last executing test programs: 7.207169789s ago: executing program 0 (id=409): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) listen(r0, 0x3) r1 = accept4(r0, 0x0, 0x0, 0x800) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 6.274968359s ago: executing program 0 (id=413): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_ENCAP_SPORT={0x6}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x4c}}, 0x0) 6.15455301s ago: executing program 0 (id=414): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000001480)=[{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000100)="2d9690343538", 0x6}, {&(0x7f0000000580)="b26797cb59793e07c5ad13380e52776acffb2a0d4aae8c6244619b57b84c5955719b", 0x22}], 0x2, 0x0, 0x0, 0x20040004}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/156, 0x9c}], 0x1}}], 0x1, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 5.981357507s ago: executing program 0 (id=417): ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x4, "d2c4924d08b1e00000000000000000f3f70000000400000000fcff00"}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000010) r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040)) 2.873998385s ago: executing program 0 (id=439): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15", 0x4) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) io_setup(0xff, &(0x7f0000000380)=0x0) sendmmsg$alg(r1, &(0x7f0000002dc0)=[{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)='L*', 0x2}], 0x1}], 0x1, 0x0) io_submit(r2, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}]) 2.602338691s ago: executing program 0 (id=442): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000540)={{0x12, 0x1, 0x0, 0xe4, 0x7a, 0x8a, 0x40, 0x547, 0x2727, 0xb697, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa6, 0x0, 0x0, 0xa9, 0xab, 0x23}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.610476346s ago: executing program 1 (id=462): syz_emit_ethernet(0x52, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x1c, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x6, "14a48b78"}]}}}}}}}}, 0x0) 1.446662611s ago: executing program 1 (id=464): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x609, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_XMIT_HASH_POLICY={0x5}, @IFLA_BOND_RESEND_IGMP={0x8}]}}}]}, 0x44}}, 0x0) 1.440373202s ago: executing program 2 (id=466): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1c, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 1.372605438s ago: executing program 2 (id=467): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="14000000130001ffffff7f8cd913e90002"], 0x14}], 0x1}, 0x0) 1.259769429s ago: executing program 2 (id=469): capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) modify_ldt$write(0x1, &(0x7f0000000040)={0xc}, 0x10) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.098462865s ago: executing program 1 (id=471): r0 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bridge_slave_0\x00', 0x0}) r2 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) sendmsg$can_raw(r2, &(0x7f00000004c0)={&(0x7f00000005c0)={0x1d, r1}, 0x10, &(0x7f0000000500)={&(0x7f00000000c0)=@can={{}, 0xff, 0x0, 0x4, 0x0, '\b-\x00'}, 0x10}}, 0x0) 1.063707538s ago: executing program 2 (id=473): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001100)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e81, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086e81, &(0x7f00000000c0)={@desc={0x1, 0x0, @desc4}}) 1.005369044s ago: executing program 1 (id=474): syz_emit_ethernet(0x3e, &(0x7f0000000780)={@link_local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xfffffffe, @broadcast}, @dest_unreach={0x3, 0xd, 0x0, 0x0, 0x7, 0x5, {0x5, 0x4, 0x3, 0x3, 0x6009, 0x67, 0x98, 0x9, 0x0, 0x9, @broadcast, @loopback}}}}}}, 0x0) 834.58434ms ago: executing program 2 (id=476): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000002c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@dioread_lock}, {@norecovery}, {@abort}, {@lazytime}, {@noload}, {@nojournal_checksum}, {@oldalloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNFlGk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvedNmatFmXrZn5fOC259x703NPzv2enpOTkACG1mT2oxDxakR8m0Qcajs2GvnByfXz1h5cm8u2JBqNz/5KIsn3tc5P8t/jeeaViPjt64gThc3l1lZWF0vlcrqU56fqlctTtZXVkxcrpYV0Ib00Mzt7+p3Zmfffe7dvdX3z3D8/fHrno9PfHFv7/pd7h28lcSYO5sfa6/EUrrdnJmMyf07G4sxjJ073obBBkuz2BbAjI3mcj0XWBxyKkTzqgf+/ryKiAQypRPzDkGqNA1pz+z7Ng18Y9z9cnwBtrv/o+msjsa85NzqwljwyM8rmuxN9KD8r49c/b9/Ktujf6xAA27p+IyJOjY5u7v+SvP/buVM9nPN4Gfo/eH7uZOOftzqNfwob45/oMP4Z7xC7O7F9/Bfu9aGYrrLx3wcdx78bi1YTI3nupeaYbyy5cLGcZn3byxFxPMb2Zvmt1nNOr91tdDvWPv7Ltqz81lgwv457o3sffcx8qV56mjq3u38j4rWO499ko/2TDu2fPR/neizjaHr79W7Htq//s9X4OeKNju3/cEUr2Xp9cqp5P0y17orN/r559Pdu5e92/bP2P7B1/SeS9vXa2pOX8dO+f9Nux3Z6/+9JPm+m9+T7rpbq9aXpiD3JJ5v3zzx8bCvfOj+r//FjW/d/ne7//RHxRY/1v3nkZtdTB6H955+o/Z88cffjL3/sVn5v7f92M3U839NL/9frBT7NcwcAAAAAAACDphARByMpFDfShUKxuP7+jiNxoFCu1uonLlSXL81H87OyEzFWaK10j7e9H2I6fz9sKz/zWH42Ig5HxHcj+5v54ly1PL/blQcAAAAAAAAAAAAAAAAAAIABMd7l8/+ZP0Z2++qAZ85XfsPw2jb++/FNT8BA8v8fhpf4h+El/mF4iX8YXuIfhpf4h+El/mF4iX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq3Nnz2ZbY+3BtbksP39lZXmxeuXkfFpbLFaW54pz1aXLxYVqdaGcFueqle3+XrlavTw9E8tXp+pprT5VW1k9X6kuX6qfv1gpLaTn07HnUisAAAAAAAAAAAAAAAAAAAB4sdRWVhdL5XK6JCGxo8ToYFyGRJ8Tu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/wUAAP//y284sw==") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x4c37e, 0x0) fallocate(r1, 0x0, 0x0, 0x9000f4) write$cgroup_int(r0, &(0x7f0000000000)=0x2, 0x12) r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x10, 0x5, 0x1b7c) 809.302102ms ago: executing program 1 (id=477): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) recvmmsg(r0, &(0x7f0000001580)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000001340)=""/188, 0xbc}], 0x1}}], 0x2, 0x10122, 0x0) 721.001781ms ago: executing program 3 (id=478): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x2d, 0x4000000, @val=@netfilter={0x2, 0x0, 0xfffffed4, 0x2000000}}, 0x40) 662.612757ms ago: executing program 1 (id=479): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000001a80)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,iocharset=macgreek,iocharset=cp775,integrity,nodiscard,noquota,uid=', @ANYRESHEX=0xee01, @ANYBLOB], 0x24, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo") chdir(&(0x7f0000000140)='./file0\x00') creat(&(0x7f00000002c0)='./file0\x00', 0x0) open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0) 600.803893ms ago: executing program 3 (id=480): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000900), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1000, &(0x7f0000000600)={0xffffffffffffffff}, 0x106, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x2b, @loopback}, r1}}, 0x30) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000080)={0x1, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18) 477.599474ms ago: executing program 3 (id=481): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r0, 0xe0ffff, 0x4101, 0x3) 234.639948ms ago: executing program 2 (id=482): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3a616dc4010203010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 182.768933ms ago: executing program 3 (id=483): r0 = io_uring_setup(0x10, &(0x7f0000001240)={0x0, 0x3eda, 0x40, 0x1, 0x167}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000002ac0)={0x1, 0x1, 0x0, &(0x7f0000002a00)=[{0x0}], 0x0}, 0x20) 70.109773ms ago: executing program 3 (id=484): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x80000002}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_LIMIT_BURST={0x8, 0x3, 0x1, 0x0, 0x2}]}}}]}]}], {0x14}}, 0xd0}}, 0x0) 0s ago: executing program 3 (id=485): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0x5) io_setup(0x3, &(0x7f00000000c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000200)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000700)='9', 0x1}]) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240)=0x3) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.240' (ED25519) to