last executing test programs: 9m41.273233231s ago: executing program 2 (id=7542): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast2}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xffffffa8}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x8, 0x3, 0x4, 0x8d}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x0) 9m41.040498873s ago: executing program 2 (id=7545): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r0, 0x545c, 0x3000300) 9m40.036371033s ago: executing program 2 (id=7559): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x13}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x60}}, 0x0) 9m39.862306041s ago: executing program 2 (id=7562): syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000040)='./file0\x00', 0x1008408, &(0x7f0000000ac0)=ANY=[@ANYBLOB='nojoliet,dmode=0x000000007fffffff,dmode=0x0000000000000009,check=relaxed,overriderockperm,utf8,mode=0x0000000000000000,nojoliet,hide,nocompress,utf8,norock,overriderockperm,mode=0xffffffffffffffff,cruft,map=off,iocharset=macinuit,fund=BPRM_CHECK,\x00', @ANYRESDEC], 0xff, 0x5ac, &(0x7f0000002940)="$eJzs3N9u29YZAPBDx441FwsGFGvSNEDZNBfZRRxJXhwY3UU0mrLZSqJA0kVyNRSL0wWzu2HZgDV3udlWYMOudj30dk+wJ9jTrM+QgfqT2JZjLU0XZcDvB8Q81Pl4zncY4hyIEBkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBAl281mKwq9bLAXluIXSraLvP/i6nja3j+PbY5Zef73X/+OQojqf6HRCJfG9Zfefh77w/rP1XBxvHcxNOpNIzx+650ffPT28lJ94EoUhTMSei0effn4l58dHOz/ZtGJLMhOOsjKPOt3vhdCKPN4a3OzeXO3W8bdrJeW98oq7cdJkXaqvIivJ3dCCFsbcbp+L98b7Gx3eml8PflR3Nraun2j3Wxuxh+vD9NOUeaDmx+vl8lu1utlg51RTF19o/1+uF1fiJ9kVVylnX4cP3h4sL8xL8k6qPXfBLXnBbWb7Xar1W63Nm9t3brdbDYmV+uzD5abJ4SThywv/qLltTs/uVBGO9M57vx3OY/Dt/E0+euiUwAAAAD+x6LRPfZodF/+0qjUzXpp81jM02hh6QEAAADfgdFX+4uTGwAhXArR7Pd/AAAA4P/bn858xi5EUSiHq9H0UZXh3WvRYacudQ7PjT86d7LFqns5ujBpZLTZXJ7sJemV6N1x0LvT6G8mmwfz8oiKYiV68moJhD+Hy+OYy/fH2/vTmnEva92sl64n+c3lEDqdC0tVerf63RcPfx9CUTw999WgfyEKDx4e7K///FcH90e5PKlbeXI4+YXE2tm5rIYjufz22XOPkxHfOT7ildGNmHrUXw36a+N+m0fHvzQ+fOklxv+H8N445r1JpmvHx9+o+2ytf9SaGf3RLFrDu9dWJ51NRz7zE5Ezs7gyjrly/cN68+H1Sc3KkSza87JoHz3/3+pcnJJF48S52JiXxcYrZgGwKA9OrkIz6//Mujua3q6tzDR1xiw3Z3Wvl/C5q/svXtDL+fB8Rv9gHPPB5eXnK9KJGb05b0ZvnrKun7a6hXD6WP8Rrv79byHshavT4BetsXW/fzm2qkaHX9cHfD3T7/RJ87LXjuqdc6uHvw7vPPry8Y2Hh599vv/5/hft9sZm88fN5q12WBkNY7Kx9gBwirT4Jlqr/hgVRTb8WWtrq9WpdtO4yJNP4iLb3knjbFClRbLbGeyk8bDIqzzJe3Xh02w7LeNybzjMiyru5kU8zMvs7ujNL/Hk1S9l2u8Mqiwph720U6Zxkg+qTlLF21mZxMO9n/aycjctRgeXwzTJulnSqbJ8EJf5XpGk63FcpumRwGw7HVRZN6uLg3hYZP1OcS/+NO/t9dN4Oy2TIhtW+bjBaV/ZoJsX/VGz64s+2QDwhngUJm+we/Yqu5cuhMacmEWPEQA47uQqvbrohAAAAAAAAAAAAAAAgBlHH9f7yeTFZa/8ROBiC3feOq3q/cUndrQQQlh+iaOm/13Hq4aLHsWCz+Fr7KvxZgx5+tats4PrqNOrohDC/L6+X8csaEICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDP8JwAA///H8oyP") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 9m39.364850466s ago: executing program 2 (id=7566): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_COPY$syz(r0, 0x3b83, &(0x7f0000000440)={0x28, 0x10000, 0x0, 0x0, 0x8000000000000000, 0xffffffffffffffff, 0x5}) 9m39.264619121s ago: executing program 2 (id=7567): openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0xa200, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0xc480, 0x0) 9m38.753311056s ago: executing program 32 (id=7567): openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0xa200, 0x0) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0xc480, 0x0) 2.329053756s ago: executing program 0 (id=16307): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0x9, 0x7a8, 0x6}, 0x14) 2.198773181s ago: executing program 0 (id=16311): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000000000000000000000850000002e00000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) 1.990021142s ago: executing program 0 (id=16313): r0 = memfd_secret(0x0) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x1) 1.900984256s ago: executing program 1 (id=16315): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0) sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0) 1.82591112s ago: executing program 0 (id=16317): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f00000003c0)="7993ff01190000e5ffa53b00008f", 0x0, 0x400, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x4}, 0x50) 1.696974616s ago: executing program 1 (id=16319): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000203010200000000000000000000000009000200000000470200000008000340000000000800010001"], 0x30}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0xfff, 0x2}}]}, 0x20}, 0x1, 0x0, 0x0, 0x40049d1}, 0x0) 1.663817708s ago: executing program 0 (id=16321): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x10, &(0x7f0000000040)=ANY=[], 0x1, 0x6c1, &(0x7f00000003c0)="$eJzs3U9sHFcdB/DvbJx1NqDEbdM0IKRajVRBIxI7q5IgITUghHKIUFQuvVqJ01hx0spxkVshsgEKEidOqAcORcgcekIIIZUTopyRkLhw8j0SNw45AItmdna9tjeO3cRZt/18pPF7s2/ee7/5Zf7srh1NgM+si6/lYCdFLp66tFKur622F9dW2zf79SSTSRrJRK9I0UqKj5IL6S35QvliPVzxoHlevvdhMfHeB+3e2kS9VNs3tuu3xcgtO8mhwcqBJNO96n92POyW8aqlGufK+ng7MDnitWIQd5mwk/3Ewbh1t+isNzYe2n3n5y2wb93p3Te3mEoOp3d3re5s9dXh4VeG8Tg6VN/22tTZ+1gAAABgr438LD/s6P3cz0qOPJlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NOh6D0zsFU/N7/RK1/NdIr+8/+bQ8/Ub4453Ef07rWqePXouAMBAAAAAAAAgEfy/P3cz0qO9Ne7RfU7/xeqlWPVz8/lrdzOfJZyOiuZy3KWs5TZJFNDAzVX5paXl2a39vxlyp7dbvdO3fPsoGf/rwfKnmc3xtXZHOiovzTYshEAAAAAAAAAfGb9KBfXf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7QZEc6BXVcqxfn0pjIsmhJM1ierB5c6zBPgZ/HncAAAAAsPdadXmk+F+v0i2qz/zHq8/9h/JWbmU5C1nOYuZztfouoPepv/H3TntxbbV9s1y2DvzNf+0qjmrE9L57GD3zTLXFs4MeF/OdfC+nMp3LWcpCvp+5LGc+0/l2VZtLkan624uptdVW+rFujffChrXLm2N7fqhexneiiqSVa1moYjudK81+6I16uxNDs/2xmWya8W6ZneKV2g5zdLUuyz36RV3uD1PVnh8cZGSmzn2ZjaeG874197s8TjbPNJvG4DuoY2ur7SLp1KubZ/pYOT9cl2Wuf7q3Od/lV2kbM9H5ebnWP/qOb5/z5Cv/+Mvl641bN65fu31q/xxGH9PmY6I9lInndpSJxTITnUfIxKFHif/xadbZ6F1Fd3e1fKHqeyQL+W7eyNXM51xmMpvzmcnXczbtnB3K67Pb57U61xq7O9dOfrmulPeknw3dm56YyQc1lHl9aiivw1e6qapt+JX1LD29gywVzYzO0j9HhjLxxbpSzvHjoTvO+G3IxGSqa3M/ume2z8Sv/9tNcnvx1o2l63Nv7nC+F+uyPG3f3Xht/s1j2aHdq3e3PF6eLv+x0rttDB8dZdsz/bYNR85s1XZs0LbxPtdspjqfe20PO1PLkY7fHTVSr+25kbO0q7YTQ20b3uXkjSwO3oUAsI8dfulws3Wv9bfW+62ftK63Lh361uT5yS81c/CvE3868LvGbxvfKF7K+/lhjow7UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4/fY7N+YWF+eX9mEljcc84N2RTf1U9F5p7o99/6RWJrc7on6fZJvuzXHE3EqyL1KXiScw12RGNF0avNJKGoN4ktzYJw+4A/bCmeWbb565/fY7X124Off6/Ovzt86eP/fKufbXZu+cubawOD/T+znuKIG9sP42YNyRAAAAAAAAAAAAADv1JP57w4hpi84Y9hUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ZLr4Wg52UmR25vRMub622l4sl359fcuJJI0kxQ+S4qPkQnpLpoaGK4bHLrrr9ZfvffirF9/7oL0+1kR/+8amfn/4d7e7y73o1Eumkxyoy6RZN7ce0G1yR+NdKcvPrzfsXjHYwzJhJ/uJg3H7fwAAAP//VngE7g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) flistxattr(r0, 0x0, 0x0) 1.544911124s ago: executing program 1 (id=16322): r0 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) 1.42169458s ago: executing program 0 (id=16324): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file4\x00', 0x0, &(0x7f0000000180)={[{@noinline_xattr}, {@four_active_logs}, {@discard}, {@fault_injection={'fault_injection', 0x3d, 0xa0c8}}, {@fault_type={'fault_type', 0x3d, 0x302}}, {@lfs_mode}, {@inline_data}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6) ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x1000001000}) 1.410327231s ago: executing program 3 (id=16325): socket$inet_tcp(0x2, 0x1, 0x0) unshare(0x400) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2}) 1.378318832s ago: executing program 1 (id=16326): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) 1.168684932s ago: executing program 3 (id=16328): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000980)={[{@noblock_validity}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@noinit_itable}, {@nogrpid}, {@nodiscard}, {@jqfmt_vfsv0}, {@noinit_itable}, {@mb_optimize_scan}, {@usrquota}, {@dioread_nolock}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80) pwritev2(r0, &(0x7f0000001b00)=[{&(0x7f0000000a80)="5b47ac1fd16437735844673784dd7036db9a36a2841d1c047e2c58738d18cb34881dfb387972c197618d28b32f24e8b9fdadbfa95411e35dc2576d4387ef6f8695b438d8e31254102e52f58b2d8d03623946356f4fb8b61505237de8e46f42803abae4d8f5680cc157769fe724a6f7c87d24aa6be9fb1f3ac2280f88504c5be0b7afe417882957b3eacf48dd84f1bd6ba4af95b6be83d1a4875d4103376f3a9ba0eba2368906483e10ef91745d6765615eaca653ba55ec8ebcef45c60ce2975c7072f64db387229be5777d9f007b5df78236df686d9fdef57389beef50b1297cd96aa5dfefb871af273676050e9210605cc211a5451132520b4eb52f27118c799ab4f7a5a045fb4045cd675d789b56c67b01db982bd6aa34e9f01f2fd7aa7f122309eda2e1d4f00b1460ac3d5f2ce45fdf195dee0aa1f3ad1955b6202dae46d3f9cec4ff237088fc76f1d17594325795e3d53f47e8b1337e0847a02845a5c6f19225729fd7d4bb018b6bdd70703ef2389e8ef9e438a5e571bf61e2503106112bd8e379d3c82102d7961700eaa3bc53fc245fb010060c21140d956536aa8cd58b762864e760d7f2395eb55d4aa66ecbf2be1a8fc3dc074ef241fbd345e1ab304f9eeb2f23472e2facd033a93ddffb73b572aa84d0cbc6beb529d817d866dbd0753a62ac1a8821f568e19e7dd4de269809e26a18cbe91923f671abc5435f0fa5e5691957d4e38d7f036eb1db6def9864ad50a5d6812dae43b2ae181791497f946b9d30fb772bf4fa5b84b907b110367dabd39a603fb1ce5502bb0b49b881db243ab15314ff6ff9ecdccd1cb8abb87a177d1a37bfbe5075476756e65c716f7b6fb2dc90f410ab20248bc26f7e2405b5dba18bc9c7f7bcf3d9392ee3df6b893b727b5699c67356fa3c46ffe815117419bf0ed8978ccde5ab7ec42e045a87d91243e9b15c3794225a1d5067032192c4aeee0ed2ac97b49f17edf85cdc9e42bae8ef06ada2f3842be9c8a668e0e2f8ecd873ae734957191e6769f2d5e0bcfa8a3bdb2a6457c10cf92279a88471b69cca24467424cf186a9e59c57dc522a2b54318c238f584a1a2d2325734e5021f22abc5710491106c1129cf1c3cf2b377e85087f5d51f47f38909504a292a2cb7180da77616a17d9868170aea6de542a857633ab25716787950f7227e7d393210584b923b81fdc2f85911a24bf82b834bdfbc45f3b13111dc5f044bb68d35bd44d50dc642eab4b72820e656540e7be29f56cf85c8feab796ba9cbacfeed9ada203e986d9a5195b388d1154aa8559bb50943c0bbedb9dc9d97b03e6da7f5b60079efb930a726bef0a4204655d82597072b66378a9f8134444b6e895b1878643a4d0e80ad208d94a6872c29115b88074a3014fffd044b91ec1c1f3b213eff09d5ca5fb6dd38008a1567c8191a37873eeaa861289fafbd9d89b6794191922433236d48230f0b815284487ea92124982fb94801cddc1410efc133b440597cec6f9cf157e4c33c677fa417be50c705740242041ef4dd1cb0794d9721890d73cb0c6316867dfb4395c22f43636a1b18ef28fe757068f077a49a5497dbe691a5baa907f13b7720f2445708930a0d48fd65a54c4f8e54a131e01baf2f5414e1b2d9c88293af8c4d319b990cb81d7820afb9f8e392a21abda84ca4a9b3f7ca012776715461c1bdd73808f09b5be82586d4fedc1371e96b29e384b6b30050406ae09b95162c311b132c2b4afc3b07626294465c43a5d64af22976275b19de2665575a711d5ca52ebf0bdce31eba01cabae56d03645ca371f9c6e95cc1a98922376a9e8a5f7c6c1017ae816a343e56902e89ef00d16628311215b8244508746772c78d7911b234da418a875a46da521ba94b51cc2b967b93c0eea1be41b110e1c9708ae5b8decf423b52418091b7357a4e8a38eeaf185a9f4033381964d11695c24ffef248212135d9f509b50766c0ab02cd986e21f041c26cf5118c4b929c5a587228915d655c35cab8d35db318475efe4f981b70d9f7ea3fa44713135db03ff69de9eb093bdd34553ea50f9c02c59916f953f9bd331d07b1896a1acdfb5f33dc1309bc20e87eafae14983cdfd3e7a695795c7d346cfbb6e412d7a4b6a506b4604f2e207d823d44e544be2aaf2c2f29cfbbf3107a601d601b78e8797bcef86f72af9b6d7d5316d4192085da00e2efdffb5d02a6b6c6b4f6af98e3c6b5a3c7b1a8a7ee294de0e7d552a0a95eab713285c3fbcfd8aa26b131de8c1c74776616735aa95426968a4d59ccc078b6260acb2b1851af748e1a076ff1f9efcb370af9c60d72bd5c5bf83c69aac185bd62e27b37ba5b7eb83a49effe49eae4cbe8bba61927ef3d345f79d404ffd475b6a309e2645fcc746a967b5a3a527b3121f5d4a154d1ca5bfb32f757f22dd467765776c7cc58e6c6e76179a3ceacfad9f9a678e9563ed0a35aebf8ab3ef9f6e073add809a83141b9560baf3c20e18e2f476b33e7c8596e42df11e4f948e77fabe45dd31e27631a4812b3209cfaec31e867dea6f73050452c47713b1ef499236984d563f37e43718bafdf66bf40b89ed638da50225ac096f318d2e7e1c722dbe3df01bd052946ef0431ce242adafec9c704788a9898dd1d6ced354f54713dba703a2e7931d058c8adb9833afc4620b51c3a60b02c0396b7db0ef1fb2a1e1e7363240a8d9b2850fc738fc283294f7e63e6cbc6d64aeeff48d4906a6f233088d1442ba63ad74f6579bb68cbda0c94f3a093b767b4eaacd5eab12d4865be958c94fbc3d92a4ff0df0ab80b148d97982566eecb486d0c891b56d90f0982af7dc3b6afe0606624ec24d63fc44b2cbb18340b832b064932611a59d316bc67e507d8b5ece360b391e617f18ab2b908ce38ec2f92be410e1314c54c05514d9054f13992408569a3400d2aa43fe97b8f43d07d043d37803596cf924d2dac975e166d5450dab50cc2f7b7d41c142884cd9dc5d9fa809a8508716679741082b40b690f1ebdf37731a7b36753d02ee64d52b070ea2634ec0827e8a37ff4352a0d9a0e1667a5901d1c508f2860985d92d4a5f2dab7013918c8d13e43d03e26c06faa597bef28c2923df85b0de9cf217eb71ca102bda545bc92bcae31f9ba9f51f31833d9556b56b9c132df02fd845e404750d5b08e7c6033ced2f05d629d67140350f6425aab2350adc4a5c7e59a0f1459f881f868a881979c06804cdb610b9e3d1f31baecaac12735e9ae922d8ec36a9216a237830ad6e1b8010863b173ecbcaa11fafc0c53a6ea3409da6bfb8b3466cbf15f00ec138ce7fd52fa7fdecdfe2ae226cd3cc75e77eb0f89ddc7114ca4385bd47ef8fc849846e8f38a502516fc250c7e15854585dfde6ea32fd580c187c3a2500556400624d11e28d804ad7f189f226c474a9453ab0a4ffca62c150aa31591ccdac7b43dde6a6e3eab50bf53b03079b66d14b59be03bd6cdfa8433d570f4e599845844b72d3a1cd591382b56bc56ce0b8edebc2edf7335c38c07f9a673238cf05f538f71a5b769ee3575bad9924f3b726ff323f1a06ac069fa415ad62c2a982d9f75a54077ea26f8b2a50fb92b7a837d290acaadd427d27356e5c596cad6784ab4245a7f6129db1f95837cdfbc0cd050ac2ecc7fcdaf0c08f2e76d697f004941a92063fb1fee584193f6c2d59b3ee97a6f22b69bf4ec4d223f1e561d9249579d3f02474a8a7e3541eaf721e46361a040dc57ade968f8f97adaa242afc9b52ddbb602b4d84321ec81b8f5228513d554f7423fe8818c8e755e3603a8ec69942f653cc54ed18a2b3fe6cc387942b63b73a83a2f188ff3ea2d65f67f6dd37c35fe177c470f36356543483474f9435724004ea8a215382e5ee2cf3de4095a3d0aa97e7c7805f11ae79b1d660bfb2fd180bd9b06c6f81f8fc107f916960e186c67f52d4c26f45c0a683bffadcb7f80969bd4f1a98f9d67d2b4e381069c743038e297247fe6af0f6966e481a44f9f65e8beefac240990b138225cbb229307da1f035ca5003aab2cb29b81fc655584d47d8351408304cc864bccb3fe087891d1e9f4376a73d7ca383390f2ce6e1a8062bcd06989572bac0971c067e3d41886e44ff57742785f6183cb20fa01dd8b162e6c73c628d7c3565ac2782bc6ecb38157ecdec6b3f82e5274688ae16fde14d1a7174cbbfca20323c6bd9ab51daedd841e7a110ff2a036b3b1d5dcdeb8b61c9669f888b3149cc1ccef14a309731db4358106fa7406a4e9a9390a4c86bbd4ea6422fa5f76f0c810cbb1fc6ae441497b169f44624d9862bb04d68afd00b24ad5eabe48e51d624202c2d598e0363684e0a0ef757b35584aee46caa2ef8a74ba31f3318706ee25033c148e839e2970889ef6128874ae4effb37b3568a2119131dd6d9a2a5b76cc98242c4b9772057c3ebf2bb1fe16b0f0b52844437171c565a31832bc4b6c7160753d849e60060349b433b14b39341b1eaeb2aa0d324ce0fc6650f742f11f46237144de2f32d728ece94af5952fb6b570493abe75491ab9bebcaf891c95d65935d5aeca4661b6ac208e353263f16feafafee94eae44f2dca015cfc2e77f1b52eb4a4d201caacf56b85af8cc5f1f26646a16509910100025c168403a49565bf1b7458c6b35c87fabbcbe7cd6ceb629c5b3b517e256dc3c50b079c3becddab80b87c77b4af8c1b763f632b7a866f446fd99aa5238f83bdb286aaa7d24f71375caddfa5f26752884bec758c48b303b30846b9d082d2f761ebb907c84cec793460fb415f8d20af76f9c27283ff5d9011f89c2f28c8136b4d272b247bd40c14cd2075980539017f854f3cb0218486a9fe391f047244dee054487a8985398990928e13f273e63e3308e0802906e2b17464ec4475e1c7190cab4d48e426e1f731980f7387415c10942fc18c2374d807210cc41cc0da0e7fdd654851a3a0f97ee345af94125abf3bf6eabd5b0b89bb411ddf75dca4babd1eb3ca5d13444712738d3e54f3c2e6dab5c883cc71275e99726281c0ee9e59701d3bfa9ef8ad18f23ee1a722667b7d9dd9ff19259ff8dfee139dfeaaaabbe7b2c20d49f6f1a13c821a1efa85a995b77414d9c444e461ee0ff2af2887b6ec7a49931c2af4093b1bde68590b2214d7b69ba2a995a5f050c9324132ae0de726f1acf5c07f822e6fd13fe3dbf1f82cbc5b5621917ea09f693e8adb53d822a5148c71e320682c8adfdf549cf708e08952c5cb2d18c2eb510478f66210eb777e1f2a274cb86412039e0fe095572bc1a5d6b8a680803cf31124e6d1f1e89c971ad61b958337b0762bcda69", 0xea5}, {0x0}], 0x2, 0x78f, 0xa, 0x4) 1.145895194s ago: executing program 1 (id=16329): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x25, 0x0, 0x2, 0xfffffffe}, {0x28, 0x0, 0x81, 0x1}, {0xb1, 0x0, 0x28, 0x7}, {0x16, 0xfc, 0x5, 0xffffffff}]}) 890.248636ms ago: executing program 4 (id=16331): r0 = socket(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x5, @mcast1, 0x6}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1400000000000000290000003e000000000000000000000014"], 0x30}}], 0x1, 0x20008850) 834.601529ms ago: executing program 4 (id=16332): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 725.552334ms ago: executing program 1 (id=16333): r0 = epoll_create1(0x0) r1 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}}) 644.115219ms ago: executing program 4 (id=16334): syz_mount_image$exfat(&(0x7f0000002000), &(0x7f0000000240)='./file1\x00', 0x8, &(0x7f0000002140)={[{@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@errors_continue}, {@namecase}, {@errors_remount}, {@dmask={'dmask', 0x3d, 0x1}}, {@time_offset={'time_offset', 0x3d, 0x6}}, {@errors_remount}, {@namecase}]}, 0x1, 0x1533, &(0x7f00000037c0)="$eJzs3AuYTlX3APC19t5nDElvk1yGvfc6vMllmyTJJUkuSZIkSW4JSZN8kpAYcksakpBchuQyhOQyMWnc7/dLQpI0SZIkt2T/nyk+9a/v3vf5nm/W73nex17vOWufdd51zrznHMxXXYbWbFyrWkMign8J/vxHEgDEAsBAALgKAAIAKBdXLi5reU6JSf/aRtgf64HUy10Bu5y4/9kb9z974/5nb9z/7I37n71x/7M37n/2xv1nLDvbPL3g1fzKvi9+/p+d8ff//5DM0mM/W1v62q4AMX9vCvc/e+P+/88K/p6VuP/ZG/c/u4q93AWw/wJ8/v9viQ9/790cf3F97n/2xv1nLDu73M+f//0v+VeXQyQ7fAZ/Zf8ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLH/gNP+EgUAF8eXuy7GGGOMMcYYY4z9cXyOy10BY4wxxhhjjDHG/v0QBEhQEEAM5IBYyAm5QADAlZAHroIIXA1xcA3khWshH+SHAlAQ4qEQFAYNBiwQhFAEikIUroNicD0UhxJQEkqBg9KQADdAGbgRysJNUA5uhvJwC1SAilAJKsOtUAVug6pwO1SDO6A61ICaUAvuhNpwF9SBu6Eu3AP14F6oD/dBA7gfGsID0AgehMbwEDSBh6EpNIPm0AJa/lP5z0EPeB56Qi9Igt7QB16AvtAP+sMAGAgvwiB4CQbDy5AMQ2AovALD4FUYDq/BFTASRsHrMBregDEwFsbBeEiBCTAR3oRJ8BZMhikwFaZBKkyHGfA2zIRZMBvegTnwLsyFeTAfFkAavAcLYRGkw/uwGD6ADFgCS2EZLIcVsBJWwWpYA2thHayHDbARNsFm2AJbYRtshx2wEz6EXfAR7IY9sPfP/ftH8k/9Iv9j2AddERBQoECFCmMwBmMxFnNhLsyNuTEP5sEIRjAO4zAv5sV8mA8LYAGMx3gsjIXRoEFCwiJYBKMYxWJYDItjcSyJJbMOIEzABCyDN2JZLIvlsByWx/JYAStiRayMlbEKVsGqWBWrYTWsjtWxJtbEO/FO7I11sA7WxbpYD+tdfDyFDbEhNsJG2BgbYxNsgk2xKTbH5tgSW2IrbIWtsTW2xbbYDtthe2yPiZiIHbADdsSO2Ak7YWfsjF2wC3bFbtgt87kcgM/j89gLq4ve2Af7YF9MztEfB+AAfBEH4Uv4Er6MyTgEh+Ir+Aq+isPxJI7AkTgKR2EV8QaOwbFIYjymYApOxIk4CSfhZJyCU3AapuJ0nIEzcCbOwln4Ds7Bd/FdnIfzcAGmYRouxEWYjum4GE9hBi7BpbgMl+MKXI6rcDWuwrW4DtfiBtyAm3ATbsEtuA234Q7cgR+iAsCPcA/uwWTch/twP+7HA3gAD+JBzMRMPISH8DAexiN4BI/iUTyG3+Jx/BZP4Ak8iafwNJ7Gs3gWz+Ez8V80+rDEmmQQWZRQIkbEiFgRK3KJXCK3yC3yiDwiIiIiTsSJvCKvyCfyiQKigIgX8aKwKCyMMIJEGAMAIiqiopgoJoqL4qKkKCmccCJBJIgyoowoK8qKcuJmUV7cIiqIiqKNqywqiyqirasqbhfVRDVRXdQQNUUtUUvUFrVFHVFH1BV1RT1RT9QX94kGojf2xwdEVmcaiyHYRAzFpqKZkBfOgFZiOLYWbURb8ZgYiSOwvWjlEsWTooMYgx3Fn8RYfFp0FuOxi3hWdBXdRHfxnOghWrueopeYjL1FHzEN+4p+or8YIGZiDfEOzslZU7wsksUQMVS8Ihbgq2K4eE2MECPFKPG6GC3eEGPEWDFOjBcpYoKYKN4Uk8RbYrKYIqaKaSJVTBczxNtippglZot3xBzxrpgr5on5YoFIE++JhWKRSBfvi8XiA5EhloilYplYLlaIlWKVWC3WiLVinVgvNoiNYpPYLLaIrWKb2C52iJ3iQ7FLfCR2iz1ir/hY7BOfiP3iU3FAfCYOis9FpvhCHBJfisPiK3FEfC2Oim/EMfGtOC6+EyfE9+KkOCVOizPirPhBnBM/ivPCC5AohZRSyUDGyBwyVuaUueQVMrcMLny6V8s4eY3MK6+V+WR+WUAWlPGykCwstTTSSpKhLCKLyqi8ThaT18visoQsKUtJJ0vLBHmDLCNvlGXlTbKcvFmWl7fICrKirCQry1tlFXmbhMjP26gua8iaspa8UybBXbKOvFvWlffIevJeWV/eJxvI+2VD+YBsJB+UjeVDsol8WDaVzWRz2UK2lI/IVvJR2Vq2kW3lY7KdfFy2l0/IRPmk7CD9hUPkadlZPiO7yGdlV9lNdpc/yvPSy56yl4TeIPvIF2Rf2U/2lwPkQPmiHCRfkoPlyzJZDpFD5StymHxVDpevyRFypBwlX5ej5RtyjBwrx8nxMkVOkBPlm3KSfEtOllPkVDlNpsrpsv+FmWZL+Tfz3/xlftZPTjldDv5p65vkZrlFbpXb5Ha5Q+6UH8pdcpfcLXfLvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KY/Faekd/JE/J7eVKekqfkGXlWnpXnLnwGoFAJJZVSgYpROVSsyqlyqStUbnWlyqOuUhF1tYpT16i86lqVT+VXBVRBFa8KqcJKK6OsIhWqIqqoiqrr8MIBo0qqUsqp0ipB3fCP5Kti6npVXJX4Vf7F+pL+Qn0tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UC6qv6qf6qwFqoHpRDVKD1GA1WCWrZDVUDVXD1DA1XA1XI1ROABilRqvRaowao8apcSpFpaiJaqKapCapyWqymqqmqlSVqmaoGWqmmqlmq9lqjpqj5qq5ar6ar9JUmlqoFqp0la4Wq8UqQy1RS9QytUytUCvUKrVKrVFr1Dq1Tm1QG1SG2qw2q61qq9qutqudaqfapXap3Wq32qv2qn1qn9qv9qsD6oA6qA6qTJWpDqlD6rA6rI6oI+qoOqqOqWPquDquTqgT6qQ6qU6r0+qsOqvOqXPqvDqvIBAgAhGoQAUxQUwQG8QGuYJcQe4gd5AnyBNEgkgQF8QFeYNrg3xB/qBAUDCIDwoFhQMdmMAG4kLTo8F1QbHg+qB4UCIoGZQKXFA6SAhuCMoENwZlg5uCcsHNQfnglqBCUDGoFFQObg2qBLcFVYPbg2rBHUH1oEZQM6gV3BnUDu4K6gR3B3WDe4J6wb1B/eC+oEFwf9AweCBoFDwYNA4eCpoEDwdNg2ZB86BF0PIPnd/7k/kfdT11L52ke+s++gXdV/fT/fUAPVC/qAfpl/Rg/bJO1kP0UP2KHqZf1cP1a3qEHqlH6df1aP2GHqPH6nF6vE7RE/RE/aaepN/Sk/UUPVVP06l6up6h39Yz9Sw9W7+j5+h39Vw9T8/XC3Safk8v1It0un5fL9Yf6Ay9RC/Vy/RyvUKv1Kv0ar1Gr9Xr9Hq9QW/Um/RmvUVv1dv0dr1D79Qf6l36I71b79F79cd6n/5E79ef6gP6M31Qf64z9Rf6kP5SH9Zf6SP6a31Uf6OP6W/1cf2dPqG/1yf1KX1an9Fn9Q/6nP5Rn9c+6+I+6+vdKKNMjIkxsSbW5DK5TG6T2+QxeUzEREyciTN5TV6Tz+QzBUwBE2/iTWFT2GQhQ6aIKWKiJmqKmWKmuCluSpqSxhlnEkyCKWPKmLKmrClnypnyprypYCqYSqaSudXcam4zt5nbze3mDnOHqWFqmFqmlqltaps6po6pa+qaeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqamuamuWlpWppWppVpbVqbtqataWfamfamvUk0iVknseloOppOppPpbDqbLqaL6Wq6mu6mu+lhepiepqdJMkmmj+lj+pq+pr/pbwaagWaQGWQGm8Em2SSboWaoGWaGmeFmuBlhRppRWReq5g0zxow148x4k2JSzEQz0Uwyk8xkM9lMNVNNqkk1M8wMM9PMNLPNbDPHzDFzzVwz38w3aSbNLDQLTbpJN4vNYpNhMsxSs9QsN8vNSrPSrDarzVqz1qyH9Waj2Wg2m81mq9lqtpvtZqfZaXaZXWa32W32mr1mn9ln9pv95oA5YA6agybTZJpD5pA5bA6bI+aIOWqOmmPmmDlujpsT5oQ5aU6a0+a0OWvyX/i+9CbW5rS57BU2t73S5rFX2f8fF7AFbbwtZAtbbfPZ/L+KjbW2uC1hS9pS1tnSNsHe8Ju4gq1oK9nK9lZbxd5mq/4mrm3vsnXs3bauvcfWsnf+Kq5n77X17UO2ASKAbWYb2Ra2sX3INrEP26a2mW1uW9h29nHb3j5hE+2TtoN96jfxQrvIrrZr7Fq7zu62e+xpe8Yetl/Zs/YH29P2sgPti3aQfckOti/bZDvkN/Eo+7odbd+wY+xYO86O/0081U6zqXa6nWHftjPtrN/EafY9O8em27l2np1vF/wUZ9WUbt+3i+0HNsMGsNQus8vtCrvSrvpzrcvsBrvRbrK77Ed2q91mt9sddufFC2G7x+61H9t99hN7yH5pD9jP7EF7xGbaL36Ks/bviP3aHrXf2GP2W3vcfmdP2O/Vxeysff/O/mjPW2+BkIAkKQoohnJQLOWkXHQF5aYrKQ9dRRG6muLoGspL11I+yk8FqCDFUyEqTJoMWSIKqQgVpShdRxfLK0mlyFFpSqAbqAzdSGXpJipHN1N5uoUqUEWqRJXpVqpCt1FVup2q0R1UnWpQTapFd1Jtuovq0N1Ul+6henQv1af7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/oTdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8DaCC9SIPoJRpML1MyDaGh9AoNo1dpOL1GI2gkjaLXaTS9QWNoLI2j8ZRCE2givUmT6C2aTFNoKk2jVJpOM+htmkmzaDa9Q3PoXZpL82g+LaA0eo8W0iJKp/dpMX1AGbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjtoJ31Iu+gj2k17aC99TPvoE9pPn9IB+owO0ueUSV/QIfqSDtNXdIS+vnidRsfpOzpB39NJOkWn6QydpR/oHP1I58kThBiKUIYqDMKYMEcYG+YMc4VXhLnDK8M84VVhJLw6jAuvCfOG14b5wvxhgbBgGB8WCguHOjShDSkMwyJh0TAaXhcWC68Pi4clwpJhqdCFpcOE8IawTHhjWDa8KSwX3hyWD28JK4QVw4fuqRzeGlYJbwurhreH1cI7wuphjbBmWCu8M6wd3hXWCe8O64b3hGXDe8P64X1hg/D+sGH4QNgofDBsHD4UNgkfDpuGzcLmYYuwZfhI2Cp8NGwdtgnbho+F7cLHw/bhE2Fi+GTYIXzqp+X3LvrLy5PC3mGf8IXwhdD7u+X86IJoWvS96MLoomh69P3o4ugH0YzokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kao97VygEMnnHTKBS7G5XCxLqfL5a5wud2VLo+7ykXc1S7OXePyumtdPpffFXAFXbwr5Ao77YyzjlzoiriiLuquc8Xc9a64K+FKulLOudIuwbVwLV1Lt7UsQGvXxrV1j7nH3OPucfeEe8I96Tq4p1xH9yfXyT3tOrtn3DPuWdfVdXPd3XOuh5uQ5+eDIMn1cX1cX9fX9Xf93UA30A1yg9xgN9glu2Q31A11w9wwN9wNdyPcCDfKjXKj3Wg3xo1x49w4l+JS3EQ30U1yk9xkN9lNdVNdqkt1M9wMN9PNdFVm/byVuW6um+/muzSX5ha6rGvGdLfYLXYZLsMtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e10O90ut8vt9lf9PKnb5/a7/e6AO+AOus9dpvvCHXJfusPuK3fEfe2Oum/cMfetO+6+cyfc9+6kO+VOuzPurPvBnXM/uvPOu5TIhMjEyJuRSZG3IpMjUyJTI9MiqZHpkRmRtyMzI7MisyPvROZE3o3MjcyLzI8siKRF3ossjCyKpEfejyyOfBDJiCyJLI0siyyPrIh4X2hr6Iv4oj7qr/PF/PW+uC/hS/pS3vnSPsHf4Mv4G31Zf5Mv52/25f0tvoKv6Cv5h31T38w39y18S/+Ib+Uf9a19G9/WP+bb+cd9e/+ET/RP+g7+Kd/R/8l38k/7zv4Z38U/67v6br67f8738M/7nr6XT/K9fR//gu/r+/n+foAf6F/0g/xLfrB/2Sf7IX6of8UP86/64f41P8KP9KNiXvejL94iw3if4if4if5NP8m/5Sf7KX6qn+ZT/XQ/w7/tZ/pZfrZ/x8/x7/q5fp6f7xf4NP+eX+gX+XT/vl/sP/AZfsnFh5J+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqf/0O/yH/ndfo/f6z/2+/wnfr//1B/wn/mD/nOf6b/wh/yX/rD/yh/xX/uj/ht/zH/rj/vv/An/vT/pT/nT/ow/63/w5/yP/jz/nzXGGGOMsb/LhEtD8eslP98m9v6dHPGLlfsAwJXbCmb+cnnWFeX6fD+P+4n4dhEAeLJXlwcuvqpXT0pKurBuhoSg6DyAi38TlCUGLsVLoC08DonQBsr8bv39RLez9Dfmj94MkOsXObFwKb40/6cAmPQ78z/y2KiF5cPTcX9l/nkAxYteyskJl+Il0Pan5yttoOxfqD9/q79Rf87PUgBa/yInN1yKL9WfAI/CU5D4qzUZY4wxxhhjjLGf9ROVOl28/7z4Lz5/7/48Xl3KyQGX4r91f84YY4wxxhhjjLHL7+lu3Z94JDGxTad/fFD1n8r6uwdN4N818x8/yAn/FWX8awPvAS6+owDgX5wQIGsg/5N7seU/sq3kC6fO/1+0/IwP4L+jlf/8YNyf37nMP5gYY4wxxhhjf7hLV/+/fl9droIYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFs6D/xe8Uu9z4yxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjl9v/BQAA//+pJfYM") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000000)=""/149, 0x95) 643.361069ms ago: executing program 3 (id=16335): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x214e}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x30}}, 0x800) 347.449143ms ago: executing program 3 (id=16336): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000440)=0x2000) 343.253033ms ago: executing program 4 (id=16337): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0) sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x44, r1, 0x1, 0x0, 0xffffffff, {0x2a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x58}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1003}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 161.036782ms ago: executing program 3 (id=16338): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="89", 0x1}], 0x1}, 0x240000d5) recvfrom(r0, 0x0, 0xfffffddb, 0x40000023, 0x0, 0x0) 160.871733ms ago: executing program 4 (id=16339): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x69, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40801}, 0x4) 59.948628ms ago: executing program 4 (id=16340): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a5c000000060a010400000000000000000a0000040900010073797a31000000000900020073797a3200000000300004802c0001800a0001006d6174636800c9211c0002800800024000000002080003000000080008000100736574"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010) 0s ago: executing program 3 (id=16341): r0 = syz_io_uring_setup(0x10d3, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x0, 0x34f}, &(0x7f00000000c0), &(0x7f0000000080)) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000001c0)={0x79c, 0xffffffffffffffff, 0x32, {0xb, 0x100000000}, 0x2}, 0x1) kernel console output (not intermixed with test programs): it: type=1326 audit(2000000197.129:10796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1047.744495][ T5335] loop3: detected capacity change from 0 to 256 [ 1047.754821][ T28] audit: type=1326 audit(2000000197.129:10797): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1047.786117][ T5332] loop1: detected capacity change from 0 to 4096 [ 1047.826592][ T28] audit: type=1326 audit(2000000197.129:10798): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1047.871325][ T28] audit: type=1326 audit(2000000197.129:10799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1047.901045][ T5332] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1047.931289][ T5332] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 1047.966947][ T28] audit: type=1326 audit(2000000197.129:10800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1048.098598][ T28] audit: type=1326 audit(2000000197.129:10801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.14544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1048.861466][ T5375] netlink: 56 bytes leftover after parsing attributes in process `syz.4.14569'. [ 1048.863064][ T5377] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1049.767260][ T5417] netlink: 'syz.4.14588': attribute type 3 has an invalid length. [ 1049.940627][ T5423] netlink: 148 bytes leftover after parsing attributes in process `syz.4.14591'. [ 1050.270623][T17965] usb 1-1: new high-speed USB device number 82 using dummy_hcd [ 1050.272511][ T5438] CIFS mount error: No usable UNC path provided in device string! [ 1050.272511][ T5438] [ 1050.272530][ T5438] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1050.325831][ T5406] loop3: detected capacity change from 0 to 32768 [ 1050.355875][ T5406] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1050.452846][T17965] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1050.482670][T17965] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1050.508358][ T5406] XFS (loop3): Ending clean mount [ 1050.522343][T17965] usb 1-1: config 0 descriptor?? [ 1050.545127][T17965] cp210x 1-1:0.0: cp210x converter detected [ 1050.771129][T17965] usb 1-1: cp210x converter now attached to ttyUSB0 [ 1050.814072][ T5761] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1050.971683][ T1748] usb 1-1: USB disconnect, device number 82 [ 1051.005386][ T1748] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1051.032428][ T1748] cp210x 1-1:0.0: device disconnected [ 1051.237531][ T5464] sctp: [Deprecated]: syz.3.14604 (pid 5464) Use of int in max_burst socket option. [ 1051.237531][ T5464] Use struct sctp_assoc_value instead [ 1051.286522][ C1] vkms_vblank_simulate: vblank timer overrun [ 1051.804071][ T5484] loop3: detected capacity change from 0 to 512 [ 1051.866443][ T5484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1051.932204][ T5484] ext4 filesystem being mounted at /3492/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1052.134698][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1052.164468][ T5493] netlink: 20 bytes leftover after parsing attributes in process `syz.4.14618'. [ 1052.196035][ T5493] netlink: 20 bytes leftover after parsing attributes in process `syz.4.14618'. [ 1052.383222][ T5502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14623'. [ 1052.545340][ T5513] kernel read not supported for file / œÏüÔ¢W)ëS“§Ç-ë (pid: 5513 comm: syz.0.14627) [ 1052.570604][ T28] audit: type=1800 audit(2000000202.199:10802): pid=5513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.14627" name=20019CCFFCD4A25729EB5393A7C72DEB dev="mqueue" ino=107218 res=0 errno=0 [ 1052.846128][ T5527] netlink: 'syz.0.14632': attribute type 1 has an invalid length. [ 1053.014178][ T28] audit: type=1326 audit(2000000202.649:10803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.036798][ C1] vkms_vblank_simulate: vblank timer overrun [ 1053.081579][ T28] audit: type=1326 audit(2000000202.649:10804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.104206][ C1] vkms_vblank_simulate: vblank timer overrun [ 1053.110797][ T28] audit: type=1326 audit(2000000202.649:10805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.134606][ T28] audit: type=1326 audit(2000000202.649:10806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.157464][ C1] vkms_vblank_simulate: vblank timer overrun [ 1053.210584][ T28] audit: type=1326 audit(2000000202.649:10807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.242602][ T5540] loop1: detected capacity change from 0 to 736 [ 1053.262274][ T28] audit: type=1326 audit(2000000202.649:10808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.284986][ C1] vkms_vblank_simulate: vblank timer overrun [ 1053.311952][ T28] audit: type=1326 audit(2000000202.699:10809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.356935][ T28] audit: type=1326 audit(2000000202.699:10810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.481292][ T28] audit: type=1326 audit(2000000202.699:10811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5531 comm="syz.3.14635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1053.504166][ C1] vkms_vblank_simulate: vblank timer overrun [ 1054.723812][ T5607] netlink: 'syz.4.14668': attribute type 5 has an invalid length. [ 1054.841448][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.847819][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.996891][ T5623] netlink: 'syz.0.14677': attribute type 2 has an invalid length. [ 1055.030789][ T5623] netlink: 'syz.0.14677': attribute type 1 has an invalid length. [ 1055.678407][ T5645] loop1: detected capacity change from 0 to 4096 [ 1056.409978][ T5679] gretap1: entered promiscuous mode [ 1056.651151][ T5692] kernel profiling enabled (shift: 63) [ 1056.657752][ T5692] profiling shift: 63 too large [ 1056.930599][ T23] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 1057.017610][ T5706] netlink: 8324 bytes leftover after parsing attributes in process `syz.1.14719'. [ 1057.136255][ T23] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1057.154333][ T23] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1057.169781][ T23] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1057.189698][ T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1057.216561][ T5693] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1057.234020][ T23] usb 5-1: Quirk or no altest; falling back to MIDI 1.0 [ 1057.749486][ T23] usb 5-1: USB disconnect, device number 36 [ 1058.124422][ T5762] xt_cgroup: invalid path, errno=-2 [ 1058.161397][ T5744] loop3: detected capacity change from 0 to 8192 [ 1058.173194][ T5744] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1058.215351][ T5744] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 1058.259858][ T5744] REISERFS (device loop3): using ordered data mode [ 1058.296028][ T5773] usb usb8: usbfs: process 5773 (syz.1.14744) did not claim interface 0 before use [ 1058.300674][ T5744] reiserfs: using flush barriers [ 1058.363991][ T5744] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1058.396264][ T5744] REISERFS (device loop3): checking transaction log (loop3) [ 1058.444425][ T5744] REISERFS (device loop3): Using r5 hash to sort names [ 1058.478397][ T5744] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 1058.665298][ T5789] netlink: 132 bytes leftover after parsing attributes in process `syz.1.14749'. [ 1058.753557][ T9] usb 1-1: new high-speed USB device number 83 using dummy_hcd [ 1058.830629][ T1531] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 1058.950741][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 1058.968369][ T9] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 1058.987972][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1059.005094][ T9] usb 1-1: config 0 has no interface number 0 [ 1059.013081][ T9] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1059.024102][ T1531] usb 5-1: Using ep0 maxpacket: 16 [ 1059.031954][ T9] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1059.045483][ T9] usb 1-1: config 0 interface 52 has no altsetting 0 [ 1059.055400][ T9] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 1059.066012][ T1531] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1059.075989][ T9] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 1059.083461][ T1531] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1059.094707][ T9] usb 1-1: Manufacturer: syz [ 1059.110473][ T1531] usb 5-1: Product: syz [ 1059.114867][ T1531] usb 5-1: Manufacturer: syz [ 1059.119619][ T1531] usb 5-1: SerialNumber: syz [ 1059.147865][ T9] usb 1-1: config 0 descriptor?? [ 1059.161292][ T1531] r8152-cfgselector 5-1: config 0 descriptor?? [ 1059.169291][ T9] hub 1-1:0.52: bad descriptor, ignoring hub [ 1059.191134][ T9] hub: probe of 1-1:0.52 failed with error -5 [ 1059.420261][ T9] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input61 [ 1059.596367][ T1531] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1059.628195][ T1531] r8152-cfgselector 5-1: USB disconnect, device number 37 [ 1059.737035][ T1748] usb 1-1: USB disconnect, device number 83 [ 1059.864624][ T5823] netlink: 5 bytes leftover after parsing attributes in process `syz.1.14760'. [ 1059.879758][ T5823] 0ªX¹¦D: renamed from macvtap0 (while UP) [ 1059.901609][ T5823] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 1060.264604][ T5830] loop3: detected capacity change from 0 to 4096 [ 1060.280183][ T5834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14765'. [ 1060.945853][ T5857] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744071562067969) [ 1060.981412][ T5857] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 1061.005333][ T5859] loop1: detected capacity change from 0 to 1024 [ 1061.097826][ T5863] : renamed from veth0_vlan (while UP) [ 1061.470858][ T5874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14784'. [ 1061.500847][ T5874] netlink: del zone limit has 8 unknown bytes [ 1061.820107][ T5890] bridge6: the hash_elasticity option has been deprecated and is always 16 [ 1061.893108][ T5894] ÿ: renamed from dummy0 (while UP) [ 1062.818119][ T5900] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1062.832227][ T5941] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1062.837910][ T5900] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1063.085399][ T5953] loop1: detected capacity change from 0 to 256 [ 1063.151507][ T5953] exfat: Deprecated parameter 'utf8' [ 1063.160778][ T5953] exfat: Deprecated parameter 'namecase' [ 1063.213215][ T5953] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d) [ 1064.091133][ T5986] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14834'. [ 1064.190782][T22416] Bluetooth: hci1: command 0x0406 tx timeout [ 1065.490152][ T6035] veth1_vlan: left allmulticast mode [ 1065.511716][ T6035] veth1_vlan: left promiscuous mode [ 1065.535129][ T6004] loop1: detected capacity change from 0 to 32768 [ 1065.571033][ T6004] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.14842 (6004) [ 1065.620962][ T6004] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1065.652590][ T6004] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1065.670173][ T6004] BTRFS info (device loop1): using free space tree [ 1065.868500][ T6004] BTRFS info (device loop1): enabling ssd optimizations [ 1065.892516][ T6004] BTRFS info (device loop1): auto enabling async discard [ 1066.111454][ T5768] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1066.273098][T22416] Bluetooth: hci1: command 0x0406 tx timeout [ 1066.769306][ T6093] xt_TCPMSS: Only works on TCP SYN packets [ 1067.050758][ T1748] usb 1-1: new high-speed USB device number 84 using dummy_hcd [ 1067.237113][ T1748] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1067.280912][ T1748] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1067.310954][ T1748] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1067.348320][ T1748] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1067.382133][ T6092] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1067.389476][ T6118] netlink: 248 bytes leftover after parsing attributes in process `syz.1.14891'. [ 1067.392759][ T1748] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 1067.707963][ T6128] trusted_key: encrypted_key: keylen parameter is missing [ 1067.764260][ T6129] ip6t_REJECT: ECHOREPLY is not supported [ 1067.869788][ T6131] loop3: detected capacity change from 0 to 64 [ 1067.884040][ T1748] usb 1-1: USB disconnect, device number 84 [ 1068.128571][ T6139] ubi0: attaching mtd0 [ 1068.136897][ T6139] ubi0 error: validate_ec_hdr: bad VID header offset 64, expected 129 [ 1068.161425][ T6139] ubi0 error: validate_ec_hdr: bad EC header [ 1068.167474][ T6139] Erase counter header dump: [ 1068.184750][ T6139] magic 0x55424923 [ 1068.189636][ T6139] version 1 [ 1068.198432][ T6139] ec 1 [ 1068.208591][ T6139] vid_hdr_offset 64 [ 1068.231350][ T6139] data_offset 128 [ 1068.240608][ T6139] image_seq 693238134 [ 1068.248890][ T6139] hdr_crc 0x4ff44324 [ 1068.259938][ T6139] erase counter header hexdump: [ 1068.268717][ T6139] CPU: 1 PID: 6139 Comm: syz.1.14901 Not tainted syzkaller #0 [ 1068.276518][ T6139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1068.286865][ T6139] Call Trace: [ 1068.290537][ T6139] [ 1068.293583][ T6139] dump_stack_lvl+0x18c/0x250 [ 1068.298313][ T6139] ? show_regs_print_info+0x20/0x20 [ 1068.303645][ T6139] ? ubi_io_read+0x5b8/0xb00 [ 1068.308399][ T6139] validate_ec_hdr+0x20d/0x330 [ 1068.313527][ T6139] ubi_io_read_ec_hdr+0x1a5/0x610 [ 1068.318685][ T6139] ubi_attach+0x661/0x4bc0 [ 1068.323146][ T6139] ? lockdep_softirqs_off+0x430/0x430 [ 1068.328835][ T6139] ubi_attach_mtd_dev+0x1b1e/0x3710 [ 1068.334090][ T6139] ctrl_cdev_ioctl+0x2df/0x3f0 [ 1068.338910][ T6139] ? __fget_files+0x28/0x4b0 [ 1068.343572][ T6139] ? __fget_files+0x28/0x4b0 [ 1068.348241][ T6139] ? ubi_cdev_ioctl+0xa10/0xa10 [ 1068.353305][ T6139] ? bpf_lsm_file_ioctl+0x9/0x10 [ 1068.358273][ T6139] ? security_file_ioctl+0x80/0xa0 [ 1068.363439][ T6139] ? ubi_cdev_ioctl+0xa10/0xa10 [ 1068.368337][ T6139] __se_sys_ioctl+0xfd/0x170 [ 1068.372969][ T6139] do_syscall_64+0x55/0xa0 [ 1068.377436][ T6139] ? clear_bhb_loop+0x40/0x90 [ 1068.382234][ T6139] ? clear_bhb_loop+0x40/0x90 [ 1068.386949][ T6139] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1068.392989][ T6139] RIP: 0033:0x7ff35239c799 [ 1068.397426][ T6139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1068.417148][ T6139] RSP: 002b:00007ff3531c0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1068.425797][ T6139] RAX: ffffffffffffffda RBX: 00007ff352615fa0 RCX: 00007ff35239c799 [ 1068.434368][ T6139] RDX: 0000200000000000 RSI: 0000000040186f40 RDI: 0000000000000003 [ 1068.442809][ T6139] RBP: 00007ff352432c99 R08: 0000000000000000 R09: 0000000000000000 [ 1068.450985][ T6139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.459509][ T6139] R13: 00007ff352616038 R14: 00007ff352615fa0 R15: 00007ffeb36b0288 [ 1068.467552][ T6139] [ 1068.486220][ T6139] ubi0 error: ubi_io_read_ec_hdr: validation failed for PEB 0 [ 1068.523763][ T6139] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1068.618785][ T6149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14906'. [ 1068.642812][ T6149] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1068.892422][ T6141] loop4: detected capacity change from 0 to 32768 [ 1068.980475][ T1748] usb 1-1: new high-speed USB device number 85 using dummy_hcd [ 1069.201712][ T1748] usb 1-1: config index 0 descriptor too short (expected 39, got 27) [ 1069.234367][ T1748] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1069.278561][ T1748] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1069.308542][ T1748] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1069.328494][ T1748] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1069.370536][ T1748] usb 1-1: Product: syz [ 1069.380568][ T1748] usb 1-1: Manufacturer: syz [ 1069.391607][ T1748] usb 1-1: SerialNumber: syz [ 1069.409168][ T1748] usb 1-1: config 0 descriptor?? [ 1069.422644][ T1748] hub 1-1:0.0: bad descriptor, ignoring hub [ 1069.429047][ T1748] hub: probe of 1-1:0.0 failed with error -5 [ 1069.459144][ T1748] usb 1-1: selecting invalid altsetting 0 [ 1069.890865][ T1748] usb 1-1: USB disconnect, device number 85 [ 1069.999408][ T6167] loop1: detected capacity change from 0 to 32768 [ 1070.066292][ T6167] ea_get: invalid extended attribute [ 1070.253581][ T6192] geneve5: entered allmulticast mode [ 1070.401235][ T23] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 1070.598061][ T23] usb 4-1: Using ep0 maxpacket: 16 [ 1070.634298][ T23] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1070.650886][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1070.669224][ T23] usb 4-1: Product: syz [ 1070.677796][ T23] usb 4-1: Manufacturer: syz [ 1070.683072][ T23] usb 4-1: SerialNumber: syz [ 1070.693702][ T23] usb 4-1: config 0 descriptor?? [ 1070.705764][ T23] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1070.725083][ T6206] loop4: detected capacity change from 0 to 2048 [ 1070.765759][ T6206] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1070.820698][T26106] usb 2-1: new high-speed USB device number 76 using dummy_hcd [ 1071.020620][T26106] usb 2-1: Using ep0 maxpacket: 16 [ 1071.029339][T26106] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1071.041678][T26106] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1071.058818][T26106] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 1071.081384][T26106] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1071.089469][T26106] usb 2-1: Product: syz [ 1071.118402][ T23] ssu100: probe of 4-1:0.0 failed with error -71 [ 1071.130868][T26106] usb 2-1: Manufacturer: syz [ 1071.138677][ T23] usb 4-1: USB disconnect, device number 86 [ 1071.145586][T26106] usb 2-1: SerialNumber: syz [ 1071.167791][T26106] usb 2-1: config 0 descriptor?? [ 1071.179658][T26106] appledisplay 2-1:0.0: Could not find int-in endpoint [ 1071.208994][T26106] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 1071.422957][ T6229] netlink: 'syz.0.14946': attribute type 15 has an invalid length. [ 1072.498968][ T6271] loop4: detected capacity change from 0 to 4096 [ 1072.521229][ T6271] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1072.914602][ T6291] netlink: 'syz.3.14976': attribute type 1 has an invalid length. [ 1072.914928][ T6289] IPVS: set_ctl: invalid protocol: 233 172.30.1.1:20001 [ 1072.922879][ T6291] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14976'. [ 1073.072854][ T6295] libceph: resolve '0' (ret=-3): failed [ 1073.449737][ T6312] IPv6: sit1: Disabled Multicast RS [ 1073.466860][ T6312] sit1: entered allmulticast mode [ 1073.484264][ T6314] binder: 6313:6314 ioctl c0046209 0 returned -22 [ 1073.612670][ T1748] usb 2-1: USB disconnect, device number 76 [ 1073.684244][ T6320] netlink: 'syz.4.14990': attribute type 2 has an invalid length. [ 1073.920305][ T6324] loop1: detected capacity change from 0 to 8192 [ 1073.976129][ T6324] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1074.002049][ T6324] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1074.023498][ T6324] REISERFS (device loop1): using ordered data mode [ 1074.030240][ T6324] reiserfs: using flush barriers [ 1074.054095][ T6324] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1074.076014][ T6324] REISERFS (device loop1): checking transaction log (loop1) [ 1074.110802][ T6324] REISERFS (device loop1): Using rupasov hash to sort names [ 1074.140118][ T6324] REISERFS (device loop1): using 3.5.x disk format [ 1074.147151][ T1748] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 1074.169844][ T6324] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1074.200592][ T6324] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1074.226924][ T6324] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1074.251102][ T6324] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2) [ 1074.279199][ T6324] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 1074.345011][ T6324] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1074.373685][ T1748] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 1074.382193][ T6324] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1074.400949][ T1748] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1074.437622][ T1748] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1074.467924][ T1748] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1074.497866][ T1748] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1074.517837][ T1748] usb 4-1: Product: syz [ 1074.556277][ T1748] usb 4-1: Manufacturer: syz [ 1074.580608][ T1748] usb 4-1: SerialNumber: syz [ 1074.609364][ T1748] usb 4-1: config 0 descriptor?? [ 1074.629471][ T6343] netlink: 'syz.1.15000': attribute type 3 has an invalid length. [ 1074.641670][ T1748] hub 4-1:0.0: bad descriptor, ignoring hub [ 1074.658110][ T1748] hub: probe of 4-1:0.0 failed with error -5 [ 1074.683585][ T1748] usb 4-1: selecting invalid altsetting 0 [ 1074.836264][ T6351] loop4: detected capacity change from 0 to 64 [ 1075.131803][T17965] usb 4-1: USB disconnect, device number 87 [ 1075.270959][ T6361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15009'. [ 1076.318829][ T6409] netlink: 224 bytes leftover after parsing attributes in process `syz.0.15033'. [ 1076.591348][ T6421] PKCS7: Unknown OID: [4] 0.0 [ 1076.597597][ T6421] PKCS7: Only support pkcs7_signedData type [ 1076.860551][ T1748] usb 1-1: new high-speed USB device number 86 using dummy_hcd [ 1077.071206][ T1748] usb 1-1: Using ep0 maxpacket: 8 [ 1077.083847][ T1748] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1077.101841][ T1748] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1077.130723][ T1748] usb 1-1: Product: syz [ 1077.134942][ T1748] usb 1-1: Manufacturer: syz [ 1077.139608][ T1748] usb 1-1: SerialNumber: syz [ 1077.168661][ T1748] usb 1-1: config 0 descriptor?? [ 1077.199771][ T1748] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1077.452349][ T6433] loop4: detected capacity change from 0 to 40427 [ 1077.488309][ T6433] F2FS-fs (loop4): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 1077.511850][ T6433] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1077.538074][ T6433] F2FS-fs (loop4): heap/no_heap options were deprecated [ 1077.568124][ T6450] loop3: detected capacity change from 0 to 1024 [ 1077.570145][ T6433] F2FS-fs (loop4): invalid crc value [ 1077.599099][ T6433] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 1077.612557][ T1748] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 1077.631332][ T6433] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1077.647837][ T1748] sq905: probe of 1-1:0.0 failed with error -71 [ 1077.682924][ T1748] usb 1-1: USB disconnect, device number 86 [ 1077.760859][ T1135] hfsplus: b-tree write err: -5, ino 25 [ 1077.789625][ T1135] hfsplus: b-tree write err: -5, ino 4 [ 1077.800904][ T1135] hfsplus: b-tree write err: -5, ino 2 [ 1077.811368][ T6433] F2FS-fs (loop4): Try to recover 2th superblock, ret: -30 [ 1077.819172][ T6433] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1078.104421][ T6461] loop3: detected capacity change from 0 to 2048 [ 1078.161394][ T6461] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 1078.368458][ T6467] openvswitch: netlink: Actions may not be safe on all matching packets [ 1078.512176][T26106] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 1078.700573][T26106] usb 4-1: Using ep0 maxpacket: 8 [ 1078.713807][T26106] usb 4-1: config 7 has an invalid interface number: 143 but max is 1 [ 1078.732555][T26106] usb 4-1: config 7 has an invalid interface number: 217 but max is 1 [ 1078.747443][T26106] usb 4-1: config 7 has an invalid descriptor of length 229, skipping remainder of the config [ 1078.768603][T26106] usb 4-1: config 7 has no interface number 0 [ 1078.775420][T26106] usb 4-1: config 7 has no interface number 1 [ 1078.790565][T26106] usb 4-1: too many endpoints for config 7 interface 217 altsetting 0: 255, using maximum allowed: 30 [ 1078.820717][T26106] usb 4-1: config 7 interface 217 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 1078.844388][T26106] usb 4-1: config 7 interface 143 has no altsetting 0 [ 1078.876341][T26106] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=ba.35 [ 1078.890548][T26106] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1078.907720][T26106] usb 4-1: Product: syz [ 1078.950563][T26106] usb 4-1: Manufacturer: syz [ 1078.955398][T26106] usb 4-1: SerialNumber: syz [ 1079.008633][ T6489] loop4: detected capacity change from 0 to 128 [ 1079.038309][ T6489] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1079.071890][ T6489] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1079.191595][T26106] qmi_wwan: probe of 4-1:7.143 failed with error -22 [ 1079.245202][T26106] usb 4-1: USB disconnect, device number 88 [ 1079.424077][ T6503] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15078'. [ 1079.576979][ T6507] loop4: detected capacity change from 0 to 4096 [ 1079.632688][ T6507] ntfs: volume version 3.1. [ 1079.770784][ T6507] __ntfs_error: 9 callbacks suppressed [ 1079.770802][ T6507] ntfs: (device loop4): ntfs_truncate(): Truncate would cause the inode 0x43 to exceed the maximum size for its attribute type (0x80). Aborting truncate. [ 1080.174754][ T6516] loop3: detected capacity change from 0 to 8192 [ 1080.542164][ T6535] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1080.947684][ T6521] loop4: detected capacity change from 0 to 32768 [ 1080.979676][ T6521] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 1081.030583][ T1748] usb 1-1: new high-speed USB device number 87 using dummy_hcd [ 1081.040139][ T6521] JBD2: Ignoring recovery information on journal [ 1081.107376][ T6521] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1081.180968][ T6549] netlink: 56 bytes leftover after parsing attributes in process `syz.1.15100'. [ 1081.240462][ T1748] usb 1-1: Using ep0 maxpacket: 16 [ 1081.265633][ T1748] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 1081.296064][ T1748] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 1081.326959][ T6521] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1 [ 1081.352382][ T6551] trusted_key: encrypted_key: master key parameter '' is invalid [ 1081.355598][ T1748] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 1081.383726][ T6531] loop3: detected capacity change from 0 to 32768 [ 1081.400876][ T6521] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1081.412704][ T1748] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 1081.420515][ T6521] OCFS2: File system is now read-only. [ 1081.427454][ T1748] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1081.436640][ T1748] usb 1-1: Product: syz [ 1081.441105][ T1748] usb 1-1: Manufacturer: syz [ 1081.445730][ T1748] usb 1-1: SerialNumber: syz [ 1081.452842][ T1748] usb 1-1: config 0 descriptor?? [ 1081.458141][ T6521] (syz.4.15086,6521,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 1081.461072][ T6539] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1081.501650][ T6531] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1081.533258][ T1748] mceusb 1-1:0.0: mceusb_dev_probe: device setup failed! [ 1081.540700][ T1748] mceusb: probe of 1-1:0.0 failed with error -12 [ 1081.540880][ T6521] (syz.4.15086,6521,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 1081.540906][ T6521] (syz.4.15086,6521,1):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30 [ 1081.571658][ T6521] (syz.4.15086,6521,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30 [ 1081.580614][ T6521] (syz.4.15086,6521,0):__ocfs2_claim_clusters:2365 ERROR: status = -30 [ 1081.588913][ T6521] (syz.4.15086,6521,0):__ocfs2_claim_clusters:2373 ERROR: status = -30 [ 1081.597483][ T6521] (syz.4.15086,6521,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -30 [ 1081.610219][ T6521] (syz.4.15086,6521,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -30 [ 1081.619623][ T6521] (syz.4.15086,6521,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30 [ 1081.629870][ T6521] (syz.4.15086,6521,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30 [ 1081.633363][ T6531] XFS (loop3): Ending clean mount [ 1081.642048][ T6521] (syz.4.15086,6521,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30 [ 1081.660526][ T6521] (syz.4.15086,6521,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30 [ 1081.680857][ T6521] (syz.4.15086,6521,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30 [ 1081.695155][ T6531] XFS (loop3): Quotacheck needed: Please wait. [ 1081.698694][ T6521] (syz.4.15086,6521,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30 [ 1081.711642][ T6563] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1081.729941][ T6521] (syz.4.15086,6521,0):ocfs2_expand_inline_dir:2858 ERROR: status = -30 [ 1081.770665][ T6521] (syz.4.15086,6521,0):ocfs2_extend_dir:3205 ERROR: status = -30 [ 1081.794175][ T6521] (syz.4.15086,6521,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30 [ 1081.820101][ T1748] usb 1-1: USB disconnect, device number 87 [ 1081.849856][ T6521] (syz.4.15086,6521,1):ocfs2_mknod:298 ERROR: status = -30 [ 1081.857408][ T6531] XFS (loop3): Quotacheck: Done. [ 1081.863966][ T6521] (syz.4.15086,6521,1):ocfs2_mknod:502 ERROR: status = -30 [ 1081.871577][ T6521] (syz.4.15086,6521,1):ocfs2_mkdir:659 ERROR: status = -30 [ 1082.013974][ T5761] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1082.029662][T22415] ocfs2: Unmounting device (7,4) on (node local) [ 1082.679646][ T6590] cgroup: Bad value for 'name' [ 1082.700181][ T6586] loop4: detected capacity change from 0 to 4096 [ 1082.740495][ T6586] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1082.819374][ T6586] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 1083.333045][ T6606] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1083.408463][ T6610] netlink: 224 bytes leftover after parsing attributes in process `syz.4.15125'. [ 1083.755864][ T6620] loop3: detected capacity change from 0 to 512 [ 1083.809188][ T6620] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1083.838918][ T6620] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1083.900548][ T6620] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.15106: bad orphan inode 131083 [ 1083.939152][ T6620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1084.054150][ T6634] libceph: resolve 'c' (ret=-3): failed [ 1084.066484][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1084.524489][ T6656] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15148'. [ 1084.540764][T17965] usb 2-1: new high-speed USB device number 77 using dummy_hcd [ 1084.765694][T17965] usb 2-1: Using ep0 maxpacket: 8 [ 1084.782946][T17965] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1084.823575][T17965] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 1084.849292][T17965] usb 2-1: Product: syz [ 1084.859428][T17965] usb 2-1: Manufacturer: syz [ 1084.870756][T17965] usb 2-1: SerialNumber: syz [ 1084.885716][T17965] usb 2-1: config 0 descriptor?? [ 1084.919825][T17965] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1085.360569][T17965] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 1085.390064][T17965] sq905: probe of 2-1:0.0 failed with error -71 [ 1085.416019][T17965] usb 2-1: USB disconnect, device number 77 [ 1085.660499][T26106] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 1085.700750][ T6691] netlink: 20 bytes leftover after parsing attributes in process `syz.3.15165'. [ 1085.794379][ T6695] netlink: 56 bytes leftover after parsing attributes in process `syz.0.15166'. [ 1085.809162][ T6694] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1085.840591][T26106] usb 5-1: Using ep0 maxpacket: 32 [ 1085.879488][T26106] usb 5-1: config 0 has an invalid interface number: 4 but max is 0 [ 1085.897801][T26106] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1085.918317][T26106] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 1085.945923][ T6699] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 1085.954560][T26106] usb 5-1: config 0 has no interface number 1 [ 1085.972860][T26106] usb 5-1: config 0 interface 4 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1086.009389][T26106] usb 5-1: New USB device found, idVendor=046d, idProduct=08b0, bcdDevice=e5.27 [ 1086.029893][T26106] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1086.048423][T26106] usb 5-1: Product: syz [ 1086.058541][T26106] usb 5-1: Manufacturer: syz [ 1086.064837][T26106] usb 5-1: SerialNumber: syz [ 1086.091615][T26106] usb 5-1: config 0 descriptor?? [ 1086.097662][T26106] pwc: Logitech QuickCam Pro 3000 USB webcam detected. [ 1086.312144][T26106] pwc: Failed to set LED on/off time (-71) [ 1086.331676][T26106] pwc: send_video_command error -71 [ 1086.336923][T26106] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1086.371598][T26106] Philips webcam: probe of 5-1:0.0 failed with error -71 [ 1086.412412][T26106] usb 5-1: USB disconnect, device number 38 [ 1086.467830][ T6717] ÿ: renamed from bond_slave_0 [ 1086.489842][ T6719] netlink: 260 bytes leftover after parsing attributes in process `syz.3.15180'. [ 1086.971084][ T1748] usb 1-1: new high-speed USB device number 88 using dummy_hcd [ 1087.162525][ T1748] usb 1-1: config 0 has an invalid interface number: 199 but max is 1 [ 1087.172610][ T1748] usb 1-1: config 0 has no interface number 1 [ 1087.178777][ T1748] usb 1-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1087.210731][ T1748] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1087.231943][ T1748] usb 1-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 1087.241713][ T1748] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1087.260112][ T1748] usb 1-1: SerialNumber: syz [ 1087.273068][ T1748] usb 1-1: config 0 descriptor?? [ 1087.314849][ T1748] usb 1-1: Found UVC 0.00 device (0002:0000) [ 1087.333982][ T1748] usb 1-1: No valid video chain found. [ 1087.464309][ T6741] loop4: detected capacity change from 0 to 32768 [ 1087.505756][ T6741] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1087.531307][ T1748] usb 1-1: USB disconnect, device number 88 [ 1087.688642][ T6741] XFS (loop4): Ending clean mount [ 1087.841068][T22415] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1088.390027][ T6779] netlink: 3 bytes leftover after parsing attributes in process `syz.4.15198'. [ 1088.499150][ T6785] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1088.962515][ T28] audit: type=1326 audit(2000000238.599:10821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1089.039827][ T28] audit: type=1326 audit(2000000238.619:10822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1089.065293][ T6805] loop3: detected capacity change from 0 to 2048 [ 1089.116535][ T6811] netlink: 40 bytes leftover after parsing attributes in process `syz.1.15221'. [ 1089.120501][ T28] audit: type=1326 audit(2000000238.629:10823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1089.161536][ T6805] Alternate GPT is invalid, using primary GPT. [ 1089.169725][ T6805] loop3: p2 p3 p7 [ 1089.179422][ T6813] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.15223'. [ 1089.214230][ T28] audit: type=1326 audit(2000000238.629:10824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5612b9c502 code=0x7ffc0000 [ 1089.319787][ T28] audit: type=1326 audit(2000000238.639:10825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5612b5cfce code=0x7ffc0000 [ 1089.342199][ C1] vkms_vblank_simulate: vblank timer overrun [ 1089.410483][ T28] audit: type=1326 audit(2000000238.699:10826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5612b9c5c7 code=0x7ffc0000 [ 1089.454873][ T6817] xt_limit: Overflow, try lower: 0/0 [ 1089.459635][ T6821] netlink: 36 bytes leftover after parsing attributes in process `syz.4.15226'. [ 1089.469917][ T6821] netlink: 6 bytes leftover after parsing attributes in process `syz.4.15226'. [ 1089.479768][ T6821] netlink: 6 bytes leftover after parsing attributes in process `syz.4.15226'. [ 1089.484558][ T28] audit: type=1326 audit(2000000238.699:10827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5612b5cfce code=0x7ffc0000 [ 1089.600869][ T28] audit: type=1326 audit(2000000238.699:10828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5612b9c42b code=0x7ffc0000 [ 1089.650656][ T28] audit: type=1326 audit(2000000238.719:10829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5612b5cfce code=0x7ffc0000 [ 1089.740457][ T28] audit: type=1326 audit(2000000238.719:10830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6804 comm="syz.3.15218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5612b9c42b code=0x7ffc0000 [ 1090.583559][ T6860] loop1: detected capacity change from 0 to 1024 [ 1090.586209][ T6863] netlink: 'syz.0.15247': attribute type 2 has an invalid length. [ 1090.665261][ T6860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1090.709812][ T6868] loop4: detected capacity change from 0 to 256 [ 1090.785751][ T6868] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 1090.933895][ T11] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 1090.976882][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1091.932934][ T6914] net veth1_virt_wifi ÿÿÿÿÿÿ: renamed from virt_wifi0 [ 1092.004212][ T6916] loop1: detected capacity change from 0 to 4096 [ 1092.083319][ T6894] loop3: detected capacity change from 0 to 32768 [ 1092.117623][ T6916] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 1092.138442][ T6894] (syz.3.15258,6894,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1092.161434][ T6916] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1092.180253][ T6894] (syz.3.15258,6894,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1092.248639][ T6894] JBD2: Ignoring recovery information on journal [ 1092.328994][ T6926] netlink: 'syz.1.15276': attribute type 4 has an invalid length. [ 1092.337922][ T6926] netlink: 17 bytes leftover after parsing attributes in process `syz.1.15276'. [ 1092.348430][ T6894] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1092.747367][ T5761] ocfs2: Unmounting device (7,3) on (node local) [ 1093.390605][ T1531] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 1093.540726][T17965] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 1093.580610][ T1531] usb 4-1: Using ep0 maxpacket: 8 [ 1093.588912][ T1531] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1093.603115][ T1531] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1093.614293][ T1531] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1093.629411][ T1531] usb 4-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40 [ 1093.639549][ T6973] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15298'. [ 1093.644652][ T1531] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.667445][ T1531] usb 4-1: Product: syz [ 1093.674040][ T1531] usb 4-1: Manufacturer: syz [ 1093.678754][ T1531] usb 4-1: SerialNumber: syz [ 1093.742084][T17965] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1093.763527][T17965] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1093.794261][T17965] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1093.831779][T17965] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1094.134464][ T1531] usb 4-1: cannot find UAC_HEADER [ 1094.162552][ T1531] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 1094.198829][ T1531] usb 4-1: USB disconnect, device number 89 [ 1094.237825][ T8129] udevd[8129]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1094.591501][ T7007] x_tables: duplicate underflow at hook 3 [ 1095.131662][T17965] gspca_stv0680: usb_control_msg error 2, request = 0x6, error = -71 [ 1095.143417][T17965] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 1095.163429][T17965] stv0680 5-1:4.0: last error: 86, command = 0x78 [ 1095.182542][T17965] usb 5-1: USB disconnect, device number 39 [ 1095.635005][ T7036] xt_cgroup: path and classid specified [ 1096.380549][ T23] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 1096.573720][ T23] usb 5-1: Using ep0 maxpacket: 8 [ 1096.590275][ T23] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 1096.616461][ T23] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 1096.639718][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1096.660578][ T23] usb 5-1: Product: syz [ 1096.664886][ T23] usb 5-1: Manufacturer: syz [ 1096.669676][ T23] usb 5-1: SerialNumber: syz [ 1096.694869][ T23] usb 5-1: config 0 descriptor?? [ 1096.714806][ T23] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 1096.810760][ T7080] netlink: 72 bytes leftover after parsing attributes in process `syz.1.15353'. [ 1096.821713][ T7080] netlink: 72 bytes leftover after parsing attributes in process `syz.1.15353'. [ 1096.932445][ T23] gspca_zc3xx: reg_w_i err -71 [ 1097.021134][ T7090] cgroup: noprefix used incorrectly [ 1097.236751][ T7096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15360'. [ 1097.463417][ T7106] netlink: 'syz.0.15365': attribute type 10 has an invalid length. [ 1097.505654][ T7106] 8021q: adding VLAN 0 to HW filter on device team0 [ 1097.541990][ T7106] team0: entered promiscuous mode [ 1097.550576][ T23] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 1097.556439][ T7106] team_slave_1: entered promiscuous mode [ 1097.560722][ T23] gspca_zc3xx: probe of 5-1:0.0 failed with error -71 [ 1097.563811][ T7106] team0: entered allmulticast mode [ 1097.575371][ T7106] team_slave_1: entered allmulticast mode [ 1097.583588][ T7106] bond0: (slave team0): Enslaving as an active interface with an up link [ 1097.590588][ T23] usb 5-1: USB disconnect, device number 40 [ 1097.975157][ T7126] loop1: detected capacity change from 0 to 256 [ 1098.208997][ T7133] ip6gre3: entered promiscuous mode [ 1098.235257][ T7133] ip6gre3: entered allmulticast mode [ 1098.361485][ T7137] netlink: 20 bytes leftover after parsing attributes in process `syz.1.15380'. [ 1098.918407][ T7163] netlink: 'syz.3.15393': attribute type 1 has an invalid length. [ 1099.027758][ T7165] loop4: detected capacity change from 0 to 16 [ 1099.041053][ T7165] erofs: (device loop4): mounted with root inode @ nid 36. [ 1099.083516][T22416] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 0] out[9000] [ 1099.095544][ T7165] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 4050] out[9000] [ 1099.142020][ T28] kauditd_printk_skb: 14 callbacks suppressed [ 1099.142035][ T28] audit: type=1800 audit(2000000248.779:10845): pid=7165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.15394" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 1099.340600][ T23] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 1099.530500][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 1099.537469][ T23] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1099.547673][ T23] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1099.561081][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1099.584718][ T23] usb 4-1: Product: syz [ 1099.588978][ T23] usb 4-1: Manufacturer: syz [ 1099.622867][ T23] usb 4-1: SerialNumber: syz [ 1099.679889][ T23] usb 4-1: config 0 descriptor?? [ 1099.714266][ T23] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 1099.942668][ T23] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 1099.961070][T17965] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 1099.972547][ T23] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 1100.170538][T17965] usb 1-1: Using ep0 maxpacket: 16 [ 1100.190848][T17965] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00 [ 1100.195944][ T7207] loop4: detected capacity change from 0 to 64 [ 1100.206837][T17965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1100.206865][T17965] usb 1-1: Product: syz [ 1100.206879][T17965] usb 1-1: Manufacturer: syz [ 1100.206891][T17965] usb 1-1: SerialNumber: syz [ 1100.209813][T17965] usb 1-1: config 0 descriptor?? [ 1100.240667][ T1748] usb 4-1: USB disconnect, device number 90 [ 1100.287459][T17965] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 1100.302013][T17965] usb 1-1: Detected FT2232H [ 1100.489096][T17965] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1100.511740][T17965] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1100.540993][T17965] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1100.572587][T17965] usb 1-1: USB disconnect, device number 89 [ 1100.592727][T17965] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1100.631088][T17965] ftdi_sio 1-1:0.0: device disconnected [ 1101.756015][ T7258] CIFS mount error: No usable UNC path provided in device string! [ 1101.756015][ T7258] [ 1101.770468][ T7258] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1101.857378][ T7262] loop1: detected capacity change from 0 to 512 [ 1101.877635][ T7262] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1101.976632][ T7262] EXT4-fs (loop1): 1 truncate cleaned up [ 1102.011826][ T7262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1102.109905][ T7262] EXT4-fs error (device loop1): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.1.15442: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 1102.170637][ T7262] EXT4-fs (loop1): Remounting filesystem read-only [ 1102.177351][ T7262] EXT4-fs warning (device loop1): ext4_rename_delete:3778: inode #2: comm syz.1.15442: Deleting old file: nlink 4, error=-117 [ 1102.390875][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1102.654974][ T7296] loop3: detected capacity change from 0 to 1764 [ 1102.986555][ T7309] loop3: detected capacity change from 0 to 512 [ 1103.052612][ T7309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1103.528497][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1103.599184][ T7312] loop1: detected capacity change from 0 to 32768 [ 1103.618920][ T7312] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.15465 (7312) [ 1103.682610][ T7312] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1103.709337][ T7312] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1103.758679][ T7312] BTRFS info (device loop1): using free space tree [ 1103.923680][ T7312] BTRFS info (device loop1): enabling ssd optimizations [ 1103.990682][ T7312] BTRFS info (device loop1): auto enabling async discard [ 1104.151434][ T7351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15475'. [ 1104.263245][ T7355] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15477'. [ 1104.309263][ T5768] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1104.320041][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15477'. [ 1104.855708][ T7373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15487'. [ 1104.910452][ T7373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15487'. [ 1105.481295][ T7392] loop4: detected capacity change from 0 to 4096 [ 1105.496348][ T7392] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1105.617635][ T7392] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1105.642890][ T7392] ntfs3: loop4: Failed to load $Extend (-22). [ 1105.649457][ T7392] ntfs3: loop4: Failed to initialize $Extend. [ 1106.040448][ T1748] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 1106.241114][ T1748] usb 1-1: Using ep0 maxpacket: 16 [ 1106.262861][ T1748] usb 1-1: config 252 has an invalid interface number: 15 but max is 0 [ 1106.279929][ T1748] usb 1-1: config 252 has no interface number 0 [ 1106.302533][ T1748] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29 [ 1106.320483][ T1748] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1106.349092][ T1748] usb 1-1: Product: syz [ 1106.357490][ T7428] loop3: detected capacity change from 0 to 1024 [ 1106.359535][ T1748] usb 1-1: Manufacturer: syz [ 1106.390537][ T1748] usb 1-1: SerialNumber: syz [ 1106.456092][ T1748] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 1106.570641][ T7435] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1106.621811][ T1135] usb 1-1: Failed to submit usb control message: -71 [ 1106.638142][ T1748] usb 1-1: USB disconnect, device number 90 [ 1106.649064][ T1135] usb 1-1: unable to send the bmi data to the device: -71 [ 1106.676975][ T1135] usb 1-1: unable to get target info from device [ 1106.715037][ T1135] usb 1-1: could not get target info (-71) [ 1106.731156][ T1135] usb 1-1: could not probe fw (-71) [ 1106.803691][ T7441] loop4: detected capacity change from 0 to 1024 [ 1106.915294][ T41] hfsplus: b-tree write err: -5, ino 25 [ 1106.921497][ T41] hfsplus: b-tree write err: -5, ino 4 [ 1106.927655][ T41] hfsplus: b-tree write err: -5, ino 2 [ 1106.933561][ T41] hfsplus: b-tree write err: -5, ino 26 [ 1107.057590][ T7450] x_tables: duplicate underflow at hook 4 [ 1107.090521][T17965] usb 2-1: new high-speed USB device number 78 using dummy_hcd [ 1107.340713][T17965] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1107.376453][T17965] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1107.405420][T17965] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1107.439894][T17965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 1107.490598][T17965] usb 2-1: SerialNumber: syz [ 1107.735251][T17965] usb 2-1: 0:2 : does not exist [ 1107.766452][T17965] usb 2-1: USB disconnect, device number 78 [ 1107.779094][ T7478] loop4: detected capacity change from 0 to 512 [ 1107.852094][ T8129] udevd[8129]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1107.906864][ T7478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1107.968192][ T7478] EXT4-fs error (device loop4): ext4_get_first_dir_block:3584: inode #12: comm syz.4.15535: Directory block failed checksum [ 1108.150535][T22415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1108.158013][ T7494] loop3: detected capacity change from 0 to 256 [ 1108.172399][ T7494] exfat: Deprecated parameter 'utf8' [ 1108.196689][ T7494] exfat: Deprecated parameter 'utf8' [ 1108.212770][ T7494] exfat: Deprecated parameter 'utf8' [ 1108.213115][ T7495] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 1108.291291][ T7494] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1108.604874][ T7503] loop4: detected capacity change from 0 to 1764 [ 1108.660538][ T7503] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1108.838080][ T7513] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 1109.829741][ T7549] loop4: detected capacity change from 0 to 512 [ 1109.907096][ T7549] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 1110.002013][ T7549] EXT4-fs (loop4): 1 truncate cleaned up [ 1110.009614][ T7555] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.15572'. [ 1110.033780][ T7549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1110.062609][ T7555] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1110.110914][ T7549] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 1110.134617][ T7563] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 1110.249823][T22415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1110.467250][ T7576] loop1: detected capacity change from 0 to 256 [ 1110.478331][ T7577] netlink: 'syz.0.15582': attribute type 16 has an invalid length. [ 1110.544901][ T7576] FAT-fs (loop1): Directory bread(block 64) failed [ 1110.587331][ T7576] FAT-fs (loop1): Directory bread(block 65) failed [ 1110.628007][ T7576] FAT-fs (loop1): Directory bread(block 66) failed [ 1110.647043][ T7576] FAT-fs (loop1): Directory bread(block 67) failed [ 1110.670695][ T7576] FAT-fs (loop1): Directory bread(block 68) failed [ 1110.699970][ T7576] FAT-fs (loop1): Directory bread(block 69) failed [ 1110.705117][ T7583] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.15586'. [ 1110.728409][ T7576] FAT-fs (loop1): Directory bread(block 70) failed [ 1110.747360][ T7576] FAT-fs (loop1): Directory bread(block 71) failed [ 1110.776683][ T7576] FAT-fs (loop1): Directory bread(block 72) failed [ 1110.804558][ T7576] FAT-fs (loop1): Directory bread(block 73) failed [ 1110.860718][ T7587] netlink: 156 bytes leftover after parsing attributes in process `syz.4.15588'. [ 1111.111441][ T7593] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 1111.410702][ T7602] netlink: 'syz.1.15595': attribute type 1 has an invalid length. [ 1112.094404][ T7630] loop4: detected capacity change from 0 to 4096 [ 1112.153155][ T7630] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1112.170150][ T7635] netlink: 'syz.0.15611': attribute type 7 has an invalid length. [ 1112.178170][ T7635] netlink: 140 bytes leftover after parsing attributes in process `syz.0.15611'. [ 1112.238780][ T7630] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 1112.251550][ T7630] System zones: 0-5 [ 1112.279528][ T7630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1112.617382][T22415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1112.781564][ T7653] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609) [ 1112.798627][ T7653] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647 [ 1113.210483][T17965] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 1113.362313][ T7677] loop4: detected capacity change from 0 to 8 [ 1113.392914][T17965] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 1113.421112][T17965] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1113.457753][T17965] usb 1-1: config 220 has no interface number 2 [ 1113.475496][T17965] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1113.489784][ T7677] SQUASHFS error: Failed to read block 0xdfa: -5 [ 1113.508593][ T7677] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 1113.526925][T17965] usb 1-1: config 220 interface 0 has no altsetting 0 [ 1113.535038][ T7677] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1113.543054][T17965] usb 1-1: config 220 interface 76 has no altsetting 0 [ 1113.551492][ T7677] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1113.558330][T17965] usb 1-1: config 220 interface 1 has no altsetting 0 [ 1113.574116][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.593056][T17965] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1113.605721][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.612759][T17965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1113.621732][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.628930][T17965] usb 1-1: Product: syz [ 1113.634204][T17965] usb 1-1: Manufacturer: syz [ 1113.639032][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.646059][T17965] usb 1-1: SerialNumber: syz [ 1113.656082][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.672877][ T7677] SQUASHFS error: Failed to read block 0x4de: -5 [ 1113.680836][ T7677] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1113.687974][ T28] audit: type=1800 audit(2000000263.319:10846): pid=7677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.15630" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 1113.857359][ T7683] loop1: detected capacity change from 0 to 8192 [ 1113.896106][T17965] usb 1-1: selecting invalid altsetting 0 [ 1113.916997][ T7683] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1113.945465][ T7692] loop3: detected capacity change from 0 to 16 [ 1113.947536][T17965] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 1113.971162][ T7692] erofs: (device loop3): mounted with root inode @ nid 36. [ 1113.999839][ T7692] erofs: (device loop3): z_erofs_fill_inode_lazy: unknown HEAD2 format 3 for nid 83, please upgrade kernel [ 1114.000451][ T7683] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 1114.011756][ T7692] erofs: (device loop3): z_erofs_read_folio: read error -95 @ 0 of nid 83 [ 1114.038099][T17965] usb 1-1: No valid video chain found. [ 1114.078918][ T7683] REISERFS (device loop1): using ordered data mode [ 1114.078922][T17965] usb 1-1: selecting invalid altsetting 0 [ 1114.078954][T17965] usbtest: probe of 1-1:220.1 failed with error -22 [ 1114.116432][ T7683] reiserfs: using flush barriers [ 1114.160706][ T7683] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1114.177217][T17965] usb 1-1: USB disconnect, device number 91 [ 1114.247739][ T7683] REISERFS (device loop1): checking transaction log (loop1) [ 1114.495629][ T7683] REISERFS (device loop1): Using tea hash to sort names [ 1114.503906][ T7683] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 1114.518227][ T7683] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 1114.600708][ T28] audit: type=1326 audit(2000000264.229:10847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.3.15643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1114.657404][ T28] audit: type=1326 audit(2000000264.229:10848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.3.15643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1114.730465][ T28] audit: type=1326 audit(2000000264.239:10849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.3.15643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1114.827576][ T28] audit: type=1326 audit(2000000264.239:10850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.3.15643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1114.894701][ T28] audit: type=1326 audit(2000000264.239:10851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.3.15643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1115.046387][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15650'. [ 1115.080910][T17965] usb 1-1: new high-speed USB device number 92 using dummy_hcd [ 1115.112360][ T7720] netlink: 'syz.4.15652': attribute type 2 has an invalid length. [ 1115.131028][ T7720] netlink: 5356 bytes leftover after parsing attributes in process `syz.4.15652'. [ 1115.160655][ T23] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1115.270571][T17965] usb 1-1: Using ep0 maxpacket: 16 [ 1115.278840][T17965] usb 1-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 1115.288338][T17965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1115.308763][T17965] usb 1-1: Product: syz [ 1115.323612][T17965] usb 1-1: Manufacturer: syz [ 1115.328256][T17965] usb 1-1: SerialNumber: syz [ 1115.352053][T17965] usb 1-1: config 0 descriptor?? [ 1115.366693][T17965] gspca_main: spca508-2.14.0 probing 041e:4018 [ 1115.371469][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1115.401015][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 1115.412021][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1115.423577][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 1115.434042][ T23] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 1115.448368][ T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1115.492735][ T23] usb 4-1: config 0 descriptor?? [ 1115.729963][ T23] hdpvr 4-1:0.0: firmware version 0x8 dated [ 1115.800228][T17965] gspca_spca508: reg_read err -71 [ 1115.808814][T17965] gspca_spca508: reg_read err -71 [ 1115.819257][T17965] gspca_spca508: reg_read err -71 [ 1115.829383][T17965] gspca_spca508: reg_read err -71 [ 1115.838858][T17965] gspca_spca508: reg write: error -71 [ 1115.849786][T17965] spca508: probe of 1-1:0.0 failed with error -71 [ 1115.871703][T17965] usb 1-1: USB disconnect, device number 92 [ 1115.933420][ T23] hdpvr 4-1:0.0: device init failed [ 1115.938746][ T23] hdpvr: probe of 4-1:0.0 failed with error -12 [ 1115.958382][ T7740] loop1: detected capacity change from 0 to 4096 [ 1115.983657][ T23] usb 4-1: USB disconnect, device number 91 [ 1116.003646][ T7740] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1116.065492][ T7740] ntfs3: loop1: failed to convert "c46c" to iso8859-4 [ 1116.277899][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.290508][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.298788][ T7750] loop4: detected capacity change from 0 to 8 [ 1116.359946][ T5901] udevd[5901]: incorrect cramfs checksum on /dev/loop4 [ 1116.367947][ T7750] cramfs: Error -3 while decompressing! [ 1116.379223][ T7752] netlink: 'syz.1.15668': attribute type 1 has an invalid length. [ 1116.380811][ T7750] cramfs: ffffffff973fa368(26)->ffff888053fe7000(4096) [ 1116.387873][ T7752] netlink: 'syz.1.15668': attribute type 2 has an invalid length. [ 1116.402843][ T7750] cramfs: Error -3 while decompressing! [ 1116.408428][ T7750] cramfs: ffffffff973fa382(26)->ffff888053243000(4096) [ 1116.451212][ T8129] udevd[8129]: incorrect cramfs checksum on /dev/loop4 [ 1116.458176][ T7750] cramfs: Error -3 while decompressing! [ 1116.470908][ T7750] cramfs: ffffffff973fa39c(16)->ffff888053913000(4096) [ 1116.477937][ T7750] cramfs: Error -3 while decompressing! [ 1116.483967][ T7750] cramfs: ffffffff973fa368(26)->ffff888053fe7000(4096) [ 1116.496404][ T28] audit: type=1800 audit(2000000266.129:10852): pid=7750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.15667" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 1116.676138][ T7760] netlink: 'syz.3.15672': attribute type 3 has an invalid length. [ 1116.843824][ T7767] loop3: detected capacity change from 0 to 512 [ 1116.858119][ T7768] netlink: 224 bytes leftover after parsing attributes in process `syz.1.15675'. [ 1116.906007][ T7767] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 1116.961807][ T7767] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 1116.970010][ T7767] System zones: 0-1, 15-15, 18-18, 34-34 [ 1117.030863][ T7767] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1117.037826][ T7767] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 1117.092890][ T7767] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1117.160073][ T7767] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 1117.168581][ T7767] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.15676: bad orphan inode 16 [ 1117.188102][ T7767] ext4_test_bit(bit=15, block=18) = 1 [ 1117.195506][ T7767] is_bad_inode(inode)=0 [ 1117.199832][ T7767] NEXT_ORPHAN(inode)=0 [ 1117.210009][ T7767] max_ino=32 [ 1117.217447][ T7767] i_nlink=2 [ 1117.241066][ T7767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1117.317866][ T7767] fscrypt (loop3, inode 16): Error -61 getting encryption context [ 1117.453693][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1117.517701][ T7795] cgroup: release_agent respecified [ 1117.719922][ T7802] netlink: 'syz.4.15693': attribute type 1 has an invalid length. [ 1117.772240][ T7802] netlink: 232 bytes leftover after parsing attributes in process `syz.4.15693'. [ 1118.240559][T17965] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 1118.316292][ T7823] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 1118.433045][T17965] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1118.444627][T17965] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 24 [ 1118.465098][T17965] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1118.542695][T17965] usb 5-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 1118.567787][T17965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1118.581040][T17965] usb 5-1: Product: syz [ 1118.585348][T17965] usb 5-1: Manufacturer: syz [ 1118.610837][T17965] usb 5-1: SerialNumber: syz [ 1118.631114][ T7813] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1118.915507][T17965] usb 5-1: Quirk or no altest; falling back to MIDI 1.0 [ 1118.939112][T17965] usb 5-1: MIDIStreaming interface descriptor not found [ 1119.050747][T17965] usb 5-1: USB disconnect, device number 41 [ 1119.101186][ T5870] udevd[5870]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1119.214407][ T7845] xt_addrtype: ipv6 does not support BROADCAST matching [ 1120.104198][ T7888] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15733'. [ 1120.370491][T17965] usb 1-1: new high-speed USB device number 93 using dummy_hcd [ 1120.370549][ T23] usb 2-1: new high-speed USB device number 79 using dummy_hcd [ 1120.415396][ T7894] loop3: detected capacity change from 0 to 32768 [ 1120.421936][ T1748] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 1120.452563][ T7894] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1120.526127][ T7894] XFS (loop3): Ending clean mount [ 1120.554767][T17965] usb 1-1: config 160 has an invalid interface number: 200 but max is 0 [ 1120.563247][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 1120.578664][T17965] usb 1-1: config 160 has an invalid descriptor of length 0, skipping remainder of the config [ 1120.579900][ T23] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 1120.599326][T17965] usb 1-1: config 160 has no interface number 0 [ 1120.612351][T17965] usb 1-1: config 160 interface 200 has no altsetting 0 [ 1120.624456][T17965] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 1120.627143][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1120.635129][ T1748] usb 5-1: Using ep0 maxpacket: 16 [ 1120.647404][T17965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1120.656097][T17965] usb 1-1: Product: syz [ 1120.661547][ T23] usb 2-1: Product: syz [ 1120.674907][ T1748] usb 5-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 1120.676034][ T23] usb 2-1: Manufacturer: syz [ 1120.689209][ T23] usb 2-1: SerialNumber: syz [ 1120.694868][T17965] usb 1-1: Manufacturer: syz [ 1120.701514][ T23] usb 2-1: config 0 descriptor?? [ 1120.709692][ T23] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 1120.709843][ T1748] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1120.728531][ T23] usb 2-1: Detected FT-X [ 1120.728903][T17965] usb 1-1: SerialNumber: syz [ 1120.741410][ T5761] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1120.757729][ T1748] usb 5-1: Product: syz [ 1120.763464][ T1748] usb 5-1: Manufacturer: syz [ 1120.768268][ T1748] usb 5-1: SerialNumber: syz [ 1120.792624][ T1748] usb 5-1: config 0 descriptor?? [ 1120.807185][ T1748] gspca_main: gspca_sn9c20x-2.14.0 probing 0458:704a [ 1120.917358][ T23] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 1120.932513][ T23] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1120.951303][ T23] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 1120.968382][ T23] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1120.996796][ T23] usb 2-1: USB disconnect, device number 79 [ 1121.000767][T17965] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 1121.016043][T17965] usb 1-1: MIDIStreaming interface descriptor not found [ 1121.016387][ T23] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1121.059809][ T23] ftdi_sio 2-1:0.0: device disconnected [ 1121.140187][T17965] usb 1-1: USB disconnect, device number 93 [ 1121.196913][ T8130] udevd[8130]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1121.257903][ T1748] gspca_sn9c20x: Write register 1001 failed -71 [ 1121.280488][ T1748] gspca_sn9c20x: Device initialization failed [ 1121.292956][ T1748] gspca_sn9c20x: probe of 5-1:0.0 failed with error -71 [ 1121.331480][ T1748] usb 5-1: USB disconnect, device number 42 [ 1122.226046][ T28] audit: type=1400 audit(2000000271.859:10853): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=7930 comm="syz.1.15751" [ 1122.433811][ T7940] loop1: detected capacity change from 0 to 136 [ 1122.467922][ T7940] Attempt to read inode for relocated directory [ 1122.521238][ T7940] syz.1.15755: attempt to access beyond end of device [ 1122.521238][ T7940] loop1: rw=524288, sector=335544428, nr_sectors = 4 limit=136 [ 1122.600127][ T7940] syz.1.15755: attempt to access beyond end of device [ 1122.600127][ T7940] loop1: rw=0, sector=335544428, nr_sectors = 4 limit=136 [ 1122.600480][ T7942] sctp: [Deprecated]: syz.4.15756 (pid 7942) Use of int in maxseg socket option. [ 1122.600480][ T7942] Use struct sctp_assoc_value instead [ 1122.659689][ T28] audit: type=1800 audit(2000000272.289:10854): pid=7940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.15755" name="file1" dev="loop1" ino=1487 res=0 errno=0 [ 1122.822047][ T7950] loop3: detected capacity change from 0 to 8 [ 1123.311805][ T7966] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15769'. [ 1123.329565][ T7969] loop3: detected capacity change from 0 to 256 [ 1123.348181][ T7969] exfat: Deprecated parameter 'namecase' [ 1123.374310][ T7969] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1123.548368][ T7973] virtiofs: Unknown parameter 'always' [ 1123.703644][ T7977] i2c i2c-0: Invalid block write size 34 [ 1123.896697][ T7952] loop1: detected capacity change from 0 to 40427 [ 1123.941083][ T7952] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1123.948864][ T7952] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1124.027031][ T7952] F2FS-fs (loop1): invalid crc value [ 1124.051309][ T7952] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1124.240911][ T7952] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1124.248023][ T7952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1124.490144][ T49] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1124.521305][ T49] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 1124.560520][ T8010] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15787'. [ 1124.727476][ T8014] loop3: detected capacity change from 0 to 256 [ 1124.759590][ T8014] exfat: Deprecated parameter 'utf8' [ 1124.780782][ T8014] exfat: Deprecated parameter 'utf8' [ 1124.800241][ T8014] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1125.291974][ T8004] loop4: detected capacity change from 0 to 32768 [ 1125.331499][ T8004] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.15784 (8004) [ 1125.366080][ T8004] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1125.400674][ T1748] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1125.405143][ T8004] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1125.424309][ T8004] BTRFS info (device loop4): force clearing of disk cache [ 1125.432078][ T8004] BTRFS info (device loop4): metadata ratio 0 [ 1125.438711][ T8004] BTRFS info (device loop4): enabling ssd optimizations [ 1125.489653][ T8004] BTRFS info (device loop4): using spread ssd allocation scheme [ 1125.513094][ T8004] BTRFS info (device loop4): using free space tree [ 1125.573508][ T8004] BTRFS info (device loop4): auto enabling async discard [ 1125.585479][ T8004] BTRFS info (device loop4): rebuilding free space tree [ 1125.590426][ T1748] usb 4-1: Using ep0 maxpacket: 8 [ 1125.603044][ T1748] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1125.615995][ T1748] usb 4-1: config 179 has no interface number 0 [ 1125.620576][ T28] audit: type=1326 audit(2000000275.249:10855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.0.15799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1125.630446][ T1748] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1125.710495][ T1748] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1125.737196][ T1748] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1125.750647][ T28] audit: type=1326 audit(2000000275.249:10856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.0.15799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1125.759369][ T1748] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1125.838906][ T1748] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1125.863552][ T28] audit: type=1326 audit(2000000275.259:10857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.0.15799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1125.908399][ T1748] usb 4-1: config 179 interface 65 has no altsetting 0 [ 1125.924483][ T1748] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1125.943565][ T28] audit: type=1326 audit(2000000275.259:10858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.0.15799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1125.980411][ T1748] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1126.030935][ T28] audit: type=1326 audit(2000000275.259:10859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8049 comm="syz.0.15799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f546879c799 code=0x7ffc0000 [ 1126.059546][T22415] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1126.077088][ T1748] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input64 [ 1126.310457][ T23] usb 2-1: new full-speed USB device number 80 using dummy_hcd [ 1126.412377][ T9] usb 4-1: USB disconnect, device number 92 [ 1126.418378][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1126.444475][ T9] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1126.461345][ T5901] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop4 scanned by udevd (5901) [ 1126.533821][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1126.561476][ T23] usb 2-1: not running at top speed; connect to a high speed hub [ 1126.596097][ T23] usb 2-1: config 17 has an invalid interface number: 8 but max is 1 [ 1126.626497][ T23] usb 2-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 1126.640494][ T23] usb 2-1: config 17 has no interface number 0 [ 1126.646830][ T23] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 1126.697495][ T23] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 12410, setting to 1023 [ 1126.728099][ T23] usb 2-1: config 17 interface 8 has no altsetting 0 [ 1126.756605][ T23] usb 2-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 1126.790508][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1126.821747][ T23] usb 2-1: Product: syz [ 1126.826246][ T23] usb 2-1: Manufacturer: syz [ 1126.854629][ T23] usb 2-1: SerialNumber: syz [ 1126.881564][ T8080] netlink: 'syz.0.15811': attribute type 5 has an invalid length. [ 1126.900673][ T8080] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.15811'. [ 1127.107159][ T23] usb 2-1: selecting invalid altsetting 0 [ 1127.120631][ T23] usb 2-1: 8:6 : no UAC_FORMAT_TYPE desc [ 1127.140616][ T23] usb 2-1: selecting invalid altsetting 0 [ 1127.241784][ T23] usb 2-1: USB disconnect, device number 80 [ 1127.409357][ T5901] udevd[5901]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1128.103525][ T8094] loop3: detected capacity change from 0 to 32768 [ 1128.161154][ T8094] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.15815 (8094) [ 1128.203166][ T8094] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1128.230848][ T8094] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1128.278551][ T8094] BTRFS info (device loop3): using free space tree [ 1128.491167][ T8094] BTRFS info (device loop3): enabling ssd optimizations [ 1128.499147][ T8094] BTRFS info (device loop3): auto enabling async discard [ 1129.144371][ T5761] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1129.547283][ T8177] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 1129.630891][ T8177] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0 [ 1129.723791][ T8180] bond0: entered allmulticast mode [ 1129.764203][ T8181] xfrm0: entered promiscuous mode [ 1129.789211][ T8181] xfrm0: entered allmulticast mode [ 1129.847061][ T1748] xfrm0 speed is unknown, defaulting to 1000 [ 1130.124054][ T8192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15855'. [ 1130.606797][ T8208] netlink: 'syz.0.15864': attribute type 3 has an invalid length. [ 1130.619990][ T8208] netlink: 132 bytes leftover after parsing attributes in process `syz.0.15864'. [ 1130.827355][ T8218] netlink: 'syz.3.15868': attribute type 2 has an invalid length. [ 1130.879110][ T8218] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15868'. [ 1131.107933][ T8233] netlink: 'syz.1.15876': attribute type 21 has an invalid length. [ 1131.669262][ T8251] netlink: 148 bytes leftover after parsing attributes in process `syz.4.15885'. [ 1131.680675][ T5796] usb 1-1: new high-speed USB device number 94 using dummy_hcd [ 1131.696861][ T8253] loop1: detected capacity change from 0 to 4096 [ 1131.710956][ T8251] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 1131.729202][ T8253] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1131.860614][ T5796] usb 1-1: Using ep0 maxpacket: 32 [ 1131.875776][ T5796] usb 1-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=1a.51 [ 1131.890444][ T5796] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1131.909653][ T5796] usb 1-1: Product: syz [ 1131.918367][ T5796] usb 1-1: Manufacturer: syz [ 1131.927791][ T5796] usb 1-1: SerialNumber: syz [ 1131.939676][ T5796] usb 1-1: config 0 descriptor?? [ 1131.991636][ T5796] gspca_main: sn9c2028-2.14.0 probing 0458:7005 [ 1132.166223][ T8255] xt_CT: No such helper "snmp_trap" [ 1132.191451][ T5796] gspca_sn9c2028: read1 error -71 [ 1132.213171][ T5796] gspca_sn9c2028: read1 error -71 [ 1132.233022][ T5796] gspca_sn9c2028: read1 error -71 [ 1132.235079][ T8249] loop3: detected capacity change from 0 to 32768 [ 1132.240168][ T5796] sn9c2028: probe of 1-1:0.0 failed with error -71 [ 1132.275314][ T5796] usb 1-1: USB disconnect, device number 94 [ 1132.354285][ T8249] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 1132.354285][ T8249] [ 1132.402197][ T8249] ERROR: (device loop3): remounting filesystem as read-only [ 1132.431812][ T8249] jfs_rename: dtInsert returned -EIO [ 1132.964280][ T8280] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15898'. [ 1132.989194][ T8280] netlink: 20 bytes leftover after parsing attributes in process `syz.1.15898'. [ 1133.156783][ T28] audit: type=1326 audit(2000000282.789:10860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.229958][ T28] audit: type=1326 audit(2000000282.789:10861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.310452][ T28] audit: type=1326 audit(2000000282.789:10862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.405813][ T28] audit: type=1326 audit(2000000282.789:10863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.489113][ T28] audit: type=1326 audit(2000000282.789:10864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.543053][ T28] audit: type=1326 audit(2000000282.789:10865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.600457][ T28] audit: type=1326 audit(2000000282.789:10866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.644562][ T28] audit: type=1326 audit(2000000282.789:10867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.694458][ T28] audit: type=1326 audit(2000000282.789:10868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8286 comm="syz.3.15901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f5612b9c799 code=0x7ffc0000 [ 1133.700491][ T1531] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 1133.946434][ T1531] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 1133.961584][ T1531] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1133.969893][ T1531] usb 5-1: Product: syz [ 1133.973960][ T8315] loop1: detected capacity change from 0 to 4096 [ 1133.996474][ T8315] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1134.015492][ T1531] usb 5-1: Manufacturer: syz [ 1134.020145][ T1531] usb 5-1: SerialNumber: syz [ 1134.057831][ T1531] r8152-cfgselector 5-1: config 0 descriptor?? [ 1134.079931][ T8315] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1134.111078][ T8315] ntfs3: loop1: mft corrupted [ 1134.116022][ T8315] ntfs3: loop1: Failed to load $Extend (-22). [ 1134.140440][ T8315] ntfs3: loop1: Failed to initialize $Extend. [ 1134.171306][ T8294] loop3: detected capacity change from 0 to 32768 [ 1134.210881][ T8294] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 1134.217382][ T8315] ntfs3: loop1: ino=1e, "file1" failed to parse mft record [ 1134.272486][ T8315] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 1134.422383][ T8323] netlink: 'syz.0.15919': attribute type 6 has an invalid length. [ 1134.458997][ T5903] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10 [ 1134.516797][ T1531] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1134.552476][ T1531] r8152-cfgselector 5-1: USB disconnect, device number 43 [ 1135.285919][ T28] audit: type=1326 audit(2000000284.919:10869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8356 comm="syz.4.15935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1135.599882][ T8370] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode broadcast(3) [ 1135.707242][ T8374] loop3: detected capacity change from 0 to 16 [ 1135.727306][ T8374] erofs: (device loop3): mounted with root inode @ nid 36. [ 1135.875009][ T8380] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15946'. [ 1136.054381][ T8385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15948'. [ 1136.440525][T26106] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 1136.620436][T26106] usb 4-1: Using ep0 maxpacket: 32 [ 1136.633824][T26106] usb 4-1: config index 0 descriptor too short (expected 156, got 27) [ 1136.650511][T26106] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 1136.689893][T26106] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 1136.729761][T26106] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 1136.750194][T26106] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 1136.765097][T26106] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1136.777585][T26106] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 1136.797039][T26106] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 1136.810244][T26106] usb 4-1: Product: syz [ 1136.820538][T26106] usb 4-1: Manufacturer: syz [ 1136.833453][T26106] usb 4-1: SerialNumber: syz [ 1136.844338][T26106] usb 4-1: config 0 descriptor?? [ 1136.844380][ T8417] nvme_fabrics: missing parameter 'transport=%s' [ 1136.854850][T26106] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 1136.870550][ T5796] usb 1-1: new high-speed USB device number 95 using dummy_hcd [ 1136.877291][T26106] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 1136.888428][ T8417] nvme_fabrics: missing parameter 'nqn=%s' [ 1137.054821][ T5796] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7 [ 1137.070216][ T5796] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 47675, setting to 64 [ 1137.082321][ T8390] ldusb 4-1:0.0: Couldn't submit interrupt_in_urb -90 [ 1137.102690][ T1748] usb 4-1: USB disconnect, device number 93 [ 1137.113753][ T1748] ldusb 4-1:0.0: LD USB Device #0 now disconnected [ 1137.121881][ T5796] usb 1-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1 [ 1137.142061][ T5796] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1137.160522][ T5796] usb 1-1: Product: syz [ 1137.171292][ T5796] usb 1-1: Manufacturer: syz [ 1137.176557][ T5796] usb 1-1: SerialNumber: syz [ 1137.202600][ T5796] usb 1-1: config 0 descriptor?? [ 1137.225482][ T5796] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 1137.244807][ T5796] usb 1-1: Detected SIO [ 1137.253841][ T5796] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4 [ 1137.274453][ T5796] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1137.442248][ T8430] loop1: detected capacity change from 0 to 4096 [ 1137.479690][ T8431] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1137.493458][ T5796] usb 1-1: USB disconnect, device number 95 [ 1137.526993][ T5796] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1137.532954][ T8430] NILFS error (device loop1): nilfs_dotdot: directory #12 missing '.' [ 1137.562659][ T8430] Remounting filesystem read-only [ 1137.578730][ T5796] ftdi_sio 1-1:0.0: device disconnected [ 1137.634775][ T8422] loop4: detected capacity change from 0 to 32768 [ 1137.651101][ T8422] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.15967 (8422) [ 1137.680869][ T8422] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1137.733394][ T8422] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1137.765550][ T8422] BTRFS info (device loop4): using free space tree [ 1137.958889][ T8422] BTRFS info (device loop4): enabling ssd optimizations [ 1137.966801][ T8422] BTRFS info (device loop4): auto enabling async discard [ 1138.080143][ T8458] loop3: detected capacity change from 0 to 8 [ 1138.101015][ T8457] netlink: 32 bytes leftover after parsing attributes in process `syz.1.15975'. [ 1138.158712][ T8458] SQUASHFS error: Unable to read inode 0xe3 [ 1138.375723][T22415] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1138.688148][ T8129] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop4 scanned by udevd (8129) [ 1138.770539][ T1531] usb 2-1: new high-speed USB device number 81 using dummy_hcd [ 1138.960690][ T1531] usb 2-1: Using ep0 maxpacket: 8 [ 1138.968773][ T1531] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 1138.994614][ T1531] usb 2-1: config 179 has no interface number 0 [ 1139.022096][ T1531] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1139.055354][ T8488] netlink: 52 bytes leftover after parsing attributes in process `syz.4.15988'. [ 1139.058977][ T1531] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1139.125316][ T1531] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1139.169376][ T1531] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1139.195596][ T1531] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1139.234235][ T1531] usb 2-1: config 179 interface 65 has no altsetting 0 [ 1139.260522][ T1531] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1139.290519][ T1531] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1139.380047][ T1531] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input65 [ 1139.650034][ T1748] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 1139.790973][ T23] usb 2-1: USB disconnect, device number 81 [ 1139.797021][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1139.823210][ T23] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1139.875200][ T1748] usb 5-1: Using ep0 maxpacket: 32 [ 1139.910561][ T1748] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1139.940557][ T1748] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1139.970731][ T1748] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1140.014329][ T1748] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 1140.030422][ T1748] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 1140.038882][ T1748] usb 5-1: Product: syz [ 1140.050503][ T1748] usb 5-1: Manufacturer: syz [ 1140.055210][ T1748] usb 5-1: SerialNumber: syz [ 1140.078406][ T1748] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input66 [ 1140.391167][ T5796] usb 5-1: USB disconnect, device number 44 [ 1140.445849][ T5796] appletouch 5-1:1.0: input: appletouch disconnected [ 1140.614224][ T8524] loop3: detected capacity change from 0 to 256 [ 1140.683179][ T8524] FAT-fs (loop3): Directory bread(block 64) failed [ 1140.689899][ T8524] FAT-fs (loop3): Directory bread(block 65) failed [ 1140.711619][ T8524] FAT-fs (loop3): Directory bread(block 66) failed [ 1140.718552][ T8524] FAT-fs (loop3): Directory bread(block 67) failed [ 1140.751491][ T8524] FAT-fs (loop3): Directory bread(block 68) failed [ 1140.761149][ T8524] FAT-fs (loop3): Directory bread(block 69) failed [ 1140.781625][ T8524] FAT-fs (loop3): Directory bread(block 70) failed [ 1140.790533][ T8524] FAT-fs (loop3): Directory bread(block 71) failed [ 1140.799444][ T8524] FAT-fs (loop3): Directory bread(block 72) failed [ 1140.807599][ T8524] FAT-fs (loop3): Directory bread(block 73) failed [ 1141.445325][ T28] kauditd_printk_skb: 3 callbacks suppressed [ 1141.445340][ T28] audit: type=1326 audit(2000000291.079:10873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.4.16014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1141.514611][ T28] audit: type=1326 audit(2000000291.109:10874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.4.16014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1141.568759][ T28] audit: type=1326 audit(2000000291.129:10875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.4.16014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1141.570495][T26106] usb 4-1: new high-speed USB device number 94 using dummy_hcd [ 1141.659772][ T28] audit: type=1326 audit(2000000291.129:10876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.4.16014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1141.839666][ T8560] netlink: 164 bytes leftover after parsing attributes in process `syz.1.16021'. [ 1141.858764][T26106] usb 4-1: Using ep0 maxpacket: 8 [ 1141.875363][T26106] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1141.893118][T26106] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3 [ 1141.904194][T26106] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1141.923379][T26106] usb 4-1: Product: syz [ 1141.927698][T26106] usb 4-1: Manufacturer: syz [ 1141.941118][T26106] usb 4-1: SerialNumber: syz [ 1141.965409][T26106] usb 4-1: config 0 descriptor?? [ 1142.229407][T26106] msi2500 4-1:0.0: Registered as swradio24 [ 1142.257678][T26106] msi2500 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 1142.310880][T26106] usb 4-1: USB disconnect, device number 94 [ 1142.632591][ T8587] netlink: 'syz.4.16035': attribute type 32 has an invalid length. [ 1143.150046][ T8611] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16045'. [ 1143.527661][ T8620] loop3: detected capacity change from 0 to 4096 [ 1144.494561][ T28] audit: type=1326 audit(2000000294.129:10877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.562639][ T28] audit: type=1326 audit(2000000294.129:10878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.652493][ T28] audit: type=1326 audit(2000000294.129:10879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.698401][ T28] audit: type=1326 audit(2000000294.129:10880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.740780][ T28] audit: type=1326 audit(2000000294.139:10881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.764123][ T8666] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16072'. [ 1144.805187][ T8666] ip6tnl6: entered allmulticast mode [ 1144.834793][ T28] audit: type=1326 audit(2000000294.139:10882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8657 comm="syz.4.16069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f594c99c799 code=0x7ffc0000 [ 1144.878992][ T8640] loop3: detected capacity change from 0 to 32768 [ 1144.911914][ T8640] (syz.3.16057,8640,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1144.937622][ T8640] (syz.3.16057,8640,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1144.976591][ T8640] JBD2: Ignoring recovery information on journal [ 1145.082706][ T8640] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1145.342226][ T5761] ocfs2: Unmounting device (7,3) on (node local) [ 1147.147167][ T8745] loop1: detected capacity change from 0 to 256 [ 1147.405089][ T8755] netlink: 'syz.3.16116': attribute type 5 has an invalid length. [ 1147.423702][ T8757] tipc: Enabling of bearer rejected, failed to enable media [ 1147.651318][ T8764] loop3: detected capacity change from 0 to 128 [ 1147.661338][ T8764] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 1147.702072][ T8764] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1147.742584][ T8764] ext2 filesystem being mounted at /3839/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1148.032554][ T5761] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1148.725352][ T8770] loop4: detected capacity change from 0 to 32768 [ 1148.775506][ T8770] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1148.893847][ T8770] XFS (loop4): Ending clean mount [ 1148.911822][ T8770] XFS (loop4): Quotacheck needed: Please wait. [ 1149.045691][ T8770] XFS (loop4): Quotacheck: Done. [ 1149.194089][T22415] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1149.882539][ T8831] loop1: detected capacity change from 0 to 128 [ 1149.910174][ T8831] FAT-fs (loop1): Directory bread(block 32) failed [ 1149.930870][ T8831] FAT-fs (loop1): Directory bread(block 33) failed [ 1149.939324][ T8831] FAT-fs (loop1): Directory bread(block 34) failed [ 1149.950843][ T8831] FAT-fs (loop1): Directory bread(block 35) failed [ 1149.957550][ T8831] FAT-fs (loop1): Directory bread(block 36) failed [ 1149.964905][ T8831] FAT-fs (loop1): Directory bread(block 37) failed [ 1149.972154][ T8831] FAT-fs (loop1): Directory bread(block 38) failed [ 1149.978830][ T8831] FAT-fs (loop1): Directory bread(block 39) failed [ 1149.989256][ T8831] FAT-fs (loop1): Directory bread(block 40) failed [ 1149.999270][ T8831] FAT-fs (loop1): Directory bread(block 41) failed [ 1150.589175][ T1531] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 1150.780631][ T1531] usb 4-1: Using ep0 maxpacket: 32 [ 1150.787918][ T1531] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1150.812809][ T1531] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1150.829688][ T1531] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1150.855238][ T1531] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 1150.864619][ T1531] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 1150.875689][ T1531] usb 4-1: Product: syz [ 1150.880082][ T1531] usb 4-1: Manufacturer: syz [ 1150.888287][ T1531] usb 4-1: SerialNumber: syz [ 1150.919147][ T1531] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input67 [ 1151.191684][ T1531] usb 4-1: USB disconnect, device number 95 [ 1151.205767][ T8862] sp0: Synchronizing with TNC [ 1151.261997][ T1531] appletouch 4-1:1.0: input: appletouch disconnected [ 1151.483679][ T8870] loop4: detected capacity change from 0 to 64 [ 1151.491401][ T8871] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16163'. [ 1151.920514][ T1531] usb 2-1: new high-speed USB device number 82 using dummy_hcd [ 1152.152579][ T1531] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1152.180449][ T1531] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1152.211424][ T1531] usb 2-1: config 0 descriptor?? [ 1152.226191][ T1531] cp210x 2-1:0.0: cp210x converter detected [ 1152.376743][ T8899] Bluetooth: MGMT ver 1.22 [ 1152.484468][ T8885] loop3: detected capacity change from 0 to 32768 [ 1152.495338][ T8897] loop4: detected capacity change from 0 to 8192 [ 1152.525901][ T8897] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1152.576525][ T8885] ERROR: (device loop3): dtReadFirst: btstack overrun [ 1152.576525][ T8885] [ 1152.593070][ T8885] ERROR: (device loop3): remounting filesystem as read-only [ 1152.607552][ T8897] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 1152.609033][ T8885] btstack dump: [ 1152.620784][ T8885] bn = 0, index = 0 [ 1152.624645][ T8885] bn = 0, index = 0 [ 1152.628515][ T8885] bn = 0, index = 0 [ 1152.632711][ T8885] bn = 0, index = 0 [ 1152.636602][ T8885] bn = 0, index = 0 [ 1152.640647][ T8885] bn = 0, index = 0 [ 1152.644783][ T8885] bn = 0, index = 0 [ 1152.648732][ T8885] bn = 0, index = 0 [ 1152.659319][ T8897] REISERFS (device loop4): using ordered data mode [ 1152.700463][ T8897] reiserfs: using flush barriers [ 1152.708706][ T8897] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1152.739163][ T8897] REISERFS (device loop4): checking transaction log (loop4) [ 1152.760914][ T8897] REISERFS (device loop4): Using r5 hash to sort names [ 1152.780835][ T8897] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 1152.856498][ T1531] cp210x 2-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 1152.880926][ T1531] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 1152.903112][ T1531] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1152.948743][ T1531] usb 2-1: USB disconnect, device number 82 [ 1152.982443][ T1531] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1153.036975][ T1531] cp210x 2-1:0.0: device disconnected [ 1153.349132][ T8912] loop4: detected capacity change from 0 to 1024 [ 1153.389060][ T8912] EXT4-fs: Ignoring removed bh option [ 1153.408314][ T8912] EXT4-fs: inline encryption not supported [ 1153.417382][ T8912] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1153.439859][ T8912] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 1153.459019][ T8912] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.16184: lblock 2 mapped to illegal pblock 2 (length 1) [ 1153.502605][ T8912] __quota_error: 3 callbacks suppressed [ 1153.502622][ T8912] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 1153.571749][ T8912] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.16184: lblock 0 mapped to illegal pblock 48 (length 1) [ 1153.617592][ T8912] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 1153.634894][ T8912] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.16184: Failed to acquire dquot type 0 [ 1153.659086][ T8912] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1153.673919][ T8912] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.16184: mark_inode_dirty error [ 1153.681812][ T8916] loop1: detected capacity change from 0 to 2048 [ 1153.696235][ T8912] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 1153.708911][ T8912] EXT4-fs (loop4): 1 orphan inode deleted [ 1153.727537][ T8912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1153.758065][ T41] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 1153.787466][ T41] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 1153.812189][ T8916] Alternate GPT is invalid, using primary GPT. [ 1153.819930][ T41] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:2: Failed to release dquot type 0 [ 1153.831336][ T8916] loop1: p2 p3 p7 [ 1153.888812][ T8912] EXT4-fs error (device loop4): __ext4_get_inode_loc:4489: comm syz.4.16184: Invalid inode table block 1 in block_group 0 [ 1153.936584][ T8912] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1154.034459][T22415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1154.041549][ T8921] usb usb8: usbfs: process 8921 (syz.3.16187) did not claim interface 0 before use [ 1154.045469][ T5768] __loop_clr_fd: partition scan of loop1 failed (rc=-16) [ 1154.053704][ T8129] I/O error, dev loop1, sector 608 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1154.070741][ T5903] I/O error, dev loop1, sector 408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1154.070948][ T5903] I/O error, dev loop1, sector 408 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.083018][ T5901] I/O error, dev loop1, sector 208 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1154.092420][T22415] EXT4-fs error (device loop4): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1154.123558][ T5901] I/O error, dev loop1, sector 208 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.162367][ T8129] I/O error, dev loop1, sector 608 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.168463][ T5903] Buffer I/O error on dev loop1p7, logical block 8, async page read [ 1154.172211][ T5901] Buffer I/O error on dev loop1p3, logical block 8, async page read [ 1154.180024][ T5903] I/O error, dev loop1, sector 409 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.206552][T22415] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 1154.209652][ T8129] Buffer I/O error on dev loop1p2, logical block 8, async page read [ 1154.250534][ T5903] Buffer I/O error on dev loop1p7, logical block 9, async page read [ 1154.258722][ T5903] I/O error, dev loop1, sector 410 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.262847][ T5901] I/O error, dev loop1, sector 209 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.269775][ T8924] loop1: detected capacity change from 0 to 1024 [ 1154.284636][T22415] EXT4-fs error (device loop4): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error [ 1154.294279][ T8129] I/O error, dev loop1, sector 609 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1154.299296][ T5903] Buffer I/O error on dev loop1p7, logical block 10, async page read [ 1154.333086][ T5901] Buffer I/O error on dev loop1p3, logical block 9, async page read [ 1154.360023][ T8129] Buffer I/O error on dev loop1p2, logical block 9, async page read [ 1154.426767][ T8930] loop4: detected capacity change from 0 to 256 [ 1154.435627][ T8930] exfat: Deprecated parameter 'utf8' [ 1154.441353][ T8930] exfat: Deprecated parameter 'utf8' [ 1154.499553][ T8930] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x22bddf5f, utbl_chksum : 0xe619d30d) [ 1154.530215][ T997] hfsplus: b-tree write err: -5, ino 25 [ 1154.554886][ T997] hfsplus: b-tree write err: -5, ino 4 [ 1154.570870][ T997] hfsplus: b-tree write err: -5, ino 2 [ 1154.779051][ T8129] udevd[8129]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 1154.785143][ T5903] udevd[5903]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 1154.794158][ T5753] udevd[5753]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 1154.862059][ T8939] netlink: 'syz.0.16197': attribute type 1 has an invalid length. [ 1154.891025][ T8939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16197'. [ 1154.941196][ T8943] netlink: 'syz.3.16198': attribute type 5 has an invalid length. [ 1154.970100][ T8944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16199'. [ 1154.983842][ T5903] udevd[5903]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 1154.992708][ T8129] udevd[8129]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 1155.029048][ T5901] udevd[5901]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 1155.039830][ T8944] bond0: left allmulticast mode [ 1155.066563][ T8944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1155.212732][ T8950] loop3: detected capacity change from 0 to 256 [ 1155.300996][ T8954] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16204'. [ 1155.501512][ T8961] netlink: 32 bytes leftover after parsing attributes in process `syz.1.16207'. [ 1155.674857][ T8970] netlink: 160 bytes leftover after parsing attributes in process `syz.1.16211'. [ 1155.700630][ T8970] netlink: 20 bytes leftover after parsing attributes in process `syz.1.16211'. [ 1155.757005][ T8972] netlink: 24 bytes leftover after parsing attributes in process `syz.0.16212'. [ 1156.043612][ T8980] x_tables: ip_tables: HMARK.0 target: invalid size 64 (kernel) != (user) 72 [ 1156.298166][ T8964] loop4: detected capacity change from 0 to 32768 [ 1156.390922][ T8964] jfs_mkdir: dtInsert returned -EIO [ 1156.414134][ T8964] ERROR: (device loop4): jfs_mkdir: [ 1156.414134][ T8964] [ 1156.440582][ T8964] ERROR: (device loop4): remounting filesystem as read-only [ 1156.477941][ T8964] jfs_lookup: iget failed on inum 4 [ 1156.493295][ T8964] jfs_lookup: iget failed on inum 4 [ 1156.506871][ T8964] jfs_lookup: iget failed on inum 4 [ 1156.542982][ T8964] jfs_lookup: iget failed on inum 4 [ 1156.733841][ T8982] loop3: detected capacity change from 0 to 32768 [ 1156.902896][ T8995] netlink: 104 bytes leftover after parsing attributes in process `syz.4.16223'. [ 1157.489248][ T9007] loop1: detected capacity change from 0 to 2048 [ 1157.511104][ T9007] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1157.536830][ T9007] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1157.786641][ T9018] loop3: detected capacity change from 0 to 2048 [ 1157.851651][ T9018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1157.952545][ T9018] ext4 filesystem being mounted at /3864/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1158.091167][ T9018] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 16: comm syz.3.16233: path /3864/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 1158.157668][ T9018] EXT4-fs (loop3): Remounting filesystem read-only [ 1158.265214][ T9038] loop4: detected capacity change from 0 to 64 [ 1158.293246][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1158.635497][ T9048] loop4: detected capacity change from 0 to 512 [ 1158.669116][ T9050] loop1: detected capacity change from 0 to 64 [ 1158.732014][ T9055] loop3: detected capacity change from 0 to 128 [ 1158.751832][ T9048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1158.806953][ T9055] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1158.836399][ T9048] ext4 filesystem being mounted at /2168/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1158.863429][ T9055] ext4 filesystem being mounted at /3866/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1158.924057][ T9048] EXT4-fs error (device loop4): ext4_xattr_block_find:1879: inode #15: comm syz.4.16245: corrupted xattr block 33: invalid checksum [ 1159.044382][ T5761] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1159.084861][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.094921][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.101955][T22415] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1159.111837][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.117149][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.125640][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.131413][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.138110][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.168625][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.175103][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.237257][ T9060] QAT: Invalid ioctl 1075883590 [ 1159.387956][ T9065] loop3: detected capacity change from 0 to 4096 [ 1159.457877][ T9073] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1159.781467][ T9081] loop3: detected capacity change from 0 to 64 [ 1160.427648][ T9083] loop4: detected capacity change from 0 to 32768 [ 1160.676359][ T9086] loop1: detected capacity change from 0 to 40427 [ 1160.713134][ T9086] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 1160.779395][ T9086] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1160.798863][ T9086] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x7ffff [ 1160.826706][ T9086] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8 [ 1160.865356][ T9086] F2FS-fs (loop1): invalid crc value [ 1160.871005][ T9101] mkiss: ax0: crc mode is auto. [ 1160.907477][ T9086] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1161.077176][ T9086] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1161.110547][ T9086] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1161.443761][ T5768] syz-executor: attempt to access beyond end of device [ 1161.443761][ T5768] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1161.475382][ T9115] loop4: detected capacity change from 0 to 1024 [ 1161.489850][ T5768] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 1161.682032][ T59] hfsplus: b-tree write err: -5, ino 25 [ 1161.687951][ T59] hfsplus: b-tree write err: -5, ino 4 [ 1161.721654][ T59] hfsplus: b-tree write err: -5, ino 2 [ 1161.961012][ T9126] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1161.969200][ T9126] UDF-fs: Scanning with blocksize 512 failed [ 1161.976189][ T1748] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 1162.018712][ T9128] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16281'. [ 1162.029540][ T9126] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1162.124477][ T9126] overlayfs: upper fs needs to support d_type. [ 1162.166792][ T9126] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1162.179890][ T1748] usb 4-1: Using ep0 maxpacket: 32 [ 1162.193561][ T1748] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1162.211152][ T9126] overlayfs: failed to set xattr on upper [ 1162.217079][ T1748] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1162.240862][ T9126] overlayfs: ...falling back to redirect_dir=nofollow. [ 1162.247856][ T9126] overlayfs: ...falling back to index=off. [ 1162.263332][ T1748] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 1162.280938][ T9126] overlayfs: ...falling back to uuid=null. [ 1162.287282][ T1748] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 1162.310201][ T1748] usb 4-1: Product: syz [ 1162.317855][ T1748] usb 4-1: Manufacturer: syz [ 1162.335313][ T1748] usb 4-1: SerialNumber: syz [ 1162.382770][ T1748] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input68 [ 1162.625413][ T1748] usb 4-1: USB disconnect, device number 96 [ 1162.661909][ T1748] appletouch 4-1:1.0: input: appletouch disconnected [ 1163.609607][ T9167] set_capacity_and_notify: 1 callbacks suppressed [ 1163.609622][ T9167] loop3: detected capacity change from 0 to 1024 [ 1163.644614][ T9167] EXT4-fs: Ignoring removed bh option [ 1163.645503][ T9171] loop4: detected capacity change from 0 to 736 [ 1163.701617][ T9167] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1163.799322][ T9167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1163.939435][ T9167] EXT4-fs error (device loop3): ext4_check_all_de:666: inode #12: block 7: comm syz.3.16299: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 1164.041011][ T9167] EXT4-fs (loop3): Remounting filesystem read-only [ 1164.159112][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1164.723328][ T9210] loop3: detected capacity change from 0 to 256 [ 1164.758369][ T9210] exfat: Deprecated parameter 'namecase' [ 1164.810821][ T9210] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 1165.313656][ T9230] loop3: detected capacity change from 0 to 1024 [ 1165.335480][ T9230] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1165.418087][ T9230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1165.448824][ T9230] ext4 filesystem being mounted at /3884/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1165.731773][ T5761] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1165.755332][ T9244] loop4: detected capacity change from 0 to 256 [ 1165.780232][ T9244] exfat: Deprecated parameter 'namecase' [ 1165.797075][ T9244] exfat: Deprecated parameter 'namecase' [ 1165.849002][ T9244] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xd8f0c8a0, utbl_chksum : 0xe619d30d) [ 1165.916047][ T9246] wireguard: wg2: Could not create IPv4 socket [ 1166.242146][ T9252] netlink: 28 bytes leftover after parsing attributes in process `syz.4.16339'. [ 1166.391239][ T9256] [ 1166.393631][ T9256] ====================================================== [ 1166.400809][ T9256] WARNING: possible circular locking dependency detected [ 1166.407839][ T9256] syzkaller #0 Not tainted [ 1166.412512][ T9256] ------------------------------------------------------ [ 1166.419641][ T9256] syz.4.16340/9256 is trying to acquire lock: [ 1166.425778][ T9256] ffffffff9768cf58 (nfnl_subsys_ipset){+.+.}-{3:3}, at: ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.435890][ T9256] [ 1166.435890][ T9256] but task is already holding lock: [ 1166.443262][ T9256] ffff888068c680b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x3b/0x100 [ 1166.453627][ T9256] [ 1166.453627][ T9256] which lock already depends on the new lock. [ 1166.453627][ T9256] [ 1166.464189][ T9256] [ 1166.464189][ T9256] the existing dependency chain (in reverse order) is: [ 1166.473187][ T9256] [ 1166.473187][ T9256] -> #2 (&nft_net->commit_mutex){+.+.}-{3:3}: [ 1166.481494][ T9256] __mutex_lock+0x136/0xcc0 [ 1166.486775][ T9256] nf_tables_dumpreset_obj+0x72/0xa0 [ 1166.492576][ T9256] netlink_dump+0x747/0xe50 [ 1166.497594][ T9256] __netlink_dump_start+0x5f1/0x810 [ 1166.503398][ T9256] nft_netlink_dump_start_rcu+0xdb/0x1a0 [ 1166.510009][ T9256] nf_tables_getobj_reset+0x1e1/0x630 [ 1166.516208][ T9256] nfnetlink_rcv_msg+0x8a4/0x12b0 [ 1166.521758][ T9256] netlink_rcv_skb+0x241/0x4d0 [ 1166.527037][ T9256] nfnetlink_rcv+0x2c9/0x24a0 [ 1166.532241][ T9256] netlink_unicast+0x751/0x8d0 [ 1166.537514][ T9256] netlink_sendmsg+0x8d0/0xbf0 [ 1166.542795][ T9256] ____sys_sendmsg+0x5ba/0x960 [ 1166.548066][ T9256] ___sys_sendmsg+0x2a6/0x360 [ 1166.553252][ T9256] __se_sys_sendmsg+0x1c2/0x2b0 [ 1166.558621][ T9256] do_syscall_64+0x55/0xa0 [ 1166.563548][ T9256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1166.569945][ T9256] [ 1166.569945][ T9256] -> #1 (nlk_cb_mutex-NETFILTER){+.+.}-{3:3}: [ 1166.578183][ T9256] __mutex_lock+0x136/0xcc0 [ 1166.583202][ T9256] __netlink_dump_start+0xf4/0x810 [ 1166.588822][ T9256] ip_set_dump+0x15c/0x1f0 [ 1166.593749][ T9256] nfnetlink_rcv_msg+0xbf0/0x12b0 [ 1166.599295][ T9256] netlink_rcv_skb+0x241/0x4d0 [ 1166.604573][ T9256] nfnetlink_rcv+0x2c9/0x24a0 [ 1166.609854][ T9256] netlink_unicast+0x751/0x8d0 [ 1166.615129][ T9256] netlink_sendmsg+0x8d0/0xbf0 [ 1166.620642][ T9256] ____sys_sendmsg+0x5ba/0x960 [ 1166.626480][ T9256] ___sys_sendmsg+0x2a6/0x360 [ 1166.632139][ T9256] __se_sys_sendmsg+0x1c2/0x2b0 [ 1166.637531][ T9256] do_syscall_64+0x55/0xa0 [ 1166.642832][ T9256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1166.649535][ T9256] [ 1166.649535][ T9256] -> #0 (nfnl_subsys_ipset){+.+.}-{3:3}: [ 1166.657383][ T9256] __lock_acquire+0x2df1/0x7d40 [ 1166.662846][ T9256] lock_acquire+0x19e/0x420 [ 1166.667862][ T9256] __mutex_lock+0x136/0xcc0 [ 1166.672876][ T9256] ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.678757][ T9256] set_match_v1_checkentry+0x71/0x230 [ 1166.684653][ T9256] xt_check_match+0x429/0xaf0 [ 1166.689935][ T9256] __nft_match_init+0x67a/0x8d0 [ 1166.695295][ T9256] nf_tables_newrule+0x176c/0x2880 [ 1166.700930][ T9256] nfnetlink_rcv+0x113e/0x24a0 [ 1166.706297][ T9256] netlink_unicast+0x751/0x8d0 [ 1166.711578][ T9256] netlink_sendmsg+0x8d0/0xbf0 [ 1166.717028][ T9256] ____sys_sendmsg+0x5ba/0x960 [ 1166.722309][ T9256] ___sys_sendmsg+0x2a6/0x360 [ 1166.727499][ T9256] __se_sys_sendmsg+0x1c2/0x2b0 [ 1166.732862][ T9256] do_syscall_64+0x55/0xa0 [ 1166.737788][ T9256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1166.744714][ T9256] [ 1166.744714][ T9256] other info that might help us debug this: [ 1166.744714][ T9256] [ 1166.754925][ T9256] Chain exists of: [ 1166.754925][ T9256] nfnl_subsys_ipset --> nlk_cb_mutex-NETFILTER --> &nft_net->commit_mutex [ 1166.754925][ T9256] [ 1166.769336][ T9256] Possible unsafe locking scenario: [ 1166.769336][ T9256] [ 1166.776774][ T9256] CPU0 CPU1 [ 1166.782209][ T9256] ---- ---- [ 1166.787589][ T9256] lock(&nft_net->commit_mutex); [ 1166.792654][ T9256] lock(nlk_cb_mutex-NETFILTER); [ 1166.800195][ T9256] lock(&nft_net->commit_mutex); [ 1166.807813][ T9256] lock(nfnl_subsys_ipset); [ 1166.812412][ T9256] [ 1166.812412][ T9256] *** DEADLOCK *** [ 1166.812412][ T9256] [ 1166.820627][ T9256] 1 lock held by syz.4.16340/9256: [ 1166.825737][ T9256] #0: ffff888068c680b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x3b/0x100 [ 1166.836452][ T9256] [ 1166.836452][ T9256] stack backtrace: [ 1166.842613][ T9256] CPU: 0 PID: 9256 Comm: syz.4.16340 Not tainted syzkaller #0 [ 1166.850157][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1166.860293][ T9256] Call Trace: [ 1166.863567][ T9256] [ 1166.866486][ T9256] dump_stack_lvl+0x18c/0x250 [ 1166.871421][ T9256] ? load_image+0x400/0x400 [ 1166.875924][ T9256] ? show_regs_print_info+0x20/0x20 [ 1166.881395][ T9256] ? print_circular_bug+0x12b/0x1a0 [ 1166.886604][ T9256] check_noncircular+0x2fc/0x400 [ 1166.891543][ T9256] ? print_deadlock_bug+0x5d0/0x5d0 [ 1166.896837][ T9256] ? lockdep_lock+0xf5/0x230 [ 1166.901533][ T9256] ? _find_first_zero_bit+0xd3/0x100 [ 1166.906813][ T9256] __lock_acquire+0x2df1/0x7d40 [ 1166.912542][ T9256] ? mark_lock+0x94/0x320 [ 1166.916860][ T9256] ? verify_lock_unused+0x140/0x140 [ 1166.922222][ T9256] ? __lock_acquire+0x1273/0x7d40 [ 1166.927398][ T9256] lock_acquire+0x19e/0x420 [ 1166.931957][ T9256] ? ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.937960][ T9256] ? __might_sleep+0xe0/0xe0 [ 1166.942645][ T9256] ? read_lock_is_recursive+0x20/0x20 [ 1166.948049][ T9256] __mutex_lock+0x136/0xcc0 [ 1166.952668][ T9256] ? ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.958225][ T9256] ? ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.963771][ T9256] ? ip_set_pernet+0x23/0x230 [ 1166.968439][ T9256] ? mutex_lock_nested+0x20/0x20 [ 1166.973464][ T9256] ? ip_set_pernet+0x23/0x230 [ 1166.978136][ T9256] ? ip_set_pernet+0x23/0x230 [ 1166.982806][ T9256] ip_set_nfnl_get_byindex+0x67/0x230 [ 1166.988169][ T9256] set_match_v1_checkentry+0x71/0x230 [ 1166.993546][ T9256] xt_check_match+0x429/0xaf0 [ 1166.998298][ T9256] ? flush_work+0x20/0x20 [ 1167.002616][ T9256] ? xt_check_proc_name+0x270/0x270 [ 1167.007984][ T9256] ? __stack_depot_save+0x1f/0x630 [ 1167.013109][ T9256] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1167.019108][ T9256] __nft_match_init+0x67a/0x8d0 [ 1167.023950][ T9256] ? ___sys_sendmsg+0x2a6/0x360 [ 1167.028786][ T9256] ? nft_match_large_dump+0x50/0x50 [ 1167.034100][ T9256] ? nf_tables_newrule+0x150e/0x2880 [ 1167.039565][ T9256] ? rcu_is_watching+0x15/0xb0 [ 1167.044508][ T9256] ? nf_tables_newrule+0x150e/0x2880 [ 1167.049822][ T9256] ? __kmalloc+0xe2/0x230 [ 1167.054157][ T9256] nf_tables_newrule+0x176c/0x2880 [ 1167.059327][ T9256] ? nf_tables_delchain+0x1060/0x1060 [ 1167.064904][ T9256] ? __lock_acquire+0x7d40/0x7d40 [ 1167.070022][ T9256] ? mutex_unlock+0x10/0x10 [ 1167.074636][ T9256] ? __nla_parse+0x40/0x50 [ 1167.079147][ T9256] nfnetlink_rcv+0x113e/0x24a0 [ 1167.083920][ T9256] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 1167.089581][ T9256] ? __lock_acquire+0x7d40/0x7d40 [ 1167.094783][ T9256] ? netlink_deliver_tap+0x2e/0x1b0 [ 1167.100102][ T9256] netlink_unicast+0x751/0x8d0 [ 1167.104866][ T9256] netlink_sendmsg+0x8d0/0xbf0 [ 1167.109715][ T9256] ? netlink_getsockopt+0x590/0x590 [ 1167.115065][ T9256] ? aa_sock_msg_perm+0x94/0x150 [ 1167.120172][ T9256] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1167.125456][ T9256] ? security_socket_sendmsg+0x80/0xa0 [ 1167.131162][ T9256] ? netlink_getsockopt+0x590/0x590 [ 1167.136364][ T9256] ____sys_sendmsg+0x5ba/0x960 [ 1167.141426][ T9256] ? __asan_memset+0x22/0x40 [ 1167.146040][ T9256] ? __sys_sendmsg_sock+0x30/0x30 [ 1167.151116][ T9256] ? __import_iovec+0x5f2/0x850 [ 1167.156058][ T9256] ? import_iovec+0x73/0xa0 [ 1167.160548][ T9256] ___sys_sendmsg+0x2a6/0x360 [ 1167.165306][ T9256] ? __sys_sendmsg+0x2a0/0x2a0 [ 1167.170162][ T9256] __se_sys_sendmsg+0x1c2/0x2b0 [ 1167.175020][ T9256] ? __x64_sys_sendmsg+0x80/0x80 [ 1167.180136][ T9256] ? lockdep_hardirqs_on+0x98/0x150 [ 1167.185323][ T9256] do_syscall_64+0x55/0xa0 [ 1167.189820][ T9256] ? clear_bhb_loop+0x40/0x90 [ 1167.194496][ T9256] ? clear_bhb_loop+0x40/0x90 [ 1167.199162][ T9256] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1167.205058][ T9256] RIP: 0033:0x7f594c99c799 [ 1167.209580][ T9256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1167.229273][ T9256] RSP: 002b:00007f594abf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1167.237676][ T9256] RAX: ffffffffffffffda RBX: 00007f594cc15fa0 RCX: 00007f594c99c799 [ 1167.245727][ T9256] RDX: 0000000024044010 RSI: 0000200000000100 RDI: 0000000000000003 [ 1167.253705][ T9256] RBP: 00007f594ca32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1167.261673][ T9256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1167.269897][ T9256] R13: 00007f594cc16038 R14: 00007f594cc15fa0 R15: 00007ffc098dd038 [ 1167.277978][ T9256] [ 1167.298527][ T9256] Cannot find set identified by id 0 to match