT-fs (loop1): Directory bread(block 166) failed [ 583.176852][T21783] FAT-fs (loop1): Directory bread(block 167) failed [ 583.187505][T21783] FAT-fs (loop1): Directory bread(block 168) failed [ 583.204946][T21783] FAT-fs (loop1): Directory bread(block 169) failed [ 583.243509][T21783] FAT-fs (loop1): Directory bread(block 162) failed [ 583.264097][T21783] FAT-fs (loop1): Directory bread(block 163) failed [ 583.277047][T21783] syz.1.7065: attempt to access beyond end of device [ 583.277047][T21783] loop1: rw=3, sector=226, nr_sectors = 6 limit=128 [ 583.303580][T21783] syz.1.7065: attempt to access beyond end of device [ 583.303580][T21783] loop1: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 583.366222][T21788] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7068'. [ 583.521599][T21793] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7071'. [ 583.886370][T21802] 8021q: adding VLAN 0 to HW filter on device bond5 [ 584.194274][T21821] futex_wake_op: syz.4.7084 tries to shift op by -1; fix this program [ 584.510961][T21833] loop4: detected capacity change from 0 to 2048 [ 584.536988][T21833] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 584.642790][ T2972] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 585.196876][T21865] loop3: detected capacity change from 0 to 256 [ 585.297968][ T5762] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 585.504912][ T5762] usb 5-1: Using ep0 maxpacket: 32 [ 585.517663][ T5762] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 585.542090][ T5762] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 585.552068][ T5762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 585.565078][ T5762] usb 5-1: Product: syz [ 585.575137][ T5762] usb 5-1: Manufacturer: syz [ 585.585252][ T5762] usb 5-1: SerialNumber: syz [ 585.600474][ T5762] usb 5-1: config 0 descriptor?? [ 585.638612][ T5762] usb 5-1: bad CDC descriptors [ 585.659272][ T5762] usb 5-1: unsupported MDLM descriptors [ 585.738567][T21881] loop0: detected capacity change from 0 to 256 [ 585.780749][T21881] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 585.798060][T21881] FAT-fs (loop0): Filesystem has been set read-only [ 585.888186][ T5837] usb 5-1: USB disconnect, device number 8 [ 586.100412][T21895] loop3: detected capacity change from 0 to 256 [ 586.136339][T21895] FAT-fs (loop3): Directory bread(block 64) failed [ 586.158078][T21895] FAT-fs (loop3): Directory bread(block 65) failed [ 586.171609][T21895] FAT-fs (loop3): Directory bread(block 66) failed [ 586.190592][T21895] FAT-fs (loop3): Directory bread(block 67) failed [ 586.197268][T21895] FAT-fs (loop3): Directory bread(block 68) failed [ 586.238159][T21895] FAT-fs (loop3): Directory bread(block 69) failed [ 586.244824][T21895] FAT-fs (loop3): Directory bread(block 70) failed [ 586.262217][T21901] loop1: detected capacity change from 0 to 256 [ 586.266177][T21895] FAT-fs (loop3): Directory bread(block 71) failed [ 586.276142][T21895] FAT-fs (loop3): Directory bread(block 72) failed [ 586.283766][T21895] FAT-fs (loop3): Directory bread(block 73) failed [ 586.555406][T21903] loop1: detected capacity change from 0 to 8 [ 586.603702][T21903] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 586.644207][T21909] loop0: detected capacity change from 0 to 512 [ 586.670645][T21909] EXT4-fs (loop0): orphan cleanup on readonly fs [ 586.709396][T21909] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #11: block 1728053262: comm syz.0.7128: lblock 0 mapped to illegal pblock 1728053262 (length 1) [ 586.769433][T21909] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 586.794317][T21909] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #15: comm syz.0.7128: corrupted inode contents [ 586.869145][T21909] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #15: comm syz.0.7128: mark_inode_dirty error [ 586.933343][T21909] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #15: comm syz.0.7128: corrupted inode contents [ 586.999137][T21909] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2997: inode #15: comm syz.0.7128: mark_inode_dirty