the list of known hosts. syzkaller login: [ 63.539523][ T5756] cgroup: Unknown subsys name 'net' [ 63.688839][ T5756] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 65.123219][ T5756] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 67.266284][ T5769] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.291875][ T5775] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.300123][ T5775] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.308246][ T5775] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.317080][ T5774] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.321066][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.324525][ T5774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.339158][ T5777] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.340802][ T5774] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.347748][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.354076][ T5774] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.361983][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.368027][ T5774] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.374994][ T5777] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.382758][ T5774] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.390181][ T5777] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.396876][ T5774] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.403093][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.409580][ T5774] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.416580][ T5777] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.430650][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.438423][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.443958][ T5774] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.453243][ T5774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.878660][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 67.912050][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 67.998952][ T5767] chnl_net:caif_netlink_parms(): no params data found [ 68.026266][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 68.110610][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.117860][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.126106][ T5772] bridge_slave_0: entered allmulticast mode [ 68.133234][ T5772] bridge_slave_0: entered promiscuous mode [ 68.168982][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.176325][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.183928][ T5772] bridge_slave_1: entered allmulticast mode [ 68.190558][ T5772] bridge_slave_1: entered promiscuous mode [ 68.198219][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.205533][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.212658][ T5770] bridge_slave_0: entered allmulticast mode [ 68.219861][ T5770] bridge_slave_0: entered promiscuous mode [ 68.263221][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.270339][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.277809][ T5770] bridge_slave_1: entered allmulticast mode [ 68.284833][ T5770] bridge_slave_1: entered promiscuous mode [ 68.310241][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.317626][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.324838][ T5767] bridge_slave_0: entered allmulticast mode [ 68.331478][ T5767] bridge_slave_0: entered promiscuous mode [ 68.357991][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.365263][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.372602][ T5766] bridge_slave_0: entered allmulticast mode [ 68.379895][ T5766] bridge_slave_0: entered promiscuous mode [ 68.386971][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.396594][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.404607][ T5767] bridge_slave_1: entered allmulticast mode [ 68.411227][ T5767] bridge_slave_1: entered promiscuous mode [ 68.430636][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.443286][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.454989][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.467514][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.477355][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.484837][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.491965][ T5766] bridge_slave_1: entered allmulticast mode [ 68.498881][ T5766] bridge_slave_1: entered promiscuous mode [ 68.565967][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.578994][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.594609][ T5772] team0: Port device team_slave_0 added [ 68.603443][ T5770] team0: Port device team_slave_0 added [ 68.610849][ T5770] team0: Port device team_slave_1 added [ 68.636153][ T5772] team0: Port device team_slave_1 added [ 68.660963][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.673610][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.706910][ T5767] team0: Port device team_slave_0 added [ 68.715878][ T5767] team0: Port device team_slave_1 added [ 68.740162][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.747321][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.773736][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.806996][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.814341][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.840532][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.861821][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.868886][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.894844][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.918802][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.926257][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.952167][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.965965][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.972955][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.998889][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.010583][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.017589][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.048459][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.062625][ T5766] team0: Port device team_slave_0 added [ 69.071200][ T5766] team0: Port device team_slave_1 added [ 69.109910][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.117031][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.143379][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.156064][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.163275][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.189872][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.241345][ T5772] hsr_slave_0: entered promiscuous mode [ 69.248083][ T5772] hsr_slave_1: entered promiscuous mode [ 69.290594][ T5770] hsr_slave_0: entered promiscuous mode [ 69.297121][ T5770] hsr_slave_1: entered promiscuous mode [ 69.303456][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.311185][ T5770] Cannot create hsr debugfs directory [ 69.331486][ T5767] hsr_slave_0: entered promiscuous mode [ 69.339771][ T5767] hsr_slave_1: entered promiscuous mode [ 69.346101][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.353770][ T5767] Cannot create hsr debugfs directory [ 69.381398][ T5766] hsr_slave_0: entered promiscuous mode [ 69.390188][ T5766] hsr_slave_1: entered promiscuous mode [ 69.396249][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 69.404493][ T5766] Cannot create hsr debugfs directory [ 69.443651][ T5782] Bluetooth: hci3: command tx timeout [ 69.523672][ T5782] Bluetooth: hci0: command tx timeout [ 69.529383][ T5782] Bluetooth: hci2: command tx timeout [ 69.535437][ T5781] Bluetooth: hci1: command tx timeout [ 69.757096][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.769862][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.780935][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.790821][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.854522][ T5766] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.870667][ T5766] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.880889][ T5766] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.895948][ T5766] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 70.013676][ T5767] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.023792][ T5767] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.036311][ T5767] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.046260][ T5767] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.113247][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.131738][ T5770] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.153083][ T5770] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.162747][ T5770] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.173662][ T5770] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 70.210328][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.234430][ T2924] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.241646][ T2924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.259588][ T2977] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.266775][ T2977] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.322135][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.385039][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.402634][ T5772] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 70.415647][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.440659][ T2924] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.447812][ T2924] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.471684][ T2924] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.479066][ T2924] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.541942][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.571484][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 70.624839][ T5767] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.653396][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.679039][ T2951] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.686213][ T2951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.705041][ T2951] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.712178][ T2951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.754201][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.761335][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.798365][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.805557][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.846365][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.999589][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.044906][ T5772] veth0_vlan: entered promiscuous mode [ 71.091864][ T5772] veth1_vlan: entered promiscuous mode [ 71.184923][ T5772] veth0_macvtap: entered promiscuous mode [ 71.207533][ T5772] veth1_macvtap: entered promiscuous mode [ 71.245703][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.267700][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.298769][ T5766] veth0_vlan: entered promiscuous mode [ 71.316320][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.338556][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.348835][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.358710][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.369416][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.378308][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.409073][ T5766] veth1_vlan: entered promiscuous mode [ 71.465760][ T5767] veth0_vlan: entered promiscuous mode [ 71.521613][ T5767] veth1_vlan: entered promiscuous mode [ 71.528765][ T5782] Bluetooth: hci3: command tx timeout [ 71.538995][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.547286][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.552235][ T5770] veth0_vlan: entered promiscuous mode [ 71.591856][ T5770] veth1_vlan: entered promiscuous mode [ 71.603486][ T5782] Bluetooth: hci0: command tx timeout [ 71.608920][ T5782] Bluetooth: hci2: command tx timeout [ 71.609451][ T5766] veth0_macvtap: entered promiscuous mode [ 71.614476][ T5781] Bluetooth: hci1: command tx timeout [ 71.624326][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.637738][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.680780][ T5766] veth1_macvtap: entered promiscuous mode [ 71.694752][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.696473][ T5767] veth0_macvtap: entered promiscuous mode [ 71.702575][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.744996][ T5767] veth1_macvtap: entered promiscuous mode [ 71.759431][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.770392][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.800951][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.812428][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.823238][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.834881][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.855097][ T5770] veth0_macvtap: entered promiscuous mode [ 71.886017][ T5766] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.904923][ T5766] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.914670][ T5766] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.923784][ T5766] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.926365][ T5859] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.937780][ T5770] veth1_macvtap: entered promiscuous mode [ 71.968542][ T5859] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.992329][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.004417][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.015493][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.026251][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.037608][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.046122][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.057000][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.066923][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.077524][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.089471][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.100203][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.113333][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.128570][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.139280][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.157239][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.168327][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.184239][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.220531][ T5767] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.229744][ T5767] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.238719][ T5767] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.248905][ T5767] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.277967][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.290574][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.301448][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.312562][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.322493][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.344208][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.371126][ T5865] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 72.373563][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.416908][ T5770] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.429815][ T5770] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.439012][ T5770] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.451980][ T5770] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.496883][ T3518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.530241][ T3518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.604951][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.629648][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.690881][ T3518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.705027][ T3518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.743620][ T3518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.751711][ T3518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.830962][ T2977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.872820][ T2977] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.917492][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.942168][ T5872] syz.0.6[5872]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 72.958745][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.603789][ T5782] Bluetooth: hci3: command tx timeout [ 73.684261][ T5782] Bluetooth: hci2: command tx timeout [ 73.689712][ T5782] Bluetooth: hci1: command tx timeout [ 73.695354][ T5781] Bluetooth: hci0: command tx timeout [ 73.769758][ T5872] loop0: detected capacity change from 0 to 32768 [ 73.780788][ T5872] ======================================================= [ 73.780788][ T5872] WARNING: The mand mount option has been deprecated and [ 73.780788][ T5872] and is ignored by this kernel. Remove the mand [ 73.780788][ T5872] option from the mount to silence this warning. [ 73.780788][ T5872] ======================================================= [ 73.863551][ T5872] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 73.937721][ T5881] loop1: detected capacity change from 0 to 32768 [ 74.020997][ T5872] XFS (loop0): Ending clean mount [ 74.074585][ T5872] XFS (loop0): Quotacheck needed: Please wait. [ 74.094422][ T5881] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 74.180433][ T5883] loop3: detected capacity change from 0 to 40427 [ 74.214800][ T5883] F2FS-fs (loop3): invalid crc value [ 74.256638][ T5872] XFS (loop0): Quotacheck: Done. [ 74.290081][ T5883] F2FS-fs (loop3): Found nat_bits in checkpoint [ 74.418756][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 74.509938][ T5883] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 74.533759][ T5772] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 74.625635][ T27] audit: type=1800 audit(1767184165.084:2): pid=5883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 74.788772][ T5770] syz-executor: attempt to access beyond end of device [ 74.788772][ T5770] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 74.834145][ T5770] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 75.683294][ T5782] Bluetooth: hci3: command tx timeout [ 75.763809][ T5782] Bluetooth: hci2: command tx timeout [ 75.769302][ T5781] Bluetooth: hci1: command tx timeout [ 75.769315][ T5769] Bluetooth: hci0: command tx timeout [ 75.977784][ T5926] loop1: detected capacity change from 0 to 32768 [ 75.993292][ T5824] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 76.046054][ T5926] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 76.207404][ T5926] XFS (loop1): Ending clean mount [ 76.229075][ T5926] XFS (loop1): Quotacheck needed: Please wait. [ 76.232851][ T5824] usb 4-1: Using ep0 maxpacket: 8 [ 76.242369][ T5928] loop0: detected capacity change from 0 to 40427 [ 76.278600][ T5824] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 76.291715][ T5824] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 76.307343][ T5928] F2FS-fs (loop0): invalid crc value [ 76.317040][ T5824] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2 [ 76.319434][ T5926] XFS (loop1): Quotacheck: Done. [ 76.348869][ T5928] F2FS-fs (loop0): Found nat_bits in checkpoint [ 76.349477][ T5824] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.418355][ T5824] usb 4-1: Product: syz [ 76.424775][ T5824] usb 4-1: Manufacturer: syz [ 76.430428][ T5928] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 76.441076][ T5824] usb 4-1: SerialNumber: syz [ 76.470173][ T5766] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 76.475301][ T27] audit: type=1800 audit(1767184166.934:3): pid=5928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 76.481736][ T5824] usb 4-1: config 0 descriptor?? [ 76.583322][ T5772] syz-executor: attempt to access beyond end of device [ 76.583322][ T5772] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 76.597446][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 76.613454][ T5772] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 76.792866][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 76.799889][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 76.825168][ T9] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 76.836855][ T9] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 76.859193][ T9] usb 3-1: Product: syz [ 76.875596][ T9] usb 3-1: Manufacturer: syz [ 76.880222][ T9] usb 3-1: SerialNumber: syz [ 76.904097][ T9] usb 3-1: config 0 descriptor?? [ 76.910479][ T5941] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 77.139757][ T5824] usb 3-1: USB disconnect, device number 2 [ 77.148478][ T5950] loop1: detected capacity change from 0 to 512 [ 77.198615][ T5950] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 77.225624][ T5758] usb 4-1: USB disconnect, device number 2 [ 77.277405][ T5950] overlayfs: invalid origin (0000007900c512573a4b76defd7b77561fdcbbb39a44bbfde6df933c3d3b165d7932cf14d72c47c4d7be1cf1) [ 77.668552][ T5956] loop0: detected capacity change from 0 to 2048 [ 77.698865][ T5956] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 77.762885][ T5957] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 78.047704][ T5952] loop1: detected capacity change from 0 to 32768 [ 78.128292][ T5952] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 78.362965][ T5952] XFS (loop1): Ending clean mount [ 78.381755][ T5952] XFS (loop1): Quotacheck needed: Please wait. [ 78.478876][ T5952] XFS (loop1): Quotacheck: Done. [ 78.687960][ T5965] loop2: detected capacity change from 0 to 32768 [ 78.689387][ T5766] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 78.761400][ T5965] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 79.053899][ T5965] XFS (loop2): Ending clean mount [ 79.089461][ T5965] XFS (loop2): Quotacheck needed: Please wait. [ 79.089709][ T5971] loop3: detected capacity change from 0 to 40427 [ 79.152477][ T5971] F2FS-fs (loop3): invalid crc value [ 79.187610][ T5971] F2FS-fs (loop3): Found nat_bits in checkpoint [ 79.197092][ T5965] XFS (loop2): Quotacheck: Done. [ 79.356214][ T5971] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 79.381488][ T5767] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 79.402481][ T27] audit: type=1800 audit(1767184169.854:4): pid=5971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.34" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 79.501105][ T5770] syz-executor: attempt to access beyond end of device [ 79.501105][ T5770] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 79.530981][ T5770] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 79.966178][ T5824] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 80.164807][ T5824] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.192838][ T5824] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01 [ 80.198409][ T6005] loop0: detected capacity change from 0 to 32768 [ 80.225763][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.254025][ T5824] usb 2-1: config 0 descriptor?? [ 80.287406][ T5824] gspca_main: xirlink-cit-2.14.0 probing 0545:8080 [ 80.297263][ T5824] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input5 [ 80.299532][ T6005] JBD2: Ignoring recovery information on journal [ 80.496314][ T9] usb 2-1: USB disconnect, device number 2 [ 80.536593][ T6005] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 80.699221][ T5772] ocfs2: Unmounting device (7,0) on (node local) [ 81.445188][ T6040] loop3: detected capacity change from 0 to 128 [ 81.493687][ T6040] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 81.521147][ T6040] ext4 filesystem being mounted at /7/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 81.564918][ T6040] EXT4-fs error (device loop3): dx_make_map:1328: inode #2: block 18: comm syz.3.55: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 81.588213][ T6040] EXT4-fs error (device loop3) in do_split:2095: Corrupt filesystem [ 81.652138][ T6025] loop0: detected capacity change from 