last executing test programs: 3.320509515s ago: executing program 4 (id=10142): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@empty, 0x2, 0x3c}, @in=@loopback, {}, {}, {0x0, 0x1ec}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@multicast2}]}, 0x104}}, 0x0) 3.139286244s ago: executing program 4 (id=10148): syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f0000007400)=ANY=[], 0x1, 0x6174, &(0x7f0000001280)="$eJzs3b2PHGcdB/Dfvt6LiXNKEQULoYsTXkKIX4MxBEhSQEGTArmhQLYul8jCAWQb5EQWvugaCipqChASJUKUiII/IAUtHRUVlmwkkCsGzd3z+OY2u95zzrezd8/nI51nf/vM7D5z353bWc/MPgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHe/872znYi4/LN0x0rEp6IX0Y1YquvViFhaXcnz9yPiudhqjmcjYrAQUS+/9c/TEa9GxEfHI+7dv71W331uj/349h///rsfHHvrb38YnP7vn272Xps0361bv/zPn+/sb50BAACgNFVVVZ30Mf9E+nzfbbtTAMBM5Pf/Ksn3H/n6V/986y/z1B+1Wq1Wq2dQN1Xj3WkWEbHRXKbeZ3A4HgAOmY140HYXaJH8i9aPiGNtdwKYa522O8CBuHf/9lon5dtpvh+sbrfnc0F25b/ReXh9x6TpNKPnmMzq9bUZvXhmQn+WZtSHeZLz747mf3m7fZjmO+j8Z2VS/sPtS5+Kk/PvjeY/4ujk3x2bf6ly/v3Hyr8nfwAAAAAAmGP5//9XWj7+u7D/VdmTRx3/XZ1RHwAAAAAAAADgSdvv+H8PGf8PAAAA5lb9Wb32m+M79036Lrb6/kudiKdG5gcKky6WWW67HwAAAAAAAAAAAABQkv72ObyXOhGDiHhqebmqqvqnabR+XPtd/rArff2hZG3/kQcAgG0fHR+5lr8TsRgRl9J3/Q2Wl5eranFpuVqulhby/uxwYbFaanyuzdP6voXhHnaI+8OqfrDFxnJN0z4vT2sffbz6uYZVbw8de0IG6bc5obmlsAEg2X43uucd6Yipqqcn7XzALrb/o8f2z160/ToFAAAADl5VVVUnfZ33iXTMv9t2pwCAmcjv/6PHBQ6kjjjYx5/3emHn9z4X/VGr1Wp1cXVTNd6dZhERG81l6n0Gw/EDwCGzEQ/a7gItkn/R+hHxXNudAOZap+0OcCDu3b+91kn5dprvB2l893wuyK78Nzpby+Xlx02nGT3HZFavr83oxTMT+vPsjPowT3L+3dH8L2+3D9N8B53/rEzKv17PlRb607acf280/xFHJ//u2PxLlfPvP1b+PfkDAAAAAMAcy///v+L4b15lAAAAAAAAADh07t2/vZave83H/z8zZj7Xfx5NOf+O/IuU8++O5P/Fkfl6jdt339zJ/9/3b6/9/ua/Pp2ne81/IT9kJ72yOukV0UnP1Omn6T5XcMTmoDesn2nQ6fb66ZyfavBOXI1rsR5nds3bTb+Pnfazu9rrng52tZ/b1d7/WPv5Xe2D9L0D1VJuPxVr8eO4Fm9vtddtC1PWf3FKezWlPeffs/0XKeffb/zU+S+n9s7ItHb3w+7HtvvmdNzzvHH1s784c/CrM9Vm9B6uW1O9fidb6M+ZiF8/iIif3li/furWlZs3r5+NNDk2bNx7LtLkCcv5D7Z+Fnb+/r+w3Z7/7je317sfDh87/3mxGf2J+b/QuF2v70sz7lsbcv7D9JPzfzu1j9/+D3P+k7f/l1voDwAAAAAAAAAAAAAAADxKVVVbl4i+EREX0vU/bV2bCQDMxvE0ze//9f7A9xvtVaJWq9Vqtfro1E3VeK83i4j4a3OZep/h5+MeDACYZ/+LiH+03QlaI/+C5e/7q6cvtt0ZYKZuvP/BD69cu7Z+/UbbPQEAAAAAAAAAPqk8/udqY/znFyNiZWS+XeO/vhmr+x3/s59vPBxg9AkP9D3BZnfY6zaGG38+tsbnPjVp/O+T8ejxv/tTnm8wpX04pX1hSvvi2Ht30hp7oUdDzv/5xnjndf4nRoZfL2H819Ex70uQ8z/ZeD3X+X9hZL5m/tVv5y7/jb3OuBndXfmfvvneT07feP+DV66+d+Xd9XfXf3T+7Nkz5y9cuHjx4ul3rl5bP7P978H0eg7k/PPY184DLUvOP2cu/7Lk/D+XavmXJef/+VTLvyw5/7y/J/+y5PzzZx/5lyXn/1Kq5V+WnP+XUi3/suT8X061/MuS8/9yquVflpz/K6mWf1ly/qdSLf+y5PxPp3oP+ft6+CMk55+PcNn+y5Lzz2c2yL8sOf9zqZZ/WXL+51Mt/7Lk/F9NtfzLkvP/SqrlX5ac/4VUy78sOf+vplr+Zcn5X0y1/MuS8/9aquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/zdTLf+y5Py/lWr5lyXn/3qq5V+Wne//d8MNN9zIN9r+ywQAAAAAAAAAAAAAjJrF6cRtryMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvbuLkeus7wd+Zl/stUOIgRCc/A1sEhNCsmTXduIX/k0xAQINUAokFPqC7XrXZsFveO0SKJJNDSUSRkUVVdMLWkCojVpVWBUXtKI0F1Vfrkp7QW8qqkpIjaqAAhJSXyBbzZzneTwzOztn7R2vZ8/z+Uj2b3fmzJwzZ87M7nft7x4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa3f7Guc80iqJo/mn9taUoXtD8eNPkltZlr7veWwgAAACs1k9bfz93U7pg/wpu1LbM373iH7++uLi4WLxv9HfHv7C4mK6YLIrxjUXRui669O/vb7QvE1woJhojbZ+PVKx+tOL6sYrrxyuu31Bx/caK6ycqrl+yA5bYVP48pnVn21sfbil3aXFzMd66bnuPW11obBwZiT/LaWm0brM4fqSYL44Vc8VMx/Llso3W8t+8vbmutxZxXSNt69rWPEJ++InDcRsaYR9v71jX5fuMvv+GYvJHP/zE4T868+ytvWblbui4v3I7776juZ2fCpeU29ooNqZ9ErdzpG07t/V4TkY7trPRul3z4+7tfG6F2zl6eTPXVPdzPlGMtD7+dms/jbX/WC/tp23hsv+6syiK85c3u3uZJesqRorNHZeMXH5+JsojsnkfzUPpxcXYFR2nt6/gOG3O2e2dx2n3ayI+/7eH240tsw3tT9P3P7lhyfN+pcdp1HzUy71Wuo/BQb9WhuUYjMfFt1sP+omex+D28Pg/cdfyx2DPY6fHMZged9sxeEfVMTiyYbS1zelJaLRuc/kY3NGx/GhrTY3WfOau/sfg9Jnjp6YXPvbx184fP3R07ujciV07dszs2r17796900fmj83NlH9f5d4efpuLkfQauCPsu/gaeHXXsu2H6uKXB/c6nOjzOtzSteygX4dj3Q+usTYvyKXHdPnaeLS50ycujhTLvMZaz889q38dpsfd9joca3sd9vya0uN1OLaC12FzmVP3rOx7lrG2P7224Vp9LdjSdgx2fz/SfQwO+vuRYTkGJ8Jx8a/3LP+1YFvY3iemrvT7kdElx2B6uOG9p3lJ+n5/Ym9r9Doub2teccOG4uzC3On7Hj905szpHUUYa+IlbcdK9/G6ue0xFUuO15ErPl73z7/iidt6XL4l7KuJ1zb/mlj2uWouc/99/Z+r1le33vuz49KdRRgDttb7s9dX8+b+TFmyz/5sLvOp6dV/L55yadv77/gy778x9z9fri/d1YXR8bHy9Tua9s54x/tx51M11nrvarTW/dz0yt6Px8OftX4/vrnP+/HWrmUH/X483v3g4vtxo+qnHavT/XxOhOPk2Ez/9+PmMlt3XukxOdb3/fjOMBth/78mJIWUi9qOneWO27SusbHx8LjG4ho6j9NdHcuPh2zWXNdTO6/uOL37zvK+RtOju2ytjtPJrmUHfZym96vljtNG1U/frk738zkRjoubd/U/TpvLPH3/6t87N8UP2947N1Qdg+OjG5rbPJ4OwvL9fnFTPAbvKw4XJ4tjxWzr2g2t46nRWtfUAys7BjeEP2v9Xrm1zzF4d9eygz4G09ex5Y69xtjSBz8A3c/nRDgunnyg/zHYXOZNewb7vevd4ZK0TNv3rt0/X1vuZ163de2ma/kzr+Z2/s2e/j+bbS5zbO+V5sz+++necMkNPfZT9+t3udfUbLE2+2lr2M5n9y6/n5rb01zmC/tWeDztL4ri3Eceav28N/z7yp+f/c7XO/7dpde/6Zz7yEM/uPHI317J9gOw/j1fjs3l17q2f5layb//AwAAAOtCzP0jYSbyPwAAANRGzP3xf4Un8j8AAADURsz9Y2EmmeT/rW96dv75c0Vq5i8G8fq0Gx4pl4sd15nw+eTiZc3LH/rq3I//8tzK1j1SFMVPHvmNnstvfSRuV2kybOelN3devvSG51a0/oOPXV6uvb/+pXD/8fGs9DDoVcGdKYrimzd9rrWeyfdfbM2nHznYmu8+/8SF5jLP7Ss/j7d/5iXl8l8M5d/9Rw513P6ZsB++F+bM23rvj3i7r118zbY97728vni7xh0vbD3sJz9Q3m/8PTmfv1AuH/fzctv/V5996mvN5R9/Ve/tPzfSe/ufCvf71TD/++Xl8u3PQfPzeLtPh+2P64u3u+8r3+q5/Zc+Uy5/6uFyuYNhxvXfHT7f/vCz8+376/HGoY7HVbylXC6uf+Y7v926Pt5fvP/u7Z84cLFjf3QfH0//c3k/013Lx8vjeqK/6Fp/837aj8+4/qd+62DHfq5a/6V3P/Py5v12r//eruVGu27f/Rub/uDTn+u5vrg9+//sVMfj2f+u8DoO63/yA+F4DNf/z6XPdaw3OviuzvefuPyXtpzreDzRW39Urv/S64+25n9M/vj3b3jBjS88/8rmviuKb7+nvL+q9R/9w5Md2//lW+5pPR/x+tjR717/cuL6T3906sTJhbPzs217tfW7c95ebs/GiU2bm9t7U3hv7f78wMkzH5w7PTkzOVMUk/X9FXpX7Sth/qAc56/09vc8Fp7P237vm5vv+qfPxsv/5dHy8otvK79uvTos9/lw+Zby+VtsrHL9T95+S+v13Xi6/Lyjxz4A27b/594VLRgef/f3BfF4P/XSD7b2Q/O61teN+Lpe5fZ/d7a8n2+E/boYfjPzHbdcXl/78vF3I1x8T/l6X/X+C29z8Xn94/B8v+N75f3H7YqP97vh+5hvbe18v4vHxzfOjXTff+u3eJwP7yfF+fL6uFTc3xefu6Xn5sXfQ1Kcv7X1+e+k+7n1ih7mchY+tjB9bP7E2cenz8wtnJle+NjHDxw/efbEmQOt3+V54ENVt7/8/rS59f40O7f7/mJmU1EUJ4uZNXjDujbb3/xoZdt/6rHDs3tm7pqdO3Lo7JEzj52aO3308MLC4bnZhbsOHTky99Gq28/PPrhj575de3ZOHZ2ffXDvvn279k3NnzjZ3Ixyoyrsnvnw1InTB1o3WXjw/n07Hnjg/pmp4ydn5x7cMzMzdbbq9q2vTVPNW//61Om5Y4fOzB+fm1qY//jcgzv27d69s/K3AR4/dWRhcvr02RPTZxfmTk+Xj2XyTOvi5te+qttTTwv/Vn4/261R/iK+4p337k6/n7Xpq59c9q7KRbp+geiz4XfR/MOLTu1dyecx94+HmWSS/wEAACAHMfdvCDOR/wEAAKA2Yu7fGGYi/wMAAEBtxNw/EWaSSf7X/9f/X1n/v7xe/z+v/v+pj5S90vXe/4/9ef3/PFzn/v+q16//r/9fv/7/yvvz63379f/1/1lq2Pr/MfdvKoos8z8AAADkIOb+zWEm8j8AAADURsz9N4SZyP8AAABQGzH3vyDMJJP8r/+/ov7/zqrCVf37/87/r/9frM/+f3xy9P+zccX9+/c+2vGp/n+g/6//r/+v/6//z6qNL3vN9er/x9x/Y5hJJvkfAAAAchBz/wvDTOR/AAAAqI2Y+28KM5H/AQAAoDZi7t8SZpJJ/tf/d/5//X/9/3XU/+8o0q7J+f/bNkb/f32o3/n/f6r/vy76/xP6/+ux/z8+2O0f7v5/5ebr/3NNDNv5/2Puf1GYSSb5HwAAAHIQc/+Lw0zkfwAAAKiNmPtfEmYi/wMAAEBtxNx/c5hJJvlf/1//f4X9/y/p/+v/D0H/v+PxrEn/v+/5/8uP9P+HS/36/87/X6yL/r/z/xfrsf8/4O0f7v7/oM//P/7m7tvr/9PLsPX/Y+5/aZhJJvkfAAAAchBz/y1hJvI/AAAA1EbM/S8LM5H/AQAAoDZi7t8aZpJJ/tf/1/93/n/9f/3/3uuv7v+X9P+Hi/5/f/r/FfT/9f/1/1fW/+/xza/+P70MW/8/5v5bw0wyyf8AAACQg5j7bwszkf8BAACgNmLu/39hJvI/AAAA1EbM/dvCTDLJ//r/+v/6/3n1/+/doP+v/19v+v/96f9X0P/X/9f/X+H5/5e6kv7/xqo7ozaGrf8fc//Lw0wyyf8AAACQg5j7XxFmIv8DAABAbcTc/8owE/kfAAAAaiPm/skwk0zyv/5/vfr/f/rXT76y0P/X/69Yf037//Ew0P/PnP5/f/r/FfT/9f/1/9ek/08+hq3/H3P/7WEmmeR/AAAAyEHM/XeEmcj/AAAAUBsx998ZZiL/AwAAQG3E3L89zCST/K//X6/+f6T/v4b9/y8+nO5H/7/k/P+96f+vDf3/HtpepPr/FfT/9f+z7//H7371/xmMYev/x9z/qjCTTPI/AAAA5CDm/rvCTOR/AAAAqI2Y+18dZiL/AwAAQG3E3H93mEkm+V//X/9f/9/5//X/e69f/3990v/vT/+/gv6//n/2/X/n/2ewhq3/H3P/a8JMMsn/AAAAkIOY++8JM5H/AQAAoDbi/98s/9+r/A8AAAB1FHP/VJhJJvlf/1//P6f+f0P/X/9f/7/29P/70/+voP+v/6//r//PQA1b/z/m/teGmWSS/wEAACAHMfffF2Yi/wMAAEBtxNw/HWYi/wMAAEBtxNw/E2aSSf7X/9f/z6n/7/z/+v/rof/f0P9fFf3//vT/K+j/6//Xrf9fFPr/XFfD1v+PuX9HmEkm+R8AAAByEHP/zjAT+R8AAABqI+b+XWEm8j8AAADURsz994eZZJL/9f/1//X/9f/1/3uv3/n/1yf9//70/yvo/+v/163/7/z/XGfD1v+Puf+BMJNM8j8AAADkIOb+3WEm8j8AAADURsz9e8JM5H8AAACojZj794aZZJL/9f9r0v//zb/vWLf+v/5/v/UPpv+/Sf8/TP3/4VLT/n/3y+Kq6f9X0P/X/9f/1/9noIat/x9z/74wk0zyPwAAAOQg5v7XhZl05P8Lf7LGmwUAAAAMUMz9/z/MxL//AwAAQG3E3P8zYSaZ5H/9/5r0/7vo/+v/91u/8//r/9dZTfv/A6P/XyHX/n94Q7ve/fnVut7br/+v/89S177/Hz9aWf8/5v4Hw0wyyf8AAACQg5j7fzbMRP4HAACA2oi5//VhJvI/AAAA1EbM/fvDTDLJ//r/+v/6//r/16b///qi2zD2/5sHj/5/vej/96f/XyHX/n9wvfvz63379f/1/1lq2M7/H3P/G8JMMsn/AAAAkIOY+x8KM5H/AQAAoDZi7n9jmIn8DwAAALURc/+bwkwyyf/6//r/+v/6/87/33v9+v/rk/5/f/r/FfT/9f/1//X/Gahh6//H3P/mMJNM8j8AAADkIOb+h8NM5H8AAACojZj73xJmIv8DAABAbcTc/9Ywk0zyv/6//r/+v/6//n/v9ev/r0/6//3p/1fQ/9f/797+1pu9/r/+P1dr2Pr/Mff/XJhJJvkfAAAAchBz/yNhJvI/AAAA1EbM/W8LM5H/AQAAoDZi7n97mEkm+V//X/9f/1//X/+/9/r1/9cn/f/+9P8r6P/r/zv/v/4/AzVs/f+Y+98RZpJJ/gcAAIAcxNz/82Em8j8AAADURsz97wwzkf8BAACgNmLu/4Uwk0zyv/6//r/+v/5/Fv3/5o30/7Og/9+f/n+FHv3/jfr/A+vPbxrIVl6/7a+i/6//z1LD1v+Puf9dYSaZ5H8AAADIQcz97w4zkf8BAACgNmLuf0+YifwPAAAAtRFz/6NhJpnkf/3/LPv/6SHr/5f0/zPo/zv/fzb0//vT/6/g/P/O/6//r//PQA1b/z/m/sfCTDLJ/wAAAJCDmPvfG2Yi/wMAAEBtxNz/i2Em8j8AAADURsz97wszyST/6/9n2f93/v816/+PdRwfOfX/J9qez3Rc6v/r/68B/f/+9P8r6P/r/w9z/z8czZuWub3+P8No2Pr/Mfe/P8wkk/wPAAAAOYi5/5fCTOR/AAAAqI2Y+385zET+BwAAgNqIuf9Xwkwyyf/6//r/+v/O/+/8/73Xr/+/Pun/96f/X0H/X/9/mPv/FfT/GUbD1v+Puf9Xw0wyyf8AAACQg5j7PxBmIv8DAABAbcTcfyDMRP4HAACA2oi5/2CYSSb5X/+/u/8fz6iq/6//r/+v/6//vx4Nrv//shuLQv9f/1//X/9f/1//n9UYtv5/zP2Hwkwyyf8AAACQg5j7fy3MRP4HAACA2oi5/3CYifwPAAAAtRFz/2yYSSb5X///Wp3/P16ST///J/r/+v+B/n9v+v9rw/n/+9P/r6D/r/+v/6//z0ANW/8/5v65MJNM8j8AAADUWPpxcMz9R8JM5H8AAACojZj7j4aZyP8AAABQGzH3fzDMJJP8r/9/rfr/zv/fa/v1/2P/f6xjef3/kv6//v8g6P/3p/9fQf9f/1//X/+fgRq2/n/M/fNhJpnkfwAAAMhBzP0fCjOR/wEAAKA2Yu7/cJiJ/A8AAAC1EXP/sTCTTPJ/ffr//1tus/5/x+30/6v7/42iOO/8//r/vdav/78+6f/3p/9fQf9f/1//X/+fgRq2/n/M/cfDTDLJ/wAAAJCDmPtPhJnI/wAAwP+xdx9Nct1VH8f78WNb0gpeAlXsWLGEFW+BLTuq2LChSCYHY3IwweRkggkm5xxNzjlnk3M0yYaqoTw650gz07otadoz9/7P57PgoEHjblmD4Oepb11gGLn77xu32P8AAAAwjNz994tbmuz/cfr//ET9/0r/v4Dn/+/9+fr/0/T/+v9tONDfX3phn3/O/v/Od7ninvp//b/+f5L+X/+v/2e/ufX/ufvvH7c02f8AAADQQe7+B8Qt9j8AAAAMI3f/A+MW+x8AAACGkbv/irilyf7X/+v/9f/6/z39/w36//Ps/++YH9f/z4vn/0/T/2+wnf7//1f6f/2//l//z6659f+5+x8UtzTZ/wAAANBB7v4Hxy32PwAAAAwjd/9D4hb7HwAAAIaRu/+hcUuT/a//1//r//X/nv+//vU9/3+Z9P/T9P8beP6//l//r/9nq+bW/+fuf1jc0mT/AwAAQAe5+x8et9j/AAAAMIzc/Y+IW+x/AAAAGEbu/kfGLU32v/5f/6//1//r/9e/vv5/ma5bnfkzQf9/kP5/gw39/2ql/59y3v38+l/ect7/Oej/9f8cNLf+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuvzJusf8BAABgGLn7HxO3NNn/+n/9v/5f/6//X//6+v9l8vz/aYfv/+90+/vcq2//7/n/0zz/X/+v/2e/ufX/ufuvilua7H8AAADoIHf/Y+MW+x8AAACGkbv/cXGL/Q8AAADDyN3/+Lilyf7X/7fp/3drF/2//l//r/8fnf5/muf/b7D7x9yp+qH+X/+v/9f/czhz6/9z9z8hbmmy/wEAAKCD3P1PjFvsfwAAABhG7v4nxS32PwAAAAwjd/+T45Ym+1//36b/9/x//b/+X//fgv5/mv5/g1Ge/3+RXzXH3c8f1nG/f/2//p+D5tb/5+5/StzSZP8DAABAB7n7nxq32P8AAAAwjNz9T4tb7H8AAAAYRu7+q+OWJvtf/7+l/v+ygx/T/2+z/89X0P/r//X/+v9p+v9p+v8NRun/L9Jx9/NLf//6f/0/B82t/8/d//S4pcn+BwAAgA5y9z8jbrH/AQAAYBi5+58Zt9j/AAAAMIzc/c+KW5rsf/2/5/9fTP9/b8//1//r//X/M6X/n6b/30D/r//X/+v/2aq59f+5+6+JW5rsfwAAAOggd/+z4xb7HwAAAIaRu/85cYv9DwAAAMPI3f/cuKXJ/tf/6/+X8fx//b/+X/+v/z8/+v9p+v8N9P/6f/2//p+tmlH/f9ZnnVw9L25psv8BAACgg9z9z49b7H8AAAAYRu7+F8Qt9j8AAAAMI3f/C+OWJvtf/z+b/n835xur/z+1Wq30/6um/f+ps34/6+tS/6//PwL6/2n6/w30//p//b/+n62aUf+/++Pc/S+KW5rsfwAAAOggd/+L4xb7HwAAAIaRu/8lcYv9DwAAAMPI3f/SuGWo/X/inP+J/n82/f+usfp/z//f//Ux5/7/1p/k+f/6/xHo/6fp/zfQ/+v/9f/6f7Zqbv1/7v5rb/0z9Oozf53LL7v4XyMAAAAwL9fu/uvJ1cvilqG+/w8AAAC95e5/edxi/wMAAMBCXXPgI7n7XxG3NNn/+v/t9v+Xn/Ux/b/+f//Xx5z7/20//1//f5D+/2jo/6fp/zfQ/+v/9f/6f7Zqbv1/7v5Xxi1N9j8AAAB0kLv/urjF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv/1/57/r//X/+v/17++/n+Z9P/T9P8b6P/1/8fb/58482/1/4zhAvr/nZ2dK2/z/j93/2vilib7HwAAADrI3f/auGXP/r9+/7ejAAAAgAXJ3X993OL7/wAAADCM3P2vi1ua7H/9f9P+P7/U9f+79P/6/3Wvr/9fJv3/NP3/Bvp//b/n/+v/2aq5Pf8/d//r45Ym+x8AAAA6yN3/hrjF/gcAAIBh5O5/Y9xi/wMAAMAwcve/KW5psv/1/037f8//1//r/4+6/79lpf8/Eovo/0+d+/Xn3v9fpf/X/09o1//f/a57fqj/1/9z0Nz6/9z9b45bmux/AAAA6CB3/1viFvsfAAAAhpG7/61xi/0PAAAAw8jd/7a46dIm+1//r//X/+v/9f/rX/+In/9/+Wq10v9vwSL6/wlz7/89/1//P6Vd/7+P/l//z0Fz6/9z9789bmmy/wEAAKCD3P3viFvsfwAAABhG7v53xi32PwAAAAwjd/+74pYm+1//r//X/194/3/zzs6O/n9B/f9Vi+j/Pf9/S/T/0/T/G+j/9f/6f/0/R+K4+v/c/e+OW5rsfwAAAOggd/974hb7HwAAAIaRu/+9cYv9DwAAAMPI3f++uKXJ/tf/6//1/57/f2J2/f/JPX+9Js//1/9vif5/2hz7/7P/DNH/6/+X/P4H6f+v0f+zTXN7/n/u/vfHLU32PwAAAHSQu/8Dcesf3dr/AAAAMIzc/R+MW+x/AAAAGEbu/g/FLU32v/5f/6//1/8P//x//X8r+v9pc+z/z6b/1/8v+f0P0v97/j9bNbf+P3f/h+OWJvsfAAAAOsjd/5G4xf4HAACAYeTu/2jcYv8DAADAMHL33xC3NNn/+n/9v/5f/6//P/17qP8fg/5/2tH0/6f0//r/6uf/L/5boP/X/2/6fMY0t/4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBh5O7/RNxi/wMAAMAiXbrmY7n7Pxm3NNn/+n/9v/5f/6//X//6+v9l0v9P8/z/DfT/F9jP32HPj5b2/P/9//ul/9f/s31z6/9z938qbmmy/wEAAKCD3P2fjlvsfwAAABhG7v7PxC32PwAAAAwjd/9n45Ym+1//r//X/+v/9f/rX1//v0z6/2n6/w30/8f6/Pylv3/9v/6fg+bW/+fu/1zc0mT/AwAAQAe5+z8ft9j/AAAAMIzc/V+IW+x/AAAAGMbu7s+4rOH+1//r//X/+n/9//rX1/8vk/5/mv5/A/2//l//r/9nq+bW/39x97NOrr4UtzTZ/wAAANBB7v4vxy32PwAAAAwjd/9X4hb7HwAAAIaRu/+rcUuT/a//1/8vo//f2dm5Uv+v/9/76znT/9+o/6fo/6fp/zfQ/+v/9f/6f7Zqbv1/7v6vxS1N9j8AAAB0kLv/63GL/Q8AAADDyN3/jbjF/gcAAIBh5O7/ZtzSZP/r/2fQ/5/U/3v+v/5/5fn/+v8t0f9P0/9vMGL/f/L8f/nH3c8f1nG/f/2//p+D5tb/5+7/VtzSZP8DAABAB7n7vx232P8AAAAwjNz934lb7H8AAAAYRu7+78YtTfa//v/o+v9b/951ef7/qdX696//1//r//X/tzX9/zT9/wYj9v8X4Lj7+aW/f/2//p+D5tb/5+7/XtzSZP8DAABAB7n7vx+32P8AAAAwjNz9P4hb7H8AAAAYRu7+H8YtTfa//n8Gz/8fsP/3/P/1Xx/6/1n3/5fo/8eg/5+m/99A/6//1/9vqf/Pr2b9f3dz6/9z9/8obmmy/wEAAKCD3P0/jlvsfwAAABhG7v6fxC32PwAAAAwjd/+NcctZ+39d2z0K/b/+X/+v/9f/r399/f8y6f+nnW//f2J1uP4/6f/1//r/rv2/5/9z2tz6/9z9P41bfP8fAAAAFueyc3w8d//P4hb7HwAAAIaRu//ncYv9DwAAAMPI3f+LuOWmS47rLR0p/b/+X/+v/9f/r399/f8y6f+nef7/Bovv/3d2ds7z/4ets6V+/m76/zH6/9VK/8/hza3/z93/y7jF9/8BAABgGLn7fxW32P8AAAAwjNz9v45b7H8AAAAYRu7+38QtTfa//l//f8j+fzfN1P+fpv8/Tf+/nv7/aOj/p+n/N1h8/384x93PL/39j9b/e/4/2zC3/j93/2/jlib7HwAAADrI3f+7uMX+BwAAgGHk7v993GL/AwAAwDBy9/8hbmmy/4+t/4+/1fr/xff/nv+v/9f/6/9nRf8/Tf+/gf5f/6//1/+zVXPr/3P3/zFuabL/AQAAoIPc/X+KW+x/AAAAGEbu/j/HLfY/AAAADCN3/1/ilib73/P/9f/6f/2//n/96+v/l0n/P03/v179Run/9f/6f/0/WzW3/j93/1/jlib7HwAAADrI3f+3uMX+BwAAgGHk7r8pbrH/AQAAYBi5+/8etzTZ//p//b/+X/+v/1//+vr/ZdL/TzvO/v8et9v8sp7/f+z9f74F/b/+X//PVsyt/8/d/4+4pcn+BwAAgA5y9/8zbrH/AQAAYBi5+/8Vt9j/AAAAMIzc/f+OW5rs/w39/4n6ifr/Sfr/ve9f/7/+60P/r//X/9/29P/TPP9/A/2/5//r//X/bNXc+v/c/TfHLU32PwAAAHSQu/+WuMX+BwAAgGHk7v9P3GL/AwAAwDBy9/83bmmy/z3/X/+v/9f/6//Xv77+f5n0/9P0/xvo//X/+n/9P1s1t/4/d///AgAA//+XbGLE") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x0) 2.942324384s ago: executing program 3 (id=10152): syz_mount_image$minix(&(0x7f0000000340), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYRES16=0x0], 0x1, 0x1a9, &(0x7f00000004c0)="$eJzs28sO0kAUxvGvFxDxEu8aVyxMXAly0cSd7H0JAhWJRYm4gZioj+LKx/IFYOELWNNSC22ItGpbhP8vITOn5DBnUoYOaSoAZ+u5JEOGapI8z/v46oGhRtlFASiEF7Y/PADnx2LpA2dq3beC6/9M0rfvH4ar8FVLuX9Y982g9f9HrHbyL6bN/2wE7X07nl+XdCnN/uXLJv9hYvzLh1Pt3fHrifwrv0msxuo3o3A3/2o4wDVJ1xvSDUk3Jd2SdHvP/EeJ/Hsp5g4AAAAAQFqGmsk4dsDUy4nrPDbsMK4EcTt6vxrEnUTcjeILQdwcvnVH+U0CwB8xD6x/a7P+o9hOrH8A/6/5Yvl64LrOu5w7dsaxFN6AyL2wEjv2cZTx1x3/3OY6hJnnLKzoO/Y1e3rlSE6B3/l1H+offWCZv0oAitB6P5215ovlo8l0MHbGzptO78nTXrf97JMh+Tv/Vnz/D+B0bC/622NWmQUBAAAAAAAAAAAAAIDM7ki6W3YRAAAAAAqR7cGg4Qsp++NE+8atFD9VAAAAAAAAAAAAAABO1s8AAAD//5xrPUk=") truncate(&(0x7f0000000100)='./file2\x00', 0x1699) 2.712859755s ago: executing program 1 (id=10155): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockname(r0, 0x0, &(0x7f0000000000)) 2.634351519s ago: executing program 3 (id=10156): r0 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r0, 0xc0844123, &(0x7f0000000040)) 2.555170813s ago: executing program 1 (id=10159): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003d37d840890457e00000000000010902240003000000000904"], 0x0) syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000700)={0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="400094"], 0x0, 0x0}) 2.41445207s ago: executing program 3 (id=10160): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x12, &(0x7f0000000040)=@conn_svc_rsp={0x0, 0x0, 0xa, "9383f28a", {0x3, 0x101, 0x0, 0x7, 0x8, 0x3, 0xbf}}) 2.01963406s ago: executing program 4 (id=10166): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000cc0)=@raw={'raw\x00', 0x8, 0x6000, 0x2a0, 0x128, 0xffffffff, 0xffffffff, 0x128, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0xffffffff], [0x0, 0x0, 0xff], 'syzkaller0\x00', 'veth0_to_bond\x00', {}, {}, 0x8, 0x0, 0x0, 0x4141eedf62d25f83}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xffffffff, 0xffffff00], [0xffffff00, 0xff000000, 0xffffffff, 0xff000000], 'veth1\x00', 'ipvlan1\x00', {0xff}, {}, 0xff, 0xb9, 0x4, 0xc}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast, [0xffffff00, 0xff000000, 0xff000000, 0xff], 0x4e23, 0x4e21, 0x4e24, 0x4e24, 0x4, 0x1ff, 0x7, 0x1000, 0xfffffff8}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x300) 1.39192148s ago: executing program 4 (id=10174): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="180200000a00000000000000000000008500000017000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.269634816s ago: executing program 0 (id=10175): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x38, 0x3e, 0x9, 0x0, 0x800, {0x3}, [@nested={0x1c, 0x1, 0x0, 0x1, [@nested={0x18, 0x10, 0x0, 0x1, [@typed={0x14, 0xd, 0x0, 0x0, @str='veth1_virt_wifi\x00'}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @u32=0x3}]}, 0x38}}, 0x0) 1.137456673s ago: executing program 0 (id=10177): r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r0, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x2}, {0x0, 0x20}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x8, 0x8, @tick, {}, {}, @connect={{0x1, 0x6}, {0x7, 0x7}}}, {0x9, 0x0, 0x0, 0x0, @tick, {}, {0x0, 0x6}, @time=@time={0x40000000}}], 0x70) 1.101591125s ago: executing program 2 (id=10178): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000001300)={0x2, 0x0, {0x0, 0x0, 0x4, 0x2000017, 0x10000000, 0x60, 0x0, 0xffffffff}}) 1.021784399s ago: executing program 2 (id=10179): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000880)={0x18, 0x5e, 0xe25, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0) 1.016146529s ago: executing program 0 (id=10180): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x2c, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0x9, 0x0, 0x0, 0x1, [@generic="976b640868"]}, @nested={0x7, 0x5, 0x0, 0x1, [@generic="991a54"]}]}, 0x2c}], 0x1}, 0x0) 925.166814ms ago: executing program 0 (id=10181): r0 = semget$private(0x0, 0x7, 0x191) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000000)=""/89) 876.666006ms ago: executing program 2 (id=10182): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x301}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x101}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x90}}, 0x0) 808.66774ms ago: executing program 1 (id=10183): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x21, 0x0, &(0x7f0000000080)) 808.172539ms ago: executing program 0 (id=10184): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x14, 0x27, 0xb, 0x0, 0xffffffff, {0x8}}, 0x14}}, 0x0) 740.675163ms ago: executing program 2 (id=10185): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x4000000}]}], {0x14, 0x10}}, 0x80}, 0x1, 0x0, 0x0, 0x20040841}, 0x0) 661.884697ms ago: executing program 0 (id=10186): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0xb1, 0x85, 0xe, 0x71, 0x5, 0x3}}}, 0x0) 638.993168ms ago: executing program 1 (id=10187): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000300)={0xffffffffffffff5e, 0x0, 0x0}) 558.140281ms ago: executing program 3 (id=10188): r0 = openat$capi20(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$CAPI_NCCI_OPENCOUNT(r0, 0xc0104307, &(0x7f0000000080)=0x3) 