error [ 587.049969][T21909] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3000: inode #15: comm syz.0.7128: mark inode dirty (error -117) [ 587.068662][T21909] EXT4-fs warning (device loop0): ext4_evict_inode:272: xattr delete (err -117) [ 587.082775][T21920] loop4: detected capacity change from 0 to 4096 [ 587.088868][T21909] EXT4-fs (loop0): 1 orphan inode deleted [ 587.096122][T21909] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 587.179965][T21920] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 587.409377][T17624] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.430847][ T5776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.473987][T21932] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7138'. [ 587.700096][T21940] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.7143'. [ 587.722607][T21942] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 587.732310][T21940] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes. [ 587.800710][T21945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7145'. [ 588.105200][T21958] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7151'. [ 588.128848][T21957] loop0: detected capacity change from 0 to 4096 [ 588.224500][T21957] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 588.362545][T21957] ntfs3: loop0: ino=9, ntfs_sync_fs failed, -22. [ 588.494839][ T5776] ntfs3: loop0: ino=9, ntfs_sync_fs failed, -22. [ 588.798499][ T5762] usb 2-1: new low-speed USB device number 35 using dummy_hcd [ 588.871424][T21986] netlink: 144 bytes leftover after parsing attributes in process `syz.4.7165'. [ 588.952612][T21986] team0: Port device team_slave_0 removed [ 588.965431][T21986] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 588.990806][T21988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7166'. [ 589.008048][T21988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7166'. [ 589.024093][ T5762] usb 2-1: config index 0 descriptor too short (expected 1307, got 27) [ 589.032714][ T5762] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 589.041096][T21988] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7166'. [ 589.055921][ T5762] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 589.076926][ T5762] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 589.111278][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 589.133562][ T5762] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 589.143764][ T5762] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 589.161956][ T5762] usb 2-1: string descriptor 0 read error: -22 [ 589.168509][ T5762] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 589.177579][ T5762] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.193054][ T5762] usb 2-1: config 0 descriptor?? [ 589.219865][ T5762] hub 2-1:0.0: bad descriptor, ignoring hub [ 589.225839][ T5762] hub: probe of 2-1:0.0 failed with error -5 [ 589.272212][ T5762] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input29 [ 589.481984][T22000] netlink: 'syz.0.7172': attribute type 2 has an invalid length. [ 589.483800][ T5762] usb 2-1: USB disconnect, device number 35 [ 589.868987][T22018] cgroup: none used incorrectly [ 589.961202][ T5856] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 590.168200][ T5856] usb 4-1: Using ep0 maxpacket: 8 [ 590.183493][ T5856] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 590.205679][ T5856] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 590.225403][ T5856] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 590.238313][ T5856] usb 4-1: Product: syz [ 590.242516][ T5856] usb 4-1: Manufacturer: syz [ 590.247220][ T5856] usb 4-1: SerialNumber: syz [ 590.408926][T22040] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7191'. [ 590.418601][ T2959] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 590.430912][ T961] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 590.523022][ T5856] usb 4-1: Handspring Visor / Palm OS: No valid connect info available [ 590.542835][ T5856] usb 4-1: Handspring Visor / Palm OS: port 208, is for unknown use [ 590.587900][ T5856] usb 4-1: Handspring Visor / Palm OS: port 187, is for Console use [ 590.596000][ T5856] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 590.723761][ T5856] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 590.748202][ T5856] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 590.786664][ T5856] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 590.828286][ T5856] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 590.852086][ T5856] usb 4-1: USB disconnect, device number 40 [ 590.878920][ T5856] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 590.910751][ T5856] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 590.948482][ T5856] visor 4-1:1.0: device disconnected [ 590.992331][T22058] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 591.080723][T22056] loop4: detected capacity change from 0 to 8192 [ 591.119048][T22056] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 591.383628][T22067] loop1: detected capacity change from 0 to 512 [ 591.430454][T22067] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 591.480508][T22067] EXT4-fs (loop1): Remounting filesystem read-only [ 591.495885][T22067] EXT4-fs (loop1): 1 truncate cleaned up [ 591.505926][T22067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 591.540505][T22067] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 591.651883][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.694736][T22080] comedi comedi1: dt2801: a I/O base address must be specified [ 591.948462][T22090] netlink: 'syz.1.7215': attribute type 10 has an invalid length. [ 592.381306][T22108] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7225'. [ 592.413805][T22112] netlink: 209860 bytes leftover after parsing attributes in process `syz.0.7226'. [ 592.423416][T22108] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7225'. [ 592.802200][T22126] loop1: detected capacity change from 0 to 512 [ 592.845105][T22128] ip6tnl2: entered allmulticast mode [ 592.855137][T22126] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 592.893074][T22126] System zones: 1-12 [ 592.897559][T22126] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.7233: Directory hole found for htree index block 0 [ 592.915582][T22126] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 592.924791][T22126] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.7233: Directory hole found for htree index block 0 [ 592.939242][T22131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7235'. [ 592.950380][T22126] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 592.961131][T22126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.021096][T22126] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 593.119310][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.255248][T22140] loop4: detected capacity change from 0 to 16 [ 593.327030][T22140] erofs: (device loop4): mounted with root inode @ nid 36. [ 593.369718][T22140] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 593.410572][T22140] erofs: (device loop4): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 593.435386][T22148] __nla_validate_parse: 1 callbacks suppressed [ 593.435403][T22148] netlink: 144 bytes leftover after parsing attributes in process `syz.1.7243'. [ 593.457620][T22140] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 593.481384][T22148] C: left promiscuous mode [ 593.495553][T22140] erofs: (device loop4): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 593.519854][T22140] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 593.553389][T22140] erofs: (device loop4): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 593.562884][T22140] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 593.580682][T22140] erofs: (device loop4): z_erofs_fill_inode_lazy: unknown HEAD1 format 8 for nid 89, please upgrade kernel [ 593.600165][T22148] team0: Port device C removed [ 593.613789][T22148] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 593.614634][T22140] erofs: (device loop4): z_erofs_read_folio: read error -95 @ 0 of nid 89 [ 593.650760][ T28] audit: type=1800 