last executing test programs: 5.514441298s ago: executing program 4 (id=4673): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xffad, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) 5.017831685s ago: executing program 4 (id=4677): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000001100)={[{@utf8}, {@utf8no}, {@fat=@nfs}, {@shortname_lower}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@uni_xlateno}, {@uni_xlate}, {@uni_xlate}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@uni_xlateno}, {@shortname_lower}, {@utf8no}, {@uni_xlate}]}, 0x26, 0x336, &(0x7f00000001c0)="$eJzs3U1oXFUUAOAzfUkmDdRkIRRdje4EKU3Eha4SSoViFloZ/Ns42NSfvLGQwYG4yCQbxaXiRtCVuy502bW4EHHnwq0VpCpu7K7Q4pOZ9/LmNzYVJ1X7fYtwOPecufe+PDIvIbl5ZTU2L8zGxevXr8X8fCVmVs+sxo1KLMWxSCK3GwDA/8mNLIvfs9ztqz9c2I/mprwuAGB6eu//r53oJ6p3czUAwFE45Pf/z0zMXprasgCAKRp7/394aHjkx/wz5e8EAAD/Xc+9+NLTa+sR52u1+Yjme+16ux5P9sfXLsYbkcZGnI7FuBWRPyjkTwvdj0+dWz97utb181LUux3tekSz067nTwprSa+/GsuxGEtFf1b2J93+5V5/LSJ2O735o1lp12djoZj/h4XYiJVYjPvH+iPOrZ9dqRUvUG/u93ci9mJ+fxPd9Z+Kxfju1bgUaVyIbm9//TvLtdqZbH2ov3252qsDAAAAAAAAAAAAAAAAAAAAAIBpOFUrLZXn32TNTvvd86MFS0Pn49Tz4eJ8oL38fKCsun86z/vJ6PlAw+fztOszceyu7hwAAAAAAAAAAAAAAAAAAAD+PVrbc9FI042t1vY7m4NBZyDz1jeff3U8RmveTPqZmMlfbqimyMVAVxJle1a2Z8lQTREkEf3iy1fKFQ/WVMtdjLV3g+rYUKVYUyNNTzz00yeTuv7oZ5IYuyzDQaWYf2CoeV+e+ouug4OV29RczbLsoPadj8e7ohIxM/aJ+yeCr6+9/sBjrZOP9zJfFoc+PPLo4vNXP/rs181GGsWlSdO5rdat7G/PlQzcP5XiOlcm3AmTg71+Zm+rtd1Ivv/thQc/+HakOJl8/2SNdLfcxdsHz/XFaGYuD7q9h9np7ISbf3Lw8s3y7r3zi3ny09XGlZ0ffzls18AXCQd1AAAAAAAAAAAAAAAAAADAkRj4W/E78MSz01sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy9/v//Hwj2xjKHCW52YnyourHVOnDy40e6VQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7mF/BgAA//8w03X4") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 3.810613215s ago: executing program 1 (id=4691): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0x1f40) 3.688414199s ago: executing program 4 (id=4693): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000380)={0x0, 0xffffffa8, &(0x7f0000000280)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080211000000040000a118000200e000000e00000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x48000) 3.628061183s ago: executing program 5 (id=4694): r0 = socket$nl_rdma(0x10, 0x3, 0x14) getsockopt$netlink(r0, 0x10e, 0x1, 0x0, &(0x7f00000001c0)) 3.328047849s ago: executing program 5 (id=4697): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000920000/0x2000)=nil, 0x2000, 0x13) 3.29308505s ago: executing program 1 (id=4698): r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000}) 3.169213125s ago: executing program 0 (id=4700): r0 = socket(0x10, 0x802, 0x0) connect$netlink(r0, &(0x7f00000001c0)=@proc, 0xc) 2.952194055s ago: executing program 4 (id=4702): creat(&(0x7f0000001380)='./file0\x00', 0x0) mount(&(0x7f0000000140)=@nullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='minix\x00', 0x8000, 0x0) 2.950920234s ago: executing program 1 (id=4703): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x8) setsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000000)=0x1000040, 0x4) 2.867440808s ago: executing program 2 (id=4704): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000400)="d8000000140081044e81f782db44b9040a1d08020a000000040000a118000200ff11000000000e1208000f0100810401a80016ea1f000840031b000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee40021146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 2.752031601s ago: executing program 0 (id=4705): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, 0x0) 2.518850893s ago: executing program 0 (id=4706): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000001100)={[{@utf8}, {@utf8no}, {@fat=@nfs}, {@shortname_lower}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@uni_xlateno}, {@uni_xlate}, {@uni_xlate}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@uni_xlateno}, {@shortname_lower}, {@utf8no}, {@uni_xlate}]}, 0x26, 0x336, &(0x7f00000001c0)="$eJzs3U1oXFUUAOAzfUkmDdRkIRRdje4EKU3Eha4SSoViFloZ/Ns42NSfvLGQwYG4yCQbxaXiRtCVuy502bW4EHHnwq0VpCpu7K7Q4pOZ9/LmNzYVJ1X7fYtwOPecufe+PDIvIbl5ZTU2L8zGxevXr8X8fCVmVs+sxo1KLMWxSCK3GwDA/8mNLIvfs9ztqz9c2I/mprwuAGB6eu//r53oJ6p3czUAwFE45Pf/z0zMXprasgCAKRp7/394aHjkx/wz5e8EAAD/Xc+9+NLTa+sR52u1+Yjme+16ux5P9sfXLsYbkcZGnI7FuBWRPyjkTwvdj0+dWz97utb181LUux3tekSz067nTwprSa+/GsuxGEtFf1b2J93+5V5/LSJ2O735o1lp12djoZj/h4XYiJVYjPvH+iPOrZ9dqRUvUG/u93ci9mJ+fxPd9Z+Kxfju1bgUaVyIbm9//TvLtdqZbH2ov3252qsDAAAAAAAAAAAAAAAAAAAAAIBpOFUrLZXn32TNTvvd86MFS0Pn49Tz4eJ8oL38fKCsun86z/vJ6PlAw+fztOszceyu7hwAAAAAAAAAAAAAAAAAAAD+PVrbc9FI042t1vY7m4NBZyDz1jeff3U8RmveTPqZmMlfbqimyMVAVxJle1a2Z8lQTREkEf3iy1fKFQ/WVMtdjLV3g+rYUKVYUyNNTzz00yeTuv7oZ5IYuyzDQaWYf2CoeV+e+ouug4OV29RczbLsoPadj8e7ohIxM/aJ+yeCr6+9/sBjrZOP9zJfFoc+PPLo4vNXP/rs181GGsWlSdO5rdat7G/PlQzcP5XiOlcm3AmTg71+Zm+rtd1Ivv/thQc/+HakOJl8/2SNdLfcxdsHz/XFaGYuD7q9h9np7ISbf3Lw8s3y7r3zi3ny09XGlZ0ffzls18AXCQd1AAAAAAAAAAAAAAAAAADAkRj4W/E78MSz01sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy9/v//Hwj2xjKHCW52YnyourHVOnDy40e6VQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7mF/BgAA//8w03X4") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 2.518715914s ago: executing program 1 (id=4707): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000840)={0x1c, 0x3, 0x8, 0x5, 0x0, 0x0, {0x5}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000080}, 0x810) 2.51838798s ago: executing program 4 (id=4708): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x44, &(0x7f00000000c0)=ANY=[], 0x1, 0x6216, &(0x7f000000cb40)="$eJzs3c2OHFfZB/Cn+ms+/CaxsojyRghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmWhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTT7rGd7uqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6qIuPTztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeCMiPn464t792+vNorMH7Md3/vi33/7w2Pf/+vvhqX//6Ub/zUnr3bz5q3/9+c7j7y8AAACUqK7rukof819In+97XXcKAJiL/PpfJ3m5euHqzQXrj1qtVqsPYd1W7+9Ou4iIzfY2zXsGp+MB4JDZjE+67gIdkn/RBhFxrOtOAAut6roDzMS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PSdJrxa0zm9fzain48O6E/K3PqwyLJ+ffG87+00z5K6806/3mZlP9o59an4uT8++P5jzk6+ff2zb9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LtyIA87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrpx8sm/RdbM3yi1XEU2PrA4VJN8usdt0PAAAAAAAAAAAAACjJYOca3otVxDAinlpdreu6+Wkbrx/Vk25/2JW+/1Cyrv/IAwDAjo+fHruXv4pYjoiL6bv+hqurq3W9vLJar9YrS/n97GhpuV5pfa7N02bZ0ugAb4gHo7r5Zcut7dqmfV6e1j7++5rHGtX9A3RsPjoMHAAiYufV6J5XpCOmrp+Jrt/lcDg4/o8exz8H0fXzFAAAAJi9uq7rKn2d9wvpnH+v604BAHORX//Hzwuo1Wq1Wq0+enVbvb877SIiNtvbNO8ZDMcPAIfMZnzSdRfokPyLNoiI57vuBLDQqq47wEzcu397vUr5Vu3XgzS+e74WZE/+m9X2dnn7/abTjF9jMq/n11b049kJ/XluTn1YJDn/3nj+l3baR2m9Wec/L5Pyb/bzeAf96VrOvz+e/5ijk39v3/xLlfMfPFL+ffkDAAAAAMACy//+f3yhzv+OHnd3pnrY+d+1mT0qAAAAAAAAAMzWvfu31/N9r/n8/+f2Wc/9n0dTzr+Sf5Fy/un+/90Lb14ZW6/fmr/7zoP8/3n/9vrvbvzj//P0oPkv5ZkqPbOq9Iyo0iNVgzR9zB2bYGvYHzWPNKx6/UG65qcevhdX4mpsxOk96/bS8fCg/cye9qanw+32ur/TfnZP+2C3PW9/bk/7MF3pVK/k9pOxHj+Jq/HudnvTtjRl/5entNdT2nP+fcd/kXL+g9ZPk/9qaq/Gpo27H/X+57hvT/d7nLevfP6Xp2e/O1NtRX9339qa/Xupg/5s/z85disiNq6dvHn5xo1rZyJNjo3iZ9fz0rORJp+xnP8w/eT8X3l5pz3/3W8fr3c/Gj1y/otiKwYT83+5Nd/s76tz7lsXcv6j9JPzfze173/8H+b8Jx//r3XQHwAAAAAAAAAAAAAAAHiYuq63bxF9OyLOp/t/uro3EwCYr/z6Xyd5+bzq/uNu/4e9+9FV/9XqOdfVgvVnrvWn9WL1R72Q9X8WrD8LV7fV+3urXUTEX9rbNO8ZfrHfLwMAFtmnEfH3rjtBZ+RfsPx9f830RNedAebq+oe3fnT56tWNa9e77gkAAAAAAAAA8Ljy+J9rrfGfT9R1fWdsvT3jv74Ta086/ucgz+wOMDphoOr+o+/Tw2z1Rv1ea7jxF2PS+N/D3bmHjf89mPJ4wyntoyntS1Pal6e073ujR0vO/8XWeOcnIuKFseHXSxj/dXzM+xLk/F9qPZ+b/L80tl47//o3hzn/3p78T9344Kenrn946/UrH1x+f+P9jR+fO3Pm9Lnz5y9cuHDqvStXN07v/LfDHs9Wzj+Pfe060LLk/HPm8i9Lzv8LqZZ/WXL+X0y1/MuS88/v9+Rflpx//uwj/7Lk/F9NtfzLkvP/cqrlX5ac/2upln9Zcv5fSbX8y5Lzfz3V8i9Lzv9kquVflpz/qVQfMP+VWfeL+cj55zNcjv+y5PzzlQ3yL0vO/2yq5V+WnP+5VMu/LDn/N1It/7Lk/L+aavmXJed/PtXyL0vO/2upln9Zcv4XUi3/suT8v55q+Zcl5/+NVMu/LDn/N1Mt/7Lk/L+ZavmXJef/rVTLvyw5/2+nWv5lyfm/lWr5l+XB9/+bMWNmRjODw3egdf2XCQAAAAAAAAAAAAAYN4/LibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI9dd3wH8zN68diA2EFInNWHtGGOcTXZ9iS+0LiZcG24lIRR6wXa9a7PgG167BBrVjgIlEkZFFW3DQ1tAqM1LhVXxQKuA8oBaVapE2gf6gqhQeYiqgAJSVVpBtpo5//9/Z2ZnZ3a9483Zcz4fKfllZ87MOXPmP7P7tfPdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3TX+mlmVZrVbLL9iUZS+pz/VjmxqXvP7FPT4AAABg5X7R+PfzG9MFR5Zwo6Zt/umO73x9bm5uLvvA4J8Of2FuLl0xlmXD67KscV107QcfrDVvEzyWjdYGmr4e6LH7wR7XD/W4frjH9SM9rl/X4/rRHtcvOAELrM9q6c62N/5zU35Ks1uy4cZ12zvc6rHauoH6uUu3zWqN28wNn8xmstPZdDbZsn2+ba2x/VNb6/t6exb3NdC0ry31FfKTR07EY6iFc7y9ZV/z9xn96I3Z2E9/8siJv7743G2dZs/T0HJ/+XHu3FY/zk+FS/JjrWXr0jmJxznQdJxbOjwngy3HWWvcrv7f7cf5/BKPc3D+MFdV+3M+mg00/vuZxnkaqmUdztOWcNnP7syy7Mr8Ybdvs2Bf2UC2oeWSgfnnZzRfkfX7qC+ll2dDy1qnW5ewTutzanvrOm1/TcTnf2u43dAix9D8NP3o0ZGm5/3nc9ezTqP6o17stdK+Bvv9WinKGozr4pnGg3684xrcHh7/IzsWX4Md106HNZged9Ma3NZrDQ6MDDaOOT0JtcZt5tfg7pbtBxt7qjXmszu6r8GJi2fOT8x+4pN3z5w5fmr61PTZvbt3T+7dv//gwYMTJ2dOT0/m/77Os118G7KB9BrYFs5dfA28tm3b5qU69+WRBe+/1/s6HO3yOtzUtm2/X4dD7Q+utjovyIVrOn9tvK9+0kevDmSLvMYaz8+ulb8O0+Nueh0ONb0OO35P6fA6HFrC67C+zfldS/uZZajpn07HsPj3gpWtwU1Na7D955H2Ndjvn0eKsgZHw7r43q7FvxdsCcf7+Phyfx4ZXLAG08MN7z31S9LP+6MHG6PTury9fsVNI9ml2ekL9zx8/OLFC7uzMFbFK5rWSvt63dD0mLIF63Vg2ev1yMwdj9/e4fJN4VyN3l3/1+iiz1V9m333dH+uGt/dOp/Plkv3ZGH02Wqfz07fzevncyTLvvjtRx/45iNffNOi57OeNz81sfKfxVMubXr/HV7k/Tfm/hfy/aW7emxweCh//Q6mszPc8n7c+lQNNd67ao19Pz+xtPfj4fDPar8f39Ll/Xhz27b9fj8ebn9w8f241utPO1am/fkcDevk9GT39+P6Npv3LHdNDnV9P74zzFo4/68LSSHloqa1s9i6TfsaGhoOj2so7qF1ne5t2X44ZLP6vp7cc33rdOed+X0Npkc3b7XW6Vjbtv1ep+nPvhZbp7Vef/p2fdqfz9GwLm7Z232d1rd5et/K3zvXx/9seu8c6bUGhwdH6sc8nBZh4/0+m1sf1+A92YnsXHY6m2pcO9JYT7XGvsbvXdoaHAn/rPZ75eYua3Bn27b9XoPp+9hia682tPDB90H78zka1sUT93Zfg/Vt3nygvz+77gyXpG2afnZt//O1xf7M6/a203Sj1spQOM5vH+j+Z7P1bU4fXG7O7H6e7gqX3NThPLW/fhd7TU1lq3OeNofjfO7g4uepfjz1bb5waInr6UiWZZc/dl/jz3vD36/83aXvfr3l7106/Z3O5Y/d9+OXnvzH5Rw/AGvfC/nYkH+va/qbqaX8/T8AAACwJsTcPxBmIv8DAABAacTcH/+v8ET+BwAAgNKIuX8ozKQi+X/zm5+beeFylpr5c0G8Pp2G+/PtYsd1Mnw9Njevfvl9X53+73+4vLR9D2RZ9vP7/6Dj9pvvj8eVGwvHee0trZcv8PW7l7TvYw9dTvtt7q9/Kdx/fDxLXQadKriTWZY9tfFzjf2MffBqYz59/7HGfODK44/Vt3n+UP51vP2zr8i3/4tQ/j1y8njL7Z8N5+GHYU6+o/P5iLf72tXXbTnw/vn9xdvVtt3ceNhPfCi/3/h7cj7/WL59PM+LHf83P/vk1+rbP/yazsd/eaDz8T8Z7verYf7vq/Ltm5+D+tfxdp8Oxx/3F293z1e+1fH4r30m3/78W/PtjoUZ978zfL39rc/NNJ+vh2vHWx5X9rZ8u7j/ye/+ceP6eH/x/tuPf/To1Zbz0b4+nv63/H4m2raPl8f9RH/ftv/6/TSvz7j/J//oWMt57rX/aw88+6r6/bbv/6627c5/bFdj//P31/obm/7y05/ruL94PEf+9nzL4zny3vA6Dvt/4kNhPYbr/+9afn/tv13h2Htb33/i9l/adLnl8URv/2m+/2tvONWY60bXb7jpJS+9+cqr6+cuy55Zl99fr/2f+qtzLcf/5Vvz8xGvjx399v0vJu7/wsfHz56bvTQzlc7qIxsbvzvnnfnxxOPdGN5b278+eu7ih6cvjE2OTWbZWHl/hd51+0qYP87Hle5bzy14B931UHg+b//zpzbs+NfPxsv//X355VffkX/fem3Y7vPh8k3h+Vve/hd6Yuutjdd37elwhHMLf1/wSmzZ/l8Hl7RhePztPxfE9X7+lR9unIf6dY3vG/F1vcLj//5Ufj/fCOd1Lvxm5m23zu+vefv4uxGuPpi/3ld8/sLbXHxe/yY83+/6YX7/8bji4/1++DnmW5tb3+/i+vjG5YH2+2/8Fo8r4f0ku5JfH7eK5/vq87d2PLz4e0iyK7c1vv6TdD+3LethLmb2E7MTp2fOXnp44uL07MWJ2U988uiZc5fOXjza+F2eRz/S6/bz708bGu9PU9P792WNd6tz+bjBXuzjP//QiakDkzumpk8ev3Ty4kPnpy+cOjE7e2J6anbH8ZMnpz/e6/YzU4d37zm098Ce8VMzU4cPHjq099D4zNlz9cPID6qH/ZMfHT974WjjJrOH9x3afe+9+ybHz5ybmj58YHJy/FKv2ze+N43Xb/374xemTx+/OHNmenx25pPTh3cf2r9/T8/fBnjm/MnZsYkLl85OXJqdvjCRP5axi42L69/7et2ecpr9j/zn2Xa1/BfxZe+5a3/6/ax1X3100bvKN2n7BaLPhd9F888vO39wKV/H3D8cZlKR/A8AAABVEHP/SJiJ/A8AAAClEXP/ujAT+R8AAABKI+b+0TCTiuT/0vX/N19e0v71//X/m8+X/n/F+v8PFq3/n79f6P/3x0r79/r/gf6//r/+v/6//j99ULT+f8z967OskvkfAAAAqiDm/g1hJvI/AAAAlEbM/TeFmcj/AAAAUBox978kzKQi+V//X/9f/1//X/+/8/71/9cm/f/u9P970P+fyKrV/7/Sz+PX/9f/Z6Gi9f9j7n9pmElF8j8AAABUQcz9N4eZyP8AAABQGjH3bwwzkf8BAACgNGLu3xRmUpH8r//ftf/fXkNelP5/6/Hr/3deH/r/+v/6/zee/n93+v896P/7/H/9f/1/+qpo/f+Y+18WZlKR/A8AAABVEHP/y8NM5H8AAAAonqHru1nM/a8IM1mQ/69zBwAAAMCLLub+W7K2InhF/v5f/9/n/xe//78uXaf/r/+fFbL/P5jp/xeH/n93+v896P/r/+v/6//TV0Xr/zdyfzaavTLMpCL5HwAAAKog5v5bw0zkfwAAACiNmPt/KcxE/gcAAIDSiLl/c5hJRfK//r/+f/H7/z7/X/+/6P1/n/9fJPr/3en/96D/r/+v/6//T18Vrf8fc/9tYSYVyf8AAABQBTH33x5mIv8DAABAacTc/8thJvI/AAAAlEbM/VvCTCqS//X/C97/j81R/X/9f/1//X/9/yXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/8dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu4fCzOpSP7X/y94/z/vwY/4/H/9f/1//X/9/6XR/+9O/78H/X/9/770/+cu6//r/5MrWv8/5v6tYSYVyf8AAABQBTH3bwszkf8BAACgNGLuvzPMRP4HAACA0oi5f3uYSUXyv/7/muj/Z/r/+v/6//r/+v9Lo//fnf5/D/r/+v8+/1//n74qWv8/5v7XhJlUJP8DAABAFcTcvyPMRP4HAACA0oi5/7VhJvI/AAAAlEbM/TvDTCqS//X/9f/1//X/9f8771//f23S/+9O/78H/X/9f/1//X/6qmj9/5j7XxdmUpH8DwAAAFUQc/+uMBP5HwAAAEoj5v67wkzkfwAAACiNmPvHw0wqkv/1//X/9f/1//X/O+9f/39t0v/vTv+/B/1//X/9f/1/+qpo/f+Y++8OM6lI/gcAAIAqiLn/njAT+R8AAABKI+b+iTAT+R8AAABKI+b+yTCTiuR//X/9f/1//f9l9f9fPX+/+v85/f9i0f/vTv+/B/1//f8Xvf8/rP9PqRSt/x9z/+4wk4rkfwAAAKiCmPv3hJnI/wAAAFAaMffvDTOR/wEAAKA0Yu7fF2ZSkfyv/6//r/+v/+/z/zvvX/9/bdL/767//f/4EPX/9f/1/33+v/4/CxWt/x9z/71hJhXJ/wAAAFAFMffvDzOR/wEAAKA0Yu4/EGYi/wMAAEBpxNx/MMykIvlf/1//X/9f/1//v/P+9f/XJv3/7nz+fw/6//r/+v/6/6zQg3/Y/FXR+v8x9x8KM6lI/gcAAIAqiLn/9WEm8j8AAACURsz9vxJmIv8DAABAacTc/6thJhXJ//r/Ld3z+sPV/9f/1//X/2/Q/1+b9P+70//vQf9f/1//X/+fvlq0/x+i92r3/2PuPxxmUpH8DwAAAFUQc/+vhZnI/wAAAFAaMfe/IcxE/gcAAIDSiLn/SJhJRfK//r/P/9f/1//X/++8/9Xu/4/E+9X/XxH9/+70/3vQ/9f/1//X/6evivb5/zH3vzHMpCL5HwAAAKog5v77wkzkfwAAACiNmPvfFGYi/wMAAEBpxNz/5jCTiuR//X/9f/1//X/9/8779/n/a5P+f3f6/8GdGzsfgP6//r/+v/4/fVW0/n/M/W8JM6lI/gcAAIAqiLn/rWEm8j8AAACURsz9bwszkf8BAACgNGLuf3uYSUXyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//r/+v/09fFa3/H3P/r4eZVCT/AwAAQBXE3H9/mIn8DwAAAKURc/87wkzkfwAAACiNmPvfGWZSkfyv/6//r/+v/6//33n/+v9rk/5/d2us//+Lm8Pl+v85/f9iH/9y+/9DbV/fkP7/Dxbr/8+ta7+9/j83QtH6/zH3vyvMpCL5HwAAAKog5v53h5nI/wAAAFAaMfe/J8xE/gcAAIDSiLn/N8JMKpL/9f/rxzHfXtb/L2v/f0D/X/9f/78i9P+7W2P9f5//30b/v9jH7/P/9f9ZqGj9/5j73xtmUpH8DwAAAFUQc/8DYSbyPwAAAJRGzP0PhpnI/wAAAFAaMfe/L8ykIvlf/9/n/1ej/+/z/zP9f/3/itD/707/vwf9f/3/ovX//1P/n7WtaP3/mPsfCjOpSP4HAACAKoi5//1hJvI/AAAAlEbM/b8ZZiL/AwAAQGnE3P+BMJOK5H/9/7XS/x9bo/3/R/X/b2D//46b8+30//X/maf/353+fw/6//r/Rev/+/x/1rii9f9j7v9gmMnS8//okrcEAAAAXhQx9/9WmElF/v4fAAAAqiDm/t8OM5H/AQAAoDRi7v+dMJOK5H/9/7XS//f5/5n+v8//b3s8+v/6/52sXv8/vvPo/+v/6/9H+v/6//r/tCta/z/m/t8NM6lI/gcAAIAqiLn/Q2Em8j8AAACsCZ3+n+x2MfcfDTOR/wEAAKA0Yu4/FmZSkfyv/6//r/9f0P7/n237l+99593Hduv/6//r/y/Lqn7+f/3F7/P/9f/1/xP9f/1//X/aFa3/H3P/8TCTiuR/AAAAqIKY+38vzET+BwAAgNKIuf9EmIn8DwAAAKURc/9UmElF8r/+v/6//n9B+/9r+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vn++J6/8vt/8/0vFS/X/9/7V8/Pr/+v8sVLT+f8z902EmFcn/AAAAUAUh9w+czOf8FfI/AAAAlEbM/afCTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuTz/4sq9e9/1nih6P+3KU7/vzP9f/3/tXz8+v/6/yxUtP5/zP0zYSYVyf8AAABQBTH3fyTMRP4HAACA0oi5/6NhJvI/AAAAlEbM/afDTCqS//X/9f/1//X/9f8777+wn/+v/9/VSvv3+v+B/n+1+///o/+v/6//T38Urf8fc/+ZMJOK5H8AAACogv9n706aLKvLPI7f7C66soJe9K4X3YuO6N71S2DRve5+AS7cuDHCcIEKKs4UziOKirMiOA84gCCigvMATiiKA6g4izNOiBJlkPU8T1Vmnjw3s+pm5jn//+ezqEfSSu6VqKjiV1lfT+7+8+MW+x8AAACakbv/UXGL/Q8AAADNyN3/6Lilk/2v/z+b/v9Upaz/3/z+J9H//4/+f6fX1//r/1um/x+n/19C/+/5//p//T8rNbX+P3f/Y+KWTvY/AAAA9CB3/wVxi/0PAAAAzcjdf2HcYv8DAABAM3L3PzZu6WT/b+n/1xZ99v+Z8Xr+f0v9v+f/7/j6+n/9f8sOtv+/5MGf+fT/+n/9f9D/76r/P7rT5+v/adHU+v/c/Y+LWzrZ/wAAANCD3P2Pj1vsfwAAAGhG7v6L4hb7HwAAAJqRu/8JcUsn+391z/8/tvHxmfb/Rf+v/9/4gP5f/6//ny3P/x/XU/9/4e3nnn/v9f92w15eX/+v//f8f/0/qzW1/j93/xPjlk72PwAAAPQgd/+T4hb7HwAAAJqRu//JcYv9DwAAAM3I3f+UuKWT/b+6/n/Wz/8v+n/9/8YH9P/6f/3/bOn/x/XU/5/J6+v/9f/6f/0/qzW1/j93/1Pjlk72PwAAAPQgd//T4hb7HwAAAJqRu//iuMX+BwAAgGbk7j8et3Sy//X/+9//P6D/1//H1f/r//X/+0//P07/v4T+X/+v/9f/s1JT6/9z918St3Sy/wEAAKAHufufHrfY/wAAANCM3P3PiFvsfwAAAGhG7v5nxi2d7H/9v+f/6/+X9/8X6P+D/l//P336/3H6/yX0/2fbz5+j/9f/6/853R77//tHftpeSf+fu/9ZcUsn+x8AAAB6kLv/2XGL/Q8AAADNyN3/nLjF/gcAAIBm5O5/btzSyf7X/+v/9f+e/3/G/f/2H3ob9P/D9P8HQ/8/bjL9/9qRwQ/r/2ff/3v+v/5f/88mU3v+f+7+58Utnex/AAAA6EHu/ufHLSP7f8+/mQ8AAAAcqtz9L4hbfP0fAAAAZi+rs9z9L4xbOtn/+n/9v/5f/+/5/8OvP9b/33Da+9P/T4v+f9xk+v8d6P/1/3N+//p//T/bTa3/z93/orilk/0PAAAAPcjdf2ncYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/h/v/U/+9/n939P+b37/+f/jHx6r6//w76v9H+///9fz/Pun/xx18/39U/7/576//30eH/f4b7/+PLft8/T9Dptb/5+6/LG7pZP8DAABAD3L3vzRusf8BAACgGbn7Xxa32P8AAADQjNz9L49bOtn/nv+v/9f/z6//9/z/kw7z+f+LA+//j+j/d0n/P87z/5fQ/+v/9f+e/89KTa3/z91/edzSyf4HAACAHlx+32Jj979isbD/AQAAYI5O/7MDW/9Aacjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrT6v/9/z/3dL/j9P/L6H/349+/khj/f8VO33+FPr/i/X/TMym/v+mUx8/rP4/d/+r45ZO9j8AAAD0IHf/a+IW+x8AAACakbv/tXGL/Q8AAADNyN3/urilk/2/7/3/sZ1fe+b9/6byRP+/+f3r/zfT/8ePB/2//v8A6P/H6f+X0P97/r/n/+v/WalT/f/mnw8Pq//P3f/6uKWT/Q8AAAA9yN3/hrjF/gcAAIBm5O6/Im6x/wEAAKAZufvfGLd0sv89/9/z//X/+n/9//Dr6//nSf8/Tv+/hP5f/6//1/+zUpue/3+aw+r/c/dfGbd0sv8BAACgB7n7r4pb7H8AAABoRu7+N8Ut9j8AAAA0I3f/m+OWTva//n9/+//8uP5f/7/Q/+v/9f8Hotv+f23oV6Ltduj/b33E8f/f/BH9v/5f/6//1/+zApPo/0+c+rfL3P1viVs62f8AAADQg9z9b41b7H8AAABoRu7+t8Ut9j8AAAA0I3f/2+OWPe7/f1npuzo4+n/P/9f/6//1/8Ovr/+fp277/13y/P8l9P/6f/2//p+VmkT/f9pf5+5/R9zi6/8AAADQjNz974xb7H8AAABoRu7+d8Ut9j8AAAA0I3f/u+OWTva//l//r/+fZf9/XnwX/f8E+//1xTD9/8HQ/4/T/y+h/9f/6//1/6zU1Pr/3P1Xxy2d7H8AAADoQe7+98Qt9j8AAAA0I3f/e+MW+x8AAACakbv/fXFLJ/tf/6//1//Psv/3/P8J9/870f8fDP3/OP3/YrG4ZuQNDPX/J47q//X/+n/9P2doav1/7v73xy2d7H8AAADoQe7+a+IW+x8AAACakbv/2rjF/gcAAIBm5O7/QNzSyf7X/+v/9f/6f/3/8Ovr/+dJ/z9O/7+E5//r//X/+n9Wamr9f+7+6+KWTvY/AAAA9CB3//Vxi/0PAAAAzcjd/8G4xf4HAACAZuTuvyFu6WT/6//1//p//f++9P/H9f9b6f8Pxv71/wv9v/5f/7+E/l//r/9nq4Pq/++Pn++X9f+5+z8Ut3Sy/wEAAKAHuftvjFvsfwAAAGhG7v4Pxy32PwAAADQjd/9H4pZO9r/+X/+v/9f/e/7/8Ovr/+fJ8//H6f+X0P/r//X/+n9W6qD6/516/61/nbv/o3FLJ/sfAAAAepC7/6a4xf4HAACAZuTuvzlusf8BAACgGbn7Pxa3dLL/9f/6/839/2Kh/9f/6/9POoD+f32h/185/f84/f8S+v82+/9/WDTU/x/b8fP1/0zR1Pr/3P0fj1s62f8AAADQg9z9n4hb7H8AAABoRu7+T8Yt9j8AAAA0I3f/p+KWlvb/Azunb/Pv/49u+UT9/2KxuPMiz//X/4+8vv5/Mv1//VPV/6+O/n/cv//XPXes7+Y76v/1/y31/57/r//n0Eyt/8/d/+m4paX9DwAAAJ3L3f+ZuMX+BwAAgGbk7v9s3GL/AwAAQDNy938ubulk/8+//9/6ifr/xVk9/1//v/EB/b/+X/8/W2fb31+5Hr+mtdv/e/7/GP3/0n5+bYd/71no//X/+n8GTK3/z93/+bilk/0PAAAAPcjdf0vcYv8DAABAM3L33xq32P8AAADQjNz9X4hbOtn/+n/9/5z6/3X9f/X/6/p//b/+f9BUnv9/3nn/d5v+X//fYv8/Rv+v/9f/s9XU+v/c/V+MWzrZ/wAAANCD3P1filvsfwAAAGhG7v4vxy32PwAAADQjd/9X4pZO9v/2/v+cxclC9aSh/j8aNf3/afT/m9+/5/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v//2P75+n9aNLX+P3f/bXFLJ/sfAAAAepC7/6txi/0PAAAAzcjd/7W4xf4HAACAZuTuvz1u6WT/e/6//l//r//X/w+/vv5/nvT/4/T/S+j/z76fz59V9f/zff7/P+r/WZ2p9f+5+78et2wMv//85zP8nwkAAABMSO7+b8QtnXz9HwAAAHqQu/+OuMX+BwAAgGbk7v9m3NLJ/tf/6//1//p//f/w6+v/50n/P07/v0Q//f/60AcPu58/W4f9/pvp/z3/nxWaWv+fu/9bcUsn+x8AAADadt/Gt7n7vx232P8AAADQjNz934lb7H8AAABoRu7+O+OWTva//l//337//zD9/5bX1//r/1um/89f0Yfp/5fop/8fdNj9/Nzfv/5f/892U+v/c/ffFbd0sv8BAACgB7n7vxu32P8AAADQjNz934tb7H8AAABoRu7+78ctnex//X9f/f/aosf+3/P/9f/6/57Mp/+/6sjQRz3/X/+v/5/v+9f/6//Zbmr9f+7+u9eOdLn/AQAAYK4e8t+PvGu33/fujW/XFz+IW+x/AAAAaEbu/h/GLfY/AAAANCN3/4/ilk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/576P//aeTz9f8MmVr/n7v/x3HLacNv8P+gBwAAADg8Y78pNSB3/0/ilk6+/g8AAAA9yN3/07hl2/4/scs/1Q4AAABMTe7+n8UtnXz9X/8/8f5/sU/9f3w//f9J+n/9/9Dr6//nSf8/7iz7/xNr+n/9/wj9f/v9/xj9P0Om1v/n7r/xukWX+x8AAAAatel3FH6+8e364p64xf4HAACAZuTu/0XcYv8DAABAM3L3/zJu6WT/6/8n3v+f0fP/j9V/8vz/zvv/S9cHX1//r/9vmf5/nOf/L6H/1//r//X/rNQe+v+NQbrf/X/u/l/FLZ3sfwAAAOhB7v5fxy32PwAAADQjd/9v4hb7HwAAAJqRu/+3cUsn+1//fwj9/2VHF4t97f938fx//X8f/f8Or99O//+v5x6/5aEPv/Zq/T+nHGT/nz8W9P/6f/3/Sfp//b/+n62m9vz/3P2/i1s62f8AAADQg9z998Yt9j8AAAA0I3f/7+OWB/f/zYf1rgAAAIBVyt3/h7ilk6//6/9bfP7/PPv//Gd9CP3/8fn1/9kU997/e/6//n87z/8fp/9fQv+v/9f/6/9Zqan1/7n7/xi3dLL/AQAAoAe5+/8Ut+T+X9vzb90DAAAAE5O7/89xi6//AwAAQDNy998Xt3Sy//X/+v+p9P/J8/9PfZ7n/5+k/9f/74X+f5z+fwn9v/5f/6//Z6Wm1v/n7v9L3NLJ/gcAAIAe5O6/P26x/wEAAKAZufv/GrfY/wAAANCM3P1/i1s62f/6f/2//l//r/8ffn39/zzp/8fp/5fQ/+v/9f/6f1Zqav1/7v6/BwAA//+l7G5O") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185) 2.440891473s ago: executing program 2 (id=4709): r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2710, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa) 2.22548166s ago: executing program 3 (id=4710): r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000380)=ANY=[@ANYBLOB="380000001b1401002dbd7000000000000900020073797a31000000000800410072786500140033"], 0x38}, 0x1, 0x0, 0x0, 0x844}, 0x4840) 2.088553691s ago: executing program 2 (id=4711): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="1400000013000159993dde440113e90005"], 0x14}], 0x1, 0x0, 0x0, 0x24049080}, 0x0) 2.074095575s ago: executing program 1 (id=4712): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000680)={[{@utf8no}, {@utf8no}, {@utf8}, {@fat=@check_strict}, {@shortname_mixed}, {@numtail}, {@rodir}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@shortname_mixed}, {@shortname_winnt}, {@uni_xlate}, {@shortname_lower}]}, 0x26, 0x336, &(0x7f00000001c0)="$eJzs3T1sW9UXAPDjviROI/VvD3+pgsmwIaGqCWKAKVFVpIoMUGTxtWDRlI/YVIqFpTDE9QJiBLEgwcTWAcbOiAEhNgZWioQKiIVulVrxkP1e7OeP0BThlI/fb4iOzj3H976Xq/glSm5eWo/tC4tx8caN67G8XIqF9TPrcbMU1TgWSWQuBwDwb3IzTePXNHPn6vdX9qOlOa8LAJifwfv/KydGifK9XA0AcBQO+f3/UzOzl+a2LABgjqbe/x8cG574Mf/C8HcCAIB/rmeef+HJjc2I87XackTrnU69U4/HR+MbF+O1aMZWnI5K3I7IHhSyp4X+xyfObZ49Xev7sRr1fkenHtHqdurZk8JGMugvx2pUopr3p8P+pN+/OuivRcTl7mD+aJU69cVYyef/biW2Yi0q8f+p/ohzm2fXavkL1Fv7/d2IXizvX0R//aeiEt+8HJeiGRei3zta/95qrXYm3Rzr71wpD+oAAAAAAAAAAAAAAAAAAAAAAGAeTtWGqsPzb9JWt/P2+cmC6tj5OPVsOD8fqJedD5SW90/neTeZPB9o/HyeTn0hjt3TKwcAAAAAAAAAAAAAAAAAAIC/j/buUjSaza2d9u5b28WgW8i88dWnXxyPyZrXk1EmFrKXG6vJc1HoSmLYng7b02SsJg+SiFHxlavDFRdrysOrmGrvB+WpoVK+pkazeeKBHz6a1fXbKJPE1G0ZD0r5/IWh1v+y1B90HRys3aHmWpqmB7XvfTjdFaWIhalP3F8RfHn91fseaZ98dJD5PD/04aGHK89e++CTn7cbzchvTbO5tNO+nf7puZLC/inl97k0YyfMDnqjTG+nvdtIvv3lufvf+3qiOJm9f9Ji5s2D5/psMrOUBf1lHuZKF2ds/tnBi7eGu/fub+bJj9cbV/e+/+mwXYUvEg7qAAAAAAAAAAAAAAAAAACAI1H4W/G78NjT81sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy90f//LwS9qcxhglvdmB4qb+20D5z8+JFeKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2G/BwAA//9pxHjs") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) 1.78876759s ago: executing program 3 (id=4713): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="2800000042000b0026bd7000004000000300000008000200070000100a0001"], 0x28}}, 0x4040080) 1.700085815s ago: executing program 5 (id=4714): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x1000000, &(0x7f0000000180)={[{@utf8}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@allow_utime={'allow_utime', 0x3d, 0x101}}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@sys_tz}, {@gid}, {@utf8}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'maccyrillic'}}, {@umask={'umask', 0x3d, 0x1}}, {@dmask={'dmask', 0x3d, 0x1}}]}, 0x1, 0x1505, &(0x7f0000002c80)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfdaz3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnftJk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1f3uE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRWpwPVxgA+Ov6avclhBBCCCGEEEKIf52Q9mp3IIQQQgghhBBCiP/3EMBoMNFf43SQHq6BDHAtZITrIAHXQya4ATLDjZAFskI2yA45ICfkAgsEDhhiyA15IAk3QV64GfJBfigABcFDISgMt0ARuBWKwm1QDGYvBLgDSkBJKAWl4U4oA3dBWSgH5eFuqAAVoRJUhnugCtwLVeE+qAb3Q3V4AGrAg1ATHoJa8DDUhkegDjwKdeExqAf1oQE0hEb/pfyXoBO8DJ2hC3SFbtAdXoEe0BN6QW/oA69CX3gN+sHr0B8GwEB4AwbBmzAY3oIhMBSGwdswHEbASBgFo2EMjIV3YByMhwnwLkyESTAZpsBUmAbT4T2YATNhFrwPs+EDmANzYR7MhwXwISyERbAYPoIl8DEshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFbbAddsBO2AW7YU+5vfAJ7INPYT98Bgfg8//L/HPw9/ntERBQoUKDBtNgGkzBFEyP6TEDZsCMmBETmMBMmAkzY2bMglkwG2bDHJgDc2EuJCRkZMyNuTGJScyLeTEf5sMCWAA9eiyMhbEI3opFsSgWw2JYHItjCSyJJbE0lsYyWAbLYlksf8dcAKyAlbAS3oP34L1YFatiNayG1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIcNsAE2wkbYGBtjE2yCzbAZNsfm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22xw7YAV/Cl/BlfBm7YAXVDbtjd+yBPbAX9sbe+Cr2xdfwNXwd++MAHIhv4Bv4Jg7GszgEh+IwHIZl1AgciaOQ1Rgci2NxHI7DCTgBJ+IknIRTcCpOw+k4HWfgTJyJ7+Ns/AA/wLk4F+fjAlyAC3ERLsbFuATP4VJchstxBa7EVbgS1+BaXIPrcQOux024CbfgFtyG23AH7sBduAv34B78BD/BT/FT7I8H8AAexIN4CA/hYTyMR/AIHsWj264BwON4HE/gCTyJp/A0nsIzeAbP4jk8j+fxAl7Ai/hCjq9q78m/rj+oy4wyKo1Ko1JUikqv0qsMKoPKqDKqhEqoTCqTyqwyqywqi8qmsqkcKofKpXIpUqRYxSq3yq2SKqnyqrwqn8qnCqgCyiuvCqvCqogqooqqoqqYul0VV3eoEqqkaupLq9KqjGrmy6pyqrwqryqoiqqSqqwqqyqqiqqqqqpqqpqqrqqrGupBVVN1w174sLo8mTpqANZVA7Geqq8aqIbqTXxcNVaDsYlqqpqpJ9VQHIItVGPfUj2jWqmR2Fo9p0bh86qtGoPt1IuqveqgOqqXVCfVxHdWXdRE7Ka6qynYQ/VUvVRvNQMrqssTq6ReV/3VADVQvaHm45tqsHpLDVFD1TD1thquRqiRapQarcaoseodNU6NVxPUu2qimqQmqylqqpqmpqv31Aw1U81S76vZ6gM1R81V89R8tUB9qBaqRWqx+kgtUR+rpWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qK1qm9qudqidapfarfaoveoTtU99qvarz9QB9bk6qP6iDqkv1GH1pTqivlJH1dfqmPpGHVffqhOqizqpTqnT6nt1Rv2gzqpz6rz6UV1QP6mL6md1SQUFGrXSWhsd6TQ6rU7R6XR6fY3OoK/VGfV1OqGv15n0DTqzvlFn0Vl1Np1d59A5dS5tNWmnWcc6t86jk/omnVffrPPp/LqALqi9LqQL61t0EX2rLqpv08X07bq4vkOX0CV1KV1a36nL6Lt0WV1Ol9d36wq6oq6kK+t7dBV9r66q79PV9P26un5A19AP6pr6IV1LP6xr60d0Hf2orqsf0/V0fd1AN9SN9OO6sX5CN9FNdTP9pG6un9It9NO6pX5Gt9LP6tb6Od1GP6/b6hd0O/2ibq876I76Z31JB91Zd9FddTfdXb+ie+ieupfurfvoV3Vf/Zrup1/X/fUAPVC/oQfpN/Vg/ZYeoofqYfptPVyP0CP1KD1aj9Fj9Tt6nB6vJ+h39UQ9SU/WU/RUPU33+q3SrD+RP/4/ye/3y71v0Vv1Nr1d79A79S69W+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9XF9Qp/QJ/Up/aP+Xp/RP+iz+pw+p3/UF/QFffG3xwAMGmW0MSYyaUxak2LSmfTmGpPBXGsymutMwlxvMpkbTGZzo8lisppsJrvJYXKaXMYaMs6wiU1uk8ckzU0mr7nZ5DP5TQFT0HhTyBQ2t/zT+f+gvxWTfz1ZMY1MI9PYNDZNTBPTzDQzzU1z08K0MC1NS9PKtDKtTWvTxrQxbU1b0860M+1Ne9PRdDSdTCfTGcF0NV1Nd/OK6WF6ml6mt+ljXjV9TV/Tz/Qz/U1/M9AMNIPMIDPYDDZDzBBjAGC4GW5GmpFmtBltxpqxZpwZZyaYCWaimWgmm8lmqplqppvpZoaZYWaZWWa2mW3mmDlmnplnFpgFZqFZaBabxWaJWWKWmmVmmVlhVphVZpVZY9aYdWad2WA2mE1mk1lqtpqtZrvZbnaanWa32W32mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+aEOWFOmpPmtDltzpgz5qw5a86b8+aCuWAumovmkrlkIIJIRSoykYnSRGmilCglSh+ljzJEGaKMUcYoESWiTFGmKHN0Y5Qlyhpli7JHOaKcUa7IRhS5iKM4yh3liZLRTVHe6OYoX5Q/KhAVjHxUKCoc3RIViW6Nika3RcWi26Pi0R1RiahkVCoqHd0ZlYnuispG5aLy0d1RhahiVCmqHN0TVYnujapG90XVovuj6tEDUY3owahm9FBUK3o4qh09EtWJHo3qRo9F9aL6UYOoYdToX1o/hLNZn/CdbRebFrrZ7vYV28P2tL1sb9vHvmr72tdsP/u67W8H2IH2DTvIvmkH27fsEDvUDrNv2+F2hB1pR9nRdowda9+x4+x4O8G+ayfaSXaynWKn2ml2un3PzrAz7Sz7vp1tP7Bz7Fw7z863C+yHdqFdZBfbj+wS+7FdapfZ5XaFXWlX2dV2jV1r19n1doPdaDfZzXaL3Wq32e12h91pd9nddo/daz+x++yndr/9zB6wn9uDNuW38/kv7RH7lT1qv7bH7Df2uP3WnrDf2ZP2lD1tv7dn7A/2rD1nz9sf7QX7k71of7aXbLh8cn/55Z0MGUpDaSiFUig9pacMlIEyUkZKUIIyUSbKTJkpC2WhbJSNclAOykW56DImptyUm5KUpLyUl/JRPipABciTp8JUmIpQESpKRakYFaPiVJxKUAkqRaXoTrqT7qK7qByVo7vpbqpIFakyVaYqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9agBNaBG1IgaU2NqQk2oGTWj5tScWlALakktqRW1otbUmtpQG2pLbakdtaP21J46UkfqRJ2oM3WmrtSVulN36kE9qBf1oj7Uh/pSX+pH/ag/9aeBNJAG0SAaTINpCA2lYfQ2DacRNJJG0WgaQ2NpLI2jcTSBJtBEmkiTaTJNpak0nabTDJpBs2gWzabZNIfm0DyaRwtoAS2khbSYFtMSWkJLaSktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSTdtJu2k17aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkEn6SSdptN0hs7QWTpL5+k8XaCf6CL9TJcoUIpL59K7a1wGd63L6K5z/3uczWV3OVxOl8tZl8Vl/buYnHP5XH5XwBV03hVyhd0tv4tLuJKulCvt7nRl3F2u7O/iKmt3/vqL6O5+V9nd46q4e11Vd5+r5u531d0DroZ71NV0j7larr6r7Rq6Ou5RV9c95uq5+q6Ba+iau6dcC/e0a+meca3cs7+LF7pFbq1b59a7DW6f+9Sddz+6Y+4bd8H95Dq7Lq6Pe9X1da+5fu51198N+F08zL3thrsRbqQb5Ua7Mb+LJ7spbqqb5qa799wMN/N38QL3oZvtFrs5bq6b5+b/El/uabH7yC1xH7ulbplb7la4lW6VW+3W/EevK9wmt9ltcXvdJ2672+F2ul1ut9vzS3z5OPa7z9wB97k76r52h9wX7rA77o64r36JLx/fcfetO+G+cyfdKXfafe/OuB/cWXful+O/fOzfu5/dJRccMLJizYYjTsNpOYXTcXq+hjPwtZyRr+MEX8+Z+AbOzDdyFs7K2Tg75+CcnIstEztmjjk35+Ek38R5+WbOx/m5ABdkz4W4MN/CRfhWLsq3cTG+nYvzHVyCS3IpLs13chm+i8tyOS7Pd3MFrsiVuDLfw1X4Xq7K93E1vp+r8wNcgx/kmvwQ1+KHuTY/wnX4Ua7Lj3E9rs8NuCE34se5MT/BTbgpN+MnuTk/9evTYRHgVvwst+bnuA0/z235BW7HL3J77sAd+SXuxC9zZ+7CXbkbd+dXuAf35F7cm/vwq9yXX+N+/Dr35wE8kN/gQfwmD+a3eAgP5WH8Ng/nETySR/FoHsNj+R0ex+N5Ar/LE3kST+YpPJWn8XR+j2fwTJ7F7/Ns/oDn8Fyex/N5AX/IC3kRL+aPeAl/zEt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+cdjLyLd/Me3suf8D7+lPfzZ3yAP+eD/Bc+xF/wYf6Sj/BXfJS/5mP8DR/nb/kEf8cn+RSf5u/5DP/AZ/kcn+cf+QL/xBf5Z77EgSHGWMU6NnEUp4nTxilxujh9fE2cIb42zhhfFyfi6+NM8Q1x5vjGOEucNc4WZ49zxDnjXLGNKXYxx3GcO84TJ+Ob4rzxzXG+OH9cIC4Y+7hQXDi+JS4S3xoXjW+Li8W3x8XjO+ISccn40ftLx3fGZeK74rJxubh8fHdcIa4YV4orx/fEVeJ746rxfXG1+P64aPxAXCN+MK4ZPxTXih+Oa8ePxHXiR+O68WNxvbh+3CBuGDeKH48bx0/ETeKmcbP4ybh5/FTcIn46bhk/E7eKn/3D/V3jbnH3+JX4lTiE+/S85PzkguSHyYXJRcnFyY+SS5IfJ5cmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmNyU3J7ckQ6icFjx65bU3PvJpfFqf4tP59P4an8Ff6zP663zCX+8z+Rt8Zn+jz+Kz+mw+u8/hc/pc3nryzrOPfW6fxyf9TT6vv9nn8/l9AV/Qe1/IF/YNfSPfyDf2T/gmvqlv5p/0T/qn/FP+af+0f8a38s/61v4538Y/79v6F/wL/kXf3nfwHf1LvpN/2Xf2XXxX39V39919D9/D9/K9fB/fx/f1fX0/38/39/39QD/QD/KD/GA/2A/xQ/wwP8wP98P9SD/Sj/aj/Vg/1o/z4/wEP8FP9BP9ZD/ZT/VT/XQ/3c/wM/wsP8vPzjfbz/Fz/Dw/zy/wC/xCv9Av9ov9Er/EL/VL/XK/3K/0K/1qv9qv9Wv9er/eb/Qb/Wa/2W/1W/12v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9AfPB3/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJt5JjEuMT0xIvJuYmJiUmJyYkpiamJaYnngvMSMxMzEr8X5iduKDxJzE3MS8xPzEgsSHiYWJRYnFiY8SSxIfJ5YmliWWJ1YkViZWJULIuT0OuUOekAw3hbzh5pAv5A8FQsHgQ6FQONwSioRbQ9FwWygWbg/Fwx2hRCgZSoXHQr1QPzQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFYXH4KCwJH4elYVlYHlYESFkVVoc1YW1YF9aHDWFj2BQ2hy1ha9gWtocdYWfYFXaHPWFv+CTsC5+G/eGzcCB8Hg6Gv4RD4YtwOHwZjoSvwtHwdTgWvgnHw7fhRPgunAynwunwfTgTfghnw7lwPvwYLoSfwsXwc7gkf7MmhBBCCPGnjP+D/d3+LlL/8VH99pXuAHDtjuxH/vZWGgA2Zvl13VPlaJ4AgGe6tHv4r1uFCl27dv3ttks1RHnmAkDiSn4auBIvg2bwFLSEplDkP+2vp+pwgf+gfvJ2gPR/k5MCV+Ir9W/9B/VHzP7D+nMB8uW5kpMOrsRX6hf9Xe3ol/pZG/9B/XRfjAVo8jd5GeBKfKV+YXgCnoWWf3dLIYQQQgghhBDiVz1VqTZ/9P728vvzHOZKTlq4Ev/R+3MhhBBCCCGEEEJcfc936Pj04y1bNm3zDxbl/vEuWaSWRZr/Hm382y8A/lu08ecWV/uZSQghhBBCCPGvduWk/2p3IoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF7/P/6d2NU+RiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOJq+18BAAD//6/mMEE=") rmdir(&(0x7f0000000380)='./file0/../file0\x00') 1.562440872s ago: executing program 2 (id=4715): r0 = socket$kcm(0x2d, 0x2, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, 0x0, 0x0) 1.329517836s ago: executing program 3 (id=4716): r0 = socket$rxrpc(0x21, 0x2, 0x2) connect$rxrpc(r0, &(0x7f0000002800)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x5, @empty}}, 0x24) 1.164973177s ago: executing program 2 (id=4717): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x41000004, &(0x7f0000000040)) 1.025343541s ago: executing program 0 (id=4718): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x4, 0x4, 0x5}) 1.007556687s ago: executing program 5 (id=4719): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000100bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f01726a067818b990b13bfddb7e78270010720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/187], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0xa002a0, 0x10, 0x18, &(0x7f0000000000)="5ae02efc441a80536af0d1d905c723fa", &(0x7f0000000040)=""/24, 0x6414}, 0x28) 982.763011ms ago: executing program 3 (id=4720): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$SIOCRSGL2CALL(r0, 0x89e5, &(0x7f0000001b80)=@bcast) 707.867438ms ago: executing program 1 (id=4721): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==") rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00') 662.01684ms ago: executing program 3 (id=4722): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000100)) 554.211691ms ago: executing program 0 (id=4723): r0 = io_uring_setup(0xc90, &(0x7f00000002c0)) io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000000ac0)=[{0x0, 0x0, 0x0, &(0x7f0000000180), 0x0}, {0x0, 0x1, 0x0, 0x0, 0x0}], 0x2) 418.721652ms ago: executing program 5 (id=4724): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x7ff, 0x101000) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r0, 0xc040564b, &(0x7f00000000c0)) 294.670239ms ago: executing program 2 (id=4725): r0 = socket(0x10, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000600a8000600200002400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x4800) 262.679713ms ago: executing program 3 (id=4726): r0 = syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b010000000904000302ccd4280009050b02000000040009058a02"], 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) 185.99048ms ago: executing program 4 (id=4727): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xa000}}, 0x0, 0x0, 0x0) 113.700426ms ago: executing program 0 (id=4728): r0 = socket(0x1d, 0x2, 0x6) write$uinput_user_dev(r0, 0x0, 0x0) 0s ago: executing program 5 (id=4729): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000076000d0b00000008000000000300000000000000080001000100000008000a0000000000080005"], 0x30}}, 0x0) kernel console output (not intermixed with test programs): - urb status -71 [ 699.167105][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.173919][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.185163][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.192245][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.199057][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.205220][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.212274][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.213041][T15229] ERROR: (device loop1): remounting filesystem as read-only [ 699.219062][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.219362][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.239502][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.246546][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.253585][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.260625][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.267435][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.273466][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.284929][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.291756][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.297943][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.305178][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.312065][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.318116][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.325103][T15229] xtLookup: xtSearch returned -5 [ 699.325180][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.336879][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.342918][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.349980][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.356785][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.362791][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.367346][T15229] read_mapping_page failed! [ 699.369843][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.380897][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.387017][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.400965][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.407791][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.413778][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.420829][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.427696][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.433751][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.437726][T15247] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal [ 699.440846][ C1] yealink 1-1:36.0: urb_irq_callback - urb status -71 [ 699.456636][ C1] yealink 1-1:36.0: unexpected response 0 [ 699.462587][ T6230] usb 1-1: USB disconnect, device number 119 [ 699.462686][ C1] yealink 1-1:36.0: urb_ctl_callback - urb status -71 [ 699.469699][T15229] jfs_mount: diMount failed w/rc = -5 [ 699.475467][ C1] yealink 1-1:36.0: urb_ctl_callback - usb_submit_urb failed -19 [ 699.591725][T15254] loop5: detected capacity change from 0 to 8 [ 699.619938][T15229] Mount JFS Failure: -5 [ 699.672571][T15229] jfs_mount failed w/return code = -5 [ 699.739847][T15254] SQUASHFS error: xz decompression failed, data probably corrupt [ 699.747710][T15254] SQUASHFS error: Failed to read block 0x108: -5 [ 699.806412][T15254] SQUASHFS error: Unable to read metadata cache entry [106] [ 699.813834][T15254] SQUASHFS error: Unable to read inode 0x11f [ 699.916809][T15252] loop2: detected capacity change from 0 to 4096 [ 699.984571][T15252] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 700.006575][ T6230] usb 1-1: new high-speed USB device number 120 using dummy_hcd [ 700.095159][T15252] ntfs3(loop2): ino=0, mi_enum_attr [ 700.104184][T15252] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 700.199137][ T6230] usb 1-1: Using ep0 maxpacket: 8 [ 700.218380][T15252] ntfs3(loop2): failed to replay log file. Can't mount rw! [ 700.245673][ T6230] usb 1-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff [ 700.256082][ T6230] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 700.299212][ T6230] usb 1-1: Product: syz [ 700.303504][ T6230] usb 1-1: Manufacturer: syz [ 700.330491][T15245] loop4: detected capacity change from 0 to 32768 [ 700.352388][ T6230] usb 1-1: SerialNumber: syz [ 700.399165][T15245] JBD2: Invalid start block of journal: 2147483648 [ 700.406762][ T6230] usb 1-1: config 0 descriptor?? [ 700.430547][ T6230] mdc800 1-1:0.0: probe fails -> wrong Interface [ 700.449498][T15245] (syz.4.4103,15245,0):ocfs2_journal_init:973 ERROR: Linux journal layer error [ 700.536769][T15245] (syz.4.4103,15245,1):ocfs2_check_volume:2347 ERROR: Could not initialize journal! [ 700.640339][T15245] (syz.4.4103,15245,1):ocfs2_check_volume:2432 ERROR: status = -22 [ 700.669414][ T6007] usb 6-1: new high-speed USB device number 106 using dummy_hcd [ 700.688331][T15245] (syz.4.4103,15245,1):ocfs2_mount_volume:1764 ERROR: status = -22 [ 700.758056][T15245] (syz.4.4103,15245,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 700.882089][ T6007] usb 6-1: Using ep0 maxpacket: 8 [ 700.957979][ T5981] usb 1-1: USB disconnect, device number 120 [ 700.964344][ T6007] usb 6-1: config 0 has an invalid interface number: 68 but max is 0 [ 700.985505][ T6007] usb 6-1: config 0 has no interface number 0 [ 701.016879][ T6007] usb 6-1: config 0 interface 68 altsetting 147 endpoint 0xE has invalid maxpacket 512, setting to 64 [ 701.051808][ T6007] usb 6-1: config 0 interface 68 has no altsetting 0 [ 701.078360][ T6007] usb 6-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=60.7a [ 701.129620][ T6007] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.170252][ T6007] usb 6-1: Product: syz [ 701.182059][T15267] loop1: detected capacity change from 0 to 512 [ 701.186445][ T6007] usb 6-1: Manufacturer: syz [ 701.206674][ T6007] usb 6-1: SerialNumber: syz [ 701.229492][T15267] EXT4-fs: old and new quota format mixing [ 701.239132][ T6007] usb 6-1: config 0 descriptor?? [ 701.301018][ T975] usb 3-1: new high-speed USB device number 127 using dummy_hcd [ 701.524702][ T975] usb 3-1: Using ep0 maxpacket: 16 [ 701.539867][ T975] usb 3-1: unable to get BOS descriptor or descriptor too short [ 701.548090][ T6007] usb 6-1: USB disconnect, device number 106 [ 701.569492][ T975] usb 3-1: config 8 has an invalid interface number: 132 but max is 0 [ 701.593083][ T975] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 701.627945][ T975] usb 3-1: config 8 has no interface number 0 [ 701.663743][ T975] usb 3-1: config 8 interface 132 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 701.721637][ T975] usb 3-1: config 8 interface 132 has no altsetting 0 [ 701.770055][T15273] loop4: detected capacity change from 0 to 2048 [ 701.789530][ T975] usb 3-1: New USB device found, idVendor=07cf, idProduct=1001, bcdDevice=8f.8b [ 701.812596][ T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 701.838612][T15257] loop3: detected capacity change from 0 to 32768 [ 701.851430][T15273] UDF-fs: warning (device loop4): udf_fill_super: No fileset found [ 701.860212][ T975] usb 3-1: Product: syz [ 701.864449][ T975] usb 3-1: Manufacturer: syz [ 701.919455][ T975] usb 3-1: SerialNumber: syz [ 701.921854][T15257] (syz.3.4108,15257,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 701.999267][T15257] (syz.3.4108,15257,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 702.115464][T15257] (syz.3.4108,15257,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xcde76f4d, computed 0x2bdb55f4. Applying ECC. [ 702.210154][ T975] usb-storage 3-1:8.132: USB Mass Storage device detected [ 702.212742][T15257] (syz.3.4108,15257,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xcde76f4d, computed 0x2bdb55f4. Applying ECC. [ 702.282690][ T975] usb-storage 3-1:8.132: Quirks match for vid 07cf pid 1001: a [ 702.365362][T15277] loop0: detected capacity change from 0 to 4096 [ 702.385951][T15257] JBD2: Ignoring recovery information on journal [ 702.466795][ T975] usb 3-1: USB disconnect, device number 127 [ 702.489797][T15277] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 702.552401][T15277] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 702.577519][T15277] ntfs3(loop0): Failed to load $MFTMirr (-22). [ 702.606635][T15257] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 702.800763][T15293] loop4: detected capacity change from 0 to 2048 [ 702.863686][ T10] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 703.079837][ T10] usb 2-1: config 252 has an invalid interface number: 107 but max is 0 [ 703.117481][ T10] usb 2-1: config 252 has no interface number 0 [ 703.140167][ T10] usb 2-1: config 252 interface 107 altsetting 0 has an endpoint descriptor with address 0x6B, changing to 0xB [ 703.190860][ T10] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 703.195448][ T6017] ocfs2: Unmounting device (7,3) on (node local) [ 703.258127][ T10] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 703.290567][ T10] usb 2-1: config 252 interface 107 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 703.348143][T15303] loop2: detected capacity change from 0 to 512 [ 703.355788][ T10] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=d7.67 [ 703.376399][T15303] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 703.400539][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 703.405130][T15303] EXT4-fs (loop2): mount failed [ 703.438286][ T10] usb 2-1: Product: syz [ 703.452466][ T10] usb 2-1: Manufacturer: syz [ 703.470244][ T10] usb 2-1: SerialNumber: syz [ 703.492877][ T6007] usb 1-1: new high-speed USB device number 121 using dummy_hcd [ 703.497407][ T10] usbtouchscreen 2-1:252.107: probe with driver usbtouchscreen failed with error -90 [ 703.582529][ T5981] usb 5-1: new low-speed USB device number 12 using dummy_hcd [ 703.704819][ T6007] usb 1-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 703.748374][ T6007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 703.778408][ T6007] usb 1-1: config 0 descriptor?? [ 703.799152][ T6007] ums-realtek 1-1:0.0: USB Mass Storage device detected [ 703.816374][ T5981] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 703.833968][ T5981] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 703.856119][ T5981] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt [ 703.859331][ T10] usb 2-1: USB disconnect, device number 4 [ 703.885272][ T5981] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 703.899565][ T5981] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 703.913210][ T5981] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 703.960958][ T5981] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 704.062718][ T6007] usb 1-1: USB disconnect, device number 121 [ 704.069227][ T5981] usbtmc 5-1:16.0: bulk endpoints not found [ 704.172951][T15318] loop3: detected capacity change from 0 to 2048 [ 704.203263][T15318] EXT4-fs: Ignoring removed bh option [ 704.230231][T15318] EXT4-fs: Ignoring removed nomblk_io_submit option [ 704.237040][T15318] EXT4-fs: Ignoring removed orlov option [ 704.253721][T15318] EXT4-fs (loop3): can't mount with both data=journal and dax [ 704.332079][ T6007] usb 5-1: USB disconnect, device number 12 [ 705.010491][ T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 705.133429][T15339] loop5: detected capacity change from 0 to 512 [ 705.187126][T15339] EXT4-fs warning (device loop5): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 705.205878][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 705.221507][T15343] loop4: detected capacity change from 0 to 8 [ 705.225357][ T10] usb 4-1: config 6 has an invalid interface number: 37 but max is 1 [ 705.244975][ T10] usb 4-1: config 6 has an invalid interface number: 222 but max is 1 [ 705.265374][ T10] usb 4-1: config 6 has no interface number 0 [ 705.272523][ T10] usb 4-1: config 6 has no interface number 1 [ 705.278641][T15339] EXT4-fs warning (device loop5): dx_probe:848: Enable large directory feature to access it [ 705.278728][T15339] EXT4-fs warning (device loop5): dx_probe:933: inode #2: comm syz.5.4144: Corrupt directory, running e2fsck is recommended [ 705.279084][T15339] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 705.289628][ T10] usb 4-1: config 6 interface 37 has no altsetting 0 [ 705.320398][T15343] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 705.327872][ T10] usb 4-1: config 6 interface 222 has no altsetting 0 [ 705.347786][ T10] usb 4-1: string descriptor 0 read error: -71 [ 705.354173][T15343] cramfs: wrong endianness [ 705.359716][ T10] usb 4-1: New USB device found, idVendor=04cb, idProduct=010b, bcdDevice=a5.c8 [ 705.374606][T15339] EXT4-fs error (device loop5): ext4_iget_extra_inode:5034: inode #15: comm syz.5.4144: corrupted in-inode xattr: invalid ea_ino [ 705.404913][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 705.465369][T15339] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4144: couldn't read orphan inode 15 (err -117) [ 705.529267][ T10] usb 4-1: can't set config #6, error -71 [ 705.576989][T15339] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 705.624509][ T10] usb 4-1: USB disconnect, device number 3 [ 705.859255][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.975799][T15351] loop1: detected capacity change from 0 to 8192 [ 706.004229][ T975] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 706.026192][ T6007] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 706.075942][ T6013] loop1: AHDI p2 p3 p4 [ 706.085237][ T6013] loop1: p4 start 923401984 is beyond EOD, truncated [ 706.105636][T15351] loop1: AHDI p2 p3 p4 [ 706.126949][T15351] loop1: p4 start 923401984 is beyond EOD, truncated [ 706.196378][ T975] usb 5-1: Using ep0 maxpacket: 8 [ 706.234043][ T975] usb 5-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=a8.17 [ 706.250463][ T6007] usb 3-1: unable to get BOS descriptor or descriptor too short [ 706.264955][ T975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.277018][ T6007] usb 3-1: not running at top speed; connect to a high speed hub [ 706.302840][ T975] usb 5-1: Product: syz [ 706.314423][ T975] usb 5-1: Manufacturer: syz [ 706.330465][ T975] usb 5-1: SerialNumber: syz [ 706.336118][ T6007] usb 3-1: config 253 has an invalid interface number: 140 but max is 0 [ 706.346302][ T975] usb 5-1: config 0 descriptor?? [ 706.354236][ T975] hub 5-1:0.0: bad descriptor, ignoring hub [ 706.362661][ T975] hub 5-1:0.0: probe with driver hub failed with error -5 [ 706.377615][ T975] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 706.400275][ T6007] usb 3-1: config 253 has no interface number 0 [ 706.442509][T15333] loop0: detected capacity change from 0 to 40427 [ 706.457910][ T6007] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=3e.5b [ 706.473408][T15333] F2FS-fs (loop0): build fault injection rate: 532 [ 706.485719][ T6007] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.515103][T15333] F2FS-fs (loop0): inline encryption not supported [ 706.538593][ T6007] usb 3-1: Product: syz [ 706.543884][T15333] F2FS-fs (loop0): build fault injection type: 0xae [ 706.549313][ T6007] usb 3-1: Manufacturer: syz [ 706.573998][T15333] F2FS-fs (loop0): build fault injection type: 0x0 [ 706.583693][ T6007] usb 3-1: SerialNumber: syz [ 706.600201][ T5981] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 706.685337][ T6258] usb 5-1: USB disconnect, device number 13 [ 706.693576][T15333] F2FS-fs (loop0): invalid crc value [ 706.848525][ T5981] usb 4-1: config 0 has an invalid interface number: 123 but max is 0 [ 706.856848][ T5981] usb 4-1: config 0 has no interface number 0 [ 706.914366][ T6007] usbtest 3-1:253.140: Linux gadget zero [ 706.920098][ T6007] usbtest 3-1:253.140: full-speed {control in/out int-out} tests (+alt) [ 706.931057][ T5981] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=66.21 [ 706.961978][ T5981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 706.984323][ T6007] usb 3-1: USB disconnect, device number 2 [ 707.010060][ T5981] usb 4-1: config 0 descriptor?? [ 707.149853][T15333] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 707.271707][ T6258] usb 4-1: USB disconnect, device number 4 [ 707.353569][ T975] usb 6-1: new full-speed USB device number 107 using dummy_hcd [ 707.547020][ T975] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 707.592176][ T975] usb 6-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54 [ 707.606076][ T975] usb 6-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7 [ 707.625323][ T975] usb 6-1: Product: syz [ 707.660534][ T975] usb 6-1: Manufacturer: syz [ 707.686928][ T975] usb 6-1: SerialNumber: syz [ 707.706277][ T975] usb 6-1: config 0 descriptor?? [ 707.757379][ T6007] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 707.779064][ T975] gspca_main: conex-2.14.0 probing 0572:0041 [ 707.961441][ T6007] usb 2-1: config 0 has an invalid interface number: 90 but max is 0 [ 707.969709][ T6007] usb 2-1: config 0 has no interface number 0 [ 707.998220][ T6007] usb 2-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=de.7f [ 708.013511][T15379] loop4: detected capacity change from 0 to 4096 [ 708.028429][ T6007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.051398][ T6007] usb 2-1: Product: syz [ 708.055658][ T6007] usb 2-1: Manufacturer: syz [ 708.088802][T15379] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 708.103573][ T6007] usb 2-1: SerialNumber: syz [ 708.123338][ T6007] usb 2-1: config 0 descriptor?? [ 708.236012][T15379] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 708.245380][ T975] usb 6-1: USB disconnect, device number 107 [ 708.266108][T15379] ntfs3(loop4): Failed to load $Extend (-22). [ 708.284181][T15379] ntfs3(loop4): Failed to initialize $Extend. [ 708.417542][ T6007] cdc_subset 2-1:0.90: probe with driver cdc_subset failed with error -71 [ 708.462854][ T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 708.464098][ T6007] usb 2-1: USB disconnect, device number 5 [ 708.681472][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 708.695748][ T10] usb 4-1: config 1 has an invalid interface number: 121 but max is 0 [ 708.725657][ T10] usb 4-1: config 1 has no interface number 0 [ 708.743294][ T10] usb 4-1: config 1 interface 121 altsetting 2 has an endpoint descriptor with address 0x7F, changing to 0xF [ 708.801159][ T10] usb 4-1: config 1 interface 121 has no altsetting 0 [ 708.829398][ T10] usb 4-1: New USB device found, idVendor=054c, idProduct=0144, bcdDevice=2c.3c [ 708.880121][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.910150][ T10] usb 4-1: Product: syz [ 708.925766][ T10] usb 4-1: Manufacturer: syz [ 708.930437][ T10] usb 4-1: SerialNumber: syz [ 709.018889][T12810] usb 5-1: new full-speed USB device number 14 using dummy_hcd [ 709.195007][T15381] loop2: detected capacity change from 0 to 32768 [ 709.210654][ T10] usb 4-1: palm_os_4_probe - error -71 getting connection info [ 709.231328][T12810] usb 5-1: unable to get BOS descriptor set [ 709.242303][ T10] visor 4-1:1.121: Sony Clie 5.0 converter detected [ 709.262730][T12810] usb 5-1: not running at top speed; connect to a high speed hub [ 709.275106][T15381] (syz.2.4162,15381,1):ocfs2_initialize_super:2086 ERROR: couldn't mount because of unsupported optional features (20). [ 709.286464][ T10] usb 4-1: Sony Clie 5.0 converter now attached to ttyUSB0 [ 709.307467][T12810] usb 5-1: config 1 interface 0 has no altsetting 0 [ 709.326103][T15381] (syz.2.4162,15381,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 709.337897][T12810] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.40 [ 709.355537][ T10] usb 4-1: Sony Clie 5.0 converter now attached to ttyUSB1 [ 709.363500][T12810] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 709.390807][T12810] usb 5-1: Product: syz [ 709.411105][ T10] usb 4-1: USB disconnect, device number 5 [ 709.413532][T12810] usb 5-1: Manufacturer: syz [ 709.458403][T12810] usb 5-1: SerialNumber: syz [ 709.500627][ T10] clie_5 ttyUSB0: Sony Clie 5.0 converter now disconnected from ttyUSB0 [ 709.562436][ T10] clie_5 ttyUSB1: Sony Clie 5.0 converter now disconnected from ttyUSB1 [ 709.574881][ T5981] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 709.622860][ T10] visor 4-1:1.121: device disconnected [ 709.762882][T12810] usbhid 5-1:1.0: can't add hid device: -71 [ 709.774076][ T5981] usb 2-1: Using ep0 maxpacket: 16 [ 709.795794][T12810] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 709.820891][ T5981] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 709.857809][ T5981] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0 [ 709.885494][T12810] usb 5-1: USB disconnect, device number 14 [ 709.928840][ T5981] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 709.959500][ T5981] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 710.001180][ T5981] usb 2-1: New USB device found, idVendor=1608, idProduct=0303, bcdDevice=a1.cb [ 710.061503][ T5981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.095474][ T5981] usb 2-1: Product: syz [ 710.099890][ T5981] usb 2-1: Manufacturer: syz [ 710.104523][ T5981] usb 2-1: SerialNumber: syz [ 710.163748][ T5981] usb 2-1: config 0 descriptor?? [ 710.204612][ T5981] io_ti 2-1:0.0: required endpoints missing [ 710.264649][T15407] loop5: detected capacity change from 0 to 256 [ 710.297461][T15408] loop3: detected capacity change from 0 to 512 [ 710.369222][T15408] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 710.452485][T12810] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 710.536873][T15408] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #17: comm syz.3.4173: iget: bad i_size value: -6917529027641081756 [ 710.581410][ T10] usb 2-1: USB disconnect, device number 6 [ 710.669970][T15408] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.4173: couldn't read orphan inode 17 (err -117) [ 710.684862][T15408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 710.710574][T12810] usb 3-1: Using ep0 maxpacket: 8 [ 710.742906][T12810] usb 3-1: config 135 has an invalid interface number: 230 but max is 0 [ 710.768547][T12810] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 710.832703][T12810] usb 3-1: config 135 has no interface number 0 [ 710.851529][T12810] usb 3-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 710.901448][T12810] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 710.922036][T12810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.937732][ T6017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.965727][T12810] usb 3-1: Product: syz [ 710.975650][T12810] usb 3-1: Manufacturer: syz [ 710.980285][T12810] usb 3-1: SerialNumber: syz [ 711.396485][ T6193] usb 3-1: USB disconnect, device number 3 [ 711.599012][T15392] loop0: detected capacity change from 0 to 65536 [ 711.660176][T15392] XFS (loop0): Deprecated V4 format (crc=0) not supported by kernel. [ 711.719276][T15436] loop3: detected capacity change from 0 to 512 [ 711.736055][T15436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 711.836679][T15436] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 711.883573][T15436] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e128, mo2=0002] [ 711.892068][T15436] EXT4-fs (loop3): orphan cleanup on readonly fs [ 711.910167][T15443] loop1: detected capacity change from 0 to 128 [ 711.943300][T15436] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #4: comm syz.3.4184: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 712.005782][T15443] hpfs: [ 712.005782][T15443] HPFS filesystem options: [ 712.005782][T15443] help do not mount and display this text [ 712.005782][T15443] uid=xxx set uid of files that don't have uid specified in eas [ 712.005782][T15443] gid=xxx set gid of files that don't have gid specified in eas [ 712.005782][T15443] umask=xxx set mode of files that don't have mode specified in eas [ 712.005782][T15443] case=lower lowercase all files [ 712.005782][T15443] case=asis do not lowercase files (default) [ 712.005782][T15443] check=none no fs checks - kernel may crash on corrupted filesystem [ 712.005782][T15443] check=normal do some checks - it should not crash (default) [ 712.005782][T15443] check=strict do extra time-consuming checks, used for debugging [ 712.005782][T15443] errors=continue continue on errors [ 712.005782][T15443] errors=remount-ro remount read-only if errors found (default) [ 712.005782][T15443] errors=panic panic on errors [ 712.005782][T15443] chkdsk=no do not mark fs for chkdsking even if there were errors [ 712.005782][T15443] chkdsk=errors mark fs dirty if errors found (default) [ 712.005782][T15443] chkdsk=always always mark fs dirty - used for debugging [ 712.005782][T15443] e [ 712.029706][T15436] EXT4-fs (loop3): Remounting filesystem read-only [ 712.194022][T15436] EXT4-fs warning (device loop3): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 712.257782][T15436] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 712.315838][T15436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 712.748151][ T6017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 712.985252][ T5981] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 713.167839][ T5981] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 713.211048][ T5981] usb 3-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00 [ 713.252178][ T5981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.300056][ T5981] usb 3-1: config 0 descriptor?? [ 713.474524][T15431] loop5: detected capacity change from 0 to 32768 [ 713.605041][ T5981] usbhid 3-1:0.0: can't add hid device: -71 [ 713.634680][ T5981] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 713.699040][ T5981] usb 3-1: USB disconnect, device number 4 [ 713.889830][T15469] loop4: detected capacity change from 0 to 1024 [ 713.943697][T15469] hfsplus: catalog name length corrupted [ 713.987958][T15469] hfsplus: failed to load root directory [ 714.018096][ T6193] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 714.205784][ T6193] usb 4-1: config 0 has an invalid interface number: 153 but max is 0 [ 714.230393][ T6193] usb 4-1: config 0 has no interface number 0 [ 714.257680][T15473] tmpfs: Bad value for 'mpol' [ 714.262565][ T6193] usb 4-1: too many endpoints for config 0 interface 153 altsetting 