0 to 40427 [ 81.691074][ T6025] F2FS-fs (loop0): invalid crc value [ 81.717530][ T6025] F2FS-fs (loop0): Found nat_bits in checkpoint [ 81.772318][ T787] cfg80211: failed to load regulatory.db [ 81.842323][ T6025] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 81.888714][ T6025] syz.0.48: attempt to access beyond end of device [ 81.888714][ T6025] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 81.970440][ T5772] syz-executor: attempt to access beyond end of device [ 81.970440][ T5772] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 82.012726][ T5772] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 82.125373][ T6042] loop2: detected capacity change from 0 to 32768 [ 82.169679][ T6042] JBD2: Ignoring recovery information on journal [ 82.186483][ T5770] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.380932][ T6042] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 82.558012][ T5767] ocfs2: Unmounting device (7,2) on (node local) [ 82.753168][ T6057] loop2: detected capacity change from 0 to 2048 [ 82.829050][ T6057] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.946181][ T6052] loop1: detected capacity change from 0 to 32768 [ 82.959422][ T6057] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.60: bit already cleared for inode 15 [ 83.023230][ T5758] XFS (loop1): Metadata CRC error detected at xfs_sb_read_verify+0x3dd/0x4d0, xfs_sb block 0x0 [ 83.098064][ T5758] XFS (loop1): Unmount and run xfs_repair [ 83.149772][ T5758] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 83.180434][ T5758] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00 XFSB.......... . [ 83.191169][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.213601][ T5758] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 83.242289][ T5758] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 83.261516][ T5758] 00000030: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 24 40 ....... ......$@ [ 83.294028][ T5758] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42 ......$A......$B [ 83.332958][ T5758] 00000050: 00 00 00 02 00 00 20 00 00 00 00 01 00 00 00 00 ...... ......... [ 83.350440][ T5758] 00000060: 00 00 12 00 b4 b5 02 01 00 00 80 02 00 00 00 00 ................ [ 83.373605][ T5758] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32 ...............2 [ 83.402903][ T6052] XFS (loop1): SB validate failed with error -74. [ 84.126750][ T6079] loop0: detected capacity change from 0 to 40427 [ 84.159668][ T6077] loop2: detected capacity change from 0 to 40427 [ 84.163163][ T6079] F2FS-fs (loop0): invalid crc value [ 84.204803][ T6079] F2FS-fs (loop0): Found nat_bits in checkpoint [ 84.239964][ T6077] F2FS-fs (loop2): invalid crc_offset: 16 [ 84.275110][ T6077] F2FS-fs (loop2): Found nat_bits in checkpoint [ 84.412350][ T6077] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 84.445272][ T6079] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 84.467296][ T5819] Process accounting resumed [ 84.494521][ T6077] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=400000, run fsck to fix. [ 84.524404][ T6079] syz.0.65: attempt to access beyond end of device [ 84.524404][ T6079] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 84.703510][ T5772] syz-executor: attempt to access beyond end of device [ 84.703510][ T5772] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 84.728214][ T5772] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 85.105083][ T6091] loop3: detected capacity change from 0 to 32768 [ 85.201505][ T6091] JBD2: Ignoring recovery information on journal [ 85.331474][ T6091] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 85.423368][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.2.74'. [ 85.513532][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 85.556774][ T6109] loop1: detected capacity change from 0 to 2048 [ 85.838215][ T6109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.026437][ T6109] EXT4-fs error (device loop1): ext4_free_inode:356: comm syz.1.73: bit already cleared for inode 15 [ 86.154981][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.666597][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.84'. [ 86.902256][ T6128] loop3: detected capacity change from 0 to 40427 [ 86.946400][ T6128] F2FS-fs (loop3): invalid crc value [ 86.971394][ T6128] F2FS-fs (loop3): Found nat_bits in checkpoint [ 87.080186][ T27] audit: type=1326 audit(1767184177.534:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6152 comm="syz.2.91" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e64b8f749 code=0x0 [ 87.143235][ T6128] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 87.186611][ T6128] syz.3.79: attempt to access beyond end of device [ 87.186611][ T6128] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 87.243322][ T5770] syz-executor: attempt to access beyond end of device [ 87.243322][ T5770] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 87.281898][ T5770] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 87.807575][ T6159] loop2: detected capacity change from 0 to 32768 [ 87.850435][ T6159] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.92 (6159) [ 87.939849][ T6159] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 87.977662][ T6159] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 88.004811][ T6159] BTRFS info (device loop2): using free space tree [ 88.148809][ T6159] BTRFS info (device loop2): enabling ssd optimizations [ 88.179970][ T6159] BTRFS info (device loop2): auto enabling async discard [ 88.238767][ T6186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.96'. [ 88.472552][ T5767] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 88.557429][ T6165] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 88.663314][ T5856] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 88.770120][ T6193] warning: `syz.0.99' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 88.893499][ T5856] usb 4-1: Using ep0 maxpacket: 8 [ 88.917587][ T6197] syz.2.100 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 88.928802][ T5856] usb 4-1: config 16 has an invalid interface number: 54 but max is 0 [ 88.956787][ T5856] usb 4-1: config 16 has no interface number 0 [ 88.972853][ T5856] usb 4-1: config 16 interface 54 has no altsetting 0 [ 88.984824][ T6197] syzkaller1: entered promiscuous mode [ 89.002835][ T5856] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice=86.ce [ 89.011904][ T5856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.020236][ T6197] syzkaller1: entered allmulticast mode [ 89.052061][ T5856] pxrc 4-1:16.54: Could not find endpoint [ 89.257830][ T786] usb 4-1: USB disconnect, device number 3 [ 89.382936][ T6204] netlink: 104 bytes leftover after parsing attributes in process `syz.2.104'. [ 89.572480][ T6210] loop0: detected capacity change from 0 to 1024 [ 89.611078][ T6210] hfsplus: request for non-existent node 40 in B*Tree [ 89.618374][ T6210] hfsplus: request for non-existent node 40 in B*Tree [ 89.820490][ T6216] netlink: 40 bytes leftover after parsing attributes in process `syz.2.110'. [ 90.043003][ T5946] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 90.125240][ T6222] loop2: detected capacity change from 0 to 2048 [ 90.154325][ T6222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.179859][ T5758] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 90.198850][ T6222] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.113: bit already cleared for inode 15 [ 90.235905][ T5946] usb 1-1: unable to get BOS descriptor or descriptor too short [ 90.254262][ T5946] usb 1-1: not running at top speed; connect to a high speed hub [ 90.265559][ T5946] usb 1-1: config 4 has an invalid interface number: 147 but max is 0 [ 90.305976][ T5946] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 90.338958][ T5946] usb 1-1: config 4 has no interface number 0 [ 90.351872][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.370654][ T5946] usb 1-1: string descriptor 0 read error: -22 [ 90.381384][ T5946] usb 