audit(2000000025.080:388): pid=22140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.7240" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 593.845780][T22152] ip6t_srh: unknown srh match flags 4000 [ 593.996209][T22143] loop0: detected capacity change from 0 to 32768 [ 594.079475][T22143] JBD2: Ignoring recovery information on journal [ 594.129158][T22143] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 594.169943][T22143] [ 594.172325][T22143] ====================================================== [ 594.179367][T22143] WARNING: possible circular locking dependency detected [ 594.186437][T22143] syzkaller #0 Not tainted [ 594.190882][T22143] ------------------------------------------------------ [ 594.197920][T22143] syz.0.7241/22143 is trying to acquire lock: [ 594.204007][T22143] ffff88805e345f58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.217318][T22143] [ 594.217318][T22143] but task is already holding lock: [ 594.224714][T22143] ffff88805e342378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 594.234253][T22143] [ 594.234253][T22143] which lock already depends on the new lock. [ 594.234253][T22143] [ 594.244678][T22143] [ 594.244678][T22143] the existing dependency chain (in reverse order) is: [ 594.253728][T22143] [ 594.253728][T22143] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 594.261582][T22143] down_read+0x46/0x2e0 [ 594.266323][T22143] ocfs2_init_acl+0x30a/0x770 [ 594.271578][T22143] ocfs2_mknod+0x140f/0x2300 [ 594.276729][T22143] vfs_mknod+0x32b/0x360 [ 594.281520][T22143] do_mknodat+0x386/0x500 [ 594.286395][T22143] __x64_sys_mknod+0x8e/0xa0 [ 594.291529][T22143] do_syscall_64+0x55/0xa0 [ 594.296493][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.302927][T22143] [ 594.302927][T22143] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 594.311455][T22143] down_read+0x46/0x2e0 [ 594.316167][T22143] ocfs2_start_trans+0x3a8/0x6f0 [ 594.321656][T22143] ocfs2_modify_bh+0xe4/0x4c0 [ 594.326890][T22143] ocfs2_local_read_info+0x1445/0x1800 [ 594.332892][T22143] dquot_load_quota_sb+0x757/0xb80 [ 594.338541][T22143] dquot_load_quota_inode+0x2dc/0x5d0 [ 594.344453][T22143] ocfs2_enable_quotas+0x1c9/0x490 [ 594.350100][T22143] ocfs2_fill_super+0x417d/0x5010 [ 594.355652][T22143] mount_bdev+0x221/0x2d0 [ 594.360519][T22143] legacy_get_tree+0xea/0x180 [ 594.365737][T22143] vfs_get_tree+0x8c/0x280 [ 594.370686][T22143] do_new_mount+0x24b/0xa40 [ 594.375727][T22143] __se_sys_mount+0x2e7/0x3d0 [ 594.380943][T22143] do_syscall_64+0x55/0xa0 [ 594.385895][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.392316][T22143] [ 594.392316][T22143] -> #2 (sb_internal#5){.+.+}-{0:0}: [ 594.399804][T22143] ocfs2_start_trans+0x2a9/0x6f0 [ 594.405289][T22143] ocfs2_shutdown_local_alloc+0x1fc/0xaa0 [ 594.411566][T22143] ocfs2_dismount_volume+0x1e5/0x8a0 [ 594.417406][T22143] generic_shutdown_super+0x134/0x2b0 [ 594.423368][T22143] kill_block_super+0x44/0x90 [ 594.428584][T22143] deactivate_locked_super+0x97/0x100 [ 594.434502][T22143] cleanup_mnt+0x43b/0x4d0 [ 594.439455][T22143] task_work_run+0x1d4/0x260 [ 594.444579][T22143] exit_to_user_mode_loop+0xe6/0x110 [ 594.450405][T22143] exit_to_user_mode_prepare+0xee/0x180 [ 594.456577][T22143] syscall_exit_to_user_mode+0x1a/0x50 [ 594.462575][T22143] do_syscall_64+0x61/0xa0 [ 594.467535][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.473960][T22143] [ 594.473960][T22143] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}: [ 594.484618][T22143] down_write+0x97/0x200 [ 594.489413][T22143] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.495863][T22143] ocfs2_reserve_clusters_with_limit+0x3bd/0xc20 [ 594.502746][T22143] ocfs2_reserve_suballoc_bits+0x78b/0x44c0 [ 594.509192][T22143] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 594.516088][T22143] ocfs2_extend_dir+0xcca/0x48b0 [ 594.521581][T22143] ocfs2_prepare_dir_for_insert+0x315b/0x56b0 [ 594.528186][T22143] ocfs2_mknod+0x81b/0x2300 [ 594.533234][T22143] vfs_mknod+0x32b/0x360 [ 594.538005][T22143] do_mknodat+0x386/0x500 [ 594.542867][T22143] __x64_sys_mknod+0x8e/0xa0 [ 