255: 255, using maximum allowed: 30 [ 714.298275][ T6193] usb 4-1: config 0 interface 153 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 714.365063][ T6193] usb 4-1: config 0 interface 153 has no altsetting 0 [ 714.389146][ T6193] usb 4-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34 [ 714.420556][ T6193] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 714.463809][ T6193] usb 4-1: Product: syz [ 714.492563][ T6193] usb 4-1: Manufacturer: syz [ 714.503386][ T6193] usb 4-1: SerialNumber: syz [ 714.522442][T15457] loop1: detected capacity change from 0 to 32768 [ 714.536176][ T6193] usb 4-1: config 0 descriptor?? [ 714.572085][T15457] bcachefs (/dev/loop1): error reading default superblock: checksum error, type none: got should be [ 714.600103][T15477] loop2: detected capacity change from 0 to 512 [ 714.608340][ T6193] hub 4-1:0.153: bad descriptor, ignoring hub [ 714.630178][T15479] loop4: detected capacity change from 0 to 3 [ 714.639146][ T6193] hub 4-1:0.153: probe with driver hub failed with error -5 [ 714.660477][T15477] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 714.660513][T15457] bcachefs (/dev/loop1): error reading superblock: checksum error, type none: got should be checksum error, type none: got should be [ 714.675967][T15479] syz.4.4205: attempt to access beyond end of device [ 714.675967][T15479] loop4: rw=2048, sector=0, nr_sectors = 8 limit=3 [ 714.686345][ T6193] sierra 4-1:0.153: Sierra USB modem converter detected [ 714.728615][T15477] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 not in group (block 0)! [ 714.776306][T15457] bcachefs: bch2_fs_get_tree() error: invalid_sb_csum [ 714.804546][ T6193] usb 4-1: USB disconnect, device number 6 [ 714.804703][T15479] SQUASHFS error: Failed to read block 0x0: -5 [ 714.843065][T15477] EXT4-fs (loop2): group descriptors corrupted! [ 714.846982][ T6193] sierra 4-1:0.153: device disconnected [ 714.892473][T15479] unable to read squashfs_super_block [ 715.325468][T15464] loop0: detected capacity change from 0 to 32768 [ 715.377070][T15487] syz.4.4209: attempt to access beyond end of device [ 715.377070][T15487] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 715.429457][T15487] gfs2: error -5 reading superblock [ 715.449677][T15464] XFS (loop0): logbuf size must be greater than or equal to log stripe size [ 715.475469][T15483] loop5: detected capacity change from 0 to 4096 [ 716.039951][T15499] loop3: detected capacity change from 0 to 256 [ 716.227886][T15505] loop5: detected capacity change from 0 to 65 [ 716.271820][T15505] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop5 [ 717.163713][T15495] loop2: detected capacity change from 0 to 32768 [ 717.215992][T15495] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section [ 717.215992][T15495] clean (size 2912): [ 717.215992][T15495] flags: 0 [ 717.215992][T15495] journal_seq: 8 [ 717.215992][T15495] usage: type=inodes v=8 [ 717.215992][T15495] usage: type=key_version v=0 [ 717.215992][T15495] usage: type=reserved v=0 [ 717.215992][T15495] usage: type=reserved v=0 [ 717.215992][T15495] usage: type=reserved v=0 [ 717.215992][T15495] usage: type=reserved v=0 [ 717.215992][T15495] data_usage: btree: 1/1 [0]=2816 [ 717.215992][T15495] data_usage: journal: 1/1 [0]=0 [ 717.215992][T15495] btree_keys: btree=extents level=0 u64s 8 type deleted 0:2048:0 len 8 ver 1065151889408: [ 717.215992][T15495] btree_keys: btree=extents level=0 u64s 1 type deleted POS_MIN len 224 ver 137438953472: [ 717.215992][T15495] btree_keys: btree=extents level=0 u64s 32 type deleted POS_MIN len 0 ver 962072674304: [ 717.215992][T15495] clock: read=0 [ 717.215992][T15495] clock: write=1288 [ 717.215992][T15495] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 249e7ae2af8ee356 written 16 min_key POS_MIN ptr: 0:6912 gen 0 [ 717.215992][T15495] btree_root: btree=inodes level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq efdd7a26d7396dd5 written 24 min_key POS_MIN ptr: 0:9728 gen 0 [ 717.215992][T15495] btree_root: btree=dirents l [ 717.216408][T15495] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 717.420953][T15523] loop4: detected capacity change from 0 to 512 [ 717.490680][T15523] EXT4-fs: Ignoring removed bh option [ 717.507292][T15523] EXT4-fs: Ignoring removed bh option [ 717.579518][T15523] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 717.628396][T15523] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 717.682921][T15523] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 717.750448][T15523] EXT4-fs (loop4): orphan cleanup on readonly fs [ 717.821809][T15523] EXT4-fs warning (device loop4): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 717.881851][T15523] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 717.923668][T15523] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.4224: Invalid block bitmap block 0 in block_group 0 [ 717.991842][T15523] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 718.035947][T15523] EXT4-fs (loop4): 1 orphan inode deleted [ 718.080621][T15523] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 718.266287][T15515] loop5: detected capacity change from 0 to 32768 [ 718.496927][T15526] loop2: detected capacity change from 0 to 32768 [ 718.557182][ T5995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.603458][T15521] loop3: detected capacity change from 0 to 32768 [ 718.627592][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 718.634593][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 718.870090][T15509] loop0: detected capacity change from 0 to 32768 [ 718.909851][T15509] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 718.936540][T15509] dlm: no local IP address has been set [ 718.967561][T15526] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 718.967603][T15526] allowing incompatible features above 0.0: (unknown version) [ 718.967627][T15526] features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 718.996273][T15509] dlm: cannot start dlm midcomms -107 [ 718.996336][T15509] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 719.051180][ T6230] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 719.146129][T15515] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 719.146174][T15515] allowing incompatible features above 0.0: (unknown version) [ 719.146197][T15515] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 719.146245][T15515] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 719.146418][T15515] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 719.146619][T15515] bcachefs (loop5): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 719.146619][T15515] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 719.230084][ T6230] usb 5-1: Using ep0 maxpacket: 8 [ 719.278230][ T6230] usb 5-1: New USB device found, idVendor=04cb, idProduct=0111, bcdDevice=d1.8d [ 719.278285][ T6230] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.278322][ T6230] usb 5-1: Product: syz [ 719.278352][ T6230] usb 5-1: Manufacturer: syz [ 719.278381][ T6230] usb 5-1: SerialNumber: syz [ 719.282030][ T6230] usb 5-1: config 0 descriptor?? [ 719.290495][T15521] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names [ 719.290532][T15521] allowing incompatible features above 0.0: (unknown version) [ 719.290555][T15521] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 719.290603][T15521] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 719.290791][T15521] bcachefs (loop3): recovering from clean shutdown, journal seq 7 [ 719.291129][T15521] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 719.291129][T15521] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 719.295160][ T6230] gspca_main: finepix-2.14.0 probing 04cb:0111 [ 719.344699][T15515] bcachefs (loop5): accounting_read... done [ 719.402382][T15515] bcachefs (loop5): alloc_read... done [ 719.403368][T15515] bcachefs (loop5): snapshots_read... done [ 719.405621][T15515] bcachefs (loop5): check_allocations... [ 719.413124][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.413170][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 719.441630][T15521] bcachefs (loop3): accounting_read... [ 719.443766][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.443798][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 719.446110][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.446139][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 719.454563][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.454612][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 719.479673][T15521] done [ 719.479696][T15521] bcachefs (loop3): alloc_read... done [ 719.484827][T15521] bcachefs (loop3): snapshots_read... done [ 719.489962][T15521] bcachefs (loop3): check_allocations... [ 719.490328][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.490360][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 719.492428][T15515] bcachefs (loop5): btree ptr not marked in member info btree allocated bitmap [ 719.492447][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.492459][T15515] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 719.492481][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 719.529997][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.530032][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 719.536355][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.536388][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 719.553115][T12810] usb 5-1: USB disconnect, device number 15 [ 719.571655][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.571689][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 719.594261][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.594298][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 719.596735][T15521] bcachefs (loop3): btree ptr not marked in member info btree allocated bitmap [ 719.596766][T15521] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 719.597664][T15515] done [ 719.663998][T15521] done [ 719.669745][T15515] bcachefs (loop5): going read-write [ 719.730788][T15521] bcachefs (loop3): going read-write [ 719.781298][T15515] bcachefs (loop5): journal_replay... [ 719.819956][T15521] bcachefs (loop3): journal_replay... [ 719.967166][T15515] done [ 719.980484][T15515] bcachefs (loop5): check_extents_to_backpointers... [ 719.982561][T15515] bcachefs (loop5): scanning for missing backpointers in 6/128 buckets [ 719.991377][T15521] done [ 719.992040][T15521] bcachefs (loop3): check_extents_to_backpointers... [ 719.997672][T15515] done [ 720.033045][T15521] bcachefs (loop3): scanning for missing backpointers in 6/128 buckets [ 720.042103][T15515] bcachefs (loop5): check_inodes... [ 720.043674][T15521] done [ 720.044677][T15515] done [ 720.048473][T15521] bcachefs (loop3): check_inodes... [ 720.056769][T15526] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 720.094166][T15515] bcachefs (loop5): resume_logged_ops... [ 720.097100][T15526] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 720.163371][T15515] done [ 720.210269][T15521] done [ 720.309951][T15526] bcachefs (loop2): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive [ 720.309951][T15526] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 720.605086][T15528] loop1: detected capacity change from 0 to 32768 [ 720.616504][T15521] bcachefs (loop3): resume_logged_ops... done [ 720.644858][T15528] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4226 (15528) [ 720.661297][T15521] bcachefs (loop3): delete_dead_inodes... [ 720.668654][T15515] bcachefs (loop5): delete_dead_inodes... [ 720.693236][T15521] done [ 720.727216][T15515] done [ 720.756493][T15521] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 720.772334][T15515] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 720.787880][T15521] bcachefs (loop3): check_extents_to_backpointers... [ 720.793270][T15528] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 720.811798][T15526] bcachefs (loop2): accounting_read... [ 720.820869][T15521] done [ 720.835543][T15515] bcachefs (loop5): check_extents_to_backpointers... [ 720.843885][T15526] done [ 720.859963][T15521] bcachefs (loop3): check_inodes... [ 720.864100][T15515] done [ 720.864663][T15521] done [ 720.885338][T15528] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 720.894849][T15528] BTRFS info (device loop1): using free-space-tree [ 720.900598][T15515] bcachefs (loop5): check_inodes... [ 720.901879][T15526] bcachefs (loop2): alloc_read... [ 720.907602][T15521] bcachefs (loop3): resume_logged_ops... done [ 720.928463][T15515] done [ 720.931282][T15515] bcachefs (loop5): resume_logged_ops... [ 720.932278][T15521] bcachefs (loop3): delete_dead_inodes... [ 720.938019][T15526] done [ 720.947612][T15515] done [ 720.960627][T15526] bcachefs (loop2): snapshots_read... [ 720.961300][T15515] bcachefs (loop5): delete_dead_inodes... [ 720.971892][T15526] done [ 720.978267][T15521] done [ 720.984411][T15526] bcachefs (loop2): check_allocations... [ 720.989551][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 720.989631][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4fe84214937890c3 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 721.020622][T15521] bcachefs (loop3): done starting filesystem [ 721.055345][T15515] done [ 721.084124][T15515] bcachefs (loop5): done starting filesystem [ 721.089861][T15564] loop0: detected capacity change from 0 to 32768 [ 721.106714][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 721.106746][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq a22d880bb51b703b written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 721.136735][T15564] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4229 (15564) [ 721.215652][T15564] BTRFS info (device loop0): first mount of filesystem 8f67342e-760a-4d9f-bdfe-dfdef307742f [ 721.215823][T15564] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm [ 721.215892][T15564] BTRFS info (device loop0): using free-space-tree [ 721.228030][T15521] syz.3.4223 (15521) used greatest stack depth: 17520 bytes left [ 721.276459][ T6193] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 721.364322][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 721.364362][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq b5d608e41b3af1cf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 721.387271][ T6017] bcachefs (loop3): shutting down [ 721.387314][ T6017] bcachefs (loop3): going read-only [ 721.388210][ T6017] bcachefs (loop3): finished waiting for writes to stop [ 721.409843][ T6002] bcachefs (loop5): shutting down [ 721.409876][ T6002] bcachefs (loop5): going read-only [ 721.409922][ T6002] bcachefs (loop5): finished waiting for writes to stop [ 721.441256][ T6193] usb 5-1: Using ep0 maxpacket: 8 [ 721.479040][ T6017] bcachefs (loop3): flushing journal and stopping allocators, journal seq 15 [ 721.511965][ T6193] usb 5-1: config 1 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 721.525320][ T6193] usb 5-1: config 1 interface 0 has no altsetting 0 [ 721.533482][ T6002] bcachefs (loop5): flushing journal and stopping allocators, journal seq 18 [ 721.536358][ T6193] usb 5-1: New USB device found, idVendor=046d, idProduct=4011, bcdDevice= 0.40 [ 721.551560][ T6193] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 721.562666][ T6193] usb 5-1: Product: syz [ 721.566984][ T6193] usb 5-1: Manufacturer: 䑩뀀뤟㭗ⱚ賆䵧ῐ暧֠狶恌黪㭐唾ū鰣깆欜徚幺⾢鲱է瀉⏚㝙䉨赧낹⫢쓋ꤵ䰤锡삅璅竿 [ 721.583101][ T6193] usb 5-1: SerialNumber: syz [ 721.583924][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 721.605852][ T6017] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 15 [ 721.623363][ T6002] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 18 [ 721.636175][ T5998] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 721.652444][ T6017] bcachefs (loop3): clean shutdown complete, journal seq 16 [ 721.655848][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 92b180ffcc5b04f1 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 721.659892][ T6002] bcachefs (loop5): clean shutdown complete, journal seq 19 [ 721.676484][ T6017] bcachefs (loop3): marking filesystem clean [ 721.683669][ T6002] bcachefs (loop5): marking filesystem clean [ 721.806584][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 721.806648][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 8aae33f84eb959b0 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 721.884315][ T6004] BTRFS info (device loop0): last unmount of filesystem 8f67342e-760a-4d9f-bdfe-dfdef307742f [ 721.904805][T15526] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap [ 721.904837][T15526] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 487388c888b02d23 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 721.914842][ T6017] bcachefs (loop3): shutdown complete [ 721.992502][ T6193] usbhid 5-1:1.0: can't add hid device: -71 [ 721.992643][ T6193] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 722.040144][ T6193] usb 5-1: USB disconnect, device number 16 [ 722.057407][ T6002] bcachefs (loop5): shutdown complete [ 722.305636][T15526] done [ 722.405090][T15526] bcachefs (loop2): going read-write [ 722.418612][T15526] bcachefs (loop2): bch2_copygc_start(): error creating copygc thread EINTR [ 722.450460][T15526] bcachefs (loop2): __bch2_fs_read_write(): error error starting copygc thread EINTR [ 722.531659][T15526] bcachefs (loop2): going read-only [ 722.554258][T15526] bcachefs (loop2): finished waiting for writes to stop [ 722.571256][T15526] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 722.614926][T15526] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 722.691431][T15526] bcachefs (loop2): unclean shutdown complete, journal seq 11 [ 722.769471][T15526] bcachefs (loop2): done going read-only, filesystem not clean [ 722.842122][T15526] bcachefs (loop2): error in recovery: EINTR [ 722.842150][T15526] emergency read only at seq 11 [ 722.957619][T15526] bcachefs (loop2): bch2_fs_start(): error starting filesystem EINTR [ 722.999606][T15526] bcachefs (loop2): shutting down [ 723.145668][T15526] bcachefs (loop2): shutdown complete [ 723.218067][T15612] loop4: detected capacity change from 0 to 2048 [ 723.272005][T15612] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 723.307074][T15612] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 723.331142][T15612] UDF-fs: Scanning with blocksize 512 failed [ 723.375273][T15612] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 723.440534][ T6258] usb 1-1: new high-speed USB device number 122 using dummy_hcd [ 723.651875][ T6258] usb 1-1: unable to get BOS descriptor or descriptor too short [ 723.676061][ T6193] usb 6-1: new high-speed USB device number 108 using dummy_hcd [ 723.686376][ T6258] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 723.718389][ T6258] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 723.746009][ T6258] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 723.781592][ T6258] usb 1-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39 [ 723.800557][ T6258] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 723.850515][ T6258] usb 1-1: Product: syz [ 723.854782][ T6258] usb 1-1: Manufacturer: syz [ 723.868100][ T6258] usb 1-1: SerialNumber: syz [ 723.903108][ T6193] usb 6-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30 [ 723.917962][ T6258] usb 1-1: config 0 descriptor?? [ 723.932367][ T6193] usb 6-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81 [ 723.948428][ T6258] pn533_usb 1-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 723.971479][ T6193] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 724.005115][ T6193] usb 6-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101 [ 724.050013][ T975] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 724.064648][ T6193] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 724.078569][ T6193] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 724.215160][ T6258] usb 1-1: USB disconnect, device number 122 [ 724.215569][T15607] loop1: detected capacity change from 0 to 32768 [ 724.234741][T15607] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4234 (15607) [ 724.252807][ T975] usb 5-1: Using ep0 maxpacket: 32 [ 724.265815][ T975] usb 5-1: config 0 has an invalid interface number: 36 but max is 0 [ 724.295835][ T975] usb 5-1: config 0 has no interface number 0 [ 724.320578][ T975] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=1b.c4 [ 724.359271][T15607] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 724.366041][ T6193] ath6kl: Failed to submit usb control message: -71 [ 724.379871][ T975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 724.393446][ T6193] ath6kl: unable to send the bmi data to the device: -71 [ 724.401137][ T975] usb 5-1: Product: syz [ 724.407149][ T975] usb 5-1: Manufacturer: syz [ 724.411968][ T6193] ath6kl: Unable to send get target info: -71 [ 724.413519][T15607] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 724.427836][ T975] usb 5-1: SerialNumber: syz [ 724.449781][T15607] BTRFS info (device loop1): using free-space-tree [ 724.466627][ T6193] ath6kl: Failed to init ath6kl core: -71 [ 724.479208][ T975] usb 5-1: config 0 descriptor?? [ 724.516840][ T6193] ath6kl_usb 6-1:4.0: probe with driver ath6kl_usb failed with error -71 [ 724.633934][ T6193] usb 6-1: USB disconnect, device number 108 [ 724.741375][ T975] cx82310_eth 5-1:0.36: probe with driver cx82310_eth failed with error -22 [ 724.788588][ T975] cxacru 5-1:0.36: usbatm_usb_probe: bind failed: -19! [ 724.835870][ T975] usb 5-1: USB disconnect, device number 17 [ 724.839417][T15622] loop3: detected capacity change from 0 to 40427 [ 724.858260][T15622] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 724.866310][ T5998] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 724.910559][T15622] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 724.951623][T15622] F2FS-fs (loop3): build fault injection rate: 8 [ 724.979770][T15622] F2FS-fs (loop3): build fault injection type: 0x6 [ 725.045851][T15622] F2FS-fs (loop3): invalid crc value [ 725.056244][T15622] F2FS-fs (loop3): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x3606/0x9720 [ 725.086909][T15622] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12) [ 725.525055][ T975] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 725.562917][T15650] loop0: detected capacity change from 0 to 16 [ 725.619645][T15650] erofs (device loop0): mounted with root inode @ nid 36. [ 725.695489][T12810] usb 6-1: new high-speed USB device number 109 using dummy_hcd [ 725.755453][T15652] loop3: detected capacity change from 0 to 16 [ 725.765903][ T975] usb 2-1: Using ep0 maxpacket: 8 [ 725.789499][ T975] usb 2-1: config 0 has an invalid interface number: 202 but max is 0 [ 725.819796][ T975] usb 2-1: config 0 has no interface number 0 [ 725.826786][T15652] erofs (device loop3): mounted with root inode @ nid 36. [ 725.866056][T15654] loop4: detected capacity change from 0 to 512 [ 725.872609][ T975] usb 2-1: config 0 interface 202 has no altsetting 0 [ 725.901660][T12810] usb 6-1: Using ep0 maxpacket: 16 [ 725.933004][ T975] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice= 3.ee [ 725.969561][T12810] usb 6-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00 [ 725.976572][ T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.012326][ T975] usb 2-1: Product: syz [ 726.016594][ T975] usb 2-1: Manufacturer: syz [ 726.021229][T15526] bcachefs: bch2_fs_get_tree() error: EINTR [ 726.032930][T12810] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.041232][ T975] usb 2-1: SerialNumber: syz [ 726.071295][ T975] usb 2-1: config 0 descriptor?? [ 726.088770][T15654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.124857][T12810] usb 6-1: Product: syz [ 726.177121][T12810] usb 6-1: Manufacturer: syz [ 726.181811][T12810] usb 6-1: SerialNumber: syz [ 726.238871][T15654] ext4 filesystem being mounted at /665/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 726.274197][T12810] usb 6-1: config 0 descriptor?? [ 726.328896][T12810] usb-storage 6-1:0.0: USB Mass Storage device detected [ 726.391122][ T975] usb 2-1: USB disconnect, device number 7 [ 726.392728][T12810] usb-storage 6-1:0.0: Quirks match for vid 054c pid 002e: 1 [ 726.413676][T12810] usb-storage 6-1:0.0: This device (054c,002e,0500 S 04 P 01) has an unneeded SubClass entry in unusual_devs.h (kernel 6.16.0-rc4-syzkaller-00108-g17bbde2e1716) [ 726.413676][T12810] Please send a copy of this message to and [ 726.509840][T15664] loop0: detected capacity change from 0 to 1024 [ 726.638560][T12810] usb 6-1: USB disconnect, device number 109 [ 726.684810][T15664] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.788269][ T5995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.797387][ T6193] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 726.957561][ T6193] usb 4-1: Using ep0 maxpacket: 16 [ 726.970774][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.973579][ T6193] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 727.022485][ T6193] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 727.086395][ T6193] usb 4-1: Product: syz [ 727.090698][ T6193] usb 4-1: Manufacturer: syz [ 727.127876][ T6193] usb 4-1: SerialNumber: syz [ 727.167389][ T6193] usb 4-1: config 0 descriptor?? [ 727.207007][ T6193] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 727.232536][ T6193] usb 4-1: Detected FT232H [ 727.295403][T15672] loop0: detected capacity change from 0 to 1024 [ 727.363801][ T10] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 727.396447][T15672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 727.420000][T15677] loop5: detected capacity change from 0 to 2048 [ 727.453040][ T6193] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 727.479723][T15677] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 727.495166][ T6193] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 727.520969][ T6193] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71 [ 727.551886][T15677] ext4 filesystem being mounted at /708/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 727.567353][ T6193] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 727.606018][ T6193] usb 4-1: USB disconnect, device number 7 [ 727.627437][ T6007] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 727.628559][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=7270, bcdDevice=48.bc [ 727.644605][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.674683][ T6193] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 727.704453][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 727.737578][ T6193] ftdi_sio 4-1:0.0: device disconnected [ 727.749202][ T10] usb 5-1: Product: syz [ 727.753468][ T10] usb 5-1: Manufacturer: syz [ 727.758662][ T10] usb 5-1: SerialNumber: syz [ 727.828473][ T10] usb 5-1: config 0 descriptor?? [ 727.834336][ T6007] usb 2-1: Using ep0 maxpacket: 16 [ 727.850429][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.858062][ T6007] usb 2-1: unable to get BOS descriptor or descriptor too short [ 727.884489][ T10] au0828: au0828: Device initialization failed. [ 727.905113][ T6007] usb 2-1: config 13 has an invalid interface number: 31 but max is 0 [ 727.924595][ T6007] usb 2-1: config 13 has no interface number 0 [ 727.934906][ T10] au0828: au0828: Device must be connected to a high-speed USB 2.0 port. [ 727.943618][ T6007] usb 2-1: config 13 interface 31 altsetting 0 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 727.950121][ T6007] usb 2-1: New USB device found, idVendor=a109, idProduct=56cb, bcdDevice=9b.5f [ 727.989061][T15681] loop0: detected capacity change from 0 to 512 [ 728.003866][ T6007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.037244][ T6007] usb 2-1: Product: syz [ 728.041562][ T6007] usb 2-1: Manufacturer: syz [ 728.068340][ T6007] usb 2-1: SerialNumber: syz [ 728.178130][T15681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 728.235125][ T6230] usb 5-1: USB disconnect, device number 18 [ 728.242976][T15669] loop2: detected capacity change from 0 to 32768 [ 728.251944][T15681] ext4 filesystem being mounted at /689/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 728.284557][T15669] BTRFS: device fsid 97240a68-9a28-4597-b04c-66b27e1182f2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4250 (15669) [ 728.372968][ T6007] usb 2-1: bad CDC descriptors [ 728.389786][T15669] BTRFS info (device loop2): first mount of filesystem 97240a68-9a28-4597-b04c-66b27e1182f2 [ 728.420119][ T6007] usb 2-1: USB disconnect, device number 8 [ 728.436210][T15669] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 728.474966][T15669] BTRFS info (device loop2): using free-space-tree [ 728.475847][T12810] usb 6-1: new low-speed USB device number 110 using dummy_hcd [ 728.572870][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 728.730919][T12810] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 728.767498][T12810] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 728.799754][T12810] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 728.849770][T12810] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 728.875245][T12810] usb 6-1: string descriptor 0 read error: -22 [ 728.892549][T12810] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 728.896406][T15705] loop0: detected capacity change from 0 to 512 [ 728.901630][T12810] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.933457][T12810] usb 6-1: config 0 descriptor?? [ 728.971185][T12810] hub 6-1:0.0: bad descriptor, ignoring hub [ 729.004528][ T6006] BTRFS info (device loop2): last unmount of filesystem 97240a68-9a28-4597-b04c-66b27e1182f2 [ 729.010307][T12810] hub 6-1:0.0: probe with driver hub failed with error -5 [ 729.114089][T15705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 729.218410][T15705] ext4 filesystem being mounted at /690/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 729.333253][T15711] loop1: detected capacity change from 0 to 16 [ 729.398190][T15711] erofs (device loop1): mounted with root inode @ nid 36. [ 729.419967][ T6230] usb 6-1: USB disconnect, device number 110 [ 729.503791][ T6258] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 729.590273][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 729.764687][ T6258] usb 5-1: New USB device found, idVendor=13d3, idProduct=3393, bcdDevice=8d.e3 [ 729.773925][ T6258] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 729.832666][ T6258] usb 5-1: Product: syz [ 729.847434][ T6258] usb 5-1: Manufacturer: syz [ 729.883401][ T6258] usb 5-1: SerialNumber: syz [ 729.920302][ T6258] usb 5-1: config 0 descriptor?? [ 729.983213][T15719] loop1: detected capacity change from 0 to 512 [ 729.989795][T15720] loop0: detected capacity change from 0 to 512 [ 730.062320][T15720] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.090152][T15692] loop3: detected capacity change from 0 to 32768 [ 730.123266][T15719] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.196004][T15692] Only 4K block size supported! [ 730.240957][T15692] Mount JFS Failure: -22 [ 730.245279][T15692] jfs_mount failed w/return code = -22 [ 730.294300][T15725] loop5: detected capacity change from 0 to 512 [ 730.302643][ T6258] usb 5-1: USB disconnect, device number 19 [ 730.459301][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.469415][T15725] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.496558][ T5998] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.890968][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.905850][T15733] loop2: detected capacity change from 0 to 512 [ 730.985088][T15733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.267700][T15737] loop5: detected capacity change from 0 to 512 [ 731.346999][T15737] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.407481][ T6006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.541527][T15739] loop4: detected capacity change from 0 to 2048 [ 731.659561][T15739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.869156][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.930272][T15732] loop1: detected capacity change from 0 to 32768 [ 731.982861][T15732] BTRFS: device fsid d4515e72-4b5f-44ec-805d-b3edf811e7f1 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4269 (15732) [ 732.029581][ T5995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 732.097195][T15732] BTRFS info (device loop1): first mount of filesystem d4515e72-4b5f-44ec-805d-b3edf811e7f1 [ 732.154742][T15732] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 732.201780][T15732] BTRFS info (device loop1): using free-space-tree [ 732.360418][T15756] loop4: detected capacity change from 0 to 128 [ 732.946771][ T5998] BTRFS info (device loop1): last unmount of filesystem d4515e72-4b5f-44ec-805d-b3edf811e7f1 [ 733.094924][T15734] loop0: detected capacity change from 0 to 32768 [ 733.128454][T15734] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section [ 733.128454][T15734] clean (size 2912): [ 733.128454][T15734] flags: 0 [ 733.128454][T15734] journal_seq: 10 [ 733.128454][T15734] usage: type=inodes v=8 [ 733.128454][T15734] usage: type=key_version v=0 [ 733.128454][T15734] overwrite: [ 733.128454][T15734] usage: type=reserved v=0 [ 733.128454][T15734] usage: type=reserved v=0 [ 733.128454][T15734] usage: type=reserved v=0 [ 733.128454][T15734] data_usage: btree: 1/1 [0]=2816 [ 733.128454][T15734] data_usage: journal: 1/1 [0]=0 [ 733.128454][T15734] data_usage: user: 1/1 [0]=16 [ 733.128454][T15734] dev_usage: dev=0 [ 733.128454][T15734] free: buckets=83 sectors=0 fragmented=0 [ 733.128454][T15734] sb: buckets=25 sectors=6152 fragmented=248 [ 733.128454][T15734] journal: buckets=8 sectors=2048 fragmented=0 [ 733.128454][T15734] btree: buckets=11 sectors=2816 fragmented=0 [ 733.128454][T15734] user: buckets=1 sectors=16 fragmented=240 [ 733.128454][T15734] cached: buckets=0 sectors=0 fragmented=0 [ 733.128454][T15734] parity: buckets=0 sectors=0 fragmented=0 [ 733.128454][T15734] stripe: buckets=0 sectors=0 fragmented=0 [ 733.128454][T15734] need_gc_gens: buckets=0 sectors=0 fragmented=0 [ 733.128454][T15734] need_discard: buckets=0 sectors=0 fragmented=0 [ 733.128454][T15734] [ 733.446927][T15734] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 733.893700][T15750] loop5: detected capacity change from 0 to 32768 [ 733.982897][T15744] loop2: detected capacity change from 0 to 32768 [ 733.985858][T15750] BTRFS: device fsid 16bad5ef-498e-43ba-8a30-25ddcaa179c7 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4275 (15750) [ 734.063127][T15744] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 734.081752][T15744] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 734.187678][T15750] BTRFS info (device loop5): first mount of filesystem 16bad5ef-498e-43ba-8a30-25ddcaa179c7 [ 734.255616][T15750] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm [ 734.312915][T15750] BTRFS info (device loop5): using free-space-tree [ 734.354624][T15744] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms [ 734.456728][T12810] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 734.469266][T12810] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 734.535235][T15777] loop1: detected capacity change from 0 to 2048 [ 734.700549][T15777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 734.953381][T15746] loop3: detected capacity change from 0 to 32768 [ 734.999866][ T6002] BTRFS info (device loop5): last unmount of filesystem 16bad5ef-498e-43ba-8a30-25ddcaa179c7 [ 735.023083][ T5998] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 735.045986][T12810] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 539ms [ 735.057601][T15746] workqueue: Failed to create a rescuer kthread for wq "gfs2-glock/syz:syz": -EINTR [ 735.126502][T12810] gfs2: fsid=syz:syz.0: jid=0: Done [ 735.157195][T15744] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 735.237880][T15744] gfs2: fsid=syz:syz.0: can't create logd thread: -4 [ 736.037921][T15804] loop5: detected capacity change from 0 to 512 [ 736.049403][T15768] loop4: detected capacity change from 0 to 32768 [ 736.080361][T15804] EXT4-fs: Ignoring removed bh option [ 736.141136][T15804] EXT4-fs: Ignoring removed bh option [ 736.142711][T15768] workqueue: Failed to create a rescuer kthread for wq "gfs2-glock/syz:syz": -EINTR [ 736.165925][T15804] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 736.291712][T15804] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 736.334245][T15804] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 736.342798][T15804] EXT4-fs (loop5): orphan cleanup on readonly fs [ 736.377621][T15804] EXT4-fs warning (device loop5): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 736.411483][T15804] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 736.475803][T15804] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:482: comm syz.5.4283: Invalid block bitmap block 0 in block_group 0 [ 736.577133][T15804] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 736.634978][T15804] EXT4-fs (loop5): 1 orphan inode deleted [ 736.642989][T15804] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 737.183296][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.219219][T15814] loop2: detected capacity change from 0 to 1024 [ 737.324083][T15816] loop4: detected capacity change from 0 to 2048 [ 737.472551][T15816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 737.657885][ T5995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.761471][T15821] loop5: detected capacity change from 0 to 4096 [ 737.912400][T15821] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 738.222087][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 738.253866][T15828] loop4: detected capacity change from 0 to 128 [ 738.443537][T15799] loop1: detected capacity change from 0 to 32768 [ 738.500201][T15799] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 738.566638][T15799] dlm: no local IP address has been set [ 738.638305][T15799] dlm: cannot start dlm midcomms -107 [ 738.685207][T15799] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 739.761653][T15826] loop2: detected capacity change from 0 to 32768 [ 739.804046][T15826] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4289 (15826) [ 739.901572][T15826] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 739.936481][T15826] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 739.989250][T15826] BTRFS info (device loop2): using free-space-tree [ 740.201138][T15832] loop5: detected capacity change from 0 to 32768 [ 740.276943][T15832] BTRFS: device fsid a4d06b90-61a4-49cd-bf5f-2183c3574322 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4292 (15832) [ 740.313519][T15834] loop0: detected capacity change from 0 to 32768 [ 740.363665][T15834] BTRFS: device fsid cd9941ec-5f77-48ee-8e7d-6f6f8a5e5a08 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4293 (15834) [ 740.384220][T15832] BTRFS info (device loop5): first mount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322 [ 740.448268][T15836] loop4: detected capacity change from 0 to 32768 [ 740.463751][T15832] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 740.484534][T15834] BTRFS info (device loop0): first mount of filesystem cd9941ec-5f77-48ee-8e7d-6f6f8a5e5a08 [ 740.513361][T15836] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4294 (15836) [ 740.555685][T15832] BTRFS info (device loop5): using free-space-tree [ 740.581782][T15834] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 740.630937][T15834] BTRFS info (device loop0): using free-space-tree [ 740.644902][ T6006] BTRFS info (device loop2): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 740.676963][T15836] BTRFS info (device loop4): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 740.716545][T15836] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 740.757955][T15836] BTRFS info (device loop4): using free-space-tree [ 740.950387][T15838] loop1: detected capacity change from 0 to 32768 [ 741.063765][T15838] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 741.122282][T15838] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 741.281898][T15838] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 741.291611][T15906] loop3: detected capacity change from 0 to 512 [ 741.372795][T12810] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 741.388226][T12810] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 741.671613][T15906] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 741.739149][ T6004] BTRFS info (device loop0): last unmount of filesystem cd9941ec-5f77-48ee-8e7d-6f6f8a5e5a08 [ 741.800574][ T6002] BTRFS info (device loop5): last unmount of filesystem a4d06b90-61a4-49cd-bf5f-2183c3574322 [ 741.847860][ T5995] BTRFS info (device loop4): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9 [ 742.022142][ T6017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 742.552695][T15920] loop3: detected capacity change from 0 to 2 [ 742.577118][T12810] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1112ms [ 742.588498][T15920] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 742.603952][T15921] loop4: detected capacity change from 0 to 160 [ 742.720535][T12810] gfs2: fsid=syz:syz.0: jid=0: Done [ 742.737451][T15838] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 742.830706][T15838] gfs2: fsid=syz:syz.0: can't create logd thread: -4 [ 743.280607][T15928] loop4: detected capacity change from 0 to 2 [ 743.303310][T15928] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 743.439776][T15932] loop5: detected capacity change from 0 to 760 [ 743.482368][T15930] loop2: detected capacity change from 0 to 2048 [ 743.605454][T15930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 743.946737][ T6007] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 743.987892][ T6006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.151197][ T6007] usb 5-1: Using ep0 maxpacket: 16 [ 744.182287][ T6007] usb 5-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00 [ 744.223229][ T6007] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.259693][ T6007] usb 5-1: Product: syz [ 744.284518][ T6007] usb 5-1: Manufacturer: syz [ 744.297292][ T6007] usb 5-1: SerialNumber: syz [ 744.325130][ T6007] usb 5-1: config 0 descriptor?? [ 744.362968][ T6007] usb-storage 5-1:0.0: USB Mass Storage device detected [ 744.409057][T15941] loop5: detected capacity change from 0 to 128 [ 744.434441][ T6007] usb-storage 5-1:0.0: Quirks match for vid 054c pid 002e: 1 [ 744.467130][ T6007] usb-storage 5-1:0.0: This device (054c,002e,0500 S 04 P 01) has an unneeded SubClass entry in unusual_devs.h (kernel 6.16.0-rc4-syzkaller-00108-g17bbde2e1716) [ 744.467130][ T6007] Please send a copy of this message to and [ 744.562819][T15945] loop1: detected capacity change from 0 to 64 [ 744.613914][T15917] loop0: detected capacity change from 0 to 32768 [ 744.669219][T15917] BTRFS: device fsid 384aeb47-f1c2-4293-8350-e6dffa96895f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4298 (15917) [ 744.776880][T15917] BTRFS info (device loop0): first mount of filesystem 384aeb47-f1c2-4293-8350-e6dffa96895f [ 744.832298][T15917] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 744.840461][ T6007] usb 5-1: USB disconnect, device number 20 [ 744.863875][T15917] BTRFS info (device loop0): using free-space-tree [ 745.142769][T15963] loop1: detected capacity change from 0 to 132 [ 745.209150][T15953] loop5: detected capacity change from 0 to 2048 [ 745.290365][T15926] loop3: detected capacity change from 0 to 32768 [ 745.386120][T15926] BTRFS: device fsid d09153a9-5497-4f31-8e52-d2d02bbdf7fc devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4305 (15926) [ 745.537946][T15926] BTRFS info (device loop3): first mount of filesystem d09153a9-5497-4f31-8e52-d2d02bbdf7fc [ 745.613627][T15926] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 745.678745][T15926] BTRFS info (device loop3): using free-space-tree [ 745.736357][ T6004] BTRFS info (device loop0): last unmount of filesystem 384aeb47-f1c2-4293-8350-e6dffa96895f [ 745.846354][T15982] loop4: detected capacity change from 0 to 256 [ 745.945917][T15984] loop5: detected capacity change from 0 to 128 [ 746.003220][T15979] loop1: detected capacity change from 0 to 1764 [ 746.396386][T15939] loop2: detected capacity change from 0 to 32768 [ 746.500483][T15939] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4310 (15939) [ 746.525920][ T6017] BTRFS info (device loop3): last unmount of filesystem d09153a9-5497-4f31-8e52-d2d02bbdf7fc [ 746.636573][T15992] loop5: detected capacity change from 0 to 512 [ 746.674994][T15939] BTRFS info (device loop2): first mount of filesystem 17bca515-437c-4bbd-9eb0-5eb74df1971f [ 746.787721][T15996] loop1: detected capacity change from 0 to 128 [ 746.798151][T15939] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 746.842153][T15939] BTRFS info (device loop2): using free-space-tree [ 746.984010][T15994] loop4: detected capacity change from 0 to 1764 [ 747.587571][T16016] loop5: detected capacity change from 0 to 2048 [ 747.651948][T16018] loop1: detected capacity change from 0 to 512 [ 747.755691][T16016] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 747.768291][ T6006] BTRFS info (device loop2): last unmount of filesystem 17bca515-437c-4bbd-9eb0-5eb74df1971f [ 747.859816][T16016] ext4 filesystem being mounted at /722/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 748.038915][T16025] loop3: detected capacity change from 0 to 256 [ 748.356299][ T6002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.697597][T15989] loop0: detected capacity change from 0 to 32768 [ 748.740375][T15989] BTRFS: device fsid 3a375e4e-b156-4d76-a2ad-16e198ce1409 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4317 (15989) [ 748.928933][T15989] BTRFS info (device loop0): first mount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409 [ 748.980368][T15989] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 748.989669][T15989] BTRFS info (device loop0): using free-space-tree [ 749.031583][T16035] loop3: detected capacity change from 0 to 2048 [ 749.094825][T16037] loop4: detected capacity change from 0 to 21 [ 749.129042][T16042] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 749.139723][T16037] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 749.911016][ T6004] BTRFS info (device loop0): last unmount of filesystem 3a375e4e-b156-4d76-a2ad-16e198ce1409 [ 750.464090][T16058] loop3: detected capacity change from 0 to 4096 [ 750.532539][T16058] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 750.637734][T16027] loop2: detected capacity change from 0 to 32768 [ 751.050445][T16060] loop0: detected capacity change from 0 to 8192 [ 751.223870][T16062] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 751.577195][T16031] loop1: detected capacity change from 0 to 32768 [ 751.734084][T16034] loop5: detected capacity change from 0 to 32768 [ 751.737665][T16063] loop2: detected capacity change from 0 to 4096 [ 751.793850][T16034] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 751.811766][T16063] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 751.822603][T16034] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 752.217025][T16034] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms [ 752.228952][T16065] loop3: detected capacity change from 0 to 8192 [ 752.286154][ T6007] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 752.293015][ T6007] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 752.305032][T16065] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 752.353066][T16069] loop0: detected capacity change from 0 to 4096 [ 752.513216][T16056] loop4: detected capacity change from 0 to 32768 [ 752.551196][T16071] loop1: detected capacity change from 0 to 4096 [ 752.621038][T16056] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 752.730600][T16056] CPU: 0 UID: 0 PID: 16056 Comm: syz.4.4332 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) [ 752.730662][T16056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 752.730687][T16056] Call Trace: [ 752.730700][T16056] [ 752.730724][T16056] dump_stack_lvl+0x16c/0x1f0 [ 752.730801][T16056] sysfs_warn_dup+0x7f/0xa0 [ 752.730851][T16056] sysfs_create_dir_ns+0x24b/0x2b0 [ 752.730903][T16056] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 752.730953][T16056] ? find_held_lock+0x2b/0x80 [ 752.731013][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.731065][T16056] ? do_raw_spin_unlock+0x172/0x230 [ 752.731116][T16056] kobject_add_internal+0x2c4/0x9b0 [ 752.731171][T16056] kobject_init_and_add+0x11b/0x190 [ 752.731219][T16056] ? __pfx_kobject_init_and_add+0x10/0x10 [ 752.731274][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.731324][T16056] ? lockdep_init_map_type+0x5c/0x280 [ 752.731395][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.731445][T16056] ? lockdep_init_map_type+0x5c/0x280 [ 752.731521][T16056] gfs2_sys_fs_add+0x208/0x440 [ 752.731578][T16056] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 752.731631][T16056] ? lockdep_init_map_type+0x139/0x280 [ 752.731700][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.731760][T16056] ? alloc_workqueue+0x198/0x200 [ 752.731823][T16056] ? __pfx_alloc_workqueue+0x10/0x10 [ 752.731897][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.731963][T16056] gfs2_fill_super+0x1412/0x2d60 [ 752.732026][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732098][T16056] ? __pfx_gfs2_fill_super+0x10/0x10 [ 752.732171][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732221][T16056] ? set_blocksize+0x406/0x500 [ 752.732277][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732330][T16056] ? sb_set_blocksize+0x176/0x1d0 [ 752.732381][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732441][T16056] get_tree_bdev_flags+0x38c/0x620 [ 752.732486][T16056] ? __pfx_gfs2_fill_super+0x10/0x10 [ 752.732551][T16056] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 752.732598][T16056] ? rcu_is_watching+0x12/0xc0 [ 752.732648][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732708][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.732763][T16056] ? apparmor_capable+0x114/0x1d0 [ 752.732809][T16056] gfs2_get_tree+0x4e/0x280 [ 752.732875][T16056] vfs_get_tree+0x8e/0x340 [ 752.732941][T16056] path_mount+0x1414/0x2020 [ 752.733001][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.733052][T16056] ? kmem_cache_free+0x2d1/0x4d0 [ 752.733097][T16056] ? __pfx_path_mount+0x10/0x10 [ 752.733161][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.733213][T16056] ? putname+0x154/0x1a0 [ 752.733277][T16056] __x64_sys_mount+0x28d/0x310 [ 752.733337][T16056] ? __pfx___x64_sys_mount+0x10/0x10 [ 752.733394][T16056] ? srso_alias_return_thunk+0x5/0xfbef5 [ 752.733462][T16056] do_syscall_64+0xcd/0x4c0 [ 752.733503][T16056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.733546][T16056] RIP: 0033:0x7fd268b900ca [ 752.733578][T16056] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.733621][T16056] RSP: 002b:00007fd269a70e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 752.733660][T16056] RAX: ffffffffffffffda RBX: 00007fd269a70ef0 RCX: 00007fd268b900ca [ 752.733690][T16056] RDX: 000020000001f680 RSI: 000020000001f6c0 RDI: 00007fd269a70eb0 [ 752.733724][T16056] RBP: 000020000001f680 R08: 00007fd269a70ef0 R09: 0000000000000000 [ 752.733752][T16056] R10: 0000000000000000 R11: 0000000000000246 R12: 000020000001f6c0 [ 752.733780][T16056] R13: 00007fd269a70eb0 R14: 000000000001f679 R15: 000020000001f700 [ 752.733834][T16056] [ 753.158289][ T6007] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 809ms [ 753.166224][ T6007] gfs2: fsid=syz:syz.0: jid=0: Done [ 753.240574][T16034] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 753.261058][T16056] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 753.397551][T16034] gfs2: fsid=syz:syz.0: can't create logd thread: -4 [ 753.430078][T16056] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 753.996094][T16080] loop3: detected capacity change from 0 to 1024 [ 754.607028][T16078] loop2: detected capacity change from 0 to 8192 [ 754.701390][T16078] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 754.762982][T16088] loop3: detected capacity change from 0 to 1768 [ 755.146137][T16092] loop5: detected capacity change from 0 to 2048 [ 755.326225][T16095] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 755.641963][T16097] loop2: detected capacity change from 0 to 512 [ 756.567702][T16090] loop0: detected capacity change from 0 to 32768 [ 756.622159][T16090] (syz.0.4346,16090,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 756.698513][T16090] (syz.0.4346,16090,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 756.863022][T16094] loop3: detected capacity change from 0 to 32768 [ 756.997135][T16094] (syz.3.4347,16094,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 757.041233][T16094] (syz.3.4347,16094,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 757.501170][T16105] loop0: detected capacity change from 0 to 4096 [ 757.527125][T16099] loop5: detected capacity change from 0 to 32768 [ 757.546701][T16105] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 757.610151][T16099] (syz.5.4349,16099,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 757.655155][T16099] (syz.5.4349,16099,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 758.626030][T16116] loop4: detected capacity change from 0 to 128 [ 758.682049][T16116] omfs: Invalid superblock (7b3184f9) [ 760.484631][T16118] loop4: detected capacity change from 0 to 32768 [ 760.607302][T16118] (syz.4.4357,16118,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 760.661204][T16118] (syz.4.4357,16118,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 762.161350][T16121] loop2: detected capacity change from 0 to 32768 [ 762.244794][T16121] (syz.2.4358,16121,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 762.264629][T16121] (syz.2.4358,16121,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 762.304744][T16132] loop0: detected capacity change from 0 to 1 [ 762.381998][T16132] syz.0.4363: attempt to access beyond end of device [ 762.381998][T16132] loop0: rw=2048, sector=0, nr_sectors = 8 limit=1 [ 762.418928][T16132] SQUASHFS error: Failed to read block 0x0: -5 [ 762.425386][T16132] unable to read squashfs_super_block [ 762.577182][T16129] loop3: detected capacity change from 0 to 8192 [ 762.708423][T16135] loop0: detected capacity change from 0 to 8 [ 763.010616][T16139] loop1: detected capacity change from 0 to 8 [ 763.301070][T16145] loop0: detected capacity change from 0 to 128 [ 763.385159][T16145] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 763.409866][T16143] loop2: detected capacity change from 0 to 2048 [ 763.464151][T16123] loop4: detected capacity change from 0 to 32768 [ 763.492542][T16143] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 763.515866][T16145] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 763.637152][T16123] (syz.4.4360,16123,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 763.705917][T16123] (syz.4.4360,16123,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 763.744431][T16148] loop1: detected capacity change from 0 to 4096 [ 763.839568][T16148] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 763.898844][T16148] UDF-fs: Scanning with blocksize 512 failed [ 763.992122][T16148] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 764.275501][T16153] loop0: detected capacity change from 0 to 512 [ 764.313539][T16154] loop2: detected capacity change from 0 to 512 [ 764.365211][T16153] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 764.398226][T16153] UDF-fs: Scanning with blocksize 512 failed [ 764.409908][T16154] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 764.432392][T16153] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 764.446456][T16128] loop5: detected capacity change from 0 to 32768 [ 764.458130][T16154] UDF-fs: Scanning with blocksize 512 failed [ 764.466978][T16153] UDF-fs: Scanning with blocksize 1024 failed [ 764.521848][T16153] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 764.545853][T16128] (syz.5.4362,16128,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 764.559099][T16154] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 764.583605][T16153] UDF-fs: Scanning with blocksize 2048 failed [ 764.598919][T16128] (syz.5.4362,16128,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 764.621214][T16154] UDF-fs: Scanning with blocksize 1024 failed [ 764.628151][T16154] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 764.666534][T16154] UDF-fs: Scanning with blocksize 2048 failed [ 764.703367][T16154] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 764.741968][T16153] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 764.807315][T16154] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 764.847526][T16153] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 764.892046][T16157] loop1: detected capacity change from 0 to 4096 [ 765.123454][T16160] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 765.125227][T16159] loop5: detected capacity change from 0 to 128 [ 765.264301][T16159] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 765.306100][T16162] loop4: detected capacity change from 0 to 512 [ 765.336881][T16164] loop2: detected capacity change from 0 to 512 [ 765.361735][T16162] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 765.372831][T16159] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 765.394736][T16162] UDF-fs: Scanning with blocksize 512 failed [ 765.435332][T16164] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 765.467285][T16164] UDF-fs: Scanning with blocksize 512 failed [ 765.504879][T16162] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 765.521332][T16164] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 765.532061][T16166] loop0: detected capacity change from 0 to 128 [ 765.561491][T16162] UDF-fs: Scanning with blocksize 1024 failed [ 765.583419][T16164] UDF-fs: Scanning with blocksize 1024 failed [ 765.600042][T16162] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 765.614279][T16166] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 765.656024][T16164] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 765.672133][T16162] UDF-fs: Scanning with blocksize 2048 failed [ 765.699450][T16164] UDF-fs: Scanning with blocksize 2048 failed [ 765.734654][T16164] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 765.763197][T16162] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 765.774477][T16166] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 765.835511][T16168] loop1: detected capacity change from 0 to 256 [ 765.868854][T16164] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 765.889452][T16162] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 765.915128][T16168] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 765.987124][T16168] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 766.069444][T16170] loop5: detected capacity change from 0 to 512 [ 766.563183][T16176] loop4: detected capacity change from 0 to 128 [ 766.703508][T16178] loop1: detected capacity change from 0 to 512 [ 766.743154][T16180] loop5: detected capacity change from 0 to 512 [ 767.096150][T16182] loop4: detected capacity change from 0 to 128 [ 767.465715][T16184] loop1: detected capacity change from 0 to 256 [ 767.474031][T16172] loop0: detected capacity change from 0 to 16384 [ 767.542161][T16172] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 767.549628][T16172] UDF-fs: Scanning with blocksize 512 failed [ 767.552593][T16188] loop3: detected capacity change from 0 to 128 [ 767.682529][T16172] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 767.725256][T16172] UDF-fs: Scanning with blocksize 1024 failed [ 767.770870][T16190] loop4: detected capacity change from 0 to 2048 [ 767.807502][T16172] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 767.853630][T16172] UDF-fs: Scanning with blocksize 2048 failed [ 767.965225][T16172] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 768.078134][T16192] loop1: detected capacity change from 0 to 256 [ 768.087994][T16186] loop5: detected capacity change from 0 to 8192 [ 768.179090][T16194] loop3: detected capacity change from 0 to 128 [ 768.739886][T16198] loop5: detected capacity change from 0 to 128 [ 769.298180][T16204] loop0: detected capacity change from 0 to 8192 [ 771.073540][T16208] loop0: detected capacity change from 0 to 32768 [ 771.163434][T16208] XFS (loop0): Mounting V5 Filesystem 41ca08f1-94d2-48aa-bd9e-c0e7c187d3a2 [ 771.206953][T16208] XFS (loop0): Log size 768 blocks too small, minimum size is 1056 blocks [ 771.250996][T16208] XFS (loop0): AAIEEE! Log failed size checks. Abort! [ 771.363294][T16208] XFS (loop0): log mount failed [ 771.917187][T16219] loop0: detected capacity change from 0 to 512 [ 772.028487][T16219] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 772.079207][T16219] UDF-fs: Scanning with blocksize 512 failed [ 772.136574][T16219] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 772.175773][T16219] UDF-fs: Scanning with blocksize 1024 failed [ 772.227557][T16219] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 772.244310][T16219] UDF-fs: Scanning with blocksize 2048 failed [ 772.276178][T16219] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 772.336009][T16219] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 772.563837][T16210] loop2: detected capacity change from 0 to 32768 [ 772.680435][T16210] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 772.767444][T16210] XFS (loop2): Log size 516 blocks too small, minimum size is 636 blocks [ 772.775963][T16210] XFS (loop2): AAIEEE! Log failed size checks. Abort! [ 772.884681][T16210] XFS (loop2): log mount failed [ 773.459731][T16238] loop2: detected capacity change from 0 to 512 [ 775.282850][T16228] loop1: detected capacity change from 0 to 65536 [ 775.415037][T16228] XFS (loop1): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 775.523851][T16228] XFS (loop1): Ending clean mount [ 775.719943][ T5998] XFS (loop1): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 776.003200][T16236] loop5: detected capacity change from 0 to 65536 [ 776.188101][T16236] XFS (loop5): Deprecated V4 format (crc=0) not supported by kernel. [ 776.516329][T16263] loop1: detected capacity change from 0 to 2048 [ 778.164281][T16277] loop1: detected capacity change from 0 to 8192 [ 778.218782][T16277] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 778.258388][T16277] UDF-fs: Scanning with blocksize 512 failed [ 778.332378][T16289] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 778.359920][T16277] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 778.377312][T16277] UDF-fs: Scanning with blocksize 1024 failed [ 778.394676][T16288] loop5: detected capacity change from 0 to 1764 [ 778.457538][T16277] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 778.505951][T16277] UDF-fs: Scanning with blocksize 2048 failed [ 778.607041][T16277] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 778.830751][T16294] netlink: 'syz.0.4428': attribute type 16 has an invalid length. [ 778.841190][T16294] netlink: 'syz.0.4428': attribute type 17 has an invalid length. [ 778.993323][T16299] geneve2: entered promiscuous mode [ 779.130454][T16298] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 779.233998][ T30] audit: type=1400 audit(2000000473.282:13): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=16302 comm="syz.1.4432" [ 779.310155][T16307] openvswitch: netlink: nsh attribute has 8 unknown bytes. [ 779.739998][T16311] loop5: detected capacity change from 0 to 2048 [ 779.781837][T16311] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 779.910873][T16320] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 780.012012][T16322] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4442'. [ 780.043549][T16311] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 3044605952 [ 780.081351][T16311] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=15) [ 780.110519][T16311] Remounting filesystem read-only [ 780.116888][T16311] NILFS (loop5): error -5 truncating bmap (ino=15) [ 780.316994][ T6002] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 780.519833][T16330] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4445'. [ 780.571119][T16330] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4445'. [ 781.959847][T16358] netlink: 'syz.4.4460': attribute type 11 has an invalid length. [ 782.003205][T16360] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4461'. [ 782.140205][T16362] loop2: detected capacity change from 0 to 1764 [ 782.182603][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4463'. [ 782.404704][T16368] bridge1: entered promiscuous mode [ 782.435141][T16373] netlink: 'syz.5.4467': attribute type 1 has an invalid length. [ 782.473966][T16373] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4467'. [ 783.176763][T16394] netlink: 'syz.1.4477': attribute type 21 has an invalid length. [ 783.270298][T16395] loop5: detected capacity change from 0 to 16 [ 783.317814][T16395] erofs (device loop5): mounted with root inode @ nid 36. [ 783.384764][T16395] erofs (device loop5): inconsistent algorithmtype 0 for nid 36 [ 783.392838][T16395] erofs (device loop5): inconsistent algorithmtype 0 for nid 36 [ 783.451028][T16395] erofs (device loop5): read error -117 @ 72 of nid 36 [ 783.825353][T16410] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 784.257999][T16426] misc userio: The device must be registered before sending interrupts [ 784.320216][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 784.326658][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 784.403230][T16430] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4494'. [ 784.422793][T16432] loop2: detected capacity change from 0 to 8 [ 784.515605][T16432] SQUASHFS error: lzo decompression failed, data probably corrupt [ 784.571062][T16434] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 784.585477][T16432] SQUASHFS error: Failed to read block 0x91: -5 [ 784.623391][T16432] SQUASHFS error: Unable to read metadata cache entry [8f] [ 784.653405][T16432] SQUASHFS error: Unable to read inode 0x11f [ 784.865870][T16443] netlink: 'syz.1.4500': attribute type 5 has an invalid length. [ 784.908504][T16443] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4500'. [ 784.973052][T16439] loop4: detected capacity change from 0 to 4096 [ 785.050370][ T6230] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 785.065540][T16439] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 785.209609][T16439] ntfs3(loop4): ino=1a, mi_enum_attr [ 785.237773][T16439] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 785.253087][T16451] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 785.254222][ T6230] usb 3-1: Using ep0 maxpacket: 8 [ 785.312215][ T6230] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 109, changing to 10 [ 785.352987][T16439] ntfs3(loop4): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 785.360156][ T6230] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 9350, setting to 1024 [ 785.376308][T16454] vivid-000: ================= START STATUS ================= [ 785.387897][T16455] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4507'. [ 785.422577][T16454] vivid-000: Generate PTS: true [ 785.444142][ T6230] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 785.464691][T16454] vivid-000: Generate SCR: true [ 785.477991][T16454] tpg source WxH: 320x240 (Y'CbCr) [ 785.489019][ T6230] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.510292][T16454] tpg field: 1 [ 785.532221][T16454] tpg crop: (0,0)/320x240 [ 785.542489][T16454] tpg compose: (0,0)/320x240 [ 785.553848][T16432] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 785.591765][T16454] tpg colorspace: 8 [ 785.603148][T16457] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4508'. [ 785.614060][T16454] tpg transfer function: 0/0 [ 785.625409][T16454] tpg Y'CbCr encoding: 0/0 [ 785.657397][T16454] tpg quantization: 0/0 [ 785.681265][T16454] tpg RGB range: 0/2 [ 785.693614][T16454] vivid-000: ================== END STATUS ================== [ 785.793700][ T6230] usb 3-1: string descriptor 0 read error: -71 [ 785.972158][ T6230] usb 3-1: USB disconnect, device number 5 [ 786.111652][ T6013] udevd[6013]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 786.172857][ T6007] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 786.180262][T16467] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4513'. [ 786.251157][T16469] netlink: 'syz.4.4514': attribute type 4 has an invalid length. [ 786.268448][T16467] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4513'. [ 786.301519][T16469] netlink: 152 bytes leftover after parsing attributes in process `syz.4.4514'. [ 786.342890][T16469] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 786.376514][T16472] openvswitch: netlink: IP tunnel TTL not specified. [ 786.394244][ T6007] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 786.425064][ T6007] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice= 1.00 [ 786.455884][ T6007] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 786.483730][ T6007] usb 4-1: config 0 descriptor?? [ 786.518019][ T6007] xbox_remote_probe: Unexpected endpoint_in [ 786.572356][ T6007] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 786.774329][T16477] netlink: 'syz.1.4518': attribute type 3 has an invalid length. [ 786.792715][ T6007] usb 4-1: USB disconnect, device number 8 [ 787.239430][T16491] loop0: detected capacity change from 0 to 128 [ 787.282203][T16491] EXT4-fs (loop0): Test dummy encryption mode enabled [ 787.380937][ T6193] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 787.382059][T16491] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 787.487892][T16491] ext4 filesystem being mounted at /732/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 787.573530][ T6193] usb 3-1: Using ep0 maxpacket: 32 [ 787.627505][ T6193] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 787.658993][ T6193] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 787.667136][ T6193] usb 3-1: Product: syz [ 787.669018][T16491] EXT4-fs warning (device loop0): ext4_group_extend:1885: will only finish group (8193 blocks, 8129 new) [ 787.716402][ T6193] usb 3-1: Manufacturer: syz [ 787.721089][ T6193] usb 3-1: SerialNumber: syz [ 787.722021][T16491] EXT4-fs warning (device loop0): ext4_group_extend:1891: can't read last block, resize aborted [ 787.810285][ T6193] usb 3-1: config 0 descriptor?? [ 787.816859][T16473] loop5: detected capacity change from 0 to 32768 [ 787.852906][T16503] loop1: detected capacity change from 0 to 256 [ 787.930265][T16473] XFS (loop5): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 788.029763][ T6004] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 788.048398][T16503] FAT-fs (loop1): Directory bread(block 64) failed [ 788.053655][ T6193] snd-usb-6fire 3-1:0.0: unknown device firmware state received from device: [ 788.075327][ T6193] eb 9a 47 80 9b f8 7a f0 [ 788.081889][ T6193] snd-usb-6fire 3-1:0.0: probe with driver snd-usb-6fire failed with error -5 [ 788.102743][T16503] FAT-fs (loop1): Directory bread(block 65) failed [ 788.109752][T16503] FAT-fs (loop1): Directory bread(block 66) failed [ 788.116420][T16503] FAT-fs (loop1): Directory bread(block 67) failed [ 788.123680][T16503] FAT-fs (loop1): Directory bread(block 68) failed [ 788.130634][T16503] FAT-fs (loop1): Directory bread(block 69) failed [ 788.137397][T16503] FAT-fs (loop1): Directory bread(block 70) failed [ 788.146463][T16503] FAT-fs (loop1): Directory bread(block 71) failed [ 788.153923][T16503] FAT-fs (loop1): Directory bread(block 72) failed [ 788.160995][T16503] FAT-fs (loop1): Directory bread(block 73) failed [ 788.194901][T16473] XFS (loop5): Ending clean mount [ 788.319985][ T6193] usb 3-1: USB disconnect, device number 6 [ 788.485039][ T6002] XFS (loop5): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 788.773449][T16521] loop0: detected capacity change from 0 to 4096 [ 788.811634][T16521] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 789.097659][T16529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4539'. [ 789.278203][T16533] loop3: detected capacity change from 0 to 512 [ 789.390448][T16533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 789.463342][T16533] ext4 filesystem being mounted at /737/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 789.858230][ T6017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.000210][ T6193] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 790.204348][ T6193] usb 5-1: Using ep0 maxpacket: 8 [ 790.227315][ T6193] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 790.281303][ T6193] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 790.323354][ T6193] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 790.359211][ T6193] usb 5-1: SerialNumber: syz [ 790.423997][ T6193] usb 5-1: config 0 descriptor?? [ 790.447311][ T6193] usb 5-1: Found UVC 0.00 device (05ac:8501) [ 790.495185][ T6193] usb 5-1: No valid video chain found. [ 790.722145][ T6193] usb 5-1: USB disconnect, device number 21 [ 791.670362][T16593] ubi31: attaching mtd0 [ 791.725324][T16593] ubi31: scanning is finished [ 791.774654][T16593] ubi31: empty MTD device detected [ 791.995314][ T30] audit: type=1326 audit(2000000485.217:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16597 comm="syz.4.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 792.095071][ T30] audit: type=1326 audit(2000000485.264:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16597 comm="syz.4.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 792.182514][T16593] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 792.221948][ T30] audit: type=1326 audit(2000000485.264:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16597 comm="syz.4.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 792.239527][T16593] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 792.319442][T16593] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 792.321894][ T30] audit: type=1326 audit(2000000485.264:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16597 comm="syz.4.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 792.389913][T16593] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 792.390100][T16606] loop4: detected capacity change from 0 to 512 [ 792.464704][T16606] EXT4-fs: Ignoring removed i_version option [ 792.487875][T16606] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 792.497939][T16593] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 792.497982][T16593] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 792.498016][T16593] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2839419373 [ 792.554763][T16606] EXT4-fs (loop4): 1 truncate cleaned up [ 792.586651][T16611] loop0: detected capacity change from 0 to 2048 [ 792.587385][T16593] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 792.612145][T16606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 792.629894][T16603] ubi31: background thread "ubi_bgt31d" started, PID 16603 [ 792.681692][T16611] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 792.853480][T16615] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 792.997047][ T5995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.068415][T16619] tc_dump_action: action bad kind [ 793.473893][T16623] netlink: 'syz.2.4583': attribute type 1 has an invalid length. [ 794.779283][T16655] netlink: 'syz.5.4597': attribute type 27 has an invalid length. [ 795.291321][T16672] loop4: detected capacity change from 0 to 2048 [ 795.651197][T16672] iocharset cp767 not found [ 795.948929][T16688] loop2: detected capacity change from 0 to 256 [ 795.975259][T16688] exfat: Deprecated parameter 'utf8' [ 796.020339][T16688] exfat: Deprecated parameter 'utf8' [ 796.051313][T16688] exfat: Deprecated parameter 'utf8' [ 796.156430][T16688] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 797.008410][ T30] audit: type=1326 audit(2000000489.904:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 797.112204][ T30] audit: type=1326 audit(2000000489.904:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 797.231574][ T30] audit: type=1326 audit(2000000489.941:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16714 comm="syz.0.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0978e929 code=0x7ffc0000 [ 797.341160][ T30] audit: type=1326 audit(2000000489.941:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16714 comm="syz.0.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0978e929 code=0x7ffc0000 [ 797.439497][ T30] audit: type=1326 audit(2000000489.941:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 797.547823][ T30] audit: type=1326 audit(2000000489.941:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 797.634502][ T30] audit: type=1326 audit(2000000489.941:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16715 comm="syz.4.4627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd268b8e929 code=0x7ffc0000 [ 797.686646][T12810] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 797.782831][ T30] audit: type=1326 audit(2000000489.979:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16714 comm="syz.0.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f3f0978e929 code=0x7ffc0000 [ 797.800340][T16734] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4636'. [ 797.835907][T16731] loop2: detected capacity change from 0 to 4096 [ 797.850730][T16735] loop0: detected capacity change from 0 to 512 [ 797.884758][T16731] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 797.903622][T12810] usb 5-1: Using ep0 maxpacket: 16 [ 797.912339][T16735] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 797.924894][ T30] audit: type=1326 audit(2000000489.979:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16714 comm="syz.0.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0978e929 code=0x7ffc0000 [ 797.965634][T12810] usb 5-1: config 0 has an invalid interface number: 126 but max is 0 [ 797.973883][T12810] usb 5-1: config 0 has an invalid descriptor of length 49, skipping remainder of the config [ 798.007280][T12810] usb 5-1: config 0 has no interface number 0 [ 798.013490][T12810] usb 5-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 798.014987][T16735] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.4637: corrupted in-inode xattr: e_value out of bounds [ 798.028883][T12810] usb 5-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 798.043843][ T30] audit: type=1326 audit(2000000489.979:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16714 comm="syz.0.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0978e929 code=0x7ffc0000 [ 798.070834][T12810] usb 5-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 798.127475][T16735] EXT4-fs (loop0): Remounting filesystem read-only [ 798.140127][T12810] usb 5-1: config 0 interface 126 altsetting 0 endpoint 0x4 has invalid maxpacket 26159, setting to 1024 [ 798.174074][T12810] usb 5-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 798.226062][T16735] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 798.253447][T12810] usb 5-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 798.321456][T12810] usb 5-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 798.373711][T12810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.416181][T12810] usb 5-1: config 0 descriptor?? [ 798.422297][T16724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 798.430661][T16724] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 798.452993][T16742] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 798.498503][T12810] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 798.600040][ T6004] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.751516][ T6193] usb 5-1: USB disconnect, device number 22 [ 799.208664][T16757] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4647'. [ 799.412200][T16765] loop3: detected capacity change from 0 to 256 [ 799.563074][T16765] FAT-fs (loop3): Directory bread(block 64) failed [ 799.604595][T16765] FAT-fs (loop3): Directory bread(block 65) failed [ 799.646758][T16770] loop0: detected capacity change from 0 to 256 [ 799.663265][T16765] FAT-fs (loop3): Directory bread(block 66) failed [ 799.683333][T16770] exfat: Deprecated parameter 'utf8' [ 799.699922][T16765] FAT-fs (loop3): Directory bread(block 67) failed [ 799.706649][T16765] FAT-fs (loop3): Directory bread(block 68) failed [ 799.718100][T16770] exfat: Deprecated parameter 'utf8' [ 799.723579][T16770] exfat: Deprecated parameter 'utf8' [ 799.752986][T16765] FAT-fs (loop3): Directory bread(block 69) failed [ 799.759687][T16765] FAT-fs (loop3): Directory bread(block 70) failed [ 799.800090][T16770] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 799.845209][T16765] FAT-fs (loop3): Directory bread(block 71) failed [ 799.910634][T16765] FAT-fs (loop3): Directory bread(block 72) failed [ 799.962340][T16765] FAT-fs (loop3): Directory bread(block 73) failed [ 800.225878][T16781] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4659'. [ 800.275087][T16781] netlink: 93 bytes leftover after parsing attributes in process `syz.2.4659'. [ 800.280243][T16783] netlink: 'syz.5.4660': attribute type 28 has an invalid length. [ 800.336746][T16777] loop1: detected capacity change from 0 to 4096 [ 800.435033][T16787] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4662'. [ 800.435088][T16777] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 800.501646][T16787] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 800.537664][T16787] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 801.132483][T16801] netlink: 'syz.2.4669': attribute type 1 has an invalid length. [ 801.681579][T16813] xt_l2tp: invalid flags combination: 0 [ 801.989668][T16818] autofs4:pid:16818:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 802.099190][T16821] netlink: 'syz.0.4678': attribute type 3 has an invalid length. [ 802.100626][T16822] loop4: detected capacity change from 0 to 256 [ 802.155855][T16821] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4678'. [ 802.294921][T16822] FAT-fs (loop4): Directory bread(block 64) failed [ 802.301771][T16822] FAT-fs (loop4): Directory bread(block 65) failed [ 802.369277][T16822] FAT-fs (loop4): Directory bread(block 66) failed [ 802.389312][T16822] FAT-fs (loop4): Directory bread(block 67) failed [ 802.461644][T16822] FAT-fs (loop4): Directory bread(block 68) failed [ 802.492678][T16822] FAT-fs (loop4): Directory bread(block 69) failed [ 802.559249][T16822] FAT-fs (loop4): Directory bread(block 70) failed [ 802.595494][T16822] FAT-fs (loop4): Directory bread(block 71) failed [ 802.622092][T16822] FAT-fs (loop4): Directory bread(block 72) failed [ 802.662842][T16822] FAT-fs (loop4): Directory bread(block 73) failed [ 802.938278][ C1] sd 0:0:1:0: [sda] tag#4210 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 802.948899][ C1] sd 0:0:1:0: [sda] tag#4210 CDB: Read(6) 08 00 9f d1 fe de [ 803.121536][T16844] netlink: 'syz.3.4688': attribute type 11 has an invalid length. [ 803.138873][T16844] netlink: 244 bytes leftover after parsing attributes in process `syz.3.4688'. [ 803.351183][T16850] sctp: [Deprecated]: syz.2.4692 (pid 16850) Use of int in max_burst socket option. [ 803.351183][T16850] Use struct sctp_assoc_value instead [ 803.556051][T16856] netlink: 'syz.4.4693': attribute type 2 has an invalid length. [ 803.569901][T16856] netlink: 'syz.4.4693': attribute type 8 has an invalid length. [ 803.628455][T16856] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4693'. [ 804.034512][T16867] loop3: detected capacity change from 0 to 2048 [ 804.137834][T16867] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 804.198643][T16873] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4704'. [ 804.232157][T16867] syz.3.4701: attempt to access beyond end of device [ 804.232157][T16867] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 804.236800][T16876] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 804.399945][T16867] syz.3.4701: attempt to access beyond end of device [ 804.399945][T16867] loop3: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 804.443389][T16867] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=0) [ 804.680070][T16885] loop0: detected capacity change from 0 to 256 [ 804.915408][T16885] FAT-fs (loop0): Directory bread(block 64) failed [ 804.956487][T16885] FAT-fs (loop0): Directory bread(block 65) failed [ 804.977860][T16885] FAT-fs (loop0): Directory bread(block 66) failed [ 804.999940][T16889] loop1: detected capacity change from 0 to 256 [ 805.012614][T16885] FAT-fs (loop0): Directory bread(block 67) failed [ 805.041029][T16885] FAT-fs (loop0): Directory bread(block 68) failed [ 805.088686][T16885] FAT-fs (loop0): Directory bread(block 69) failed [ 805.114822][T16885] FAT-fs (loop0): Directory bread(block 70) failed [ 805.139393][T16885] FAT-fs (loop0): Directory bread(block 71) failed [ 805.167886][T16885] FAT-fs (loop0): Directory bread(block 72) failed [ 805.219171][T16885] FAT-fs (loop0): Directory bread(block 73) failed [ 805.253028][T16889] FAT-fs (loop1): Directory bread(block 64) failed [ 805.292361][T16889] FAT-fs (loop1): Directory bread(block 65) failed [ 805.334269][T16889] FAT-fs (loop1): Directory bread(block 66) failed [ 805.358850][T16889] FAT-fs (loop1): Directory bread(block 67) failed [ 805.381943][T16889] FAT-fs (loop1): Directory bread(block 68) failed [ 805.388932][T16897] loop5: detected capacity change from 0 to 256 [ 805.407063][T16897] exfat: Deprecated parameter 'utf8' [ 805.412746][T16889] FAT-fs (loop1): Directory bread(block 69) failed [ 805.423339][T16897] exfat: Deprecated parameter 'utf8' [ 805.430837][T16889] FAT-fs (loop1): Directory bread(block 70) failed [ 805.437913][T16897] exfat: Deprecated parameter 'utf8' [ 805.460134][T16897] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 805.503595][T16889] FAT-fs (loop1): Directory bread(block 71) failed [ 805.540842][T16889] FAT-fs (loop1): Directory bread(block 72) failed [ 805.592254][T16889] FAT-fs (loop1): Directory bread(block 73) failed [ 806.194774][T16878] loop4: detected capacity change from 0 to 32768 [ 806.280602][T16878] [ 806.280602][T16878] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.280602][T16878] [ 806.735519][ T49] [ 806.735519][ T49] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.735519][ T49] [ 806.799663][T16923] netlink: 'syz.2.4725': attribute type 21 has an invalid length. [ 806.807734][ T49] [ 806.807734][ T49] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.807734][ T49] [ 806.841398][T16923] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4725'. [ 806.857448][ T5995] [ 806.857448][ T5995] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.857448][ T5995] [ 806.883785][ T5995] [ 806.883785][ T5995] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.883785][ T5995] [ 806.910559][T16923] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4725'. [ 806.916797][T16916] loop1: detected capacity change from 0 to 8192 [ 806.920264][ T110] [ 806.920264][ T110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 806.920264][ T110] [ 806.984146][ T110] ================================================================== [ 806.992278][ T110] BUG: KASAN: slab-use-after-free in txEnd+0x369/0x5a0 [ 806.999183][ T110] Write of size 8 at addr ffff88802cba2840 by task jfsCommit/110 [ 807.006931][ T110] [ 807.009278][ T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) [ 807.009328][ T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 807.009353][ T110] Call Trace: [ 807.009366][ T110] [ 807.009380][ T110] dump_stack_lvl+0x116/0x1f0 [ 807.009447][ T110] print_report+0xcd/0x680 [ 807.009504][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.009551][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.009596][ T110] ? __phys_addr+0xe8/0x180 [ 807.009638][ T110] ? txEnd+0x369/0x5a0 [ 807.009679][ T110] kasan_report+0xe0/0x110 [ 807.009723][ T110] ? txEnd+0x369/0x5a0 [ 807.009770][ T110] kasan_check_range+0x100/0x1b0 [ 807.009825][ T110] txEnd+0x369/0x5a0 [ 807.009868][ T110] jfs_lazycommit+0x783/0xb30 [ 807.009920][ T110] ? __pfx_jfs_lazycommit+0x10/0x10 [ 807.009969][ T110] ? __pfx_default_wake_function+0x10/0x10 [ 807.010016][ T110] ? lockdep_hardirqs_on+0x7c/0x110 [ 807.010075][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.010122][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.010168][ T110] ? __kthread_parkme+0x19e/0x250 [ 807.010221][ T110] ? __pfx_jfs_lazycommit+0x10/0x10 [ 807.010270][ T110] kthread+0x3c5/0x780 [ 807.010304][ T110] ? __pfx_kthread+0x10/0x10 [ 807.010338][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.010384][ T110] ? rcu_is_watching+0x12/0xc0 [ 807.010431][ T110] ? __pfx_kthread+0x10/0x10 [ 807.010465][ T110] ret_from_fork+0x5d7/0x6f0 [ 807.010525][ T110] ? __pfx_kthread+0x10/0x10 [ 807.010560][ T110] ret_from_fork_asm+0x1a/0x30 [ 807.010616][ T110] [ 807.010630][ T110] [ 807.169885][ T110] Allocated by task 16878: [ 807.174311][ T110] kasan_save_stack+0x33/0x60 [ 807.179021][ T110] kasan_save_track+0x14/0x30 [ 807.183726][ T110] __kasan_kmalloc+0xaa/0xb0 [ 807.188337][ T110] lmLogOpen+0x571/0x1400 [ 807.192691][ T110] jfs_mount_rw+0x2e9/0x6f0 [ 807.197221][ T110] jfs_fill_super+0xc64/0x1060 [ 807.202026][ T110] get_tree_bdev_flags+0x38c/0x620 [ 807.207166][ T110] vfs_get_tree+0x8e/0x340 [ 807.211619][ T110] path_mount+0x1414/0x2020 [ 807.216160][ T110] __x64_sys_mount+0x28d/0x310 [ 807.220961][ T110] do_syscall_64+0xcd/0x4c0 [ 807.225490][ T110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.231416][ T110] [ 807.233750][ T110] Freed by task 5995: [ 807.237738][ T110] kasan_save_stack+0x33/0x60 [ 807.242438][ T110] kasan_save_track+0x14/0x30 [ 807.247136][ T110] kasan_save_free_info+0x3b/0x60 [ 807.252200][ T110] __kasan_slab_free+0x51/0x70 [ 807.256995][ T110] kfree+0x2b4/0x4d0 [ 807.260937][ T110] lmLogClose+0x585/0x710 [ 807.265299][ T110] jfs_umount+0x2f0/0x440 [ 807.269650][ T110] jfs_put_super+0x88/0x1d0 [ 807.274188][ T110] generic_shutdown_super+0x156/0x390 [ 807.279601][ T110] kill_block_super+0x3b/0x90 [ 807.284321][ T110] deactivate_locked_super+0xc1/0x1a0 [ 807.289723][ T110] deactivate_super+0xde/0x100 [ 807.294505][ T110] cleanup_mnt+0x225/0x450 [ 807.298942][ T110] task_work_run+0x150/0x240 [ 807.303548][ T110] exit_to_user_mode_loop+0xeb/0x110 [ 807.308861][ T110] do_syscall_64+0x3f6/0x4c0 [ 807.313474][ T110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.319392][ T110] [ 807.321725][ T110] The buggy address belongs to the object at ffff88802cba2800 [ 807.321725][ T110] which belongs to the cache kmalloc-1k of size 1024 [ 807.335969][ T110] The buggy address is located 64 bytes inside of [ 807.335969][ T110] freed 1024-byte region [ffff88802cba2800, ffff88802cba2c00) [ 807.349791][ T110] [ 807.352118][ T110] The buggy address belongs to the physical page: [ 807.358533][ T110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2cba0 [ 807.367312][ T110] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 807.375832][ T110] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 807.383400][ T110] page_type: f5(slab) [ 807.387395][ T110] raw: 00fff00000000040 ffff88801b841dc0 ffffea0001f1e000 dead000000000002 [ 807.396000][ T110] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 807.404603][ T110] head: 00fff00000000040 ffff88801b841dc0 ffffea0001f1e000 dead000000000002 [ 807.413291][ T110] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 807.421989][ T110] head: 00fff00000000003 ffffea0000b2e801 00000000ffffffff 00000000ffffffff [ 807.430683][ T110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 807.439376][ T110] page dumped because: kasan: bad access detected [ 807.445805][ T110] page_owner tracks the page as allocated [ 807.451525][ T110] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 36, tgid 36 (kworker/u8:2), ts 110172830590, free_ts 109800519339 [ 807.470681][ T110] post_alloc_hook+0x1c0/0x230 [ 807.475474][ T110] get_page_from_freelist+0x1321/0x3890 [ 807.481048][ T110] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 807.486968][ T110] alloc_pages_mpol+0x1fb/0x550 [ 807.491854][ T110] new_slab+0x23b/0x330 [ 807.496050][ T110] ___slab_alloc+0xd9c/0x1940 [ 807.500766][ T110] __slab_alloc.constprop.0+0x56/0xb0 [ 807.506178][ T110] __kmalloc_noprof+0x2f2/0x510 [ 807.511046][ T110] ___neigh_create+0x14e6/0x28c0 [ 807.516443][ T110] ip6_finish_output2+0x1299/0x2020 [ 807.521673][ T110] ip6_finish_output+0x3f9/0x1360 [ 807.526736][ T110] ip6_output+0x1f9/0x540 [ 807.531095][ T110] ndisc_send_skb+0xa91/0x1e40 [ 807.535892][ T110] ndisc_send_ns+0xc6/0x140 [ 807.540432][ T110] addrconf_dad_work+0xbc1/0x14e0 [ 807.545484][ T110] process_one_work+0x9cf/0x1b70 [ 807.550449][ T110] page last free pid 5195 tgid 5195 stack trace: [ 807.556784][ T110] __free_frozen_pages+0x7fe/0x1180 [ 807.562028][ T110] __put_partials+0x16d/0x1c0 [ 807.566728][ T110] qlist_free_all+0x4d/0x120 [ 807.571336][ T110] kasan_quarantine_reduce+0x195/0x1e0 [ 807.576818][ T110] __kasan_slab_alloc+0x69/0x90 [ 807.581704][ T110] __kmalloc_noprof+0x1d4/0x510 [ 807.586590][ T110] tomoyo_realpath_from_path+0xc2/0x6e0 [ 807.592173][ T110] tomoyo_path_perm+0x274/0x460 [ 807.597042][ T110] security_inode_getattr+0x116/0x290 [ 807.602441][ T110] vfs_fstat+0x4b/0xe0 [ 807.606543][ T110] __do_sys_newfstat+0x87/0x100 [ 807.611587][ T110] do_syscall_64+0xcd/0x4c0 [ 807.616132][ T110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.622056][ T110] [ 807.624380][ T110] Memory state around the buggy address: [ 807.630016][ T110] ffff88802cba2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 807.638096][ T110] ffff88802cba2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 807.646223][ T110] >ffff88802cba2800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 807.654319][ T110] ^ [ 807.660499][ T110] ffff88802cba2880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 807.668589][ T110] ffff88802cba2900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 807.676665][ T110] ================================================================== [ 807.693028][ T6230] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 807.725811][ T110] Kernel panic - not syncing: kasan.fault=panic_on_write set ... [ 807.733587][ T110] CPU: 1 UID: 0 PID: 110 Comm: jfsCommit Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) [ 807.745437][ T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 807.755524][ T110] Call Trace: [ 807.758827][ T110] [ 807.761780][ T110] dump_stack_lvl+0x3d/0x1f0 [ 807.766440][ T110] panic+0x71c/0x800 [ 807.770402][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.776130][ T110] ? __pfx_panic+0x10/0x10 [ 807.780660][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.786374][ T110] ? lockdep_hardirqs_on+0x7c/0x110 [ 807.791664][ T110] ? txEnd+0x369/0x5a0 [ 807.795801][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.801537][ T110] ? preempt_schedule_common+0x44/0xc0 [ 807.807072][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.812757][ T110] ? preempt_schedule_thunk+0x16/0x30 [ 807.818183][ T110] ? txEnd+0x369/0x5a0 [ 807.822292][ T110] end_report+0x159/0x170 [ 807.826663][ T110] kasan_report+0xee/0x110 [ 807.831130][ T110] ? txEnd+0x369/0x5a0 [ 807.835247][ T110] kasan_check_range+0x100/0x1b0 [ 807.840237][ T110] txEnd+0x369/0x5a0 [ 807.844176][ T110] jfs_lazycommit+0x783/0xb30 [ 807.848904][ T110] ? __pfx_jfs_lazycommit+0x10/0x10 [ 807.854148][ T110] ? __pfx_default_wake_function+0x10/0x10 [ 807.859997][ T110] ? lockdep_hardirqs_on+0x7c/0x110 [ 807.865249][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.870928][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.876605][ T110] ? __kthread_parkme+0x19e/0x250 [ 807.881681][ T110] ? __pfx_jfs_lazycommit+0x10/0x10 [ 807.886928][ T110] kthread+0x3c5/0x780 [ 807.891032][ T110] ? __pfx_kthread+0x10/0x10 [ 807.895654][ T110] ? srso_alias_return_thunk+0x5/0xfbef5 [ 807.901322][ T110] ? rcu_is_watching+0x12/0xc0 [ 807.906115][ T110] ? __pfx_kthread+0x10/0x10 [ 807.910725][ T110] ret_from_fork+0x5d7/0x6f0 [ 807.915355][ T110] ? __pfx_kthread+0x10/0x10 [ 807.919963][ T110] ret_from_fork_asm+0x1a/0x30 [ 807.924762][ T110] [ 807.928047][ T110] Kernel Offset: disabled [ 807.932389][ T110] Rebooting in 86400 seconds..