505.291554ms ago: executing program 2 (id=10189): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7030000000000008500000012000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000340)="c1dfb080cd21d308098ee68886dd", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 423.843808ms ago: executing program 1 (id=10190): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@filter={'filter\x00', 0x8000000, 0x4, 0x370, 0xffffffff, 0x1d0, 0x0, 0x1d0, 0xfeffffff, 0xffffffff, 0x2a0, 0x2a0, 0x2a0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffff00, 0xff000000, 0xff, 0xffffff00], [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff], 'macvlan0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x15}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x3, 0x6, {0x1}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x3, 0x5, {0x2000010}}}}, {{@ipv6={@private2, @private2={0xfc, 0x2, '\x00', 0x1}, [0x0, 0xffffff00, 0xff], [0x0, 0xffffff00, 0xf97f1f27bc0fd003, 0xff000000], 'bridge_slave_0\x00', 'ip6tnl0\x00', {}, {0xff}, 0x11, 0x80, 0x2, 0x6a}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0xff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x419) 277.767166ms ago: executing program 3 (id=10191): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000000c0)="02000000020001000003be8c5ee1768810003c08030300ecff3f000000030000980000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfcceb", 0x90) 277.291786ms ago: executing program 1 (id=10192): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 253.195147ms ago: executing program 4 (id=10193): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d6163736563000014000280050009000100000005000b"], 0x44}}, 0x0) 104.316044ms ago: executing program 4 (id=10194): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendto(r0, 0x0, 0x0, 0x4000080, 0x0, 0x0) 57.492016ms ago: executing program 2 (id=10195): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x35, 0x0, &(0x7f0000000140)) 0s ago: executing program 3 (id=10196): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x670, 0x5, 0x4d8, 0x2c8, 0x0, 0xffffffff, 0x228, 0x370, 0x440, 0x440, 0xffffffff, 0x440, 0x440, 0x5, 0x0, {[{{@ip={@rand_addr=0x64010104, @local, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'wg1\x00', {}, {0xff}, 0x16}, 0x0, 0x1f0, 0x228, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'bm\x00', "9401d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x10}, [0xffffff00, 0xffffffff, 0x0, 0xff000000], @ipv4=@dev={0xac, 0x14, 0x14, 0x29}, [0x0, 0xffffff00, 0xff000000, 0xffffffff], @ipv6=@local, [0xff000000, 0xff, 0x0, 0xff], @ipv4=@broadcast, [0xffffffff, 0x0, 0xff], 0x7, 0x1, 0x5c, 0x4e1c, 0x4e22, 0x4e24, 0x4e24, 0x814, 0x20c0}, 0x80, 0x2}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xf, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x65, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0xd, 0x1}, {0x2, 0x4, 0x3}, 0x1000, 0x100}}}, {{@ip={@multicast2, @broadcast, 0xff, 0x0, 'virt_wifi0\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @loopback, @empty, @icmp_id=0x68, @port=0x4e22}}}}, {{@uncond, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0x4, "1542", 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) kernel console output (not intermixed with test programs): 137][ T4960] usb 3-1: new full-speed USB device number 20 using dummy_hcd [ 975.914347][ T4922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 975.960266][ T4922] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 975.969662][ T4922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 975.977909][ T4922] usb 2-1: Product: syz [ 975.982316][ T4922] usb 2-1: Manufacturer: syz [ 975.987433][ T4922] usb 2-1: SerialNumber: syz [ 975.996022][T24260] loop4: detected capacity change from 0 to 4096 [ 976.003967][ T4922] usb 2-1: config 0 descriptor?? [ 976.028016][T24260] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 976.047559][ T4922] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 976.065476][ T4922] em28xx 2-1:0.0: DVB interface 0 found: isoc [ 976.089009][ T4960] usb 3-1: config 0 has an invalid interface number: 147 but max is 0 [ 976.107837][ T4960] usb 3-1: config 0 has no interface number 0 [ 976.115919][T24260] ntfs3: loop4: mft corrupted [ 976.120643][T24260] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 976.134401][T24260] ntfs3: loop4: Failed to load $Secure. [ 976.144655][ T4960] usb 3-1: config 0 interface 147 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 976.184208][ T4960] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.03 [ 976.242346][ T4960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 976.266123][ T4960] usb 3-1: Product: syz [ 976.270529][ T4960] usb 3-1: Manufacturer: syz [ 976.275151][ T4960] usb 3-1: SerialNumber: syz [ 976.276602][ T4922] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 976.294272][ T4960] usb 3-1: config 0 descriptor?? [ 976.300107][T24249] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 976.384400][ T4922] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 976.399741][ T4960] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 976.417583][ T4922] em28xx 2-1:0.0: board has no eeprom [ 976.507715][ T4922] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 976.520874][ T4922] em28xx 2-1:0.0: dvb set to isoc mode. [ 976.556214][ T5055] em28xx 2-1:0.0: Binding DVB extension [ 976.588768][ T4922] usb 2-1: USB disconnect, device number 19 [ 976.595540][ T4922] em28xx 2-1:0.0: Disconnecting em28xx [ 976.618745][ T5145] usb 3-1: Failed to submit usb control message: -71 [ 976.636759][ T5145] usb 3-1: unable to send the bmi data to the device: -71 [ 976.647896][ T5145] usb 3-1: unable to get target info from device [ 976.655389][ T5145] usb 3-1: could not get target info (-71) [ 976.661820][ T5058] usb 3-1: USB disconnect, device number 20 [ 976.677298][ T5145] usb 3-1: could not probe fw (-71) [ 976.833704][ T5055] em28xx 2-1:0.0: Registering input extension [ 976.853530][ T4922] em28xx 2-1:0.0: Closing input extension [ 976.889308][ T4922] em28xx 2-1:0.0: Freeing device [ 977.019630][T24286] loop0: detected capacity change from 0 to 4096 [ 977.059051][T24286] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 977.076299][ T4960] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 977.270559][ T4960] usb 5-1: Using ep0 maxpacket: 32 [ 977.297097][ T4960] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 196, changing to 7 [ 977.320534][ T4960] usb 5-1: New USB device found, idVendor=0763, idProduct=1033, bcdDevice= 0.40 [ 977.330377][ T4960] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 977.338762][ T4960] usb 5-1: Product: syz [ 977.343058][ T4960] usb 5-1: Manufacturer: syz [ 977.348186][ T4960] usb 5-1: SerialNumber: syz [ 977.554708][ T4922] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 977.567006][ T4960] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 977.586450][ T4960] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 977.596553][ T4960] usb 5-1: unit 6 not found! [ 977.623923][ T4960] usb 5-1: USB disconnect, device number 25 [ 977.759889][ T4922] usb 3-1: Using ep0 maxpacket: 32 [ 977.767107][ T4922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 977.797353][ T4922] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 977.824529][ T4922] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 977.835089][ T4922] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 977.846513][T24292] loop1: detected capacity change from 0 to 32768 [ 977.848718][ T4922] usb 3-1: Product: syz [ 977.860742][ T4922] usb 3-1: Manufacturer: syz [ 977.873897][ T4922] usb 3-1: SerialNumber: syz [ 977.888762][ T4945] udevd[4945]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 977.906083][ T4922] usb 3-1: config 0 descriptor?? [ 977.915170][ T4922] hub 3-1:0.0: bad descriptor, ignoring hub [ 977.925690][T24292] JBD2: Unrecognised features on journal [ 977.931581][T24292] (syz.1.9125,24292,0):ocfs2_journal_load:1134 ERROR: Failed to load journal! [ 977.935483][ T4922] hub: probe of 3-1:0.0 failed with error -5 [ 977.941614][T24292] (syz.1.9125,24292,0):ocfs2_check_volume:2433 ERROR: ocfs2 journal load failed! -22 [ 977.956623][T24292] (syz.1.9125,24292,0):ocfs2_check_volume:2489 ERROR: status = -22 [ 977.964554][T24292] (syz.1.9125,24292,0):ocfs2_mount_volume:1821 ERROR: status = -22 [ 977.984975][T24292] (syz.1.9125,24292,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 978.092976][T24296] loop0: detected capacity change from 0 to 32768 [ 978.147697][T24296] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum" [ 978.191619][T24296] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)... [ 978.251922][T24296] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 18 extents in 0ms [ 978.291865][T24303] loop4: detected capacity change from 0 to 256 [ 978.333938][T24303] MINIX-fs: file system does not have enough zmap blocks allocated. Refusing to mount. [ 978.351059][ T4922] usb 3-1: USB disconnect, device number 21 [ 978.449786][T24303] MINIX-fs: bad superblock [ 978.531134][T24296] gfs2: fsid=statfs_quantum.s: first mount done, others may mount [ 978.582407][T24309] loop1: detected capacity change from 0 to 164 [ 978.610648][T24307] loop3: detected capacity change from 0 to 4096 [ 978.618632][T24307] ntfs: (device loop3): parse_options(): The case_sensitive option requires a boolean argument. [ 978.678752][ T8949] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 978.846288][T24313] IPv6: addrconf: prefix option has invalid lifetime [ 979.540173][T24335] loop4: detected capacity change from 0 to 128 [ 979.577900][T24335] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 979.607502][T24335] hpfs: filesystem error: improperly stopped [ 979.617780][T24335] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 979.627291][T24335] hpfs: You really don't want any checks? You are crazy... [ 979.646572][T24335] hpfs: hpfs_map_sector(): read error [ 979.656656][T24335] hpfs: code page support is disabled [ 979.667061][T24335] hpfs: hpfs_map_4sectors(): unaligned read [ 979.683992][T24335] hpfs: hpfs_map_4sectors(): unaligned read [ 979.698886][T24335] hpfs: filesystem error: unable to find root dir [ 979.832245][ T5055] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 979.876433][T24323] loop1: detected capacity change from 0 to 32768 [ 979.888718][T24326] loop2: detected capacity change from 0 to 40427 [ 979.910226][T24323] jfs_mount: dbMount failed w/rc = -22 [ 979.916983][T24323] Mount JFS Failure: -22 [ 979.925706][T24326] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff [ 979.935687][T24326] F2FS-fs (loop2): extra_attr or flexible_inline_xattr feature is off [ 979.960888][T24323] jfs_mount failed w/return code = -22 [ 980.027240][ T5055] usb 1-1: Using ep0 maxpacket: 32 [ 980.033122][T24323] Process accounting paused [ 980.034311][ T5055] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 980.109617][ T5055] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 980.160218][ T5055] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 980.205274][ T5055] usb 1-1: language id specifier not provided by device, defaulting to English [ 980.248132][ T5055] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 980.272192][ T5055] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 980.296981][ T5055] usb 1-1: Product: syz [ 980.301202][ T5055] usb 1-1: Manufacturer: ç³² [ 980.314680][ T5055] usb 1-1: SerialNumber: syz [ 980.435375][T24351] loop1: detected capacity change from 0 to 64 [ 980.479870][ T4988] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 980.554804][ T5055] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 980.572442][ T5055] cdc_ncm 1-1:1.0: bind() failure [ 980.592708][ T5055] usb 1-1: USB disconnect, device number 16 [ 980.676224][ T4988] usb 5-1: unable to get BOS descriptor or descriptor too short [ 980.690077][ T4988] usb 5-1: not running at top speed; connect to a high speed hub [ 980.705689][ T4988] usb 5-1: config 17 has an invalid interface number: 8 but max is 1 [ 980.717354][ T4988] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 980.732983][ T4988] usb 5-1: config 17 has no interface number 0 [ 980.741295][ T4988] usb 5-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 12408, setting to 64 [ 980.751628][T24345] loop2: detected capacity change from 0 to 32768 [ 980.757659][ T4988] usb 5-1: config 17 interface 8 has no altsetting 0 [ 980.772193][T24345] XFS: attr2 mount option is deprecated. [ 980.783310][ T4988] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 980.794907][ T4988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 980.804487][ T4988] usb 5-1: Product: syz [ 980.809461][ T4988] usb 5-1: Manufacturer: syz [ 980.814172][ T4988] usb 5-1: SerialNumber: syz [ 980.828839][T24345] XFS (loop2): Mounting V5 Filesystem [ 980.887716][T24345] XFS (loop2): Ending clean mount [ 980.927618][ T4960] usb 2-1: new full-speed USB device number 20 using dummy_hcd [ 980.954592][ T5068] XFS (loop2): Unmounting Filesystem [ 981.039679][ T4988] usb 5-1: selecting invalid altsetting 0 [ 981.087327][ T4988] usb 5-1: USB disconnect, device number 26 [ 981.133244][ T4960] usb 2-1: unable to get BOS descriptor or descriptor too short [ 981.168295][ T4960] usb 2-1: not running at top speed; connect to a high speed hub [ 981.188351][ T4960] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 254, changing to 4 [ 981.209258][ T4960] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 128, changing to 4 [ 981.233823][ T4960] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 981.266878][ T4960] usb 2-1: New USB device found, idVendor=1235, idProduct=8211, bcdDevice= 0.40 [ 981.285101][ T4960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 981.304141][ T4960] usb 2-1: Product: syz [ 981.308904][ T4960] usb 2-1: Manufacturer: syz [ 981.318424][ T4945] udevd[4945]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 981.334401][ T4960] usb 2-1: SerialNumber: syz [ 981.564301][T24375] loop0: detected capacity change from 0 to 128 [ 981.591042][T24375] affs: Unrecognized mount option "root=00000000&8000000023" or missing value [ 981.597043][ T4960] usb 2-1: BAAD HEADPHONE p_chmask mismatch [ 981.603242][T24375] affs: Error parsing options [ 981.648324][ T4960] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 981.693394][ T4960] usb 2-1: USB disconnect, device number 20 [ 981.728202][ T4945] udevd[4945]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 982.006269][T24389] befs: (loop4): invalid blocksize: 2066842815 [ 982.160482][ T4922] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 982.204290][T24393] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 982.221787][T24393] cramfs: wrong endianness [ 982.358695][ T4922] usb 1-1: Using ep0 maxpacket: 8 [ 982.378335][ T4922] usb 1-1: New USB device found, idVendor=046d, idProduct=08b0, bcdDevice=11.58 [ 982.409047][ T4922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.427984][ T4922] usb 1-1: Product: syz [ 982.438532][ T4922] usb 1-1: Manufacturer: syz [ 982.455861][ T4922] usb 1-1: SerialNumber: syz [ 982.490956][ T4922] usb 1-1: config 0 descriptor?? [ 982.512957][ T4922] pwc: Logitech QuickCam Pro 3000 USB webcam detected. [ 982.546871][T24387] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.9169 (24387) [ 982.597110][T24387] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 982.629948][T24387] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 982.655329][ T5055] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 982.661711][T24387] BTRFS info (device loop2): using free space tree [ 982.726890][ T4922] pwc: Failed to set LED on/off time (-71) [ 982.738212][ T4922] pwc: send_video_command error -71 [ 982.748665][ T4922] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 982.758937][ T4922] Philips webcam: probe of 1-1:0.0 failed with error -71 [ 982.794468][T24391] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.9171 (24391) [ 982.825229][ T4922] usb 1-1: USB disconnect, device number 17 [ 982.850664][ T5055] usb 2-1: Using ep0 maxpacket: 8 [ 982.859633][ T5055] usb 2-1: unable to get BOS descriptor or descriptor too short [ 982.900175][ T5055] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 254, changing to 7 [ 982.911763][T24391] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 982.924621][T24391] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 982.931339][T24397] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7 [ 982.958481][T24391] BTRFS info (device loop4): using free space tree [ 982.962364][ T5055] usb 2-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40 [ 982.975711][T24397] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff [ 982.986118][ T5055] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.989486][T24387] BTRFS info (device loop2): enabling ssd optimizations [ 982.995759][T24397] F2FS-fs (loop3): inline encryption not supported [ 983.011518][ T5055] usb 2-1: Product: syz [ 983.016672][ T5055] usb 2-1: Manufacturer: syz [ 983.029125][ T5055] usb 2-1: SerialNumber: syz [ 983.037888][T24397] F2FS-fs (loop3): invalid crc value [ 983.052941][T24397] F2FS-fs (loop3): Found nat_bits in checkpoint [ 983.156788][ T5068] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 983.196984][T24397] F2FS-fs (loop3): Start checkpoint disabled! [ 983.281654][ T5055] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 983.303953][T24397] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 983.350375][ T5055] usb 2-1: 2:1 : unknown format tag 0x7 is detected. processed as MPEG. [ 983.367281][T24391] BTRFS info (device loop4): enabling ssd optimizations [ 983.427589][ T5055] usb 2-1: found format II with max.bitrate = 65535, frame size=9 [ 983.476868][ T5055] usb 2-1: 2:1 : unknown format tag 0x7 is detected. processed as MPEG. [ 983.501211][ T5055] usb 2-1: found format II with max.bitrate = 65535, frame size=9 [ 983.638521][ T5055] usb 2-1: USB disconnect, device number 21 [ 983.869585][ T5070] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 984.268764][T24437] set_capacity_and_notify: 5 callbacks suppressed [ 984.268781][T24437] loop0: detected capacity change from 0 to 32768 [ 984.311739][T24437] (syz.0.9177,24437,0):ocfs2_get_clusters:606 ERROR: status = -34 [ 984.323103][T24437] (syz.0.9177,24437,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -34 [ 984.335178][T24437] (syz.0.9177,24437,0):ocfs2_map_slot_buffers:378 ERROR: status = -34 [ 984.343773][T24437] (syz.0.9177,24437,0):ocfs2_init_slot_info:426 ERROR: status = -34 [ 984.360227][T24437] (syz.0.9177,24437,0):ocfs2_initialize_super:2279 ERROR: status = -34 [ 984.369396][T24437] (syz.0.9177,24437,0):ocfs2_fill_super:1176 ERROR: status = -34 [ 984.731313][T24439] loop2: detected capacity change from 0 to 32768 [ 984.764289][T24439] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop2 scanned by syz.2.9175 (24439) [ 984.810358][ T4983] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 984.835823][T24439] BTRFS info (device loop2): first mount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 984.857193][T24439] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 984.880868][T24439] BTRFS info (device loop2): using free space tree [ 984.902926][T24443] loop3: detected capacity change from 0 to 32768 [ 984.945073][T24443] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 984.977017][T24443] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 985.000072][T24443] BTRFS info (device loop3): using free space tree [ 985.011291][ T5055] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 985.022239][ T4983] usb 2-1: config index 0 descriptor too short (expected 68, got 34) [ 985.041702][ T4983] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 985.051988][ T4983] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 985.070343][ T4983] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 985.080638][ T4983] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 985.089317][ T4983] usb 2-1: Product: syz [ 985.093730][ T4983] usb 2-1: Manufacturer: syz [ 985.098723][ T4983] usb 2-1: SerialNumber: syz [ 985.105908][ T4983] usb 2-1: config 0 descriptor?? [ 985.144668][T24439] BTRFS info (device loop2): enabling ssd optimizations [ 985.232611][ T5055] usb 1-1: Using ep0 maxpacket: 32 [ 985.240763][ T5055] usb 1-1: unable to get BOS descriptor or descriptor too short [ 985.303795][T24443] BTRFS info (device loop3): enabling ssd optimizations [ 985.311821][ T5055] usb 1-1: config 12 has an invalid interface number: 183 but max is 1 [ 985.342882][ T4983] imon_raw 2-1:0.0: IR endpoint missing [ 985.348523][ T5055] usb 1-1: config 12 has an invalid interface number: 229 but max is 1 [ 985.370039][ T5055] usb 1-1: config 12 has no interface number 0 [ 985.381098][ T5055] usb 1-1: config 12 has no interface number 1 [ 985.387319][ T5055] usb 1-1: config 12 interface 183 has no altsetting 0 [ 985.399761][ T5055] usb 1-1: config 12 interface 229 has no altsetting 0 [ 985.408238][ T5068] BTRFS info (device loop2): last unmount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 985.429585][ T5055] usb 1-1: New USB device found, idVendor=1415, idProduct=2000, bcdDevice=2b.98 [ 985.461482][ T5055] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 985.475124][ T4983] usb 2-1: USB disconnect, device number 22 [ 985.497402][ T5055] usb 1-1: Product: syz [ 985.501987][ T5055] usb 1-1: Manufacturer: syz [ 985.556321][ T5055] usb 1-1: SerialNumber: syz [ 985.557838][T24451] loop4: detected capacity change from 0 to 32768 [ 985.584678][T24451] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.9179 (24451) [ 985.844887][ T5055] usb 1-1: USB disconnect, device number 18 [ 985.865987][ T5074] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 985.898281][T24451] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 985.963362][T24451] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 985.974564][ T4945] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop3 scanned by udevd (4945) [ 985.987962][T24492] loop2: detected capacity change from 0 to 16 [ 986.008365][T24451] BTRFS info (device loop4): force zlib compression, level 3 [ 986.015818][T24451] BTRFS info (device loop4): use zlib compression, level 3 [ 986.054080][T24492] erofs: (device loop2): mounted with root inode @ nid 36. [ 986.073525][T24451] BTRFS info (device loop4): turning on async discard [ 986.122379][T24451] BTRFS info (device loop4): allowing degraded mounts [ 986.129245][T24451] BTRFS info (device loop4): enabling disk space caching [ 986.169836][T24451] BTRFS error (device loop4): support for check_integrity* not compiled in! [ 986.192212][T24451] BTRFS error (device loop4): cannot disable free space tree [ 986.325446][T24451] BTRFS error (device loop4): open_ctree failed: -22 [ 986.518805][T24499] loop2: detected capacity change from 0 to 128 [ 986.774403][T24504] loop2: detected capacity change from 0 to 16 [ 986.789709][T24505] loop4: detected capacity change from 0 to 16 [ 986.829642][T24505] erofs: (device loop4): mounted with root inode @ nid 36. [ 986.837378][T24504] erofs: (device loop2): mounted with root inode @ nid 36. [ 987.116497][T24509] loop4: detected capacity change from 0 to 512 [ 987.179610][T24509] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 987.314036][T24501] loop0: detected capacity change from 0 to 32768 [ 987.354199][T24501] jfs_mount: Mount Failure: File System Dirty. [ 987.360439][T24501] Mount JFS Failure: -22 [ 987.400429][T24512] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 987.409808][ T5070] EXT4-fs (loop4): unmounting filesystem. [ 987.602564][ T5068] EXT4-fs (loop2): unmounting filesystem. [ 987.806942][T24495] XFS (loop1): Mounting V5 Filesystem [ 987.923279][T24495] XFS (loop1): Ending clean mount [ 987.940039][T24507] BTRFS: device fsid ed4422de-dbc1-4dc1-8d60-3583f36c24cc devid 1 transid 8 /dev/loop3 scanned by syz.3.9192 (24507) [ 987.952536][ T4983] usb 5-1: new full-speed USB device number 27 using dummy_hcd [ 988.011855][T24495] XFS (loop1): Quotacheck needed: Please wait. [ 988.036776][T24507] BTRFS info (device loop3): first mount of filesystem ed4422de-dbc1-4dc1-8d60-3583f36c24cc [ 988.053182][T24530] 9pnet_fd: p9_fd_create_unix (24530): problem connecting socket: ./file0: -2 [ 988.070006][T24507] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 988.150517][T24507] BTRFS info (device loop3): using free space tree [ 988.172960][T24495] XFS (loop1): Quotacheck: Done. [ 988.196866][ T4983] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 988.236510][ T4983] usb 5-1: config 0 has no interface number 0 [ 988.289803][T24507] BTRFS info (device loop3): enabling ssd optimizations [ 988.304468][ T4983] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 988.341478][ T4983] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 988.416294][ T4983] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 988.449876][ T4983] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 988.458025][ T4983] usb 5-1: Product: syz [ 988.473545][ T4983] usb 5-1: SerialNumber: syz [ 988.493844][ T4983] usb 5-1: config 0 descriptor?? [ 988.500201][ T5074] BTRFS info (device loop3): last unmount of filesystem ed4422de-dbc1-4dc1-8d60-3583f36c24cc [ 988.514524][ T5078] XFS (loop1): Unmounting Filesystem [ 988.521773][ T4983] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 988.574972][ T4983] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input75 [ 988.770555][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.797840][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.823297][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.831068][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.858274][T24549] BTRFS: device fsid e5ec6bdf-b4e4-4163-9622-8db3a33753bd devid 1 transid 8 /dev/loop0 scanned by syz.0.9200 (24549) [ 988.871550][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.889813][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.917066][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.939429][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.979670][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 988.987032][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 989.074068][ T9676] usb 5-1: USB disconnect, device number 27 [ 989.080464][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 989.106322][T24549] BTRFS info (device loop0): first mount of filesystem e5ec6bdf-b4e4-4163-9622-8db3a33753bd [ 989.160172][T24549] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 989.206027][T24549] BTRFS info (device loop0): using free space tree [ 989.213592][ T9676] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 989.227903][T24557] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 989.346224][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 989.557593][T24549] BTRFS info (device loop0): enabling ssd optimizations [ 989.622133][T24581] set_capacity_and_notify: 5 callbacks suppressed [ 989.622150][T24581] loop4: detected capacity change from 0 to 512 [ 989.659547][ T5067] BTRFS info (device loop0): last unmount of filesystem e5ec6bdf-b4e4-4163-9622-8db3a33753bd [ 989.741622][T24581] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 989.792630][T24555] loop2: detected capacity change from 0 to 32768 [ 989.830331][T24555] gfs2: fsid=Ô±rÐÛ»ð_î [ 989.830331][T24555] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚: Trying to join cluster "lock_nolock", "Ô±rÐÛ»ð_î [ 989.830331][T24555] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚" [ 989.849225][T24555] gfs2: fsid=Ô±rÐÛ»ð_î [ 989.849225][T24555] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚: Now mounting FS (format 1801)... [ 989.903159][T24555] gfs2: fsid=Ô±rÐÛ»ð_î [ 989.903159][T24555] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚.s: journal 0 mapped with 5 extents in 0ms [ 989.928299][T24584] loop3: detected capacity change from 0 to 1024 [ 989.986937][T24584] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 989.998624][T24555] gfs2: fsid=Ô±rÐÛ»ð_î [ 989.998624][T24555] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚.s: first mount done, others may mount [ 990.424113][ T5070] EXT4-fs (loop4): unmounting filesystem. [ 990.432422][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 990.505165][T24589] loop0: detected capacity change from 0 to 512 [ 990.587590][T24589] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 990.656814][T24596] loop3: detected capacity change from 0 to 1024 [ 990.698633][T24597] loop4: detected capacity change from 0 to 1024 [ 990.755804][T24597] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 990.795815][T24596] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 990.867878][ T5067] EXT4-fs (loop0): unmounting filesystem. [ 990.993407][T24587] loop1: detected capacity change from 0 to 32768 [ 991.020991][ T5070] EXT4-fs (loop4): unmounting filesystem. [ 991.068022][T24587] BTRFS: device fsid f8fbafda-0237-42f9-bd6b-a83e6ac3fc88 devid 1 transid 8 /dev/loop1 scanned by syz.1.9201 (24587) [ 991.095764][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 991.118799][T24601] loop0: detected capacity change from 0 to 512 [ 991.147971][T24603] loop4: detected capacity change from 0 to 512 [ 991.202380][T24603] EXT4-fs (loop4): Unsupported blocksize for fs-verity [ 991.205220][T24587] BTRFS info (device loop1): first mount of filesystem f8fbafda-0237-42f9-bd6b-a83e6ac3fc88 [ 991.244546][T24587] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 991.286274][T24601] EXT4-fs (loop0): Unsupported blocksize for fs-verity [ 991.306967][T24587] BTRFS info (device loop1): using free space tree [ 991.318974][T24605] loop3: detected capacity change from 0 to 1024 [ 991.365556][T24591] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 scanned by syz.2.9209 (24591) [ 991.471080][T24591] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 991.495051][T24605] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 991.582268][T24591] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 991.621569][T24591] BTRFS info (device loop2): using free space tree [ 991.719387][T24587] BTRFS info (device loop1): enabling ssd optimizations [ 991.732581][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 991.813424][ T5078] BTRFS info (device loop1): last unmount of filesystem f8fbafda-0237-42f9-bd6b-a83e6ac3fc88 [ 992.007679][T24618] BTRFS: device fsid 4c645aab-a6bb-4c7f-acba-f49e7dbd8268 devid 1 transid 8 /dev/loop0 scanned by syz.0.9215 (24618) [ 992.063662][T24644] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 992.213406][T24614] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.9214 (24614) [ 992.239038][T24591] BTRFS info (device loop2): enabling ssd optimizations [ 992.314320][T24618] BTRFS info (device loop0): first mount of filesystem 4c645aab-a6bb-4c7f-acba-f49e7dbd8268 [ 992.336828][T24614] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 992.347889][T24618] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 992.376678][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 992.388371][T24618] BTRFS info (device loop0): using free space tree [ 992.440879][T24614] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 992.494902][ T2304] pvrusb2: request_firmware fatal error with code=-110 [ 992.512395][T24614] BTRFS info (device loop4): using free space tree [ 992.551230][ T2304] pvrusb2: Failure uploading firmware1 [ 992.605480][ T5068] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 992.620793][ T2304] pvrusb2: Device initialization was not successful. [ 992.698814][T24618] BTRFS info (device loop0): enabling ssd optimizations [ 992.733360][ T2304] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 992.746519][T24658] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 scanned by syz.1.9217 (24658) [ 992.810536][ T2304] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 992.871916][ T4347] pvrusb2: Device being rendered inoperable [ 993.178997][T24658] BTRFS info (device loop1): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 993.211151][ T5067] BTRFS info (device loop0): last unmount of filesystem 4c645aab-a6bb-4c7f-acba-f49e7dbd8268 [ 993.229621][T24658] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 993.244657][T24614] BTRFS info (device loop4): enabling ssd optimizations [ 993.284233][T24658] BTRFS info (device loop1): using free space tree [ 993.290938][ T8949] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 9 /dev/loop2 scanned by udevd (8949) [ 993.502104][T24663] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 993.547946][T24663] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 993.597460][T24663] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 993.633471][T24658] BTRFS info (device loop1): enabling ssd optimizations [ 993.699214][ T8754] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 993.716920][ T8754] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 993.834128][ T5070] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 994.056518][ T8754] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 317ms [ 994.071811][ T5078] BTRFS info (device loop1): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 994.138052][ T8754] gfs2: fsid=syz:syz.0: jid=0: Done [ 994.143335][T24663] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 994.641685][ T4945] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 9 /dev/loop1 scanned by udevd (4945) [ 995.649649][T24715] set_capacity_and_notify: 6 callbacks suppressed [ 995.649666][T24715] loop0: detected capacity change from 0 to 32768 [ 995.743365][T24715] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 995.781806][T24715] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 995.815035][T24715] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 995.849900][T24726] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 995.857790][T24726] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 995.874975][T24730] loop4: detected capacity change from 0 to 40427 [ 995.920068][T24730] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288) [ 995.976528][T24730] F2FS-fs (loop4): invalid crc value [ 996.014529][T24730] F2FS-fs (loop4): invalid crc value [ 996.041092][T24730] F2FS-fs (loop4): Failed to get valid F2FS checkpoint [ 996.059268][T24726] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 188ms [ 996.102960][T24726] gfs2: fsid=syz:syz.0: jid=0: Done [ 996.108248][T24715] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 997.422548][T24742] loop4: detected capacity change from 0 to 32768 [ 997.519763][T24742] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 997.554271][T24742] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 997.593689][T24742] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 997.629340][ T4960] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 997.636247][ T4960] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 997.852333][ T4960] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 202ms [ 997.866343][T24744] loop0: detected capacity change from 0 to 64 [ 997.877795][ T4960] gfs2: fsid=syz:syz.0: jid=0: Done [ 997.883081][T24742] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 998.856153][T24748] loop0: detected capacity change from 0 to 32768 [ 998.896544][T24748] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.9228 (24748) [ 998.964936][T24748] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 999.005452][T24748] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 999.040018][T24748] BTRFS info (device loop0): using free space tree [ 999.286249][T24763] loop4: detected capacity change from 0 to 512 [ 999.333695][T24763] EXT4-fs (loop4): Unsupported blocksize for fs-verity [ 999.446193][T24748] BTRFS info (device loop0): enabling ssd optimizations [ 999.663641][ T5067] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 999.771262][T24774] loop4: detected capacity change from 0 to 1024 [ 999.876908][T24776] loop3: detected capacity change from 0 to 1756 [ 1000.300252][T24770] loop2: detected capacity change from 0 to 32768 [ 1000.324922][T24770] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 8 /dev/loop2 scanned by syz.2.9231 (24770) [ 1000.361562][T24756] loop1: detected capacity change from 0 to 40427 [ 1000.407574][T24756] F2FS-fs (loop1): build fault injection attr: rate: 6, type: 0x3ffff [ 1000.413143][T24770] BTRFS info (device loop2): first mount of filesystem a830dcec-d20e-42dc-8160-bf13f3286f97 [ 1000.455429][T24756] F2FS-fs (loop1) : inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x18f/0x360 [ 1000.461408][T24770] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 1000.526758][ C0] F2FS-fs (loop1) : inject read IO error in f2fs_read_end_io of blk_update_request+0x593/0xe30 [ 1000.537874][T24756] F2FS-fs (loop1) : inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4175/0x6b40 [ 1000.556316][T24770] BTRFS info (device loop2): using free space tree [ 1000.565366][T24756] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-12) [ 1000.932565][T24770] BTRFS info (device loop2): enabling ssd optimizations [ 1001.121563][ T5068] BTRFS info (device loop2): last unmount of filesystem a830dcec-d20e-42dc-8160-bf13f3286f97 [ 1001.156199][ T5058] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 1001.362463][T24780] set_capacity_and_notify: 1 callbacks suppressed [ 1001.362479][T24780] loop3: detected capacity change from 0 to 32768 [ 1001.369371][ T5058] usb 2-1: Using ep0 maxpacket: 32 [ 1001.381130][ T4945] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 9 /dev/loop2 scanned by udevd (4945) [ 1001.417007][ T5058] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1001.437140][T24780] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 scanned by syz.3.9236 (24780) [ 1001.438624][ T5058] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 57752, setting to 1024 [ 1001.495995][ T5058] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice= 0.40 [ 1001.516441][ T5058] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1001.537911][ T5058] usb 2-1: Product: syz [ 1001.542542][ T5058] usb 2-1: Manufacturer: syz [ 1001.547161][ T5058] usb 2-1: SerialNumber: syz [ 1001.688817][T24780] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1001.733465][T24780] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1001.754331][T24780] BTRFS info (device loop3): using free space tree [ 1001.807288][ T5058] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 1001.834321][ T5058] usb 2-1: found format II with max.bitrate = 2568, frame size=7 [ 1001.867103][ T5058] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 1001.960658][ T5058] usb 2-1: USB disconnect, device number 23 [ 1002.098549][T24827] loop2: detected capacity change from 0 to 2 [ 1002.105395][T24827] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1002.169211][T24780] BTRFS info (device loop3): enabling ssd optimizations [ 1002.375271][ T5074] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1002.448188][T24832] loop2: detected capacity change from 0 to 21 [ 1002.467931][T24832] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1002.737463][T24836] loop1: detected capacity change from 0 to 64 [ 1003.112032][T24838] loop1: detected capacity change from 0 to 64 [ 1003.372475][T24842] loop1: detected capacity change from 0 to 64 [ 1003.521020][T24834] loop2: detected capacity change from 0 to 32768 [ 1003.571040][T24834] BTRFS: device fsid 18898830-c59e-4026-919d-fe1055706c2c devid 1 transid 8 /dev/loop2 scanned by syz.2.9244 (24834) [ 1003.635320][T24834] BTRFS info (device loop2): first mount of filesystem 18898830-c59e-4026-919d-fe1055706c2c [ 1003.670231][T24834] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 1003.702777][T24834] BTRFS info (device loop2): using free space tree [ 1004.068239][T24834] BTRFS info (device loop2): enabling ssd optimizations [ 1004.213620][ T5068] BTRFS info (device loop2): last unmount of filesystem 18898830-c59e-4026-919d-fe1055706c2c [ 1004.558740][ T4945] BTRFS: device fsid 18898830-c59e-4026-919d-fe1055706c2c devid 1 transid 9 /dev/loop2 scanned by udevd (4945) [ 1004.742402][T24864] loop0: detected capacity change from 0 to 2048 [ 1004.898472][T24864] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1005.120988][ T5067] EXT4-fs (loop0): unmounting filesystem. [ 1005.400093][T24874] loop0: detected capacity change from 0 to 2048 [ 1005.660993][T24876] loop0: detected capacity change from 0 to 128 [ 1005.716230][T24872] BTRFS: device fsid 100ef7e5-a5de-41f0-884c-a25b1c06c78a devid 1 transid 8 /dev/loop2 scanned by syz.2.9251 (24872) [ 1005.779960][T24872] BTRFS info (device loop2): first mount of filesystem 100ef7e5-a5de-41f0-884c-a25b1c06c78a [ 1005.824820][T24872] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 1005.875560][T24872] BTRFS info (device loop2): using free space tree [ 1006.165079][T24872] BTRFS info (device loop2): enabling ssd optimizations [ 1006.366365][ T5068] BTRFS info (device loop2): last unmount of filesystem 100ef7e5-a5de-41f0-884c-a25b1c06c78a [ 1006.977889][T24900] set_capacity_and_notify: 1 callbacks suppressed [ 1006.977905][T24900] loop2: detected capacity change from 0 to 128 [ 1007.215214][T24878] loop4: detected capacity change from 0 to 32768 [ 1007.250575][T24878] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 1007.258773][T24878] dlm: no local IP address has been set [ 1007.288788][T24903] loop3: detected capacity change from 0 to 2048 [ 1007.313528][T24878] dlm: cannot start dlm midcomms -107 [ 1007.319405][T24878] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 1007.578457][T24906] loop4: detected capacity change from 0 to 256 [ 1007.614064][T24908] loop3: detected capacity change from 0 to 128 [ 1007.996074][T24912] loop3: detected capacity change from 0 to 512 [ 1008.157047][T24914] loop1: detected capacity change from 0 to 2048 [ 1008.278470][T24916] loop3: detected capacity change from 0 to 256 [ 1008.448020][T24918] loop1: detected capacity change from 0 to 512 [ 1008.604800][T24904] loop2: detected capacity change from 0 to 32768 [ 1008.693098][T24904] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1008.713132][T24904] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1008.795003][T24904] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 6ms [ 1008.838952][ T4924] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1008.858979][ T4924] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1008.986202][ T4924] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms [ 1009.016527][ T4924] gfs2: fsid=syz:syz.0: jid=0: Done [ 1009.022109][T24904] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1009.361993][T24920] BTRFS: device fsid d09153a9-5497-4f31-8e52-d2d02bbdf7fc devid 1 transid 8 /dev/loop3 scanned by syz.3.9266 (24920) [ 1009.422393][T24920] BTRFS info (device loop3): first mount of filesystem d09153a9-5497-4f31-8e52-d2d02bbdf7fc [ 1009.464137][T24920] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 1009.503326][T24920] BTRFS info (device loop3): using free space tree [ 1009.857524][T24920] BTRFS info (device loop3): enabling ssd optimizations [ 1010.086771][ T5074] BTRFS info (device loop3): last unmount of filesystem d09153a9-5497-4f31-8e52-d2d02bbdf7fc [ 1010.366472][T24946] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 1011.134275][T24954] ntfs: volume version 3.1. [ 1011.192055][T24952] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 1011.625321][T24956] ntfs: volume version 3.1. [ 1011.712232][T24961] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1011.937765][T24960] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1013.174169][T24969] set_capacity_and_notify: 10 callbacks suppressed [ 1013.174186][T24969] loop4: detected capacity change from 0 to 32768 [ 1013.253690][T24969] (syz.4.9280,24969,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1013.268079][T24969] (syz.4.9280,24969,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 1013.406331][T24933] Process accounting resumed [ 1013.852080][T24967] loop0: detected capacity change from 0 to 65536 [ 1014.948406][T24975] loop1: detected capacity change from 0 to 32768 [ 1014.992430][T24975] (syz.1.9283,24975,1):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1015.033635][T24975] (syz.1.9283,24975,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 1015.048165][T24971] loop4: detected capacity change from 0 to 65536 [ 1015.074212][T24977] loop0: detected capacity change from 0 to 32768 [ 1015.135869][T24977] (syz.0.9284,24977,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1015.212847][T24977] (syz.0.9284,24977,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 1015.375293][T24980] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1015.636655][T24982] loop0: detected capacity change from 0 to 4096 [ 1015.756299][T24982] ntfs: volume version 3.1. [ 1015.895314][T24984] loop4: detected capacity change from 0 to 4096 [ 1016.010504][T24984] ntfs: volume version 3.1. [ 1016.305769][T24988] loop2: detected capacity change from 0 to 256 [ 1016.336907][T24979] loop1: detected capacity change from 0 to 32768 [ 1016.380704][T24979] (syz.1.9285,24979,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1016.431388][T24979] (syz.1.9285,24979,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 1016.530703][T11903] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1017.072852][T24992] loop3: detected capacity change from 0 to 16384 [ 1017.158969][T24995] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1017.414395][T24997] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1017.449282][T24997] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1017.459261][T24997] REISERFS (device loop1): using ordered data mode [ 1017.465885][T24997] reiserfs: using flush barriers [ 1017.545343][T24997] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1017.562118][T24997] REISERFS (device loop1): checking transaction log (loop1) [ 1017.796447][T24997] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 1017.881377][T24997] REISERFS error (device loop1): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 1017.925380][T24997] REISERFS (device loop1): Remounting filesystem read-only [ 1017.950628][T24997] REISERFS error (device loop1): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 1017.996981][T24997] REISERFS warning (device loop1): reiserfs_fill_super: corrupt root inode, run fsck [ 1018.096182][T24994] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 1018.119187][T24986] (syz.0.9288,24986,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1018.129906][T24994] dlm: no local IP address has been set [ 1018.144189][T24994] dlm: cannot start dlm midcomms -107 [ 1018.150538][T24994] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 1018.160777][T24986] (syz.0.9288,24986,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 1021.239251][T25006] set_capacity_and_notify: 4 callbacks suppressed [ 1021.239267][T25006] loop0: detected capacity change from 0 to 131072 [ 1021.291936][T25006] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1021.305588][T25008] loop2: detected capacity change from 0 to 131072 [ 1021.324209][T25004] loop1: detected capacity change from 0 to 131072 [ 1021.342030][T25006] REISERFS (device loop0): found reiserfs format "3.5" with standard journal [ 1021.353255][T25008] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1021.367448][T25006] REISERFS (device loop0): using ordered data mode [ 1021.376432][T25008] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 1021.385912][T25008] REISERFS (device loop2): using ordered data mode [ 1021.387675][T25004] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1021.394681][T25008] reiserfs: using flush barriers [ 1021.411904][T25008] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 1021.437342][T25008] REISERFS (device loop2): checking transaction log (loop2) [ 1021.446745][T25006] reiserfs: using flush barriers [ 1021.478441][T25006] REISERFS (device loop0): journal params: device loop0, size 8192, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 1021.529186][T25006] REISERFS (device loop0): checking transaction log (loop0) [ 1021.531954][T25004] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1021.585566][T25004] REISERFS (device loop1): using ordered data mode [ 1021.605723][T25004] reiserfs: using flush barriers [ 1021.636640][T25004] REISERFS warning (device loop1): journal-1256 journal_init: unable to get memory for journal structure [ 1021.701459][T25004] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 1024.518213][T25006] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 1024.568997][T25006] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 8211. Fsck? [ 1024.606706][T25006] REISERFS (device loop0): Remounting filesystem read-only [ 1024.654165][T25006] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 1024.695169][T25006] REISERFS warning (device loop0): reiserfs_fill_super: corrupt root inode, run fsck [ 1024.836174][T25019] loop4: detected capacity change from 0 to 4096 [ 1024.916086][T25019] ntfs: volume version 3.1. [ 1025.425245][T25015] loop3: detected capacity change from 0 to 131072 [ 1025.466998][T25015] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1025.598515][T25015] REISERFS (device loop3): found reiserfs format "3.5" with standard journal [ 1025.626479][T25015] REISERFS (device loop3): using ordered data mode [ 1025.643887][T25015] reiserfs: using flush barriers [ 1025.658798][T25015] REISERFS (device loop3): journal params: device loop3, size 8192, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 1025.697982][T25015] REISERFS warning (device loop3): journal-2004 journal_init: Journal cnode memory allocation failed (1179648 bytes). Journal is too large for available memory. Usually this is due to a journal that is too large. [ 1025.777800][T25015] REISERFS warning (device loop3): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 1025.880171][T25017] loop1: detected capacity change from 0 to 131072 [ 1025.935772][T25017] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1025.973777][T25017] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1026.011569][T25017] REISERFS (device loop1): using ordered data mode [ 1026.018309][T25017] reiserfs: using flush barriers [ 1026.042864][T25017] REISERFS (device loop1): journal params: device loop1, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 1026.137928][T25017] REISERFS (device loop1): checking transaction log (loop1) [ 1027.167989][T25008] REISERFS (device loop2): Using rupasov hash to sort names [ 1027.175675][T25008] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 1028.382653][T25026] loop0: detected capacity change from 0 to 65536 [ 1028.635659][T25028] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1029.372507][T25032] loop4: detected capacity change from 0 to 3 [ 1029.418005][T25032] syz.4.9308: attempt to access beyond end of device [ 1029.418005][T25032] loop4: rw=2048, sector=0, nr_sectors = 8 limit=3 [ 1029.485392][T25032] SQUASHFS error: Failed to read block 0x0: -5 [ 1029.500782][T25032] unable to read squashfs_super_block [ 1030.137509][T25036] loop2: detected capacity change from 0 to 8 [ 1030.382493][T25038] loop2: detected capacity change from 0 to 256 [ 1030.450299][T25038] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1030.503848][T25038] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 1030.557277][T25038] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 1030.564987][T25038] UDF-fs: Scanning with blocksize 512 failed [ 1030.625662][T25034] loop4: detected capacity change from 0 to 32768 [ 1030.658183][T25038] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1030.686897][T25034] (syz.4.9309,25034,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 1030.707590][T25034] (syz.4.9309,25034,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 1030.712005][T25038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1031.015728][T25042] loop2: detected capacity change from 0 to 256 [ 1031.112473][T25042] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1031.176359][T25042] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1031.274667][T25046] loop3: detected capacity change from 0 to 128 [ 1032.111465][T25017] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 1032.147635][T25017] REISERFS error (device loop1): vs-5150 search_by_key: invalid format found in block 15767. Fsck? [ 1032.180050][T25017] REISERFS (device loop1): Remounting filesystem read-only [ 1032.187314][T25017] REISERFS error (device loop1): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 1032.255582][T25017] REISERFS warning (device loop1): reiserfs_fill_super: corrupt root inode, run fsck [ 1033.175119][T25055] loop0: detected capacity change from 0 to 16384 [ 1033.224336][T25055] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 1033.250876][T25055] UDF-fs: Scanning with blocksize 512 failed [ 1033.283137][T25055] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 1033.290594][T25055] UDF-fs: Scanning with blocksize 1024 failed [ 1033.341255][T25055] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 1033.372823][T25055] UDF-fs: Scanning with blocksize 2048 failed [ 1033.419665][T25055] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1033.841738][T25058] loop0: detected capacity change from 0 to 8192 [ 1035.310760][T25066] loop4: detected capacity change from 0 to 2048 [ 1035.816406][T25062] loop0: detected capacity change from 0 to 65536 [ 1035.995329][T25062] XFS (loop0): Mounting V5 Filesystem [ 1036.145055][T25062] XFS (loop0): Ending clean mount [ 1036.264101][ T5067] XFS (loop0): Unmounting Filesystem [ 1036.277524][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1036.283892][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1036.665129][T25071] loop3: detected capacity change from 0 to 32768 [ 1036.772026][T25071] XFS (loop3): Mounting V5 Filesystem [ 1036.877845][T25071] XFS (loop3): Ending clean mount [ 1036.992418][ T5074] XFS (loop3): Unmounting Filesystem [ 1037.600060][T25068] loop4: detected capacity change from 0 to 65536 [ 1037.744894][T25068] XFS (loop4): Mounting V5 Filesystem [ 1037.818238][T25068] XFS (loop4): Ending clean mount [ 1037.862962][T25074] loop2: detected capacity change from 0 to 65536 [ 1037.968538][ T5070] XFS (loop4): Unmounting Filesystem [ 1038.062065][T25074] XFS (loop2): Deprecated V4 format (crc=0) not supported by kernel. [ 1039.372520][T25108] loop2: detected capacity change from 0 to 32768 [ 1039.497298][T25108] XFS (loop2): Mounting V5 Filesystem [ 1039.635608][T25108] XFS (loop2): Ending clean mount [ 1039.830528][ T5068] XFS (loop2): Unmounting Filesystem [ 1039.995315][T25110] loop4: detected capacity change from 0 to 32768 [ 1040.117465][T25110] XFS (loop4): Mounting V5 Filesystem [ 1040.277548][T25110] XFS (loop4): Ending clean mount [ 1040.433996][ T5070] XFS (loop4): Unmounting Filesystem [ 1040.549610][T25098] loop3: detected capacity change from 0 to 131072 [ 1040.659003][T25098] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1040.707894][T25098] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 1040.756542][T25098] REISERFS (device loop3): using ordered data mode [ 1040.764113][T25098] reiserfs: using flush barriers [ 1040.815503][T25098] REISERFS (device loop3): journal params: device loop3, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 1040.926643][T25098] REISERFS (device loop3): checking transaction log (loop3) [ 1044.883925][T25144] loop0: detected capacity change from 0 to 256 [ 1044.939200][T25144] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1044.986042][T25144] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 1045.029990][T25144] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 1045.041323][T25144] UDF-fs: Scanning with blocksize 512 failed [ 1045.067472][T25144] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1045.115381][T25144] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1046.691519][T25140] loop1: detected capacity change from 0 to 131072 [ 1046.769453][T25140] XFS (loop1): Mounting V5 Filesystem [ 1046.844253][T25140] XFS (loop1): Ending clean mount [ 1046.906959][T25098] REISERFS (device loop3): Using r5 hash to sort names [ 1046.953336][T25098] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 1046.992517][T25140] Process accounting paused [ 1047.029483][ T5078] XFS (loop1): Unmounting Filesystem [ 1049.772463][T25174] loop2: detected capacity change from 0 to 32768 [ 1049.820739][T25196] netlink: 1 bytes leftover after parsing attributes in process `syz.1.9360'. [ 1050.018977][T25203] xt_NFQUEUE: number of total queues is 0 [ 1050.177117][T25206] loop3: detected capacity change from 0 to 512 [ 1050.453806][T25221] loop0: detected capacity change from 0 to 16 [ 1050.485030][T25221] erofs: (device loop0): mounted with root inode @ nid 36. [ 1050.526560][T25221] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 1050.593980][T25221] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -38 in[52, 4044] out[1851] [ 1050.642805][T25221] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 1050.803858][T25231] delete_channel: no stack [ 1050.947502][T25236] loop2: detected capacity change from 0 to 256 [ 1050.998399][T25236] FAT-fs (loop2): Directory bread(block 64) failed [ 1051.032280][T25236] FAT-fs (loop2): Directory bread(block 65) failed [ 1051.065192][T25236] FAT-fs (loop2): Directory bread(block 66) failed [ 1051.083895][T25243] loop3: detected capacity change from 0 to 2048 [ 1051.087064][T25236] FAT-fs (loop2): Directory bread(block 67) failed [ 1051.117243][T25236] FAT-fs (loop2): Directory bread(block 68) failed [ 1051.163742][T25236] FAT-fs (loop2): Directory bread(block 69) failed [ 1051.196573][T25236] FAT-fs (loop2): Directory bread(block 70) failed [ 1051.248528][T25236] FAT-fs (loop2): Directory bread(block 71) failed [ 1051.278869][T25236] FAT-fs (loop2): Directory bread(block 72) failed [ 1051.289940][T25249] ipt_rpfilter: unknown options [ 1051.308406][T25236] FAT-fs (loop2): Directory bread(block 73) failed [ 1051.477271][ T27] audit: type=1326 audit(50296194.432:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25250 comm="syz.0.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1051.583754][ T27] audit: type=1326 audit(50296194.432:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25250 comm="syz.0.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1051.606404][ C0] vkms_vblank_simulate: vblank timer overrun [ 1051.683140][ T27] audit: type=1326 audit(50296194.432:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25250 comm="syz.0.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1051.753999][T25261] netlink: 'syz.1.9391': attribute type 21 has an invalid length. [ 1051.754608][ T27] audit: type=1326 audit(50296194.432:46): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=25250 comm="syz.0.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1051.782026][T25261] netlink: 144 bytes leftover after parsing attributes in process `syz.1.9391'. [ 1051.784751][ C0] vkms_vblank_simulate: vblank timer overrun [ 1051.806168][ T27] audit: type=1326 audit(50296194.432:47): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=25250 comm="syz.0.9386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1051.846977][T25265] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9394'. [ 1051.856521][T25265] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9394'. [ 1051.866234][T25265] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9394'. [ 1052.176549][T25275] netlink: 96 bytes leftover after parsing attributes in process `syz.3.9397'. [ 1052.223480][T25275] netlink: 658 bytes leftover after parsing attributes in process `syz.3.9397'. [ 1052.533101][T25292] loop2: detected capacity change from 0 to 128 [ 1052.550880][T25292] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1052.598867][T25292] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1052.709254][T25299] ipt_rpfilter: unknown options [ 1052.918662][T25305] loop2: detected capacity change from 0 to 512 [ 1052.948956][T25305] EXT4-fs: Ignoring removed mblk_io_submit option [ 1053.023472][T25305] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1053.055867][T25305] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 1053.124880][T25305] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.9413: attempt to clear invalid blocks 2 len 1 [ 1053.200720][T25305] EXT4-fs (loop2): Remounting filesystem read-only [ 1053.208037][T25305] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1053.246850][T25305] EXT4-fs (loop2): Remounting filesystem read-only [ 1053.256768][T25305] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.9413: invalid indirect mapped block 1819239214 (level 0) [ 1053.261759][ T4924] usb 4-1: new high-speed USB device number 127 using dummy_hcd [ 1053.298893][T25305] EXT4-fs (loop2): Remounting filesystem read-only [ 1053.333537][T25305] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.9413: invalid indirect mapped block 1819239214 (level 1) [ 1053.373958][T25305] EXT4-fs (loop2): Remounting filesystem read-only [ 1053.394389][T25305] EXT4-fs (loop2): 1 truncate cleaned up [ 1053.400116][T25305] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1053.404576][T25324] loop4: detected capacity change from 0 to 512 [ 1053.492653][T25324] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1053.503697][T25328] loop1: detected capacity change from 0 to 128 [ 1053.530565][ T4924] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1053.534452][T25328] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1053.571668][ T4924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1053.581174][ T5068] EXT4-fs (loop2): unmounting filesystem. [ 1053.603079][T25324] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1053.613425][ T4924] usb 4-1: config 0 descriptor?? [ 1053.633597][T25328] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1053.638707][ T4924] cp210x 4-1:0.0: cp210x converter detected [ 1053.715481][T25330] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1053.750464][T25324] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.9422: invalid indirect mapped block 4294967295 (level 1) [ 1053.794662][T25334] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1053.881665][T25324] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.9422: invalid indirect mapped block 4294967295 (level 1) [ 1053.951783][T25324] EXT4-fs (loop4): 2 truncates cleaned up [ 1053.966279][T25324] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1054.073838][ T4924] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -71 [ 1054.104076][ T4924] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1054.124826][ T4924] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 1054.161330][ T4924] usb 4-1: cp210x converter now attached to ttyUSB0 [ 1054.173236][ T5070] EXT4-fs (loop4): unmounting filesystem. [ 1054.217112][ T4924] usb 4-1: USB disconnect, device number 127 [ 1054.231785][ T4924] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1054.281837][ T4924] cp210x 4-1:0.0: device disconnected [ 1054.317674][T25348] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (253) [ 1054.365119][T25352] loop0: detected capacity change from 0 to 512 [ 1054.445897][T25352] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1054.490277][T25352] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #15: comm syz.0.9436: corrupted xattr block 32 [ 1054.717806][ T5067] EXT4-fs (loop0): unmounting filesystem. [ 1055.403868][ T27] audit: type=1326 audit(50296198.098:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25397 comm="syz.4.9457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1055.487752][ T27] audit: type=1326 audit(50296198.098:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25397 comm="syz.4.9457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1055.577438][ T27] audit: type=1326 audit(50296198.098:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25397 comm="syz.4.9457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1055.659703][ T27] audit: type=1326 audit(50296198.098:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25397 comm="syz.4.9457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1055.901730][T25414] loop1: detected capacity change from 0 to 4096 [ 1056.082039][T25414] ntfs3: loop1: no free space to extend mft [ 1056.158917][T25427] program syz.4.9471 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1056.192871][ T27] audit: type=1326 audit(50296198.837:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25429 comm="syz.2.9473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bfbb9c799 code=0x7ffc0000 [ 1056.333231][T25432] netlink: 'syz.0.9474': attribute type 1 has an invalid length. [ 1056.380361][T25432] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9474'. [ 1056.412195][T25436] netlink: 'syz.3.9475': attribute type 1 has an invalid length. [ 1056.464495][T25440] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9477'. [ 1056.724387][T25449] printk: syz.4.9483 (25449): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated). [ 1057.048000][T25458] loop3: detected capacity change from 0 to 4096 [ 1057.063163][T25465] ieee802154 phy0 wpan0: encryption failed: -22 [ 1057.405112][T25458] ntfs3: loop3: no free space to extend mft [ 1057.441266][T25475] comedi comedi4: bad chanlist[0]=0x0000000a chan=10 range length=2 [ 1057.675424][T25482] loop3: detected capacity change from 0 to 1024 [ 1057.832844][ T5092] hfsplus: b-tree write err: -5, ino 25 [ 1057.843708][ T5092] hfsplus: b-tree write err: -5, ino 4 [ 1057.865393][ T5092] hfsplus: b-tree write err: -5, ino 2 [ 1058.064092][T25498] netlink: 36 bytes leftover after parsing attributes in process `syz.0.9506'. [ 1058.318412][T24724] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 1058.382450][ T4924] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1058.447157][T25518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9515'. [ 1058.475697][T25518] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1058.521576][T24724] usb 4-1: Using ep0 maxpacket: 8 [ 1058.529702][T24724] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1058.562835][T24724] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1058.596711][ T4924] usb 3-1: Using ep0 maxpacket: 16 [ 1058.601072][T24724] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1058.607543][ T4924] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1058.644087][T24724] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1058.660394][ T4924] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1058.687803][T24724] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1058.692155][ T4924] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 1058.708181][T24724] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1058.734847][T24724] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1058.741696][ T4924] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1058.783783][ T4924] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1058.791638][T24724] usb 4-1: config 0 descriptor?? [ 1058.810890][ T4924] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1058.824851][T25495] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1058.829888][ T4924] usb 3-1: Product: syz [ 1058.863553][ T4924] usb 3-1: Manufacturer: syz [ 1058.875704][ T4924] usb 3-1: SerialNumber: syz [ 1059.083467][T25536] ipt_CLUSTERIP: unknown mode 3 [ 1059.146416][T25539] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1059.152834][ C0] Bluetooth: hci5: Unexpected continuation: 1 bytes [ 1059.162508][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.176100][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.182996][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.190070][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.196982][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.203829][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.210724][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.218883][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.225745][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.232640][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.239739][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.246590][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.259018][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.265983][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.272891][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.279736][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.286836][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.293814][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.300660][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.307890][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.316652][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.324153][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.331521][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.338431][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.345354][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.352177][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.359113][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.366133][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.372984][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1059.428320][ T4924] usb 3-1: 0:2 : does not exist [ 1059.450289][ T4924] usb 3-1: USB disconnect, device number 22 [ 1059.580811][T24724] usb 4-1: USB disconnect, device number 2 [ 1059.586747][ T5077] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 1059.687615][ T4945] udevd[4945]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1059.889377][T25560] tipc: Can't bind to reserved service type 2 [ 1059.959037][T25564] loop4: detected capacity change from 0 to 1024 [ 1059.995542][T25564] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 1060.021241][T25566] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 1060.042542][T25564] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1060.062680][T25564] EXT4-fs (loop4): unmounting filesystem. [ 1060.489138][T25584] loop1: detected capacity change from 0 to 2048 [ 1060.574363][T25584] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1060.674694][T25594] netlink: 88 bytes leftover after parsing attributes in process `syz.0.9553'. [ 1060.825276][T25600] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1061.397244][ T9859] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 1061.525938][T25632] loop2: detected capacity change from 0 to 128 [ 1061.610996][ T9859] usb 5-1: Using ep0 maxpacket: 32 [ 1061.624641][ T9859] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 1061.653787][ T9859] usb 5-1: config 0 has no interface number 0 [ 1061.659942][ T9859] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1061.736716][ T9859] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 1061.745727][T25640] loop3: detected capacity change from 0 to 1024 [ 1061.767709][ T9859] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1061.784110][T25640] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 1061.810219][ T9859] usb 5-1: Product: syz [ 1061.832303][T25640] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1061.845899][T25640] EXT4-fs (loop3): unmounting filesystem. [ 1061.862580][ T9859] usb 5-1: Manufacturer: syz [ 1061.869858][ T9859] usb 5-1: SerialNumber: syz [ 1061.901802][ T9859] usb 5-1: config 0 descriptor?? [ 1061.918069][ T9859] radio-si470x 5-1:0.35: could not find interrupt in endpoint [ 1061.962903][ T9859] radio-si470x: probe of 5-1:0.35 failed with error -5 [ 1062.127064][ T9859] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 1062.161234][T25655] loop0: detected capacity change from 0 to 2048 [ 1062.239728][T25660] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1062.360664][ T9859] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71) [ 1062.376703][ T9859] radio-raremono 5-1:0.35: V4L2 device registered as radio48 [ 1062.402955][T25655] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 1062.412866][T24724] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 1062.413448][ T9859] usb 5-1: USB disconnect, device number 28 [ 1062.430538][T25655] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16) [ 1062.455635][ T9859] radio-raremono 5-1:0.35: Thanko's Raremono disconnected [ 1062.498777][T25655] Remounting filesystem read-only [ 1062.509443][T25655] NILFS (loop0): error -5 truncating bmap (ino=16) [ 1062.617726][T24724] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1062.635810][T24724] usb 4-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 1062.645204][T24724] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1062.656527][T24724] usb 4-1: config 0 descriptor?? [ 1062.666263][T25671] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9590'. [ 1062.771606][ T5067] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 1062.945538][T25677] xt_cluster: node mask cannot exceed total number of nodes [ 1063.107132][T24724] usb 4-1: USB disconnect, device number 3 [ 1063.331549][T25693] loop0: detected capacity change from 0 to 164 [ 1063.758310][ T27] kauditd_printk_skb: 7 callbacks suppressed [ 1063.758326][ T27] audit: type=1326 audit(50296205.909:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25708 comm="syz.4.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1063.858135][ T27] audit: type=1326 audit(50296205.909:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25708 comm="syz.4.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1063.894363][ T27] audit: type=1326 audit(50296205.965:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25708 comm="syz.4.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1063.971730][ T27] audit: type=1326 audit(50296205.965:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25708 comm="syz.4.