594.547992][T22143] do_syscall_64+0x55/0xa0 [ 594.552949][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.559384][T22143] [ 594.559384][T22143] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 594.569930][T22143] __lock_acquire+0x2df1/0x7d40 [ 594.575319][T22143] lock_acquire+0x19e/0x420 [ 594.580361][T22143] down_write+0x97/0x200 [ 594.585145][T22143] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.591580][T22143] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 594.598449][T22143] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 594.604629][T22143] ocfs2_xattr_set+0xc3f/0x13e0 [ 594.610017][T22143] __vfs_setxattr+0x431/0x470 [ 594.615239][T22143] __vfs_setxattr_noperm+0x12d/0x5e0 [ 594.621065][T22143] vfs_setxattr+0x16b/0x2f0 [ 594.626103][T22143] path_setxattr+0x3f3/0x5d0 [ 594.631233][T22143] __x64_sys_setxattr+0xbb/0xd0 [ 594.636626][T22143] do_syscall_64+0x55/0xa0 [ 594.641596][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 594.648024][T22143] [ 594.648024][T22143] other info that might help us debug this: [ 594.648024][T22143] [ 594.658261][T22143] Chain exists of: [ 594.658261][T22143] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem [ 594.658261][T22143] [ 594.675228][T22143] Possible unsafe locking scenario: [ 594.675228][T22143] [ 594.682692][T22143] CPU0 CPU1 [ 594.688070][T22143] ---- ---- [ 594.693448][T22143] lock(&oi->ip_xattr_sem); [ 594.698052][T22143] lock(&journal->j_trans_barrier); [ 594.705867][T22143] lock(&oi->ip_xattr_sem); [ 594.713017][T22143] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 594.720342][T22143] [ 594.720342][T22143] *** DEADLOCK *** [ 594.720342][T22143] [ 594.728497][T22143] 3 locks held by syz.0.7241/22143: [ 594.733705][T22143] #0: ffff88807a526418 (sb_writers#30){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 594.742957][T22143] #1: ffff88805e342658 (&type->i_mutex_dir_key#27){+.+.}-{3:3}, at: vfs_setxattr+0x144/0x2f0 [ 594.753248][T22143] #2: ffff88805e342378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 594.763185][T22143] [ 594.763185][T22143] stack backtrace: [ 594.769086][T22143] CPU: 1 PID: 22143 Comm: syz.0.7241 Not tainted syzkaller #0 [ 594.776559][T22143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 594.786642][T22143] Call Trace: [ 594.789941][T22143] [ 594.792885][T22143] dump_stack_lvl+0x18c/0x250 [ 594.797581][T22143] ? load_image+0x400/0x400 [ 594.802106][T22143] ? show_regs_print_info+0x20/0x20 [ 594.807342][T22143] ? print_circular_bug+0x12b/0x1a0 [ 594.812571][T22143] check_noncircular+0x2fc/0x400 [ 594.817529][T22143] ? look_up_lock_class+0x75/0x140 [ 594.822653][T22143] ? print_deadlock_bug+0x5d0/0x5d0 [ 594.827867][T22143] ? lockdep_lock+0xf5/0x230 [ 594.832481][T22143] ? _find_first_zero_bit+0xd3/0x100 [ 594.837783][T22143] __lock_acquire+0x2df1/0x7d40 [ 594.842663][T22143] ? __lock_acquire+0x7d40/0x7d40 [ 594.847714][T22143] ? verify_lock_unused+0x140/0x140 [ 594.852954][T22143] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 594.858613][T22143] ? do_raw_spin_lock+0x11f/0x2c0 [ 594.863657][T22143] ? mutex_unlock+0x10/0x10 [ 594.868189][T22143] lock_acquire+0x19e/0x420 [ 594.872713][T22143] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.878805][T22143] ? ocfs2_get_system_file_inode+0x202/0x850 [ 594.884803][T22143] ? __might_sleep+0xe0/0xe0 [ 594.889413][T22143] ? read_lock_is_recursive+0x20/0x20 [ 594.894806][T22143] ? ocfs2_fast_symlink_read_folio+0x550/0x550 [ 594.900977][T22143] ? verify_lock_unused+0x140/0x140 [ 594.906203][T22143] ? check_noncircular+0x18a/0x400 [ 594.911362][T22143] down_write+0x97/0x200 [ 594.915632][T22143] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.921764][T22143] ? down_read_killable+0x340/0x340 [ 594.926998][T22143] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 594.932927][T22143] ? mark_lock+0x94/0x320 [ 594.937286][T22143] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 594.943317][T22143] ? lock_chain_count+0x20/0x20 [ 594.948201][T22143] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 594.954111][T22143] ? lockdep_hardirqs_on+0x98/0x150 [ 594.959319][T22143] ? ocfs2_block_group_search+0x470/0x470 [ 594.965056][T22143] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 594.970961][T22143] ? _raw_spin_unlock+0x40/0x40 [ 594.975824][T22143] ? stack_trace_save+0xaa/0x100 [ 594.980778][T22143] ? stack_trace_snprint+0xf0/0xf0 [ 594.985913][T22143] ? __stack_depot_save+0x560/0x630 [ 594.991130][T22143] ? kasan_set_track+0x5f/0x70 [ 594.995936][T22143] ? kasan_set_track+0x4e/0x70 [ 595.000713][T22143] ? __kasan_kmalloc+0x8f/0xa0 [ 595.005491][T22143] ? ocfs2_reserve_new_metadata_blocks+0x10d/0x9a0 [ 595.012016][T22143] ? ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 595.017838][T22143] ? ocfs2_xattr_set+0xc3f/0x13e0 [ 595.022918][T22143] ? __vfs_setxattr+0x431/0x470 [ 595.027779][T22143] ? __vfs_setxattr_noperm+0x12d/0x5e0 [ 595.033264][T22143] ? vfs_setxattr+0x16b/0x2f0 [ 595.037962][T22143] ? path_setxattr+0x3f3/0x5d0 [ 595.042740][T22143] ? __x64_sys_setxattr+0xbb/0xd0 [ 595.047776][T22143] ? do_syscall_64+0x55/0xa0 [ 595.052391][T22143] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 595.058511][T22143] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 595.064858][T22143] ? ocfs2_init_steal_slots+0x160/0x160 [ 595.070422][T22143] ? ocfs2_xattr_block_set+0x2e30/0x2e30 [ 595.076073][T22143] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 595.081719][T22143] ? ocfs2_xattr_set+0xc05/0x13e0 [ 595.086770][T22143] ? ocfs2_prepare_refcount_xattr+0xff0/0xff0 [ 595.092864][T22143] ? ocfs2_truncate_log_needs_flush+0x130/0x310 [ 595.099127][T22143] ? ocfs2_remove_btree_range+0x15e0/0x15e0 [ 595.105043][T22143] ? down_write+0x16e/0x200 [ 595.109568][T22143] ? down_read_killable+0x340/0x340 [ 595.114786][T22143] ? up_write+0x1c3/0x410 [ 595.119124][T22143] ocfs2_xattr_set+0xc3f/0x13e0 [ 595.124003][T22143] ? __ocfs2_xattr_set_handle+0xf40/0xf40 [ 595.129747][T22143] ? __lock_acquire+0x1347/0x7d40 [ 595.134785][T22143] ? verify_lock_unused+0x140/0x140 [ 595.139997][T22143] ? ____kasan_slab_free+0x126/0x1e0 [ 595.145293][T22143] ? aa_get_newest_label+0xfd/0x5c0 [ 595.150505][T22143] ? end_current_label_crit_section+0x170/0x170 [ 595.156772][T22143] ? posix_xattr_acl+0x93/0xb0 [ 595.161550][T22143] ? ocfs2_xattr_trusted_get+0x40/0x40 [ 595.167035][T22143] __vfs_setxattr+0x431/0x470 [ 595.171738][T22143] __vfs_setxattr_noperm+0x12d/0x5e0 [ 595.177049][T22143] vfs_setxattr+0x16b/0x2f0 [ 595.181577][T22143] ? xattr_permission+0x470/0x470 [ 595.186621][T22143] ? __mnt_want_write+0x223/0x2a0 [ 595.191679][T22143] ? path_setxattr+0x3a1/0x5d0 [ 595.196466][T22143] path_setxattr+0x3f3/0x5d0 [ 595.201084][T22143] ? simple_xattrs_free+0x150/0x150 [ 595.206314][T22143] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 595.212316][T22143] ? lock_chain_count+0x20/0x20 [ 595.217187][T22143] __x64_sys_setxattr+0xbb/0xd0 [ 595.222060][T22143] do_syscall_64+0x55/0xa0 [ 595.226511][T22143] ? clear_bhb_loop+0x40/0x90 [ 595.231217][T22143] ? clear_bhb_loop+0x40/0x90 [ 595.235911][T22143] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 595.241834][T22143] RIP: 0033:0x7fc3bf79aeb9 [ 595.246330][T22143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 595.265986][T22143] RSP: 002b:00007fc3c063d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 595.274441][T22143] RAX: ffffffffffffffda RBX: 00007fc3bfa15fa0 RCX: 00007fc3bf79aeb9 [ 595.282449][T22143] RDX: 0000000000000000 RSI: 00002000000008c0 RDI: 0000200000000880 [ 595.290456][T22143] RBP: 00007fc3bf808c1f R08: 0000000000000001 R09: 0000000000000000 [ 595.298454][T22143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.306456][T22143] R13: 00007fc3bfa16038 R14: 00007fc3bfa15fa0 R15: 00007ffd39e590e8 [ 595.314468][T22143] [ 595.356283][ T5776] ocfs2: Unmounting device (7,0) on (node local) [ 595.518473][ T1327] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 596.158191][ T2959] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 600.638922][T17828] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 601.918308][T17828] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration