last executing test programs: 3.844702884s ago: executing program 0 (id=231): set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 3.483979326s ago: executing program 0 (id=235): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x4, &(0x7f0000000240), 0x22, 0x4d5, &(0x7f0000000580)="$eJzs3c9vG1kdAPDvTOIkm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7dkLghih1HsVOa0EP6PyBRiRP8CRyQOCD1xJ0b3Li0B6QCFahB4mA09iRNUzvJtqlHij8faTTz5tn+vmdr3td+TvwCGFmXImIvIiYi4tOImM3PJ/kWH/a27HaPH91e3n90ezmJTueTfybd+uxcHLlP5tX8Maci4kffj/hp8mzc1s7u+lK9XtvKy5V2Y7PS2tm9utZYWq2t1jaq1cWFxfn3r71XPbe+vtX43cPvrX304z/+4av3/7z3nV9kzZrJ64724zz1ul46jJMZj4iPXkawAozl/ZkouiE8lzQiPhcRb2fXf6fo1gAAw9DpzEZn9mgZALjo0u4cWJKW87mAmUjTcrk3h/dmTKf1Zqt95UZze2OlN1c2F6X0xlq9Np/PFc5FKcnKC93jJ+XqsfK1iHgjIn45+Uq3XF5u1leKfOMDACPs1WP5/z+TvfwPAFxwU0U3AAAYOvkfAEaP/A8Ao0f+B4DRI/8DwOiR/wFg9Mj/ADBSfvjxx9nW2c9//3rl5s72evPm1ZVaa73c2F4uLze3NsurzeZq9zd7Gqc9Xr3Z3Fx4N7ZvVdq1VrvS2tm93mhub7Svd3/X+3qtNJReAQAneeOte39NImLvg1e6WxxZy0GuhostLboBQGHGim4AUJjxohsAFMZnfKDPEr1P6f8nQhMRd19Kc4AhuPwl8/8wqsz/w+jqP/8v88MoMP8Po6vTSaz5DwAjxid94Pm+/w/f/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDSZrpbkpbztcBnIk3L5YjXImIuSsmNtXptPiJej4i/TJYms/JC0Y0GAF5Q+vckX//r8uw7M8drJ5L/Tnb3EfHzX3/yq1tL7fbWQnb+X4fn23fz89Ui2g8AnOYgTx/k8QOPH91ePtiG2Z6H3+0tLprF3c+3Xs14jHf3U1GKiOl/J3m5J3u/MnYO8ffuRMQX+/U/6c6NzOUrnx6Pn8V+bajx06fip9263j57Lj5/Dm2BUXMvG38+7Hf9pXGpu+9//U91R6gXdzD+7T8z/qWH49/YgPHv0lljvPunHwysuxPx5fF+8ZPD+MmA+O+cMf7fvvK1twfVdX4TcTn6xz8aq9JubFZaO7tX1xpLq7XV2ka1uriwOP/+tfeqle4cdeVgpvpZ//jgyusn9X96QPypU/r/zTP2/7f/+/QnXz8h/re/0f/1f/OE+FlO/NYZ4y9N/37g8t1Z/JUB/T/t9b9yxvj3H+yunPGmAMAQtHZ215fq9dpWfjC+dfyMg/M+yN67FRZ9L3/hi34SLtLBg5/1ntMz36v0WW58wsEXXmK/ihyVgGF4ctEX3RIAAAAAAAAAAAAAAGCQYfybVNF9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OL6fwAAAP//M8rRSQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c) fallocate(r0, 0x10, 0x3, 0x7c27) 2.883302771s ago: executing program 0 (id=241): r0 = open(&(0x7f0000000000)='./file0\x00', 0x1607c0, 0x78e22799f4a46ffe) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x98) fcntl$setlease(r1, 0x400, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1) fcntl$setlease(r0, 0x400, 0x0) 1.909912087s ago: executing program 0 (id=254): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000140)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjYkKsmZk7be/tTDqSmVbI55PQO/f8nvnOPXPu4nLiROX2wkpuYSVXWMqV526unM59Ui6tLhZDvE8Oun/a0404if3BuXLuwnvXT4fww/xPjzc3NzdDVW9oamTH699/uzu389gQZ+pU223eWqd8GEI4sWtcVT0hhA++DyEKIZxN0saTY38I4Vio512/+/mNXIdG8+BR8Uz+ycy9jdFT0+v3N1q/9yiEr0v/f/3W4i8v9Yz+/GqHugcAAAAAAAAAAAAAAAAA4Bk3efXKtXeHR8LDKPSuR7uf151Mjq2ej93smBe7/2YBAAAAAAAAAAAAAAAAAADgH2r7+f9cdLzJ8/8TyXGsRf3Nt7s/Rrpn6p0rE+eHR5L936Nd+W8kSb+e7QmDTfZ9z+7/fjZTv/n+77v7eVqN8TX6HQhRPJQ6j+OhoRC+TTZ+PxkdjkvllcprN8urS/MdG8YzKx3/+u79qegkG/q3G//xTPvd3///f7u+TdXzG537ij3X0vHvaVnuu8+ituJ/LlNvP+LfnqiDs87zIx3/3lpa/84CY/UJoBr/L3r3jv9Epv1uxf9YCCEXVceaS80Ax5P0VusV0tLx/1ctLXWdJB9kq+v/j0z8z2faP6j5fy37Q0RT6fj/u5bWlyqxff0Pxntf/xcy7R9E/KvjXzPZtyUd/0P1xN5Ukdon2e78P5lpv1vxvxYn4zwWpb4B61E9vdX/V0daOv59u/K37//ittZ/FzP19+v+r9Fv4/6vMf2/EtXv/2guHf/+luXavf6nMvW6Pf+P1dZ/PK10/A/X0tJr54Ha33bjP51pv1vxr61K+hrx3/7B+vNQPf0b67+2pOP/n3pivLPEWu1vbf0X7b3+v5Rp/yDWf9Xxr8Xd7fV5kY7/kZblqvH/sY3f/8uZet2PfwjD1vpPLR3/oy3L1a7/vr3jP5Op1+34v9zNxgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeAePJcSBE8VDqPI6HhkI4l5yfDIej2cJ8frZUnvt4JYSJJD0Xjke3SuXZQim/sFSeL+YLpVJ5LoTzSf6J0BetlMqV/GLhzoWttvqj28XCcmW2WKiEECaT9BfC0UZbswuVxcKdEMLFrbz/xuXlO7cLS/n5heW3hoeHh8PU1hgGo+KnleJSpd57PTeE6a26A9GOwdWyL22N5Uj0UXl1ealQqqVf3lGnVJ4rlHbUmUnyvgyDUWV5dWmuUCnmS+Vbjf4O0lhynJi6+v7VyyO78m9E9eP4/g4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/p4eibX4UQeutncQghFyUvouRfyoNHxTP5JzP3NkZPTa/f33jcrAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RglYiAKA/CbEdHSY1iFpLNNUEQLI4In0GN4mHgUL+EdLCxsLUTYTGA32SLNbvV9zYP5efMezAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr3T71z491E5Hi/O8s4uP182s7vy916MZ6Ous/OdKeHMbdQ399Uzfl3dMivypH323epL8/by+xp07eu93++X8aLefMDd26/af9prkXkXIVEW3JL1POVbXuLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2j6NsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgVAAD//xqlH1s=") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) mknodat(r0, &(0x7f0000000100)='./file0/file0\x00', 0x8910, 0x4) unlinkat(r0, &(0x7f0000000000)='./file0\x00', 0x200) 1.891659917s ago: executing program 3 (id=255): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x34, 0x0, 0x203, 0x80000000, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}]}]}, 0x34}}, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100004800c000880"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0) 1.711049449s ago: executing program 3 (id=257): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40142, 0xa9) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x10) sendfile(r0, r0, 0x0, 0x800000009) 1.612625019s ago: executing program 2 (id=259): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000580)) ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f00000001c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0xe, 0x7}]}) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]}) close(0x3) 1.387489221s ago: executing program 1 (id=261): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x22081) close_range(r0, 0xffffffffffffffff, 0x0) 1.292496961s ago: executing program 3 (id=262): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @dev={0xfe, 0x80, '\x00', 0x10}, 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@hopopts={{0x18, 0x29, 0x36, {0x5c}}}], 0x18}, 0xc4) 1.292275101s ago: executing program 2 (id=263): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x8, 0x10001, 0x9, 0x1}, 0x50) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100ffffffff"}) 1.218563912s ago: executing program 1 (id=264): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000086dd0001110004000000a60c6eec00be004411"], 0xfdef) 1.134251863s ago: executing program 2 (id=265): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb0800450045ac00006000002f9078ac1e0001e00000010008655800189078040000000000001386dd"], 0xfdef) 1.070790243s ago: executing program 3 (id=266): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfffffff8, 0x0, 0xfffbfffd, 0xffffffff, 0x47, "044191f19dd026d76d7fcb367800", 0x4, 0x200}) 788.582815ms ago: executing program 1 (id=267): prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) setresgid(0xffffffffffffffff, 0xee01, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) migrate_pages(r0, 0xa3, 0x0, 0x0) 759.341285ms ago: executing program 0 (id=268): r0 = socket$inet6(0xa, 0x80002, 0x0) socket$packet(0x11, 0xa, 0x300) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00) 628.763586ms ago: executing program 2 (id=269): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x52000775) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18) utimensat(r1, 0x0, &(0x7f0000000880)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0) 580.503127ms ago: executing program 1 (id=270): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000040)=0x6, 0x4) bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x8}, 0x1c) 516.394697ms ago: executing program 2 (id=271): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f0000000040)={0x1}) 448.484577ms ago: executing program 1 (id=272): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000) ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000300)={0x1, 0x1, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0}) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000) 308.606188ms ago: executing program 0 (id=273): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 307.950278ms ago: executing program 1 (id=274): setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000040)={&(0x7f0000001800)=[{0x63, 0x2800, 0x0, 0x0}, {0x63, 0x1011, 0x0, 0x0}], 0x2}) 222.858339ms ago: executing program 2 (id=275): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000000c0)=ANY=[@ANYBLOB='intr,heartbeat=none,errors=remount-ro,coherency=full,localflocks,intr,noacl,\x00'], 0x1, 0x4436, &(0x7f0000004480)="$eJzs3b9PHFceAPA3Az6Dz/aBz4VPOulWOkt3ujshcHUJloIxNgabOHJiK0qzXmBtkyysBUuUwpFIZylVpBRRCiuR0lFZFGmdPyFNSqe2lBRpIkWyQrS7s8AMu2KNWPCPz6dgdt5v+M68fVMML05U7swt5eaWcoWFXHnm1tKZ3Ifl0vJ8McT7pGn/h/avf9rTievkoK+9V9nV8xffvnEmhO9mf3iyvr6+Hqq6Q1NDWz7/+su9ma3HhjhTp9pu89b2ynshhJPbxlXVFUJ499sQohDCuSRtNDn2hhCOhXrejXuf3szt0WgePi6ezT+dur82fHpy9cFa6989CuHL0t/+d3v+p392Df/4n2fo4uM9GSgAAAAAAAAAAAAAAAAAAM+l8WtXr781OBQeRaF7Ndr+vu54cmz1fuz6nvlH539ZAAAAAAAAAAAAAAAAAAAAeE5tvv+fi040ef9/LDmOtKi//kbnx0jnTLx5dezC4FCy/3u0Lf//SdLP57pCf5N937P7v5/b/Hg4tNz/fXs/u9UYX6PfvhDFA6nzOB4YCOHrZOP3U9GRuFReqvz3Vnl5YXbPhvHCSse/vnt/KjrJhv7txn80037n9///67arqXp+c+8usZdaOv5dLct980nUVvzPZ+rtR/zZvXT8u2tpvVsLjNQngGr8P+veOf5jmfY7Ff/jIYRcVB1rLjUDVNcw1fRW65UmzbzS0vE/VEtLTZ3JH7LV/f9bJv4XMu0f1Py/kv0ioql0/P9US+tJldi8//vjne//i5n2DyL+1fGv+P5vSzr+h+uJ3akitb9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/f87qj//0Vw6/r0ty7V7/09k6nV6/h+prf/YrXT8j9TS0mvnvtrPduM/mWm/U/GvrUp6GvHfnE9+P1xP/8r6ry3p+P+5nhhvLbFS+1lb/0U7r/8vZ9o/iPVfdfwrcWd7fVmk43+0Zblq/L9v4/v/SqZe5+MfwqC1/q6l43+sZbna/d+zc/ynMvU6Hf9/dbJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBfAaHLsC1E8kDqP44GBEM4n56fCkWi6MJufLpVnPlgKYSxJz4UT0e1SebpQys8tlGeL+UKpVJ4J4UKSfzL0REulciU/X7h7caOt3uhOsbBYmS4WKiGE8ST97+FYo63pucp84W4I4dJG3l/i8uLdO4WF/Ozc4uuDg4ODYWJjDP1R8aNKcaFS772eG8LkRt2+aMvgatmXN8ZyNHq/vLy4UCjV0q9sqVMqzxRKW+pMJXmfh/6osri8MFOoFPOl8u1GfwdpJDmOTVx759qVoW35N6P6cXR/hwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAM3o0/NoXIYTu+lkcQhhpfIialX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4gx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs0jFKA0EUBuA3Y6F2HsNq2e1sVxTRwhXBE+gxPIwexUt4hxQp0qYIgWQWwmYXtkmq72sezM/MezAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//7ThH6I=") r0 = open(&(0x7f0000000580)='./file1\x00', 0x80342, 0x1df2a23c5997fa5f) sendfile(r0, r0, 0x0, 0x7f03) setxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240), &(0x7f0000001400)=ANY=[], 0x841, 0x0) lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)=@known='trusted.overlay.upper\x00') 149.43765ms ago: executing program 3 (id=276): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) close(0x4) 0s ago: executing program 3 (id=277): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, 0x0}], 0x1, 0x74, 0x0, 0xfffffcda) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="04000000000000008a04"]) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.181' (ED25519) to the list of known hosts. [ 63.176389][ T5774] cgroup: Unknown subsys name 'net' [ 63.342652][ T5774] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 64.706098][ T5774] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 66.759563][ T5794] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 66.764289][ T5795] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 66.767999][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 66.783997][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 66.786061][ T5799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 66.792060][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 66.806390][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 66.816978][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.825260][ T5799] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 66.825394][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.840934][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.845395][ T5796] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.848527][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 66.867809][ T5796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.867955][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 66.882698][ T5790] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.895220][ T5790] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.902558][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 66.912017][ T5790] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.921533][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.938092][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 66.947280][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.965887][ T5790] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.973745][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.365452][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 67.460951][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 67.480177][ T5792] chnl_net:caif_netlink_parms(): no params data found [ 67.579053][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 67.596298][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.604018][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.611721][ T5787] bridge_slave_0: entered allmulticast mode [ 67.619008][ T5787] bridge_slave_0: entered promiscuous mode [ 67.643276][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.650570][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.658015][ T5787] bridge_slave_1: entered allmulticast mode [ 67.665402][ T5787] bridge_slave_1: entered promiscuous mode [ 67.741080][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.748356][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.756208][ T5785] bridge_slave_0: entered allmulticast mode [ 67.762883][ T5785] bridge_slave_0: entered promiscuous mode [ 67.796459][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.803634][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.811420][ T5785] bridge_slave_1: entered allmulticast mode [ 67.818968][ T5785] bridge_slave_1: entered promiscuous mode [ 67.825995][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.833107][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.840453][ T5792] bridge_slave_0: entered allmulticast mode [ 67.848280][ T5792] bridge_slave_0: entered promiscuous mode [ 67.856373][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.863524][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.870780][ T5792] bridge_slave_1: entered allmulticast mode [ 67.878389][ T5792] bridge_slave_1: entered promiscuous mode [ 67.888841][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.933013][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.998153][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.005656][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.012826][ T5784] bridge_slave_0: entered allmulticast mode [ 68.020329][ T5784] bridge_slave_0: entered promiscuous mode [ 68.029378][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.036728][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.043988][ T5784] bridge_slave_1: entered allmulticast mode [ 68.051506][ T5784] bridge_slave_1: entered promiscuous mode [ 68.060000][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.072562][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.084001][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.096811][ T5787] team0: Port device team_slave_0 added [ 68.125266][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.136796][ T5787] team0: Port device team_slave_1 added [ 68.184146][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.196564][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.210953][ T5785] team0: Port device team_slave_0 added [ 68.220258][ T5785] team0: Port device team_slave_1 added [ 68.270197][ T5792] team0: Port device team_slave_0 added [ 68.278195][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.285358][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.312032][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.347229][ T5792] team0: Port device team_slave_1 added [ 68.353776][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.361268][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.387726][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.408897][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.416208][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.443350][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.463135][ T5784] team0: Port device team_slave_0 added [ 68.481358][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.488987][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.515677][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.551677][ T5784] team0: Port device team_slave_1 added [ 68.596876][ T5787] hsr_slave_0: entered promiscuous mode [ 68.603182][ T5787] hsr_slave_1: entered promiscuous mode [ 68.620907][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.628051][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.655906][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.682672][ T5785] hsr_slave_0: entered promiscuous mode [ 68.689276][ T5785] hsr_slave_1: entered promiscuous mode [ 68.696009][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.704467][ T5785] Cannot create hsr debugfs directory [ 68.720410][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.727465][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.753714][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.789204][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.796521][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.823504][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.836416][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.843642][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.869810][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.930521][ T5793] Bluetooth: hci2: command tx timeout [ 68.945819][ T5792] hsr_slave_0: entered promiscuous mode [ 68.952338][ T5792] hsr_slave_1: entered promiscuous mode [ 68.959288][ T5792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.967245][ T5792] Cannot create hsr debugfs directory [ 69.004917][ T5794] Bluetooth: hci0: command tx timeout [ 69.010322][ T5793] Bluetooth: hci3: command tx timeout [ 69.011214][ T5790] Bluetooth: hci1: command tx timeout [ 69.093251][ T5784] hsr_slave_0: entered promiscuous mode [ 69.100687][ T5784] hsr_slave_1: entered promiscuous mode [ 69.107745][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.115547][ T5784] Cannot create hsr debugfs directory [ 69.384950][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.399049][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.409698][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.432523][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.480114][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.496214][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.508872][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.523808][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.599176][ T5792] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 