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1064.032848][T25722] loop4: detected capacity change from 0 to 128 [ 1064.073570][ T27] audit: type=1326 audit(50296205.965:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25708 comm="syz.4.9610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47ca59c799 code=0x7ffc0000 [ 1064.487554][T25739] loop3: detected capacity change from 0 to 8 [ 1064.531467][T25739] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1064.557525][ T4945] udevd[4945]: incorrect cramfs checksum on /dev/loop3 [ 1064.601782][T25739] cramfs: bad data blocksize 4294950552 [ 1064.632954][T25739] cramfs: bad data blocksize 4294950552 [ 1064.697081][ T27] audit: type=1800 audit(50296206.788:65): pid=25739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.9624" name="file2" dev="loop3" ino=16732 res=0 errno=0 [ 1064.762554][T25747] loop4: detected capacity change from 0 to 128 [ 1064.813595][T25747] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1064.888655][T25747] hpfs: filesystem error: improperly stopped [ 1064.941840][T25747] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1064.970009][T25747] hpfs: You really don't want any checks? You are crazy... [ 1064.977766][T25747] hpfs: hpfs_map_sector(): read error [ 1064.983231][T25747] hpfs: code page support is disabled [ 1064.988796][T25747] hpfs: hpfs_map_4sectors(): unaligned read [ 1064.995123][T25747] hpfs: hpfs_map_4sectors(): unaligned read [ 1065.001997][T25747] hpfs: filesystem error: unable to find root dir [ 1065.060468][T25747] hpfs: bad mount options. [ 1065.204026][T25729] loop0: detected capacity change from 0 to 32768 [ 1065.231948][T25729] jfs_lookup: dtSearch returned -5 [ 1065.257535][T24724] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 1065.457474][T25764] x_tables: duplicate underflow at hook 1 [ 1065.464889][T24724] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1065.496874][T24724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1065.545138][T24724] usb 3-1: config 0 descriptor?? [ 1065.561832][T25767] loop3: detected capacity change from 0 to 64 [ 1065.569359][T24724] cp210x 3-1:0.0: cp210x converter detected [ 1065.715143][T25770] x_tables: duplicate entry at hook 1 [ 1065.948196][T25773] netlink: zone id is out of range [ 1065.986091][T24724] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -71 [ 1066.010271][T24724] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1066.035566][T24724] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1066.066054][T24724] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1066.102409][T24724] usb 3-1: USB disconnect, device number 23 [ 1066.146075][T24724] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1066.164648][T25781] loop0: detected capacity change from 0 to 128 [ 1066.184822][T24724] cp210x 3-1:0.0: device disconnected [ 1066.235080][T25781] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1066.256282][T25781] hpfs: filesystem error: improperly stopped [ 1066.304916][T25781] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1066.340121][T25781] hpfs: You really don't want any checks? You are crazy... [ 1066.387535][T25781] hpfs: hpfs_map_sector(): read error [ 1066.415757][T25781] hpfs: code page support is disabled [ 1066.421322][T25781] hpfs: hpfs_map_4sectors(): unaligned read [ 1066.435747][T25781] hpfs: hpfs_map_4sectors(): unaligned read [ 1066.466001][T25781] hpfs: filesystem error: unable to find root dir [ 1066.539770][T25781] hpfs: bad mount options. [ 1066.788934][T25797] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 1066.912376][T25805] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9657'. [ 1066.925333][T25805] netlink: 76 bytes leftover after parsing attributes in process `syz.4.9657'. [ 1067.285988][T25807] set_capacity_and_notify: 2 callbacks suppressed [ 1067.286004][T25807] loop0: detected capacity change from 0 to 4096 [ 1067.310129][T25816] loop4: detected capacity change from 0 to 256 [ 1067.337538][T25807] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1067.358893][T25813] device wlan0 entered promiscuous mode [ 1067.512246][T25807] ntfs3: loop0: ntfs_sync_fs r=1a failed, -22. [ 1067.518685][T25807] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1067.588260][T25807] ntfs3: loop0: ntfs_evict_inode r=1a failed, -22. [ 1068.460674][T25857] loop3: detected capacity change from 0 to 2048 [ 1068.494428][T25862] nft_compat: unsupported protocol 1 [ 1068.502515][T25863] netlink: 'syz.2.9682': attribute type 2 has an invalid length. [ 1068.557844][T25857] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1069.013282][T25883] ipt_CLUSTERIP: bad local_nodes[0] 0 [ 1069.019689][T24724] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 1069.120077][T25881] loop0: detected capacity change from 0 to 4096 [ 1069.176271][T25881] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1069.217485][T25881] ntfs3: loop0: Failed to load $MFT. [ 1069.233643][T24724] usb 2-1: Using ep0 maxpacket: 8 [ 1069.240781][T24724] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1069.285092][T24724] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1069.322809][T24724] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1069.388739][T24724] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1069.428073][ T27] audit: type=1326 audit(50296211.222:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1069.440164][T24724] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1069.483930][ T27] audit: type=1326 audit(50296211.241:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1069.498506][T24724] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1069.553839][T24724] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1069.572430][ T27] audit: type=1326 audit(50296211.241:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1069.617092][T24724] usb 2-1: config 0 descriptor?? [ 1069.640396][T25869] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1069.646740][ T27] audit: type=1326 audit(50296211.241:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1069.762203][T25879] loop2: detected capacity change from 0 to 32768 [ 1069.788417][T25902] xt_hashlimit: size too large, truncated to 1048576 [ 1069.791847][T25879] [ 1069.791847][T25879] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1069.791847][T25879] [ 1069.820204][ T27] audit: type=1326 audit(50296211.250:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1069.914583][ T27] audit: type=1326 audit(50296211.250:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1070.015704][ T27] audit: type=1326 audit(50296211.250:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25897 comm="syz.3.9700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fdb1479c799 code=0x7ffc0000 [ 1070.120019][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.120151][ C0] Bluetooth: hci5: Unexpected continuation: 1 bytes [ 1070.128561][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.140597][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.149720][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.157254][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.164872][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.171692][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.178876][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.186249][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.193208][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.200543][T24724] usb 5-1: new full-speed USB device number 29 using dummy_hcd [ 1070.200899][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.215085][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.222517][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.224320][ T5068] [ 1070.224320][ T5068] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1070.224320][ T5068] [ 1070.229904][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.247577][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.254627][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.262045][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.269437][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.276483][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.283491][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.290446][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.297617][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.304585][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.311501][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.318557][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.325937][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.332865][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.339903][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.346779][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1070.354660][ T5068] [ 1070.354660][ T5068] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1070.354660][ T5068] [ 1070.416948][ T5077] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 1070.417272][ T5058] usb 2-1: USB disconnect, device number 24 [ 1070.466227][T24724] usb 5-1: config 8 has an invalid interface number: 177 but max is 0 [ 1070.495084][T24724] usb 5-1: config 8 has no interface number 0 [ 1070.520684][T24724] usb 5-1: config 8 interface 177 altsetting 9 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 1070.587069][T24724] usb 5-1: config 8 interface 177 altsetting 9 endpoint 0x2 has invalid maxpacket 512, setting to 64 [ 1070.624202][T24724] usb 5-1: config 8 interface 177 has no altsetting 0 [ 1070.652744][T24724] usb 5-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1 [ 1070.700887][T24724] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1070.728979][T25904] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1070.747646][T25904] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1070.765796][ C0] ir_toy 5-1:8.177: out urb status: -71 [ 1070.885811][T25924] loop2: detected capacity change from 0 to 512 [ 1070.977429][T25924] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1071.027108][T25924] EXT4-fs: Cannot specify journal on remount [ 1071.170289][ T5068] EXT4-fs (loop2): unmounting filesystem. [ 1071.307490][T24724] ir_toy 5-1:8.177: could not write reset command: -110 [ 1071.314954][T24724] ir_toy: probe of 5-1:8.177 failed with error -110 [ 1071.354530][T24724] usb 5-1: USB disconnect, device number 29 [ 1071.432711][T25941] device wlan0 entered promiscuous mode [ 1072.101492][T25970] device wlan0 entered promiscuous mode [ 1072.208688][T25975] loop3: detected capacity change from 0 to 4096 [ 1072.331012][T25983] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 1072.397762][T24724] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 1072.469342][T25988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9743'. [ 1072.598485][T25991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1072.633280][T24724] usb 5-1: Using ep0 maxpacket: 8 [ 1072.646424][T24724] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 1072.663142][T24724] usb 5-1: config 0 has no interface number 0 [ 1072.680601][T24724] usb 5-1: config 0 interface 1 has no altsetting 0 [ 1072.688914][T25995] netlink: 'syz.2.9747': attribute type 7 has an invalid length. [ 1072.704572][T24724] usb 5-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f [ 1072.721263][T25991] bridge0: port 1(bridge_slave_0) entered disabled state [ 1072.734175][T24724] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1072.744629][T24724] usb 5-1: Product: syz [ 1072.748829][T24724] usb 5-1: Manufacturer: syz [ 1072.757681][T24724] usb 5-1: SerialNumber: syz [ 1072.767079][T24724] usb 5-1: config 0 descriptor?? [ 1072.780718][T25991] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1073.004279][T24724] i2c-cp2615: probe of 5-1:0.1 failed with error -22 [ 1073.130356][T26010] loop2: detected capacity change from 0 to 4096 [ 1073.236792][T24725] usb 5-1: USB disconnect, device number 30 [ 1073.817533][T26040] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9769'. [ 1074.160477][T26050] loop1: detected capacity change from 0 to 2048 [ 1074.241842][T26057] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1074.591746][ T22] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 1074.667944][T26073] loop4: detected capacity change from 0 to 1024 [ 1074.704085][T26075] loop2: detected capacity change from 0 to 1024 [ 1074.798566][T26073] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1074.814083][ T22] usb 1-1: Using ep0 maxpacket: 8 [ 1074.826447][ T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1074.850321][T26075] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1074.891634][ T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1074.915470][ T22] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1074.931517][ T4986] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 1074.936393][ T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1074.968000][ T22] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1074.978440][ T22] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1074.981686][ T5070] EXT4-fs (loop4): unmounting filesystem. [ 1074.987720][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1075.002951][ T22] usb 1-1: config 0 descriptor?? [ 1075.010256][T26059] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1075.053360][ T5068] EXT4-fs (loop2): unmounting filesystem. [ 1075.171354][ T4986] usb 4-1: Using ep0 maxpacket: 16 [ 1075.181286][ T4986] usb 4-1: config 1 has an invalid interface number: 105 but max is 0 [ 1075.216255][ T4986] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1075.240310][ T4986] usb 4-1: config 1 has no interface number 0 [ 1075.253287][ T4986] usb 4-1: config 1 interface 105 altsetting 2 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1075.270111][ T4986] usb 4-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1075.286357][ T4986] usb 4-1: config 1 interface 105 has no altsetting 0 [ 1075.310816][ C0] Bluetooth: hci5: Unexpected continuation: 1 bytes [ 1075.311354][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.325154][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.331205][ T4986] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 1075.332417][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.348438][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.355259][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.362252][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.370353][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.377166][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.385301][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.392444][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.399303][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.406222][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.413077][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.420150][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.427301][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.434314][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.441403][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.448789][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.455755][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.462600][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.470327][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.471990][ T4986] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1075.478837][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.492235][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.499293][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.506141][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.513132][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.520055][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.527038][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.534014][T21407] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 1075.543714][ T5077] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 1075.547431][T26098] loop1: detected capacity change from 0 to 512 [ 1075.589747][ T4986] usb 4-1: Product: syz [ 1075.593994][ T4986] usb 4-1: Manufacturer: syz [ 1075.625916][ T27] audit: type=1400 audit(50296217.012:73): apparmor="DENIED" operation="change_hat" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=26100 comm="syz.2.9796" [ 1075.654281][T26098] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1075.681866][ T4986] usb 4-1: SerialNumber: syz [ 1075.709127][T24725] usb 1-1: USB disconnect, device number 19 [ 1075.810697][T26098] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.9794: Directory hole found for htree leaf block 0 [ 1075.928935][ T4986] aqc111: probe of 4-1:1.105 failed with error -22 [ 1075.997435][ T5078] EXT4-fs (loop1): unmounting filesystem. [ 1076.181291][ T22] usb 4-1: USB disconnect, device number 4 [ 1076.588574][T24725] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 1076.753784][T26148] libceph: resolve '0' (ret=-3): failed [ 1076.791812][T24725] usb 3-1: Using ep0 maxpacket: 16 [ 1076.799649][T24725] usb 3-1: too many endpoints for config 0 interface 0 altsetting 229: 247, using maximum allowed: 30 [ 1076.863019][T24725] usb 3-1: config 0 interface 0 altsetting 229 has 0 endpoint descriptors, different from the interface descriptor's value: 247 [ 1076.904735][T24725] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1076.924158][T24725] usb 3-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31 [ 1076.944334][T24725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1076.962794][T24725] usb 3-1: Product: syz [ 1077.001244][T24725] usb 3-1: Manufacturer: syz [ 1077.021793][T24725] usb 3-1: SerialNumber: syz [ 1077.030497][T24725] usb 3-1: config 0 descriptor?? [ 1077.058687][T24725] usb 3-1: MIDIStreaming interface descriptor not found [ 1077.184948][T26166] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1077.236328][T26166] bridge0: port 1(bridge_slave_0) entered disabled state [ 1077.295935][ T4986] usb 3-1: USB disconnect, device number 24 [ 1077.327867][T26166] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1077.885850][T26193] netlink: 'syz.3.9838': attribute type 5 has an invalid length. [ 1077.906725][T26187] loop1: detected capacity change from 0 to 4096 [ 1077.925165][T26193] netlink: 'syz.3.9838': attribute type 11 has an invalid length. [ 1077.988737][T26187] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1078.011083][T26187] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1078.063164][T26187] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1078.102243][T26187] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1078.175667][T26187] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1078.232114][T26187] ntfs: volume version 3.1. [ 1078.242184][T26187] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1078.298667][T26187] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1078.346028][T26187] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1078.360698][T26187] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1078.588893][ T9859] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 1078.733083][T26220] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 1078.803012][ T9859] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 1078.827351][ T9859] usb 5-1: New USB device strings: Mfr=13, Product=2, SerialNumber=3 [ 1078.846510][ T9859] usb 5-1: Product: syz [ 1078.861581][ T9859] usb 5-1: Manufacturer: syz [ 1078.872393][ T9859] usb 5-1: SerialNumber: syz [ 1078.896952][ T9859] r8152-cfgselector 5-1: config 0 descriptor?? [ 1079.224635][T26238] Process accounting resumed [ 1079.286490][T26240] loop3: detected capacity change from 0 to 1024 [ 1079.349758][ T9859] r8152-cfgselector 5-1: Unknown version 0x0000 [ 1079.366593][ T9859] r8152-cfgselector 5-1: USB disconnect, device number 31 [ 1079.384512][ T22] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 1079.592591][ T22] usb 1-1: Using ep0 maxpacket: 8 [ 1079.599797][ T22] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 1079.619163][ T22] usb 1-1: config 179 has no interface number 0 [ 1079.646108][ T22] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1079.678087][ T22] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1079.700877][ T22] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1079.715871][ T22] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1079.726789][ T22] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1079.740540][ T22] usb 1-1: config 179 interface 65 has no altsetting 0 [ 1079.747808][ T22] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1079.757401][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1079.799498][ T22] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input77 [ 1079.945524][ T9859] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 1080.091532][ T4986] usb 1-1: USB disconnect, device number 20 [ 1080.091577][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1080.106016][ T4986] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1080.167168][ T9859] usb 4-1: config 0 has an invalid interface number: 199 but max is 1 [ 1080.191619][ T9859] usb 4-1: config 0 has no interface number 1 [ 1080.197891][ T9859] usb 4-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1080.242390][ T9859] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1080.276451][ T9859] usb 4-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 1080.295038][ T9859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1080.313915][ T9859] usb 4-1: SerialNumber: syz [ 1080.332416][ T9859] usb 4-1: config 0 descriptor?? [ 1080.360724][ T9859] usb 4-1: Found UVC 0.00 device (0002:0000) [ 1080.373671][T26273] loop1: detected capacity change from 0 to 2048 [ 1080.394565][ T9859] usb 4-1: No valid video chain found. [ 1080.459854][T26273] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1080.594357][T26277] comedi comedi4: bad chanlist[0]=0x00400006 chan=6 range length=2 [ 1080.610439][ T9859] usb 4-1: USB disconnect, device number 5 [ 1080.751793][T26283] loop2: detected capacity change from 0 to 512 [ 1080.784809][T26283] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1080.844256][T26283] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 1080.854303][T26283] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01d, mo2=0102] [ 1080.877106][T26290] loop1: detected capacity change from 0 to 1024 [ 1080.896697][T26283] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80) [ 1080.906672][T26283] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features [ 1080.915869][T26283] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1080.933282][T26283] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.9883: dx entry: limit 65535 != root limit 120 [ 1080.947933][T26283] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.9883: Corrupt directory, running e2fsck is recommended [ 1081.004886][ T5068] EXT4-fs (loop2): unmounting filesystem. [ 1081.096379][ T46] hfsplus: b-tree write err: -5, ino 25 [ 1081.106913][ T46] hfsplus: b-tree write err: -5, ino 4 [ 1081.123767][ T46] hfsplus: b-tree write err: -5, ino 2 [ 1081.510513][T26315] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9895'. [ 1081.680018][T26319] netlink: 'syz.3.9898': attribute type 10 has an invalid length. [ 1081.712574][T26319] team0: Port device wlan1 added [ 1081.890892][T26328] loop0: detected capacity change from 0 to 256 [ 1082.455053][T26349] netlink: 'syz.4.9913': attribute type 10 has an invalid length. [ 1082.486870][T26347] loop0: detected capacity change from 0 to 2048 [ 1082.566081][T26349] team0: Port device wlan1 added [ 1082.567386][T26347] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1082.679756][T26335] loop2: detected capacity change from 0 to 32768 [ 1083.181205][T26367] unsupported nlmsg_type 40 [ 1083.508881][T26379] netlink: 'syz.2.9927': attribute type 10 has an invalid length. [ 1083.643196][T26379] team0: Port device wlan1 added [ 1083.990145][T26368] loop0: detected capacity change from 0 to 32768 [ 1084.131164][T26368] XFS (loop0): Mounting V5 Filesystem [ 1084.351979][T26368] XFS (loop0): Ending clean mount [ 1084.528668][ T5067] XFS (loop0): Unmounting Filesystem [ 1084.666917][T26423] loop3: detected capacity change from 0 to 736 [ 1085.130564][T26436] netlink: 48 bytes leftover after parsing attributes in process `syz.2.9951'. [ 1085.135087][T26431] loop1: detected capacity change from 0 to 1024 [ 1085.817444][T26462] loop1: detected capacity change from 0 to 2048 [ 1085.831162][ T27] kauditd_printk_skb: 5 callbacks suppressed [ 1085.831178][ T27] audit: type=1326 audit(50296226.563:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26465 comm="syz.0.9967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1085.872687][T26462] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1085.880109][ T27] audit: type=1326 audit(50296226.563:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26465 comm="syz.0.9967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1085.927799][ T27] audit: type=1326 audit(50296226.581:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26465 comm="syz.0.9967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1085.995130][T26471] loop2: detected capacity change from 0 to 256 [ 1086.019518][ T27] audit: type=1326 audit(50296226.581:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26465 comm="syz.0.9967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1086.120149][T26471] FAT-fs (loop2): Directory bread(block 64) failed [ 1086.138283][T26471] FAT-fs (loop2): Directory bread(block 65) failed [ 1086.153408][ T27] audit: type=1326 audit(50296226.581:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26465 comm="syz.0.9967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1086.200653][T26476] loop4: detected capacity change from 0 to 764 [ 1086.221223][T26473] loop0: detected capacity change from 0 to 2048 [ 1086.221875][T26471] FAT-fs (loop2): Directory bread(block 66) failed [ 1086.258379][T26471] FAT-fs (loop2): Directory bread(block 67) failed [ 1086.294473][T26471] FAT-fs (loop2): Directory bread(block 68) failed [ 1086.319713][T26476] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1086.344589][T26471] FAT-fs (loop2): Directory bread(block 69) failed [ 1086.381910][T26473] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1086.426628][T26471] FAT-fs (loop2): Directory bread(block 70) failed [ 1086.433241][T26471] FAT-fs (loop2): Directory bread(block 71) failed [ 1086.540987][T26471] FAT-fs (loop2): Directory bread(block 72) failed [ 1086.584483][T26471] FAT-fs (loop2): Directory bread(block 73) failed [ 1086.639871][ T5067] EXT4-fs (loop0): unmounting filesystem. [ 1087.242686][T26514] loop3: detected capacity change from 0 to 2048 [ 1087.362685][T26514] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1087.392028][T26514] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1111: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 1087.431709][T26526] loop4: detected capacity change from 0 to 256 [ 1087.585564][T26526] FAT-fs (loop4): Directory bread(block 64) failed [ 1087.614408][T26526] FAT-fs (loop4): Directory bread(block 65) failed [ 1087.635048][ T5074] EXT4-fs (loop3): unmounting filesystem. [ 1087.653672][T26526] FAT-fs (loop4): Directory bread(block 66) failed [ 1087.699056][T26526] FAT-fs (loop4): Directory bread(block 67) failed [ 1087.728763][T26526] FAT-fs (loop4): Directory bread(block 68) failed [ 1087.735352][T26526] FAT-fs (loop4): Directory bread(block 69) failed [ 1087.779381][T26526] FAT-fs (loop4): Directory bread(block 70) failed [ 1087.805013][T26526] FAT-fs (loop4): Directory bread(block 71) failed [ 1087.833298][T26526] FAT-fs (loop4): Directory bread(block 72) failed [ 1087.853146][T26526] FAT-fs (loop4): Directory bread(block 73) failed [ 1088.106198][T26550] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1088.304902][T26558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10010'. [ 1088.342776][T26558] netlink: 'syz.0.10010': attribute type 1 has an invalid length. [ 1088.390957][T26558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10010'. [ 1088.564249][T26565] loop2: detected capacity change from 0 to 128 [ 1088.610582][T26562] loop3: detected capacity change from 0 to 4096 [ 1088.619948][T26565] FAT-fs (loop2): Directory bread(block 32) failed [ 1088.652742][T26565] FAT-fs (loop2): Directory bread(block 33) failed [ 1088.654379][T26562] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 1088.674858][T26565] FAT-fs (loop2): Directory bread(block 34) failed [ 1088.682784][T26568] IPv6: Can't replace route, no match found [ 1088.695955][T26565] FAT-fs (loop2): Directory bread(block 35) failed [ 1088.728430][T26565] FAT-fs (loop2): Directory bread(block 36) failed [ 1088.779179][T26565] FAT-fs (loop2): Directory bread(block 37) failed [ 1088.785953][T26565] FAT-fs (loop2): Directory bread(block 38) failed [ 1088.854838][T26565] FAT-fs (loop2): Directory bread(block 39) failed [ 1088.906250][T26565] FAT-fs (loop2): Directory bread(block 40) failed [ 1088.912843][T26565] FAT-fs (loop2): Directory bread(block 41) failed [ 1088.929492][T26572] AppArmor: change_hat: Invalid input '' [ 1089.057966][T26576] netlink: 'syz.0.10019': attribute type 1 has an invalid length. [ 1089.408664][T26557] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 1089.408693][T26557] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1089.415236][T26557] F2FS-fs (loop1): build fault injection attr: rate: 2, type: 0x3ffff [ 1089.415282][T26557] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8 [ 1089.416299][T26557] F2FS-fs (loop1): invalid crc value [ 1089.455027][T26557] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1089.617565][T26557] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1089.617595][T26557] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1089.635422][T26557] F2FS-fs (loop1) : inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xd6/0x1c0 [ 1089.958695][T26604] comedi comedi2: Minor 3 could not be opened [ 1090.251126][T24725] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 1090.281966][T26616] netlink: 'syz.3.10037': attribute type 1 has an invalid length. [ 1090.472852][T24725] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1090.497935][T24725] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1090.511671][T26627] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1090.538133][T24725] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1090.556240][T24725] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1091.105346][T26651] set_capacity_and_notify: 1 callbacks suppressed [ 1091.105362][T26651] loop3: detected capacity change from 0 to 2048 [ 1091.168448][T26651] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 1091.214917][T26651] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1091.338340][T26663] xt_TCPMSS: Only works on TCP SYN packets [ 1091.344567][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.354628][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.391303][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.412060][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.453811][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.490527][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.504852][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.518274][T26662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10060'. [ 1091.532884][T26662] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1091.569201][T26662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1091.601624][T26662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1091.694859][T24725] stv0680 1-1:4.0: STV(e): camera ping failed!! [ 1091.909917][T24725] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 1091.924850][T24725] stv0680 1-1:4.0: last error: 0, command = 0x0 [ 1091.956671][T24725] usb 1-1: USB disconnect, device number 21 [ 1092.169112][T26694] loop3: detected capacity change from 0 to 2048 [ 1092.243686][T26694] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1093.012967][T24725] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1093.212808][T24725] usb 3-1: Using ep0 maxpacket: 32 [ 1093.225043][T24725] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1093.258946][T24725] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1093.278894][T24725] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1093.298913][T26738] binder: 26737:26738 ioctl c0046209 100000000000000 returned -22 [ 1093.310432][T24725] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1093.327923][T26722] loop4: detected capacity change from 0 to 32768 [ 1093.338436][T24725] usb 3-1: string descriptor 0 read error: -22 [ 1093.367325][T24725] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1093.414011][T24725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.446057][T24725] usb 3-1: 0:2 : does not exist [ 1093.490605][ T4986] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 1093.524656][ T27] audit: type=1326 audit(50296233.756:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1093.569939][ T27] audit: type=1326 audit(50296233.756:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1093.592395][ C1] vkms_vblank_simulate: vblank timer overrun [ 1093.680955][T24725] usb 3-1: USB disconnect, device number 25 [ 1093.705935][ T4986] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1093.746004][ T4986] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1093.775455][ T27] audit: type=1326 audit(50296233.756:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1093.805939][ T4986] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1093.831160][ T4986] usb 2-1: config 0 descriptor?? [ 1093.853872][ T27] audit: type=1326 audit(50296233.756:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1093.905765][ T27] audit: type=1326 audit(50296233.756:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1094.009784][ T27] audit: type=1326 audit(50296233.756:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1094.031032][ T5058] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 1094.064331][ T4986] ath6kl: Failed to submit usb control message: -71 [ 1094.078406][ T4986] ath6kl: unable to send the bmi data to the device: -71 [ 1094.093659][ T4986] ath6kl: Unable to send get target info: -71 [ 1094.101811][ T4986] ath6kl: Failed to init ath6kl core: -71 [ 1094.113381][ T27] audit: type=1326 audit(50296233.756:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1094.171936][ T4986] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 1094.180963][ T27] audit: type=1326 audit(50296233.756:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1094.225774][ T4986] usb 2-1: USB disconnect, device number 25 [ 1094.240745][ T5058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 1094.249898][ T27] audit: type=1326 audit(50296233.756:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26743 comm="syz.0.10100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f5f2d79c799 code=0x7ffc0000 [ 1094.259912][ T5058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1094.350768][ T5058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1094.374233][T26764] loop0: detected capacity change from 0 to 4096 [ 1094.380879][ T5058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1094.397510][T26764] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 1094.427680][ T5058] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 1094.437821][ T5058] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1094.451962][ T5058] usb 5-1: Product: syz [ 1094.456605][ T5058] usb 5-1: Manufacturer: syz [ 1094.461358][ T5058] usb 5-1: SerialNumber: syz [ 1094.480999][ T5058] usb 5-1: config 0 descriptor?? [ 1094.590873][T26774] __nla_validate_parse: 68 callbacks suppressed [ 1094.590893][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.607491][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.614474][T26764] ntfs3: loop0: ino=1e, "file1" attr_set_size [ 1094.617686][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.633744][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.656853][T26764] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 1094.663487][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.696033][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.700706][T26764] ntfs3: loop0: ntfs_set_state r=3 failed, -22. [ 1094.712291][ T5058] adutux 5-1:0.0: Could not retrieve serial number [ 1094.718998][ T5058] adutux: probe of 5-1:0.0 failed with error -5 [ 1094.740621][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.769693][T26776] afs: Unknown parameter 'dont_hash' [ 1094.775794][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.796673][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.817063][T26774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10113'. [ 1094.861424][T26778] SET target dimension over the limit! [ 1094.864962][T26774] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1094.893925][T26774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1094.910188][ T46] ntfs3: loop0: ntfs3_write_inode r=3 failed, -22. [ 1094.929462][ T5067] ntfs3: loop0: ntfs_evict_inode r=3 failed, -22. [ 1094.937925][T26774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1095.035061][T24725] usb 5-1: USB disconnect, device number 32 [ 1095.661596][T26803] loop2: detected capacity change from 0 to 256 [ 1095.697961][T26803] FAT-fs (loop2): Directory bread(block 64) failed [ 1095.719432][T26803] FAT-fs (loop2): Directory bread(block 65) failed [ 1095.759175][T26803] FAT-fs (loop2): Directory bread(block 66) failed [ 1095.765758][T26803] FAT-fs (loop2): Directory bread(block 67) failed [ 1095.795767][T26803] FAT-fs (loop2): Directory bread(block 68) failed [ 1095.821240][T26803] FAT-fs (loop2): Directory bread(block 69) failed [ 1095.827906][T26803] FAT-fs (loop2): Directory bread(block 70) failed [ 1095.906470][T26803] FAT-fs (loop2): Directory bread(block 71) failed [ 1095.913218][T26803] FAT-fs (loop2): Directory bread(block 72) failed [ 1095.966238][T26803] FAT-fs (loop2): Directory bread(block 73) failed [ 1096.006706][T26819] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1096.042403][T26819] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1096.073195][T26819] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1096.861689][T26853] loop3: detected capacity change from 0 to 64 [ 1096.958387][T26849] xt_CT: No such helper "netbios-ns" [ 1097.298585][T26864] loop2: detected capacity change from 0 to 4096 [ 1097.493406][T26846] loop4: detected capacity change from 0 to 32768 [ 1097.520802][ T9859] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 1097.563151][T26846] ea_get: extended attribute size too large: 2617245744 > INT_MAX [ 1097.681455][ T5058] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 1097.736450][ T9859] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1097.756122][ T9859] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1097.789847][ T9859] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1097.809920][ T9859] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1097.837770][ T9859] usb 2-1: config 0 descriptor?? [ 1097.889294][ T5058] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1097.902136][ T5058] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1097.921416][ T5058] usb 4-1: Product: syz [ 1097.925650][ T5058] usb 4-1: Manufacturer: syz [ 1097.943024][ T5058] usb 4-1: SerialNumber: syz [ 1097.960850][ T5058] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1098.055587][ T4924] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1098.150021][T26888] netlink: 'syz.2.10171': attribute type 3 has an invalid length. [ 1098.299263][ T9859] Bluetooth: Can't get version to change to load ram patch err [ 1098.323152][ T9859] Bluetooth: Loading patch file failed [ 1098.328831][ T9859] ath3k: probe of 2-1:0.0 failed with error -71 [ 1098.373617][ T9859] usb 2-1: USB disconnect, device number 26 [ 1098.532865][T24724] usb 4-1: USB disconnect, device