1-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 90.394534][ T5758] usb 4-1: Using ep0 maxpacket: 32 [ 90.405197][ T5946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.406443][ T5758] usb 4-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config [ 90.450227][ T5946] usb 1-1: Found UVC 0.00 device (04f2:b746) [ 90.457649][ T5758] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 90.493273][ T5946] usb 1-1: No valid video chain found. [ 90.508280][ T5758] usb 4-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=db.74 [ 90.550119][ T5758] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.561823][ T5758] usb 4-1: Product: syz [ 90.570317][ T5758] usb 4-1: Manufacturer: syz [ 90.576881][ T5758] usb 4-1: SerialNumber: syz [ 90.585853][ T5758] usb 4-1: config 0 descriptor?? [ 90.602680][ T5758] rndis_wlan 4-1:0.0: skipping garbage [ 90.612603][ T5758] rndis_wlan 4-1:0.0: skipping garbage [ 90.632841][ T5758] usb 4-1: bad CDC descriptors [ 90.659147][ T5758] rndis_host 4-1:0.0: skipping garbage [ 90.689668][ T5758] rndis_host 4-1:0.0: skipping garbage [ 90.691754][ T5946] usb 1-1: USB disconnect, device number 2 [ 90.702438][ T5758] usb 4-1: bad CDC descriptors [ 90.717287][ T5758] cdc_acm 4-1:0.0: skipping garbage [ 90.729220][ T5758] cdc_acm 4-1:0.0: skipping garbage [ 90.760238][ T6234] loop2: detected capacity change from 0 to 2048 [ 90.791261][ T6235] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 90.816048][ T5758] usb 4-1: USB disconnect, device number 4 [ 90.940589][ T6235] NILFS (loop2): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 90.952973][ T6235] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=2) [ 90.970999][ T6235] Remounting filesystem read-only [ 90.977438][ T11] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 90.986783][ T11] NILFS (loop2): discard dirty block: blocknr=39, size=1024 [ 90.995081][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.022840][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.031821][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.041049][ T11] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 91.049166][ T11] NILFS (loop2): discard dirty block: blocknr=18, size=1024 [ 91.056934][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.066320][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.075390][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.084483][ T11] NILFS (loop2): discard dirty page: offset=0, ino=5 [ 91.091585][ T11] NILFS (loop2): discard dirty block: blocknr=41, size=1024 [ 91.098945][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.107849][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.116792][ T11] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 91.126787][ T5767] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 91.137051][ T5767] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 91.144441][ T5767] NILFS (loop2): discard dirty block: blocknr=35, size=1024 [ 91.151821][ T5767] NILFS (loop2): discard dirty block: blocknr=36, size=1024 [ 91.159215][ T5767] NILFS (loop2): discard dirty block: blocknr=37, size=1024 [ 91.166565][ T5767] NILFS (loop2): discard dirty block: blocknr=38, size=1024 [ 91.293255][ T5824] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 91.514529][ T5824] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 91.532912][ T5824] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.551080][ T5824] usb 2-1: Product: syz [ 91.562801][ T5824] usb 2-1: Manufacturer: syz [ 91.567460][ T5824] usb 2-1: SerialNumber: syz [ 91.585806][ T5824] usb 2-1: config 0 descriptor?? [ 91.593855][ T5824] ch341 2-1:0.0: ch341-uart converter detected [ 92.321876][ T6262] loop2: detected capacity change from 0 to 1024 [ 92.331930][ T6262] EXT4-fs: Ignoring removed oldalloc option [ 92.347947][ T6262] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 92.385486][ T6262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.498263][ T27] audit: type=1804 audit(1767184182.954:6): pid=6262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.126" name="/newroot/38/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 92.579510][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.609187][ T5824] usb 2-1: failed to send control message: -71 [ 92.639596][ T5824] ch341-uart: probe of ttyUSB0 failed with error -71 [ 92.676147][ T5824] usb 2-1: USB disconnect, device number 3 [ 92.700214][ T5824] ch341 2-1:0.0: device disconnected [ 92.772937][ T6269] loop0: detected capacity change from 0 to 2048 [ 92.825170][ T6269] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.847395][ T6269] EXT4-fs error (device loop0): ext4_free_inode:356: comm syz.0.128: bit already cleared for inode 15 [ 93.014475][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.503397][ T6287] loop1: detected capacity change from 0 to 4096 [ 93.520873][ T6287] ntfs3: Invalid value for dmask. [ 93.543030][ T787] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 93.753991][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.774319][ T787] usb 1-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00 [ 93.789654][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.802527][ T787] usb 1-1: config 0 descriptor?? [ 94.149203][ T6296] loop2: detected capacity change from 0 to 64 [ 94.210314][ T6296] hfs: walked past end of dir [ 94.224202][ T787] apple 0003:05AC:027D.0001: unknown main item tag 0x1 [ 94.248820][ T787] apple 0003:05AC:027D.0001: hidraw0: USB HID vff.ff Device [HID 05ac:027d] on usb-dummy_hcd.0-1/input0 [ 94.430320][ T6285] usb 1-1: USB disconnect, device number 3 [ 94.479227][ T6298] fido_id[6298]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 94.518131][ T6302] loop1: detected capacity change from 0 to 2048 [ 94.566675][ T6302] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.598155][ T6302] EXT4-fs error (device loop1): ext4_free_inode:356: comm syz.1.141: bit already cleared for inode 15 [ 94.700067][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.878321][ T6316] netlink: 'syz.1.145': attribute type 1 has an invalid length. [ 94.886964][ T6316] netlink: 16150 bytes leftover after parsing attributes in process `syz.1.145'. [ 95.189408][ T6314] loop2: detected capacity change from 0 to 40427 [ 95.212600][ T6314] F2FS-fs (loop2): invalid crc value [ 95.240878][ T6314] F2FS-fs (loop2): Found nat_bits in checkpoint [ 95.329689][ T6314] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 95.370898][ T6314] syz.2.146: attempt to access beyond end of device [ 95.370898][ T6314] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 95.444617][ T5767] syz-executor: attempt to access beyond end of device [ 95.444617][ T5767] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 95.473286][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 95.763724][ T6322] loop0: detected capacity change from 0 to 32768 [ 95.867738][ T27] audit: type=1800 audit(1767184186.314:7): pid=6322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.148" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 96.299119][ T6337] loop3: detected capacity change from 0 to 2048 [ 96.414342][ T6337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.488284][ T6337] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.154: bit already cleared for inode 15 [ 96.599132][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.964292][ T6360] loop1: detected capacity change from 0 to 512 [ 97.015740][ T6360] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.160: inode has both inline data and extents flags [ 97.050710][ T6360] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.160: couldn't read orphan inode 15 (err -117) [ 97.069973][ T6360] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.114483][ T6360] EXT4-fs warning (device loop1): ext4_empty_dir:3147: inode #2: comm syz.1.160: directory missing '.' [ 97.241370][ T6351] loop2: detected capacity change from 0 to 40427 [ 97.257143][ T6351] F2FS-fs (loop2): invalid crc value [ 97.263924][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.287393][ T6366] loop3: detected capacity change from 0 to 2048 [ 97.296159][ T6351] F2FS-fs (loop2): Found nat_bits in checkpoint [ 97.383465][ T6366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.400774][ T6351] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 97.441985][ T6374] xt_connbytes: Forcing CT accounting to be enabled [ 97.480620][ T6374] --map-set only usable from mangle table [ 97.492388][ T27] audit: type=1800 audit(1767184187.944:8): pid=6366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.162" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 97.499500][ T6351] syz.2.157: attempt to access beyond end of device [ 97.499500][ T6351] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 97.549969][ T6366] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 97.628135][ T6366] EXT4-fs (loop3): Remounting filesystem read-only [ 97.688519][ T5767] syz-executor: attempt to access beyond end of device [ 97.688519][ T5767] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 97.727487][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.737219][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 97.905840][ T6384] loop3: detected capacity change from 0 to 2048 [ 97.951711][ T6384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.061692][ T6384] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.167: bit already cleared for inode 15 [ 98.184051][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.559696][ T6395] syz.3.172 (6395) used greatest stack depth: 20848 bytes left [ 98.965171][ T6418] loop0: detected capacity change from 0 to 2048 [ 99.018819][ T6418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.123066][ T6418] EXT4-fs error (device loop0): ext4_free_inode:356: comm syz.0.181: bit already cleared for inode 15 [ 99.186676][ T6402] loop1: detected capacity change from 0 to 40427 [ 99.213422][ T6402] F2FS-fs (loop1): invalid crc value [ 99.241207][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.256535][ T6402] F2FS-fs (loop1): Found nat_bits in checkpoint [ 99.412737][ T6402] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 99.464082][ T6402] syz.1.174: attempt to access beyond end of device [ 99.464082][ T6402] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 99.530903][ T6437] loop0: detected capacity change from 0 to 256 [ 99.563215][ T5766] syz-executor: attempt to access beyond end of device [ 99.563215][ T5766] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 99.600201][ T5766] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 99.627599][ T6437] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 99.885286][ T6445] loop0: detected capacity change from 0 to 64 [ 100.007381][ T6445] syz.0.190: attempt to access beyond end of device [ 100.007381][ T6445] loop0: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 100.053063][ T6445] Buffer I/O error on dev loop0, logical block 134217734, lost async page write [ 100.314748][ T6454] loop0: detected capacity change from 0 to 2048 [ 100.392047][ T6454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.480932][ T6454] EXT4-fs error (device loop0): ext4_free_inode:356: comm syz.0.194: bit already cleared for inode 15 [ 100.596104][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.911169][ T6452] loop2: detected capacity change from 0 to 32768 [ 100.947465][ T6452] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 101.080556][ T6467] loop1: detected capacity change from 0 to 40427 [ 101.105710][ T6467] F2FS-fs (loop1): invalid crc value [ 101.134846][ T6452] XFS (loop2): Ending clean mount [ 101.152261][ T6467] F2FS-fs (loop1): Found nat_bits in checkpoint [ 101.175680][ T6452] XFS (loop2): Quotacheck needed: Please wait. [ 101.261775][ T6467] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 101.277201][ T6452] XFS (loop2): Quotacheck: Done. [ 101.352371][ T27] audit: type=1800 audit(1767184191.804:9): pid=6467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.196" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 101.478634][ T5766] syz-executor: attempt to access beyond end of device [ 101.478634][ T5766] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 101.523244][ T5766] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 101.803280][ T5946] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 102.012826][ T5946] usb 3-1: Using ep0 maxpacket: 16 [ 102.080275][ T5946] usb 3-1: config 0 has no interfaces? [ 102.087935][ T5946] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 102.103113][ T5946] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 102.121314][ T5946] usb 3-1: Manufacturer: syz [ 102.152010][ T5946] usb 3-1: config 0 descriptor?? [ 102.171130][ T6494] loop1: detected capacity change from 0 to 4096 [ 102.382151][ T6452] syz.2.193 (6452): drop_caches: 2 [ 102.405603][ T5769] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 102.414793][ T5769] Bluetooth: hci2: Injecting HCI hardware error event [ 102.424094][ T5769] Bluetooth: hci2: hardware error 0x00 [ 102.427853][ T6498] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 102.574557][ T6494] syz.1.202 (6494) used greatest stack depth: 19440 bytes left [ 102.664766][ T5824] usb 3-1: USB disconnect, device number 3 [ 102.836161][ T6499] loop3: detected capacity change from 0 to 32768 [ 102.854176][ T6499] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.204 (6499) [ 102.889619][ T6499] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.900512][ T6499] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 102.912072][ T6499] BTRFS info (device loop3): using free space tree [ 102.962956][ T6499] BTRFS info (device loop3): enabling ssd optimizations [ 102.971002][ T6499] BTRFS info (device loop3): auto enabling async discard [ 103.060177][ T5770] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 103.166569][ T6526] Zero length message leads to an empty skb [ 103.236026][ T5771] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 9 /dev/loop3 scanned by udevd (5771) [ 103.339741][ T6531] veth1_to_team: entered promiscuous mode [ 103.348483][ T6527] veth1_to_team: left promiscuous mode [ 103.516309][ T5767] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.349860][ T6543] loop3: detected capacity change from 0 to 32768 [ 104.418188][ T6543] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 104.482900][ T5769] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 104.534668][ T6545] loop0: detected capacity change from 0 to 32768 [ 104.542334][ T6545] XFS (loop0): no-recovery mounts must be read-only. [ 104.791954][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 104.925122][ T6562] tipc: Started in network mode [ 104.930159][ T6562] tipc: Node identity type_len, cluster identity 4711 [ 104.955929][ T6562] tipc: Enabling of bearer rejected, failed to enable media [ 105.080534][ T6564] loop1: detected capacity change from 0 to 2048 [ 105.173711][ T6564] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.297627][ T6564] EXT4-fs error (device loop1): ext4_free_inode:356: comm syz.1.225: bit already cleared for inode 15 [ 105.426702][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.608527][ T6579] loop3: detected capacity change from 0 to 256 [ 105.646625][ T6579] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 105.761230][ T6569] loop2: detected capacity change from 0 to 40427 [ 105.775373][ T6579] FAT-fs (loop3): Directory bread(block 64) failed [ 105.781959][ T6579] FAT-fs (loop3): Directory bread(block 65) failed [ 105.798169][ T6569] F2FS-fs (loop2): invalid crc value [ 105.806358][ T6579] FAT-fs (loop3): Directory bread(block 66) failed [ 105.817951][ T6569] F2FS-fs (loop2): Found nat_bits in checkpoint [ 105.844391][ T6579] FAT-fs (loop3): Directory bread(block 67) failed [ 105.864119][ T6579] FAT-fs (loop3): Directory bread(block 68) failed [ 105.873274][ T6579] FAT-fs (loop3): Directory bread(block 69) failed [ 105.888402][ T6579] FAT-fs (loop3): Directory bread(block 