69.628448][ T5792] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 69.639794][ T5792] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.661767][ T5792] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.761623][ T5784] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 69.771908][ T5784] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 69.799292][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.807061][ T5784] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 69.820860][ T5784] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 69.875121][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.908084][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.915588][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.957283][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.964447][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.996615][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.029463][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.091955][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.104049][ T5792] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.129812][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.137007][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.153911][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.161120][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.190660][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.197803][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.224263][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.231458][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.260852][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.383370][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.426935][ T5792] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.453218][ T143] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.460466][ T143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.498094][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.505312][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.601554][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.798914][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.855100][ T5787] veth0_vlan: entered promiscuous mode [ 70.874356][ T5787] veth1_vlan: entered promiscuous mode [ 70.948099][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.988083][ T5785] veth0_vlan: entered promiscuous mode [ 71.007560][ T5790] Bluetooth: hci2: command tx timeout [ 71.030979][ T5787] veth0_macvtap: entered promiscuous mode [ 71.040373][ T5785] veth1_vlan: entered promiscuous mode [ 71.063506][ T5787] veth1_macvtap: entered promiscuous mode [ 71.085313][ T5790] Bluetooth: hci3: command tx timeout [ 71.085350][ T5793] Bluetooth: hci1: command tx timeout [ 71.090731][ T5794] Bluetooth: hci0: command tx timeout [ 71.122760][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.138422][ T5792] veth0_vlan: entered promiscuous mode [ 71.152863][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.178240][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.187409][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.197147][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.206490][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.222731][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.234113][ T5792] veth1_vlan: entered promiscuous mode [ 71.303758][ T5785] veth0_macvtap: entered promiscuous mode [ 71.360171][ T5785] veth1_macvtap: entered promiscuous mode [ 71.377556][ T5792] veth0_macvtap: entered promiscuous mode [ 71.402137][ T5792] veth1_macvtap: entered promiscuous mode [ 71.414474][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.430228][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.468660][ T5784] veth0_vlan: entered promiscuous mode [ 71.480518][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.491716][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.503200][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.515959][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.526619][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.538254][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.554221][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.554266][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.573357][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.578468][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.591898][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.604268][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.617223][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.633446][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.642616][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.659863][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.661926][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.668762][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.675997][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.690915][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.701875][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.712379][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.723414][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.736576][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.745252][ T5784] veth1_vlan: entered promiscuous mode [ 71.769113][ T5792] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.777978][ T5792] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.787378][ T5792] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.797243][ T5792] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.956822][ T5784] veth0_macvtap: entered promiscuous mode [ 71.973610][ T5879] syz.0.1[5879]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 71.993058][ T5784] veth1_macvtap: entered promiscuous mode [ 72.067800][ T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.089834][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.095036][ T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.103795][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.124624][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.143025][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.153382][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.165173][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.177295][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.201771][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.217987][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.229647][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.235249][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.247605][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.259470][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.269714][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.280522][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.293900][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.371992][ T5784] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.386045][ T5879] loop0: detected capacity change from 0 to 32768 [ 72.387515][ T5784] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.401807][ T5784] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.411023][ T5879] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1 (5879) [ 72.416483][ T5784] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.440899][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.452976][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.480470][ T5879] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 72.492136][ T5879] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 72.505088][ T5879] BTRFS info (device loop0): using free space tree [ 72.521773][ T2945] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.563195][ T2945] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.766986][ T5879] BTRFS info (device loop0): enabling ssd optimizations [ 72.774004][ T5879] BTRFS info (device loop0): auto enabling async discard [ 72.833182][ T143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.878998][ T5897] loop1: detected capacity change from 0 to 16 [ 72.885212][ T143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.909267][ T5897] ======================================================= [ 72.909267][ T5897] WARNING: The mand mount option has been deprecated and [ 72.909267][ T5897] and is ignored by this kernel. Remove the mand [ 72.909267][ T5897] option from the mount to silence this warning. [ 72.909267][ T5897] ======================================================= [ 72.979119][ T28] audit: type=1800 audit(1762123186.733:2): pid=5879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="file2" dev="loop0" ino=261 res=0 errno=0 [ 73.034450][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.045227][ T5897] erofs: (device loop1): mounted with root inode @ nid 36. [ 73.096764][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.098363][ T5794] Bluetooth: hci2: command tx timeout [ 73.156003][ T28] audit: type=1800 audit(1762123186.913:3): pid=5897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 73.180039][ T5794] Bluetooth: hci1: command tx timeout [ 73.185294][ T5790] Bluetooth: hci0: command tx timeout [ 73.185587][ T5794] Bluetooth: hci3: command tx timeout [ 73.223256][ T5901] loop3: detected capacity change from 0 to 128 [ 73.252035][ T5901] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 73.453836][ T5904] loop2: detected capacity change from 0 to 1024 [ 73.528521][ T5905] loop1: detected capacity change from 0 to 512 [ 73.622240][ T5905] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 73.634979][ T5905] EXT4-fs (loop1): DAX unsupported by block device. [ 73.700876][ T5904] hfsplus: can't free extent [ 73.708275][ T5787] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 73.740417][ T5909] loop3: detected capacity change from 0 to 64 [ 73.774060][ T5904] hfsplus: can't free extent [ 73.791455][ T5904] hfsplus: can't free extent [ 74.233921][ T5915] loop3: detected capacity change from 0 to 512 [ 74.336689][ T5920] batadv_slave_1: entered promiscuous mode [ 74.370819][ T5919] batadv_slave_1: left promiscuous mode [ 75.175105][ T5794] Bluetooth: hci2: command tx timeout [ 75.246394][ T5794] Bluetooth: hci3: command tx timeout [ 75.246419][ T5793] Bluetooth: hci0: command tx timeout [ 75.252004][ T5794] Bluetooth: hci1: command tx timeout [ 75.379864][ T5932] loop1: detected capacity change from 0 to 32768 [ 75.409862][ T5927] loop0: detected capacity change from 0 to 32768 [ 75.477028][ T5927] (syz.0.17,5927,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 75.558830][ T5927] (syz.0.17,5927,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 75.630609][ T5927] JBD2: Ignoring recovery information on journal [ 75.692527][ T5936] loop2: detected capacity change from 0 to 32768 [ 75.751311][ T5927] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 76.150716][ T5787] ocfs2: Unmounting device (7,0) on (node local) [ 76.556911][ T5959] syz.0.30 uses obsolete (PF_INET,SOCK_PACKET) [ 76.712858][ T5965] Bluetooth: MGMT ver 1.22 [ 77.078949][ T5794] Bluetooth: hci2: unexpected cc 0x0402 length: 61 > 1 [ 77.086462][ T5794] Bluetooth: hci2: Ignoring error of Inquiry Cancel command [ 77.214946][ T5980] loop0: detected capacity change from 0 to 1024 [ 77.238947][ T5980] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 77.278620][ T5980] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 77.331330][ T5980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.479345][ T5980] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 77.623890][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.930194][ T5971] loop2: detected capacity change from 0 to 32768 [ 77.957640][ T5971] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.36 (5971) [ 77.993123][ T5971] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 78.037286][ T5971] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 78.072630][ T5971] BTRFS info (device loop2): using free space tree [ 78.136540][ T6002] Zero length message leads to an empty skb [ 78.281944][ T5971] BTRFS info (device loop2): enabling ssd optimizations [ 78.335479][ T5971] BTRFS info (device loop2): auto enabling async discard [ 78.433507][ T6024] loop1: detected capacity change from 0 to 2048 [ 78.573895][ T6024] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.697332][ T6030] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 78.713410][ T28] audit: type=1800 audit(1762123192.473:4): pid=6024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.52" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 78.850416][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.061887][ T5784] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 79.263407][ T6026] loop3: detected capacity change from 0 to 32768 [ 79.416383][ T6026] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 79.450095][ T6020] loop0: detected capacity change from 0 to 40427 [ 79.505897][ T6020] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 79.570973][ T6020] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 79.704801][ T6020] F2FS-fs (loop0): invalid crc value [ 79.750752][ T6020] F2FS-fs (loop0): Found nat_bits in checkpoint [ 79.759747][ T5792] ocfs2: Unmounting device (7,3) on (node local) [ 79.978016][ T6020] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 79.993376][ T6020] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 80.165156][ T6034] loop1: detected capacity change from 0 to 40427 [ 80.184383][ T6034] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 80.219382][ T6034] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 80.235997][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 80.254234][ T6034] F2FS-fs (loop1): invalid crc value [ 80.294728][ T6034] F2FS-fs (loop1): Found nat_bits in checkpoint [ 80.336811][ T6053] loop3: detected capacity change from 0 to 512 [ 80.407136][ T6053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 80.434782][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 80.450891][ T6053] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.451143][ T23] usb 3-1: config 0 has an invalid interface number: 126 but max is 0 [ 80.480186][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.491268][ T23] usb 3-1: config 0 has no interface number 0 [ 80.499318][ T23] usb 3-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 80.500588][ T6034] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 80.508548][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.514457][ T23] usb 3-1: config 0 descriptor?? [ 80.572658][ T6034] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 80.581996][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 80.707801][ T6058] syz.1.54: attempt to access beyond end of device [ 80.707801][ T6058] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 80.756398][ T23] usb 3-1: USB disconnect, device number 2 [ 80.811532][ T6058] syz.1.54: attempt to access beyond end of device [ 80.811532][ T6058] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 80.828031][ T6060] loop3: detected capacity change from 0 to 128 [ 80.876889][ T1116] kworker/u4:8: attempt to access beyond end of device [ 80.876889][ T1116] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 80.896375][ T6060] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.916759][ T1116] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 80.923995][ T1116] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 80.943934][ T6060] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 80.963133][ T6034] VFS:Filesystem freeze failed [ 81.051746][ T5792] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.163920][ T6065] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 81.477771][ T6070] kvm: user requested TSC rate below hardware speed [ 81.687392][ T6075] loop1: detected capacity change from 0 to 512 [ 81.908114][ T9] cfg80211: failed to load regulatory.db [ 81.929832][ T6068] loop0: detected capacity change from 0 to 32768 [ 81.988642][ T6068] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.64 (6068) [ 82.054514][ T6068] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.081194][ T6068] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 82.104764][ T6068] BTRFS info (device loop0): using free space tree [ 82.228209][ T6068] BTRFS info (device loop0): enabling ssd optimizations [ 82.259160][ T6068] BTRFS info (device loop0): auto enabling async discard [ 82.286983][ T6073] loop3: detected capacity change from 0 to 32768 [ 82.344818][ T5776] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 82.382859][ T28] audit: type=1800 audit(1762123196.133:5): pid=6073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.66" name=84 dev="loop3" ino=7 res=0 errno=0 [ 82.482963][ T6068] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 82.544916][ T5776] usb 3-1: Using ep0 maxpacket: 32 [ 82.552727][ T5776] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 82.600291][ T5776] usb 3-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 82.625162][ T5776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.649815][ T5776] usb 3-1: Product: syz [ 82.659580][ T5776] usb 3-1: Manufacturer: syz [ 82.673054][ T6107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.73'. [ 82.680340][ T5776] usb 3-1: SerialNumber: syz [ 82.711522][ T5776] usb 3-1: config 0 descriptor?? [ 82.740110][ T5776] usb 3-1: no audio or video endpoints found [ 82.790838][ T5787] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 83.069562][ T6116] netlink: 'syz.0.75': attribute type 1 has an invalid length. [ 83.460939][ T6126] Illegal XDP return value 4294967274 on prog (id 17) dev syz_tun, expect packet loss! [ 83.582222][ T6128] loop1: detected capacity change from 0 to 512 [ 83.589630][ T6128] EXT4-fs: Ignoring removed bh option [ 83.607816][ T6128] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 83.677154][ T6128] EXT4-fs (loop1): 1 truncate cleaned up [ 83.701923][ T6128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 83.814379][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.021342][ T6131] loop3: detected capacity change from 0 to 40427 [ 84.057632][ T6131] F2FS-fs (loop3): invalid crc value [ 84.075403][ T6131] F2FS-fs (loop3): Found nat_bits in checkpoint [ 84.185335][ T6131] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 84.263110][ T6131] syz.3.83: attempt to access beyond end of device [ 84.263110][ T6131] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 84.324940][ T6134] loop1: detected capacity change from 0 to 32768 [ 84.327382][ T5792] syz-executor: attempt to access beyond end of device [ 84.327382][ T5792] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 84.340199][ T6134] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.84 (6134) [ 84.361359][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 84.374346][ T6134] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 84.390021][ T6134] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 84.399662][ T6134] BTRFS info (device loop1): using free space tree [ 84.500731][ T6134] BTRFS info (device loop1): enabling ssd optimizations [ 84.514904][ T6134] BTRFS info (device loop1): auto enabling async discard [ 84.688168][ T6134] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 84.762325][ T5785] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 85.049679][ T6158] loop1: detected capacity change from 0 to 512 [ 85.050566][ T6156] loop3: detected capacity change from 0 to 4096 [ 85.076220][ T6158] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 85.104420][ T5776] usb 3-1: USB disconnect, device number 3 [ 85.113793][ T6158] EXT4-fs (loop1): invalid journal inode [ 85.142364][ T6158] EXT4-fs (loop1): can't get journal size [ 85.153664][ T6156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.217195][ T6158] EXT4-fs (loop1): 1 truncate cleaned up [ 85.250318][ T6158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.329942][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.435544][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.485538][ T5794] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 85.936524][ T6163] loop2: detected capacity change from 0 to 32768 [ 85.963687][ T6163] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 86.020365][ T6163] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 86.056435][ T11] (kworker/u4:0,11,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 86.211883][ T6163] syz.2.87 (6163) used greatest stack depth: 19248 bytes left [ 86.307468][ T5784] ocfs2: Unmounting device (7,2) on (node local) [ 86.325577][ T6170] loop0: detected capacity change from 0 to 32768 [ 86.384260][ T6170] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 86.439669][ T6168] loop1: detected capacity change from 0 to 32768 [ 86.554178][ T6168] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 86.641794][ T6187] loop3: detected capacity change from 0 to 1024 [ 86.709956][ T6187] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 86.796913][ T5787] ocfs2: Unmounting device (7,0) on (node local) [ 86.869413][ T6187] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #3: block 1: comm syz.3.92: lblock 1 mapped to illegal pblock 1 (length 1) [ 86.921354][ T6187] Quota error (device loop3): write_blk: dquota write failed [ 86.985803][ T6187] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 86.995932][ T6168] XFS (loop1): Ending clean mount [ 87.052194][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 87.097505][ T6187] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.92: Failed to acquire dquot type 0 [ 87.145228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.154508][ T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!! [ 87.163344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 87.328010][ T6168] XFS (loop1): Quotacheck needed: Please wait. [ 87.335082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.359142][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.400064][ T6187] EXT4-fs error (device loop3): ext4_free_blocks:6676: comm syz.3.92: Freeing blocks not in datazone - block = 0, count = 4096 [ 87.461724][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 87.615082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.701965][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 87.740847][ T6187] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.92: Invalid inode bitmap blk 0 in block_group 0 [ 87.768727][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.916921][ T1127] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 87.964453][ T6187] EXT4-fs error (device loop3) in ext4_free_inode:363: Corrupt filesystem [ 88.037191][ T6187] EXT4-fs (loop3): 1 orphan inode deleted [ 88.054792][ T1127] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 88.102073][ T1127] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u4:9: Failed to release dquot type 0 [ 88.102690][ T6207] loop2: detected capacity change from 0 to 256 [ 88.122470][ T6187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.172190][ T6168] XFS (loop1): Quotacheck: Done. [ 88.232801][ T6207] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 88.368781][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.532073][ T5785] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 88.858465][ T6212] loop2: detected capacity change from 0 to 512 [ 88.907519][ T6212] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 88.943731][ T6212] EXT4-fs (loop2): invalid journal inode [ 88.974319][ T6212] EXT4-fs (loop2): can't get journal size [ 89.013865][ T6212] EXT4-fs (loop2): 1 truncate cleaned up [ 89.031348][ T6212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.277580][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.886445][ T2945] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 5 [ 90.911163][ T6240] loop0: detected capacity change from 0 to 32768 [ 90.968712][ T6240] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 91.143556][ T6240] XFS (loop0): Ending clean mount [ 91.167496][ T6240] XFS (loop0): Quotacheck needed: Please wait. [ 91.241994][ T6240] XFS (loop0): Quotacheck: Done. [ 91.458380][ T5787] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 92.817371][ T6277] loop1: detected capacity change from 0 to 32768 [ 92.938259][ T6277] JBD2: Ignoring recovery information on journal [ 93.076004][ T6277] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 93.197832][ T28] audit: type=1326 audit(1762123206.953:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 93.250497][ T5785] ocfs2: Unmounting device (7,1) on (node local) [ 93.254858][ T28] audit: type=1326 audit(1762123206.993:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 93.289352][ T28] audit: type=1326 audit(1762123206.993:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 93.365034][ T28] audit: type=1326 audit(1762123206.993:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 93.632809][ T28] audit: type=1326 audit(1762123206.993:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.021124][ T28] audit: type=1326 audit(1762123206.993:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.155927][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 94.200017][ T28] audit: type=1326 audit(1762123206.993:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.223193][ T28] audit: type=1326 audit(1762123206.993:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.245990][ T28] audit: type=1326 audit(1762123206.993:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.268307][ T28] audit: type=1326 audit(1762123206.993:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6296 comm="syz.3.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f0bf0d8efc9 code=0x7ffc0000 [ 94.396653][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.419324][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.454943][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 94.485178][ T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.507649][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.538765][ T9] usb 4-1: config 0 descriptor?? [ 94.835678][ T6295] loop2: detected capacity change from 0 to 32768 [ 94.896973][ T6295] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.006370][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.019094][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.027008][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.034454][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.037905][ T6295] XFS (loop2): Ending clean mount [ 95.044356][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.055743][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.066562][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.074014][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.091350][ T6295] XFS (loop2): Quotacheck needed: Please wait. [ 95.124387][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.146099][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.153621][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.180880][ T6295] XFS (loop2): Quotacheck: Done. [ 95.205739][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.213785][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.234811][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.242364][ T9] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 95.262134][ T9] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 95.326185][ T9] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 95.359183][ T9] usb 4-1: USB disconnect, device number 2 [ 95.440487][ T5784] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.450321][ T5776] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 95.479202][ T6333] loop0: detected capacity change from 0 to 2048 [ 95.504414][ T6331] fido_id[6331]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 95.551961][ T6333] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.582716][ T6333] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.646692][ T5776] usb 2-1: Using ep0 maxpacket: 32 [ 95.689397][ T5776] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 95.712123][ T5776] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 95.754998][ T5776] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 95.764126][ T5776] usb 2-1: Product: syz [ 95.786323][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.792174][ T5776] usb 2-1: Manufacturer: syz [ 95.806071][ T5776] usb 2-1: SerialNumber: syz [ 95.842585][ T5776] usb 2-1: config 0 descriptor?? [ 95.866040][ T6327] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 96.220243][ T5855] usb 2-1: USB disconnect, device number 2 [ 97.362559][ T6368] loop3: detected capacity change from 0 to 4096 [ 97.469483][ T6369] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 97.504815][ T6345] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 97.635331][ T6364] loop0: detected capacity change from 0 to 32768 [ 97.663214][ T6364] [ 97.663214][ T6364] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 97.663214][ T6364] [ 97.676285][ T5855] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 97.704384][ T6364] ERROR: (device loop0): diWrite: ixpxd invalid [ 97.704384][ T6364] [ 97.718912][ T6364] ERROR: (device loop0): txCommit: [ 97.718912][ T6364] [ 97.727218][ T6345] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 97.741172][ T6345] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 97.753433][ T6364] ERROR: (device loop0): diWrite: ixpxd invalid [ 97.753433][ T6364] [ 97.762539][ T6345] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 97.772234][ T6364] ERROR: (device loop0): txCommit: [ 97.772234][ T6364] [ 97.781123][ T6345] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 97.796938][ T6364] [ 97.796938][ T6364] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 97.796938][ T6364] [ 97.820850][ T6345] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 97.846671][ T6364] [ 97.846671][ T6364] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 97.846671][ T6364] [ 97.868855][ T6345] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 97.889083][ T5855] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 97.922936][ T6345] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 97.935006][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.943041][ T5855] usb 2-1: Product: syz [ 97.955179][ T6345] usb 3-1: Product: syz [ 97.959723][ T6345] usb 3-1: Manufacturer: syz [ 97.965508][ T5855] usb 2-1: Manufacturer: syz [ 97.971618][ T5855] usb 2-1: SerialNumber: syz [ 97.972765][ T5787] [ 97.972765][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 97.972765][ T5787] [ 97.981301][ T6345] cdc_wdm 3-1:1.0: skipping garbage [ 97.995387][ T6345] cdc_wdm 3-1:1.0: skipping garbage [ 98.006485][ T5855] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 98.017249][ T5787] [ 98.017249][ T5787] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 98.017249][ T5787] [ 98.036659][ T6345] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 98.050987][ T6345] cdc_wdm 3-1:1.0: Unknown control protocol [ 98.069777][ T23] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 98.220732][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 98.227774][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 98.234910][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 98.241539][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 98.254877][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 98.261538][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 98.267944][ T6345] usb 3-1: USB disconnect, device number 4 [ 98.275004][ C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71 [ 98.281634][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes [ 98.287910][ C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 98.389858][ T5855] usb 2-1: USB disconnect, device number 3 [ 98.674921][ T27] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 98.886185][ T27] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 98.905142][ T27] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 98.934883][ T27] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 98.954205][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.180599][ T23] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 99.199108][ T23] ath9k_htc: Failed to initialize the device [ 99.210075][ T27] usb 1-1: GET_CAPABILITIES returned 0 [ 99.218774][ T27] usbtmc 1-1:16.0: can't read capabilities [ 99.228345][ T5855] usb 2-1: ath9k_htc: USB layer deinitialized [ 99.299058][ T6389] loop3: detected capacity change from 0 to 4096 [ 99.451396][ T6375] usbtmc 1-1:16.0: usbtmc_ioctl_request failed -32 [ 99.458006][ T6388] Set syz1 is full, maxelem 6117 reached [ 99.491020][ T5776] usb 1-1: USB disconnect, device number 2 [ 99.664877][ T5855] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 99.730530][ T6401] kvm_intel: kvm [6400]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x89 [ 99.842643][ T6404] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.167'. [ 99.857290][ T5855] usb 2-1: Using ep0 maxpacket: 32 [ 99.867982][ T5855] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 99.881565][ T5855] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 99.900730][ T5855] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 99.922985][ T5855] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 99.937129][ T5855] usb 2-1: config 0 interface 0 has no altsetting 0 [ 99.962017][ T5855] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 99.975024][ T5855] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 99.983635][ T5855] usb 2-1: Product: syz [ 99.993285][ T5855] usb 2-1: Manufacturer: syz [ 100.000033][ T5855] usb 2-1: SerialNumber: syz [ 100.021979][ T5855] usb 2-1: config 0 descriptor?? [ 100.036519][ T5855] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 100.061531][ T5855] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 100.270219][ T6391] ldusb 2-1:0.0: Write buffer overflow, 2147479232 bytes dropped [ 100.337976][ T5776] usb 2-1: USB disconnect, device number 4 [ 100.337976][ C1] ldusb 2-1:0.0: usb_submit_urb failed (-19) [ 100.351209][ T6391] ldusb 2-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 100.377027][ T5776] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 100.564859][ T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 100.601646][ T6423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.176'. [ 100.683403][ T6425] sctp: [Deprecated]: syz.3.177 (pid 6425) Use of int in max_burst socket option deprecated. [ 100.683403][ T6425] Use struct sctp_assoc_value instead [ 100.746551][ T6413] loop2: detected capacity change from 0 to 32768 [ 100.766965][ T8] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 100.779145][ T8] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 100.790433][ T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 100.810069][ T6413] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 100.812777][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 100.861358][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 100.881018][ T8] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 100.904292][ T8] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 100.914779][ T8] usb 1-1: Product: syz [ 100.918997][ T8] usb 1-1: Manufacturer: syz [ 100.940237][ T6413] XFS (loop2): Ending clean mount [ 100.965443][ T6413] XFS (loop2): Quotacheck needed: Please wait. [ 100.965659][ T8] cdc_wdm 1-1:1.0: skipping garbage [ 100.999036][ T8] cdc_wdm 1-1:1.0: skipping garbage [ 101.012810][ T8] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 101.042796][ T8] cdc_wdm 1-1:1.0: Unknown control protocol [ 101.044372][ T6413] XFS (loop2): Quotacheck: Done. [ 101.459547][ T5784] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 101.755630][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 101.762306][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 101.769929][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 101.776586][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 101.784234][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 101.790879][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 101.798538][ T5833] usb 1-1: USB disconnect, device number 3 [ 101.805136][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 101.805162][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 101.805178][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 101.869856][ T6448] netlink: 'syz.3.182': attribute type 64 has an invalid length. [ 101.925398][ T6448] netlink: 'syz.3.182': attribute type 4 has an invalid length. [ 101.933116][ T6448] netlink: 152 bytes leftover after parsing attributes in process `syz.3.182'. [ 102.335010][ T23] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 102.545057][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 102.552198][ T23] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 102.561789][ T23] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 102.572363][ T23] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 102.593062][ T23] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.603747][ T23] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 102.632171][ T23] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 102.642199][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.655148][ T5833] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 102.834373][ T6478] loop0: detected capacity change from 0 to 512 [ 102.842155][ T6478] EXT4-fs: Ignoring removed orlov option [ 102.848440][ T5833] usb 4-1: Using ep0 maxpacket: 16 [ 102.856656][ T6478] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 102.866336][ T5833] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 102.870224][ T23] usb 3-1: usb_control_msg returned -32 [ 102.879968][ T5833] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 102.883765][ T23] usbtmc 3-1:16.0: can't read capabilities [ 102.894080][ T5833] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 102.908952][ T6478] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2249: inode #15: comm syz.0.192: corrupted in-inode xattr: e_value size too large [ 102.939585][ T6478] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.192: couldn't read orphan inode 15 (err -117) [ 102.940465][ T5833] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 102.974296][ T6478] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.025469][ T5833] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.062359][ T5833] usb 4-1: Product: syz [ 103.075967][ T5833] usb 4-1: Manufacturer: syz [ 103.095358][ T5833] usb 4-1: SerialNumber: syz [ 103.143162][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.184231][ T6485] loop1: detected capacity change from 0 to 1024 [ 103.256035][ T6486] usbtmc 3-1:16.0: INITIATE_CLEAR returned 0 [ 103.404081][ T1116] hfsplus: b-tree write err: -5, ino 4 [ 103.496050][ T23] usb 3-1: USB disconnect, device number 5 [ 103.511328][ T5833] usb 4-1: 0:2 : does not exist [ 104.146582][ T5833] usb 4-1: 1:0: failed to get current value for ch 0 (-22) [ 104.245819][ T5833] usb 4-1: USB disconnect, device number 3 [ 104.329799][ T6521] loop1: detected capacity change from 0 to 256 [ 104.331180][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 104.377785][ T6521] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 104.423542][ T6521] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 104.568316][ T6525] warning: `syz.2.212' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 104.608737][ T6527] netlink: 48 bytes leftover after parsing attributes in process `syz.1.213'. [ 105.207066][ T6551] netlink: 24 bytes leftover after parsing attributes in process `syz.2.223'. [ 105.468236][ T6559] loop2: detected capacity change from 0 to 256 [ 105.486732][ T6559] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 105.507837][ T6559] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 105.507863][ T6559] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 105.507873][ T6559] UDF-fs: Scanning with blocksize 512 failed [ 105.517800][ T6559] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 105.540960][ T6559] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 105.570343][ T6537] loop1: detected capacity change from 0 to 32768 [ 105.579979][ T6537] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.217 (6537) [ 105.595063][ T6537] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.595174][ T6537] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 105.595243][ T6537] BTRFS info (device loop1): using free space tree [ 105.783648][ T6537] BTRFS info (device loop1): enabling ssd optimizations [ 105.783672][ T6537] BTRFS info (device loop1): auto enabling async discard [ 105.953367][ T5785] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.979137][ T6581] loop2: detected capacity change from 0 to 256 [ 106.052861][ T6581] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 106.181989][ T6581] exFAT-fs (loop2): error, invalid size(size(1) > aligned(9223372036854777344) [ 106.181989][ T6581] [ 106.225561][ T6581] exFAT-fs (loop2): Filesystem has been set read-only [ 106.280176][ T6585] exFAT-fs (loop2): error, invalid size(size(61) > aligned(9223372036854777344) [ 106.280176][ T6585] [ 106.564830][ T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 106.572158][ T6594] loop0: detected capacity change from 0 to 512 [ 106.633028][ T6594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.673363][ T6594] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.739461][ T6594] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 106.759891][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 106.803054][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.815747][ T6594] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 106.831466][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.841935][ T6594] EXT4-fs (loop0): This should not happen!! Data will be lost [ 106.841935][ T6594] [ 106.852288][ T6594] EXT4-fs (loop0): Total free blocks count 0 [ 106.859102][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.872214][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.875017][ T6594] EXT4-fs (loop0): Free/Dirty block details [ 106.884008][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.892880][ T6594] EXT4-fs (loop0): free_blocks=65280 [ 106.900302][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.906485][ T6594] EXT4-fs (loop0): dirty_blocks=33 [ 106.921898][ T6594] EXT4-fs (loop0): Block reservation details [ 106.927027][ T8] usb 2-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 106.932555][ T6594] EXT4-fs (loop0): i_reserved_data_blocks=33 [ 106.956816][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.987544][ T8] usb 2-1: config 0 descriptor?? [ 107.032657][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.412107][ T8] hid (null): global environment stack underflow [ 107.419819][ T8] hid (null): report_id 2137119405 is invalid [ 107.433374][ T8] kye 0003:0458:5016.0002: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 107.448270][ T8] kye 0003:0458:5016.0002: unknown main item tag 0x0 [ 107.455652][ T8] kye 0003:0458:5016.0002: global environment stack underflow [ 107.463278][ T8] kye 0003:0458:5016.0002: item 0 2 1 11 parsing failed [ 107.471116][ T8] kye 0003:0458:5016.0002: parse failed [ 107.478249][ T8] kye: probe of 0003:0458:5016.0002 failed with error -22 [ 107.580147][ T6625] loop2: detected capacity change from 0 to 256 [ 107.587660][ T6625] exfat: Deprecated parameter 'utf8' [ 107.602054][ T6625] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6efbb19, utbl_chksum : 0xe619d30d) [ 107.641875][ T8] usb 2-1: USB disconnect, device number 5 [ 108.119202][ T6641] netlink: 'syz.3.255': attribute type 4 has an invalid length. [ 108.331446][ T6647] loop3: detected capacity change from 0 to 1024 [ 108.347536][ T6647] EXT4-fs: Ignoring removed orlov option [ 108.406570][ T6647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.477508][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 108.477522][ T28] audit: type=1800 audit(1762123222.233:18): pid=6647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.257" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 108.576822][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.694033][ T6661] capability: warning: `syz.3.262' uses deprecated v2 capabilities in a way that may be insecure [ 108.832137][ T6639] loop0: detected capacity change from 0 to 32768 [ 108.915271][ T6639] JBD2: Ignoring recovery information on journal [ 108.989156][ T6639] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 109.051397][ T6671] syzkaller1: entered promiscuous mode [ 109.095488][ T6671] syzkaller1: entered allmulticast mode [ 109.192505][ T5787] ocfs2: Unmounting device (7,0) on (node local) [ 109.934912][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 109.994356][ T6696] loop2: detected capacity change from 0 to 32768 [ 110.015918][ T6696] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 110.037686][ T6696] [ 110.040049][ T6696] ====================================================== [ 110.047078][ T6696] WARNING: possible circular locking dependency detected [ 110.054118][ T6696] syzkaller #0 Not tainted [ 110.058544][ T6696] ------------------------------------------------------ [ 110.065567][ T6696] syz.2.275/6696 is trying to acquire lock: [ 110.071464][ T6696] ffff88805ecfdf58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}, at: ocfs2_xattr_set+0xada/0x11f0 [ 110.083671][ T6696] [ 110.083671][ T6696] but task is already holding lock: [ 110.091029][ T6696] ffff88805bc406f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0 [ 110.100524][ T6696] [ 110.100524][ T6696] which lock already depends on the new lock. [ 110.100524][ T6696] [ 110.110918][ T6696] [ 110.110918][ T6696] the existing dependency chain (in reverse order) is: [ 110.114832][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 110.119906][ T6696] [ 110.119906][ T6696] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 110.119937][ T6696] down_read+0x46/0x2e0 [ 110.129572][ T8] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 110.132866][ T6696] ocfs2_init_acl+0x2fa/0x720 [ 110.132899][ T6696] ocfs2_mknod+0x12e5/0x20f0 [ 110.132916][ T6696] ocfs2_create+0x196/0x410 [ 110.137867][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.146600][ T6696] path_openat+0x1277/0x3190 [ 110.146631][ T6696] do_filp_open+0x1c5/0x3d0 [ 110.146651][ T6696] do_sys_openat2+0x12c/0x1c0 [ 110.146666][ T6696] __x64_sys_openat+0x139/0x160 [ 110.146688][ T6696] do_syscall_64+0x55/0xb0 [ 110.146708][ T6696] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.146724][ T6696] [ 110.146724][ T6696] -> #1 (jbd2_handle){++++}-{0:0}: [ 110.146753][ T6696] jbd2_journal_lock_updates+0xab/0x380 [ 110.146769][ T6696] __ocfs2_flush_truncate_log+0x2b8/0x10b0 [ 110.146787][ T6696] ocfs2_flush_truncate_log+0x4f/0x60 [ 110.146804][ T6696] ocfs2_sync_fs+0x117/0x310 [ 110.168050][ T8] pvrusb2: Hardware description: Terratec Grabster AV400 [ 110.170329][ T6696] sync_filesystem+0x1c2/0x220 [ 110.170361][ T6696] generic_shutdown_super+0x6f/0x2b0 [ 110.181777][ T8] pvrusb2: ********** [ 110.185666][ T6696] kill_block_super+0x44/0x90 [ 110.185690][ T6696] deactivate_locked_super+0x97/0x100 [ 110.185711][ T6696] cleanup_mnt+0x429/0x4c0 [ 110.185725][ T6696] task_work_run+0x1ce/0x250 [ 110.185744][ T6696] exit_to_user_mode_loop+0xe6/0x110 [ 110.185764][ T6696] exit_to_user_mode_prepare+0xf6/0x180 [ 110.185783][ T6696] syscall_exit_to_user_mode+0x1a/0x50 [ 110.185798][ T6696] do_syscall_64+0x61/0xb0 [ 110.185819][ T6696] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.185837][ T6696] [ 110.185837][ T6696] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8){+.