number 6 [ 1098.634085][T26904] dlm: no locking on control device [ 1099.220572][ T4924] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1099.232061][ T4924] ath9k_htc: Failed to initialize the device [ 1099.249199][T24724] usb 4-1: ath9k_htc: USB layer deinitialized [ 1099.423805][ T9859] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 1099.486003][T26932] loop1: detected capacity change from 0 to 64 [ 1099.517831][T26932] hfs: unable to locate alternate MDB [ 1099.538762][T26932] hfs: continuing without an alternate MDB [ 1099.601591][ T27] audit: type=1800 audit(50296239.443:88): pid=26932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.10192" name="file1" dev="loop1" ino=21 res=0 errno=0 [ 1099.616314][ T9859] usb 1-1: Using ep0 maxpacket: 32 [ 1099.650814][ T9859] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1099.700367][ T9859] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1099.731590][ T5145] [ 1099.733960][ T5145] ====================================================== [ 1099.740999][ T5145] WARNING: possible circular locking dependency detected [ 1099.748036][ T5145] syzkaller #0 Not tainted [ 1099.752478][ T5145] ------------------------------------------------------ [ 1099.759493][ T5145] kworker/u4:7/5145 is trying to acquire lock: [ 1099.765647][ T5145] ffff888066854878 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 [ 1099.767150][T26941] Cannot find del_set index 2 as target [ 1099.776627][ T5145] [ 1099.776627][ T5145] but task is already holding lock: [ 1099.776637][ T5145] ffff888027dc40b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 [ 1099.776692][ T5145] [ 1099.776692][ T5145] which lock already depends on the new lock. [ 1099.776692][ T5145] [ 1099.776697][ T5145] [ 1099.776697][ T5145] the existing dependency chain (in reverse order) is: [ 1099.776702][ T5145] [ 1099.776702][ T5145] -> #1 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 1099.776738][ T5145] __mutex_lock+0x12d/0xaf0 [ 1099.776759][ T5145] hfs_find_init+0x15b/0x1d0 [ 1099.776775][ T5145] hfs_get_block+0x553/0xc50 [ 1099.776793][ T5145] block_read_full_folio+0x3e6/0xf00 [ 1099.776814][ T5145] filemap_read_folio+0x16b/0x770 [ 1099.776834][ T5145] do_read_cache_folio+0x2a0/0x760 [ 1099.776853][ T5145] do_read_cache_page+0x32/0x220 [ 1099.776871][ T5145] __hfs_bnode_create+0x4ad/0x7b0 [ 1099.776891][ T5145] hfs_bnode_find+0x21e/0xd40 [ 1099.776907][ T5145] hfs_brec_find+0x30d/0x500 [ 1099.776931][ T5145] hfs_brec_read+0x20/0x100 [ 1099.885802][ T5145] hfs_cat_find_brec+0x174/0x3f0 [ 1099.891280][ T5145] hfs_fill_super+0xff8/0x15b0 [ 1099.896553][ T5145] mount_bdev+0x287/0x3c0 [ 1099.901390][ T5145] legacy_get_tree+0xe6/0x180 [ 1099.906668][ T5145] vfs_get_tree+0x88/0x270 [ 1099.911594][ T5145] do_new_mount+0x24a/0xa40 [ 1099.916603][ T5145] __se_sys_mount+0x2e3/0x3d0 [ 1099.921888][ T5145] do_syscall_64+0x4c/0xa0 [ 1099.926921][ T5145] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1099.933497][ T5145] [ 1099.933497][ T5145] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 1099.942698][ T5145] __lock_acquire+0x2d07/0x7d10 [ 1099.948153][ T5145] lock_acquire+0x1bb/0x4a0 [ 1099.953181][ T5145] __mutex_lock+0x12d/0xaf0 [ 1099.958197][ T5145] hfs_extend_file+0xfb/0x13f0 [ 1099.963469][ T5145] hfs_bmap_reserve+0x103/0x420 [ 1099.968833][ T5145] __hfs_ext_write_extent+0x1fa/0x470 [ 1099.974712][ T5145] hfs_ext_write_extent+0x17b/0x200 [ 1099.980423][ T5145] hfs_write_inode+0xd8/0xa20 [ 1099.985615][ T5145] __writeback_single_inode+0x75b/0x1160 [ 1099.991767][ T5145] writeback_sb_inodes+0xb30/0x1850 [ 1099.997502][ T5145] wb_writeback+0x482/0xd50 [ 1100.002515][ T5145] wb_workfn+0x423/0xee0 [ 1100.007266][ T5145] process_one_work+0x8a2/0x1160 [ 1100.012712][ T5145] worker_thread+0xaa2/0x1270 [ 1100.017981][ T5145] kthread+0x29d/0x330 [ 1100.022566][ T5145] ret_from_fork+0x1f/0x30 [ 1100.027489][ T5145] [ 1100.027489][ T5145] other info that might help us debug this: [ 1100.027489][ T5145] [ 1100.037883][ T5145] Possible unsafe locking scenario: [ 1100.037883][ T5145] [ 1100.045331][ T5145] CPU0 CPU1 [ 1100.050689][ T5145] ---- ---- [ 1100.056034][ T5145] lock(&tree->tree_lock#2/1); [ 1100.060874][ T5145] lock(&HFS_I(tree->inode)->extents_lock); [ 1100.069361][ T5145] lock(&tree->tree_lock#2/1); [ 1100.076805][ T5145] lock(&HFS_I(tree->inode)->extents_lock); [ 1100.082893][ T5145] [ 1100.082893][ T5145] *** DEADLOCK *** [ 1100.082893][ T5145] [ 1100.091113][ T5145] 3 locks held by kworker/u4:7/5145: [ 1100.096379][ T5145] #0: ffff88801aea5938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160 [ 1100.107161][ T5145] #1: ffffc900036b7d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160 [ 1100.119033][ T5145] #2: ffff888027dc40b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 [ 1100.129205][ T5145] [ 1100.129205][ T5145] stack backtrace: [ 1100.135076][ T5145] CPU: 1 PID: 5145 Comm: kworker/u4:7 Not tainted syzkaller #0 [ 1100.142597][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1100.152636][ T5145] Workqueue: writeback wb_workfn (flush-7:1) [ 1100.158612][ T5145] Call Trace: [ 1100.161931][ T5145] [ 1100.164853][ T5145] dump_stack_lvl+0x188/0x24e [ 1100.169544][ T5145] ? load_image+0x400/0x400 [ 1100.174048][ T5145] ? show_regs_print_info+0x12/0x12 [ 1100.179240][ T5145] ? print_circular_bug+0x12b/0x1a0 [ 1100.184518][ T5145] check_noncircular+0x296/0x330 [ 1100.189441][ T5145] ? look_up_lock_class+0x75/0x140 [ 1100.194540][ T5145] ? add_chain_block+0x940/0x940 [ 1100.199463][ T5145] ? lockdep_lock+0xf1/0x1f0 [ 1100.204052][ T5145] ? unwind_next_frame+0x1880/0x20b0 [ 1100.209432][ T5145] ? _find_first_zero_bit+0xcf/0x100 [ 1100.214705][ T5145] __lock_acquire+0x2d07/0x7d10 [ 1100.219541][ T5145] ? ret_from_fork+0x1f/0x30 [ 1100.224130][ T5145] ? ret_from_fork+0x1f/0x30 [ 1100.228715][ T5145] ? verify_lock_unused+0x140/0x140 [ 1100.233898][ T5145] ? stack_trace_save+0xa6/0xf0 [ 1100.238866][ T5145] ? stack_trace_snprint+0xf0/0xf0 [ 1100.243964][ T5145] ? check_noncircular+0x189/0x330 [ 1100.249157][ T5145] ? add_chain_block+0x940/0x940 [ 1100.254086][ T5145] lock_acquire+0x1bb/0x4a0 [ 1100.258585][ T5145] ? hfs_extend_file+0xfb/0x13f0 [ 1100.263535][ T5145] ? __might_sleep+0xd0/0xd0 [ 1100.268127][ T5145] ? read_lock_is_recursive+0x10/0x10 [ 1100.273586][ T5145] __mutex_lock+0x12d/0xaf0 [ 1100.278078][ T5145] ? hfs_extend_file+0xfb/0x13f0 [ 1100.283119][ T5145] ? verify_lock_unused+0x140/0x140 [ 1100.288301][ T5145] ? hfs_extend_file+0xfb/0x13f0 [ 1100.293222][ T5145] ? mutex_lock_nested+0x10/0x10 [ 1100.298249][ T5145] ? __stack_depot_save+0x421/0x460 [ 1100.303628][ T5145] hfs_extend_file+0xfb/0x13f0 [ 1100.308501][ T5145] ? hfs_ext_write_extent+0x14e/0x200 [ 1100.313887][ T5145] ? hfs_write_inode+0xd8/0xa20 [ 1100.318826][ T5145] ? hfs_get_block+0xc50/0xc50 [ 1100.323683][ T5145] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1100.329845][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1100.334625][ T5145] ? trace_contention_end+0x5f/0x170 [ 1100.339987][ T5145] ? memset+0x1e/0x40 [ 1100.344046][ T5145] ? hfs_brec_find+0x197/0x500 [ 1100.348805][ T5145] hfs_bmap_reserve+0x103/0x420 [ 1100.353661][ T5145] __hfs_ext_write_extent+0x1fa/0x470 [ 1100.359040][ T5145] hfs_ext_write_extent+0x17b/0x200 [ 1100.364232][ T5145] ? verify_lock_unused+0x140/0x140 [ 1100.369426][ T5145] ? hfs_ext_keycmp+0x310/0x310 [ 1100.374270][ T5145] ? writeback_sb_inodes+0x46b/0x1850 [ 1100.379637][ T5145] hfs_write_inode+0xd8/0xa20 [ 1100.384315][ T5145] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 1100.389785][ T5145] ? __writeback_single_inode+0x4ae/0x1160 [ 1100.395588][ T5145] ? __lock_acquire+0x7d10/0x7d10 [ 1100.401217][ T5145] ? do_raw_spin_lock+0x128/0x2f0 [ 1100.406322][ T5145] ? __rwlock_init+0x140/0x140 [ 1100.411120][ T5145] __writeback_single_inode+0x75b/0x1160 [ 1100.416772][ T5145] writeback_sb_inodes+0xb30/0x1850 [ 1100.422089][ T5145] ? queue_io+0x5a0/0x5a0 [ 1100.426861][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1100.431640][ T5145] wb_writeback+0x482/0xd50 [ 1100.436290][ T5145] ? percpu_ref_tryget+0x250/0x250 [ 1100.441409][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1100.447393][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1100.452666][ T5145] wb_workfn+0x423/0xee0 [ 1100.457126][ T5145] ? inode_wait_for_writeback+0x220/0x220 [ 1100.462858][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1100.468935][ T5145] ? read_lock_is_recursive+0x10/0x10 [ 1100.474489][ T5145] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 1100.480478][ T5145] ? _raw_spin_unlock+0x40/0x40 [ 1100.485329][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1100.491300][ T5145] ? process_one_work+0x7b0/0x1160 [ 1100.496428][ T5145] process_one_work+0x8a2/0x1160 [ 1100.501473][ T5145] ? worker_detach_from_pool+0x240/0x240 [ 1100.507103][ T5145] ? _raw_spin_lock_irq+0xb7/0xf0 [ 1100.512383][ T5145] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1100.517929][ T5145] ? kthread_data+0x4b/0xc0 [ 1100.522520][ T5145] worker_thread+0xaa2/0x1270 [ 1100.527204][ T5145] ? __kthread_parkme+0x162/0x1c0 [ 1100.532418][ T5145] kthread+0x29d/0x330 [ 1100.536578][ T5145] ? worker_clr_flags+0x1a0/0x1a0 [ 1100.541605][ T5145] ? kthread_blkcg+0xd0/0xd0 [ 1100.546362][ T5145] ret_from_fork+0x1f/0x30 [ 1100.550771][ T5145] [ 1100.553827][ C1] vkms_vblank_simulate: vblank timer overrun [ 1100.564586][ T5145] hfs: new node 0 already hashed? [ 1100.570214][ T9859] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1100.578524][ T5145] ------------[ cut here ]------------ [ 1100.579557][ T9859] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 1100.584942][ T5145] WARNING: CPU: 0 PID: 5145 at fs/hfs/bnode.c:520 hfs_bnode_create+0x37a/0x400 [ 1100.593561][ T9859] usb 1-1: Product: syz [ 1100.593578][ T9859] usb 1-1: Manufacturer: syz [ 1100.611885][ T5145] Modules linked in: [ 1100.615892][ T5145] CPU: 0 PID: 5145 Comm: kworker/u4:7 Not tainted syzkaller #0 [ 1100.623491][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1100.633589][ T5145] Workqueue: writeback wb_workfn (flush-7:1) [ 1100.634901][ T9859] hub 1-1:4.0: USB hub found [ 1100.639598][ T5145] RIP: 0010:hfs_bnode_create+0x37a/0x400 [ 1100.639632][ T5145] Code: ac a2 8a 89 ee e8 26 a9 d6 07 e9 ab fd ff ff e8 1c 4e 37 ff 48 89 df e8 d4 f8 eb 07 48 c7 c7 c0 ac a2 8a 89 ee e8 06 a9 d6 07 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c b7 fc ff ff 4c [ 1100.639648][ T5145] RSP: 0018:ffffc900036b6e80 EFLAGS: 00010246 [ 1100.675821][ T5145] RAX: 000000000000001f RBX: ffff888027dc40e0 RCX: dd9f633491d10000 [ 1100.683902][ T5145] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 1100.691936][ T5145] RBP: 0000000000000000 R08: ffffc900036b6b87 R09: 1ffff920006d6d70 [ 1100.700037][ T5145] R10: dffffc0000000000 R11: fffff520006d6d71 R12: 0000000000000000 [ 1100.708138][ T5145] R13: ffff888027dc4000 R14: ffff888079391500 R15: dffffc0000000000 [ 1100.716120][ T5145] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1100.725095][ T5145] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1100.731711][ T5145] CR2: 000055ce86a75168 CR3: 000000007e2f7000 CR4: 00000000003506f0 [ 1100.739731][ T5145] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1100.747722][ T5145] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1100.756012][ T5145] Call Trace: [ 1100.759381][ T5145] [ 1100.762345][ T5145] hfs_bmap_alloc+0x53d/0x5d0 [ 1100.767052][ T5145] ? hfs_bmap_reserve+0x420/0x420 [ 1100.772135][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1100.777150][ T5145] hfs_btree_inc_height+0xfd/0xac0 [ 1100.782555][ T5145] ? hfs_brec_insert+0x6f6/0xbd0 [ 1100.787611][ T5145] ? hfs_brec_insert+0xbd0/0xbd0 [ 1100.792701][ T5145] ? do_raw_spin_unlock+0x11d/0x230 [ 1100.797919][ T5145] hfs_brec_insert+0x744/0xbd0 [ 1100.803499][ T5145] ? hfs_brec_keylen+0x350/0x350 [ 1100.808479][ T5145] __hfs_ext_write_extent+0x2a1/0x470 [ 1100.813933][ T5145] hfs_ext_write_extent+0x17b/0x200 [ 1100.819890][ T5145] ? verify_lock_unused+0x140/0x140 [ 1100.825752][ T5145] ? hfs_ext_keycmp+0x310/0x310 [ 1100.830991][ T5145] ? writeback_sb_inodes+0x46b/0x1850 [ 1100.837012][ T5145] hfs_write_inode+0xd8/0xa20 [ 1100.842028][ T5145] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 1100.848644][ T5145] ? __writeback_single_inode+0x4ae/0x1160 [ 1100.852763][ T9859] hub 1-1:4.0: 5 ports detected [ 1100.854556][ T5145] ? __lock_acquire+0x7d10/0x7d10 [ 1100.861708][ T9859] hub 1-1:4.0: insufficient power available to use all downstream ports [ 1100.864557][ T5145] ? do_raw_spin_lock+0x128/0x2f0 [ 1100.864588][ T5145] ? __rwlock_init+0x140/0x140 [ 1100.864606][ T5145] __writeback_single_inode+0x75b/0x1160 [ 1100.889043][ T5145] writeback_sb_inodes+0xb30/0x1850 [ 1100.894364][ T5145] ? queue_io+0x5a0/0x5a0 [ 1100.898715][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1100.903634][ T5145] wb_writeback+0x482/0xd50 [ 1100.908173][ T5145] ? percpu_ref_tryget+0x250/0x250 [ 1100.913442][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1100.919460][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1100.925238][ T5145] wb_workfn+0x423/0xee0 [ 1100.929605][ T5145] ? inode_wait_for_writeback+0x220/0x220 [ 1100.935389][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1100.941394][ T5145] ? read_lock_is_recursive+0x10/0x10 [ 1100.946819][ T5145] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 1100.952788][ T5145] ? _raw_spin_unlock+0x40/0x40 [ 1100.957734][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1100.963033][ T5145] ? process_one_work+0x7b0/0x1160 [ 1100.968273][ T5145] process_one_work+0x8a2/0x1160 [ 1100.973271][ T5145] ? worker_detach_from_pool+0x240/0x240 [ 1100.978971][ T5145] ? _raw_spin_lock_irq+0xb7/0xf0 [ 1100.984116][ T5145] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1100.989725][ T5145] ? kthread_data+0x4b/0xc0 [ 1100.994517][ T5145] worker_thread+0xaa2/0x1270 [ 1100.999258][ T5145] ? __kthread_parkme+0x162/0x1c0 [ 1101.004304][ T5145] kthread+0x29d/0x330 [ 1101.008601][ T5145] ? worker_clr_flags+0x1a0/0x1a0 [ 1101.013775][ T5145] ? kthread_blkcg+0xd0/0xd0 [ 1101.018411][ T5145] ret_from_fork+0x1f/0x30 [ 1101.023161][ T5145] [ 1101.026190][ T5145] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1101.033462][ T5145] CPU: 0 PID: 5145 Comm: kworker/u4:7 Not tainted syzkaller #0 [ 1101.041010][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1101.051071][ T5145] Workqueue: writeback wb_workfn (flush-7:1) [ 1101.057083][ T5145] Call Trace: [ 1101.060380][ T5145] [ 1101.063414][ T5145] dump_stack_lvl+0x188/0x24e [ 1101.068463][ T5145] ? memcpy+0x3c/0x60 [ 1101.072635][ T5145] ? show_regs_print_info+0x12/0x12 [ 1101.077758][ T9859] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 1101.077779][ T9859] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 1101.092060][ T5145] ? load_image+0x400/0x400 [ 1101.096589][ T5145] panic+0x2e5/0x730 [ 1101.100526][ T5145] ? bpf_jit_dump+0xd0/0xd0 [ 1101.105644][ T5145] ? ret_from_fork+0x1f/0x30 [ 1101.110245][ T5145] __warn+0x2f8/0x4f0 [ 1101.114248][ T5145] ? hfs_bnode_create+0x37a/0x400 [ 1101.119351][ T5145] ? hfs_bnode_create+0x37a/0x400 [ 1101.124364][ T5145] report_bug+0x2ba/0x4f0 [ 1101.128864][ T5145] ? hfs_bnode_create+0x37a/0x400 [ 1101.133880][ T5145] handle_bug+0x3a/0x70 [ 1101.137390][ T9859] usb 1-1: USB disconnect, device number 22 [ 1101.143916][ T5145] exc_invalid_op+0x16/0x40 [ 1101.148431][ T5145] asm_exc_invalid_op+0x16/0x20 [ 1101.153273][ T5145] RIP: 0010:hfs_bnode_create+0x37a/0x400 [ 1101.158979][ T5145] Code: ac a2 8a 89 ee e8 26 a9 d6 07 e9 ab fd ff ff e8 1c 4e 37 ff 48 89 df e8 d4 f8 eb 07 48 c7 c7 c0 ac a2 8a 89 ee e8 06 a9 d6 07 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c b7 fc ff ff 4c [ 1101.179187][ T5145] RSP: 0018:ffffc900036b6e80 EFLAGS: 00010246 [ 1101.185267][ T5145] RAX: 000000000000001f RBX: ffff888027dc40e0 RCX: dd9f633491d10000 [ 1101.193364][ T5145] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 1101.201537][ T5145] RBP: 0000000000000000 R08: ffffc900036b6b87 R09: 1ffff920006d6d70 [ 1101.209629][ T5145] R10: dffffc0000000000 R11: fffff520006d6d71 R12: 0000000000000000 [ 1101.217732][ T5145] R13: ffff888027dc4000 R14: ffff888079391500 R15: dffffc0000000000 [ 1101.225741][ T5145] hfs_bmap_alloc+0x53d/0x5d0 [ 1101.230433][ T5145] ? hfs_bmap_reserve+0x420/0x420 [ 1101.235583][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1101.240436][ T5145] hfs_btree_inc_height+0xfd/0xac0 [ 1101.245554][ T5145] ? hfs_brec_insert+0x6f6/0xbd0 [ 1101.250520][ T5145] ? hfs_brec_insert+0xbd0/0xbd0 [ 1101.255463][ T5145] ? do_raw_spin_unlock+0x11d/0x230 [ 1101.260655][ T5145] hfs_brec_insert+0x744/0xbd0 [ 1101.265409][ T5145] ? hfs_brec_keylen+0x350/0x350 [ 1101.270348][ T5145] __hfs_ext_write_extent+0x2a1/0x470 [ 1101.275715][ T5145] hfs_ext_write_extent+0x17b/0x200 [ 1101.280918][ T5145] ? verify_lock_unused+0x140/0x140 [ 1101.286106][ T5145] ? hfs_ext_keycmp+0x310/0x310 [ 1101.290941][ T5145] ? writeback_sb_inodes+0x46b/0x1850 [ 1101.296301][ T5145] hfs_write_inode+0xd8/0xa20 [ 1101.301058][ T5145] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 1101.306418][ T5145] ? __writeback_single_inode+0x4ae/0x1160 [ 1101.312210][ T5145] ? __lock_acquire+0x7d10/0x7d10 [ 1101.317319][ T5145] ? do_raw_spin_lock+0x128/0x2f0 [ 1101.322594][ T5145] ? __rwlock_init+0x140/0x140 [ 1101.327369][ T5145] __writeback_single_inode+0x75b/0x1160 [ 1101.332993][ T5145] writeback_sb_inodes+0xb30/0x1850 [ 1101.338288][ T5145] ? queue_io+0x5a0/0x5a0 [ 1101.342630][ T5145] ? rcu_is_watching+0x11/0xa0 [ 1101.347496][ T5145] wb_writeback+0x482/0xd50 [ 1101.352098][ T5145] ? percpu_ref_tryget+0x250/0x250 [ 1101.357229][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1101.363210][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1101.368395][ T5145] wb_workfn+0x423/0xee0 [ 1101.372719][ T5145] ? inode_wait_for_writeback+0x220/0x220 [ 1101.378602][ T5145] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1101.384571][ T5145] ? read_lock_is_recursive+0x10/0x10 [ 1101.389932][ T5145] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 1101.395815][ T5145] ? _raw_spin_unlock+0x40/0x40 [ 1101.400649][ T5145] ? _raw_spin_unlock_irq+0x1f/0x40 [ 1101.405877][ T5145] ? process_one_work+0x7b0/0x1160 [ 1101.410976][ T5145] process_one_work+0x8a2/0x1160 [ 1101.416019][ T5145] ? worker_detach_from_pool+0x240/0x240 [ 1101.421703][ T5145] ? _raw_spin_lock_irq+0xb7/0xf0 [ 1101.426727][ T5145] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1101.432482][ T5145] ? kthread_data+0x4b/0xc0 [ 1101.437075][ T5145] worker_thread+0xaa2/0x1270 [ 1101.441761][ T5145] ? __kthread_parkme+0x162/0x1c0 [ 1101.446775][ T5145] kthread+0x29d/0x330 [ 1101.450837][ T5145] ? worker_clr_flags+0x1a0/0x1a0 [ 1101.455876][ T5145] ? kthread_blkcg+0xd0/0xd0 [ 1101.460552][ T5145] ret_from_fork+0x1f/0x30 [ 1101.465050][ T5145] [ 1101.468389][ T5145] Kernel Offset: disabled [ 1101.472720][ T5145] Rebooting in 86400 seconds..