+.}-{3:3}: [ 110.185872][ T6696] __lock_acquire+0x2ddb/0x7c80 [ 110.185889][ T6696] lock_acquire+0x197/0x410 [ 110.185903][ T6696] down_write+0x97/0x1f0 [ 110.194781][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 110.196370][ T6696] ocfs2_xattr_set+0xada/0x11f0 [ 110.196398][ T6696] __vfs_setxattr+0x431/0x470 [ 110.196416][ T6696] __vfs_setxattr_noperm+0x12d/0x5e0 [ 110.196433][ T6696] vfs_setxattr+0x16c/0x2f0 [ 110.196450][ T6696] path_setxattr+0x362/0x550 [ 110.196471][ T6696] __x64_sys_setxattr+0xbb/0xd0 [ 110.196489][ T6696] do_syscall_64+0x55/0xb0 [ 110.196510][ T6696] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.196528][ T6696] [ 110.196528][ T6696] other info that might help us debug this: [ 110.196528][ T6696] [ 110.196534][ T6696] Chain exists of: [ 110.196534][ T6696] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#8 --> jbd2_handle --> &oi->ip_xattr_sem [ 110.196534][ T6696] [ 110.196574][ T6696] Possible unsafe locking scenario: [ 110.196574][ T6696] [ 110.196579][ T6696] CPU0 CPU1 [ 110.196584][ T6696] ---- ---- [ 110.196588][ T6696] lock(&oi->ip_xattr_sem); [ 110.196601][ T6696] lock(jbd2_handle); [ 110.196613][ T6696] lock(&oi->ip_xattr_sem); [ 110.196626][ T6696] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type] [ 110.203384][ T8] pvrusb2: Important functionality might not be entirely working. [ 110.210276][ T6696] #8); [ 110.210290][ T6696] [ 110.210290][ T6696] *** DEADLOCK *** [ 110.210290][ T6696] [ 110.210295][ T6696] 3 locks held by syz.2.275/6696: [ 110.210305][ T6696] #0: ffff88802303c418 (sb_writers#19){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 110.210359][ T6696] #1: ffff88805bc409d8 (&sb->s_type->i_mutex_key#26){+.+.}-{3:3}, at: vfs_setxattr+0x145/0x2f0 [ 110.210409][ T6696] #2: ffff88805bc406f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0 [ 110.210457][ T6696] [ 110.210457][ T6696] stack backtrace: [ 110.210480][ T6696] CPU: 1 PID: 6696 Comm: syz.2.275 Not tainted syzkaller #0 [ 110.210495][ T6696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 110.210509][ T6696] Call Trace: [ 110.210516][ T6696] [ 110.210527][ T6696] dump_stack_lvl+0x16c/0x230 [ 110.221645][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 110.222869][ T6696] ? load_image+0x3b0/0x3b0 [ 110.222894][ T6696] ? show_regs_print_info+0x20/0x20 [ 110.229211][ T8] pvrusb2: ********** [ 110.233849][ T6696] ? print_circular_bug+0x12b/0x1a0 [ 110.364531][ T2317] pvrusb2: Invalid write control endpoint [ 110.369004][ T6696] check_noncircular+0x2bd/0x3c0 [ 110.369030][ T6696] ? look_up_lock_class+0x75/0x140 [ 110.369055][ T6696] ? print_deadlock_bug+0x5d0/0x5d0 [ 110.369073][ T6696] ? lockdep_lock+0xe0/0x220 [ 110.369091][ T6696] ? lockdep_unlock+0x137/0x2d0 [ 110.369109][ T6696] ? _find_first_zero_bit+0xd3/0x100 [ 110.369137][ T6696] __lock_acquire+0x2ddb/0x7c80 [ 110.369168][ T6696] ? verify_lock_unused+0x140/0x140 [ 110.369186][ T6696] ? stack_trace_save+0x9c/0xe0 [ 110.369216][ T6696] lock_acquire+0x197/0x410 [ 110.369234][ T6696] ? ocfs2_xattr_set+0xada/0x11f0 [ 110.369257][ T6696] ? __might_sleep+0xe0/0xe0 [ 110.430444][ T2317] pvrusb2: Invalid write control endpoint [ 110.434797][ T6696] ? read_lock_is_recursive+0x20/0x20 [ 110.434822][ T6696] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 110.434842][ T6696] ? ocfs2_xattr_block_find+0x154/0x4c0 [ 110.434863][ T6696] down_write+0x97/0x1f0 [ 110.434888][ T6696] ? ocfs2_xattr_set+0xada/0x11f0 [ 110.434908][ T6696] ? down_read_killable+0x340/0x340 [ 110.434933][ T6696] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 110.434959][ T6696] ocfs2_xattr_set+0xada/0x11f0 [ 110.434990][ T6696] ? __ocfs2_xattr_set_handle+0xf10/0xf10 [ 110.435013][ T6696] ? __lock_acquire+0x1334/0x7c80 [ 110.448243][ T2317] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 110.448772][ T6696] ? verify_lock_unused+0x140/0x140 [ 110.459104][ T2317] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 110.463565][ T6696] ? aa_get_newest_label+0xf8/0x5c0 [ 110.466533][ T2317] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 110.474389][ T6696] ? end_current_label_crit_section+0x170/0x170 [ 110.474420][ T6696] ? posix_xattr_acl+0x93/0xb0 [ 110.482492][ T2317] pvrusb2: Device being rendered inoperable [ 110.488624][ T6696] ? evm_protect_xattr+0x36d/0x7a0 [ 110.488653][ T6696] ? ocfs2_xattr_trusted_get+0x40/0x40 [ 110.488674][ T6696] __vfs_setxattr+0x431/0x470 [ 110.488700][ T6696] __vfs_setxattr_noperm+0x12d/0x5e0 [ 110.502566][ T2317] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 110.508938][ T6696] vfs_setxattr+0x16c/0x2f0 [ 110.508966][ T6696] ? xattr_permission+0x470/0x470 [ 110.508985][ T6696] ? __mnt_want_write+0x223/0x2a0 [ 110.516603][ T2317] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 110.522120][ T6696] ? path_setxattr+0x314/0x550 [ 110.539728][ T2317] pvrusb2: Attached sub-driver cx25840 [ 110.543744][ T6696] path_setxattr+0x362/0x550 [ 110.543778][ T6696] ? simple_xattrs_free+0x150/0x150 [ 110.543810][ T6696] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 110.560029][ T2317] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 110.562324][ T6696] ? lock_chain_count+0x20/0x20 [ 110.562353][ T6696] __x64_sys_setxattr+0xbb/0xd0 [ 110.587303][ T5833] usb 2-1: USB disconnect, device number 6 [ 110.588755][ T2317] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 110.592420][ T6696] do_syscall_64+0x55/0xb0 [ 110.592449][ T6696] ? clear_bhb_loop+0x40/0x90 [ 110.876796][ T6696] ? clear_bhb_loop+0x40/0x90 [ 110.881462][ T6696] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 110.887357][ T6696] RIP: 0033:0x7fab39b8efc9 [ 110.891767][ T6696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.911416][ T6696] RSP: 002b:00007fab3ab09038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 110.919843][ T6696] RAX: ffffffffffffffda RBX: 00007fab39de5fa0 RCX: 00007fab39b8efc9 [ 110.927891][ T6696] RDX: 0000200000001400 RSI: 0000200000000240 RDI: 00002000000001c0 [ 110.935858][ T6696] RBP: 00007fab39c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 110.943831][ T6696] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000 [ 110.951801][ T6696] R13: 00007fab39de6038 R14: 00007fab39de5fa0 R15: 00007ffe203bf0b8 [ 110.959797][ T6696] [ 110.986458][ T5784] ocfs2: Unmounting device (7,2) on (node local) [ 111.814827][ T6691] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 111.814860][ T5794] Bluetooth: hci0: command 0x0c1a tx timeout [ 112.632377][ T6691] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.639106][ T6691] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 112.647042][ T6691] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 112.653540][ T6691] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.660164][ T6691] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 112.667151][ T6691] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 112.673134][ T6691] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.679829][ T6691] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.686487][ T6691] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 112.692461][ T6691] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 112.701086][ T6691] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 113.894894][ T5794] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.694873][ T5794] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.694879][ T5793] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.764841][ T5793] Bluetooth: hci3: command 0x0c1a tx timeout [ 115.974819][ T5793] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.764893][ T5794] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.770967][ T5793] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.844943][ T5793] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.844879][ T5793] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.846523][ T5794] Bluetooth: hci1: command 0x0c1a tx timeout [ 118.924805][ T5794] Bluetooth: hci3: command 0x0c1a tx timeout