70) failed [ 105.903236][ T6579] FAT-fs (loop3): Directory bread(block 71) failed [ 105.932274][ T6579] FAT-fs (loop3): Directory bread(block 72) failed [ 105.953735][ T6579] FAT-fs (loop3): Directory bread(block 73) failed [ 105.960395][ T6569] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 105.998340][ T27] audit: type=1800 audit(1767184196.454:10): pid=6569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.210" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 106.061176][ T5767] syz-executor: attempt to access beyond end of device [ 106.061176][ T5767] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 106.122319][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 106.573060][ T6600] loop1: detected capacity change from 0 to 2048 [ 106.639570][ T6600] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.791080][ T6600] EXT4-fs error (device loop1): ext4_free_inode:356: comm syz.1.237: bit already cleared for inode 15 [ 106.954238][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.527293][ T6639] loop2: detected capacity change from 0 to 2048 [ 107.562313][ T6639] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.647745][ T6639] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.254: bit already cleared for inode 15 [ 107.716749][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.771226][ T6610] loop0: detected capacity change from 0 to 40427 [ 107.817736][ T6610] F2FS-fs (loop0): invalid crc value [ 107.846941][ T6610] F2FS-fs (loop0): Found nat_bits in checkpoint [ 107.991373][ T6610] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 108.035710][ T27] audit: type=1800 audit(1767184198.494:11): pid=6610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.240" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 108.097180][ T5772] syz-executor: attempt to access beyond end of device [ 108.097180][ T5772] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 108.132031][ T27] audit: type=1326 audit(1767184198.584:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6629 comm="syz.3.250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79d98f749 code=0x7fc00000 [ 108.138947][ T5772] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 108.457475][ T6669] loop2: detected capacity change from 0 to 2048 [ 108.517691][ T6669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.574081][ T6669] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.266: bit already cleared for inode 15 [ 108.765098][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.152451][ T6660] loop1: detected capacity change from 0 to 40427 [ 109.196038][ T6660] F2FS-fs (loop1): heap/no_heap options were deprecated [ 109.237369][ T6660] F2FS-fs (loop1): invalid crc value [ 109.242715][ T6660] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 109.259906][ T6675] loop3: detected capacity change from 0 to 32768 [ 109.281385][ T6660] F2FS-fs (loop1): Found nat_bits in checkpoint [ 109.352435][ T6675] JBD2: Ignoring recovery information on journal [ 109.498048][ T6675] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 109.515401][ T6660] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 109.740423][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 109.861242][ T6693] netlink: 28 bytes leftover after parsing attributes in process `syz.0.274'. [ 110.180943][ T6701] loop3: detected capacity change from 0 to 2048 [ 110.200081][ T6682] loop2: detected capacity change from 0 to 40427 [ 110.223970][ T6701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.233719][ T6682] F2FS-fs (loop2): invalid crc value [ 110.288755][ T6682] F2FS-fs (loop2): Found nat_bits in checkpoint [ 110.320943][ T6711] lo speed is unknown, defaulting to 1000 [ 110.328242][ T6711] lo speed is unknown, defaulting to 1000 [ 110.339984][ T6711] lo speed is unknown, defaulting to 1000 [ 110.351764][ T6711] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 110.367952][ T6711] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 110.404448][ T6711] lo speed is unknown, defaulting to 1000 [ 110.411772][ T6701] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.278: bit already cleared for inode 15 [ 110.429296][ T6711] lo speed is unknown, defaulting to 1000 [ 110.437454][ T6711] lo speed is unknown, defaulting to 1000 [ 110.450533][ T6711] lo speed is unknown, defaulting to 1000 [ 110.477020][ T6682] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 110.501136][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.540360][ T27] audit: type=1800 audit(1767186267.992:13): pid=6682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.271" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 110.578305][ T5767] syz-executor: attempt to access beyond end of device [ 110.578305][ T5767] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 110.620507][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 110.847182][ T6719] Illegal XDP return value 4294967274 on prog (id 12) dev N/A, expect packet loss! [ 111.267731][ T6731] process 'syz.3.289' launched '/dev/fd/3' with NULL argv: empty string added [ 111.371782][ T6721] loop1: detected capacity change from 0 to 32768 [ 111.395822][ T6721] JBD2: Ignoring recovery information on journal [ 111.406813][ T6733] loop2: detected capacity change from 0 to 2048 [ 111.473335][ T6733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.493494][ T6721] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 111.548687][ T6733] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.290: bit already cleared for inode 15 [ 111.630533][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.653989][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 111.773349][ T5769] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 112.022066][ T6743] loop2: detected capacity change from 0 to 8192 [ 112.097475][ T6743] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 112.146935][ T6743] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 112.158995][ T6736] loop3: detected capacity change from 0 to 40427 [ 112.165540][ T6743] FAT-fs (loop2): Filesystem has been set read-only [ 112.198863][ T6736] F2FS-fs (loop3): invalid crc value [ 112.217547][ T6736] F2FS-fs (loop3): Found nat_bits in checkpoint [ 112.308658][ T6736] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 112.332959][ T5758] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 112.369222][ T27] audit: type=1800 audit(1767186269.822:14): pid=6736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.291" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 112.433292][ T5770] syz-executor: attempt to access beyond end of device [ 112.433292][ T5770] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 112.468010][ T5770] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 112.557025][ T5758] usb 2-1: Using ep0 maxpacket: 32 [ 112.569044][ T5758] usb 2-1: config 0 has an invalid interface number: 190 but max is 0 [ 112.577854][ T5758] usb 2-1: config 0 has no interface number 0 [ 112.593489][ T5758] usb 2-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=b0.11 [ 112.615429][ T5758] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.632894][ T5758] usb 2-1: Product: syz [ 112.643387][ T5758] usb 2-1: Manufacturer: syz [ 112.661268][ T5758] usb 2-1: SerialNumber: syz [ 112.674281][ T5758] usb 2-1: config 0 descriptor?? [ 112.697500][ T5758] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state. [ 112.717365][ T5758] dvb-usb: bulk message failed: -22 (2/0) [ 112.731606][ T5758] dvb-usb: will use the device's hardware PID filter (table count: 15). [ 112.741217][ T5758] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353)) [ 112.753938][ T5758] usb 2-1: media controller created [ 112.762242][ T5758] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 112.792665][ T5758] usb 2-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)... [ 112.803644][ T5758] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered. [ 112.912844][ T5758] rc_core: IR keymap rc-dtt200u not found [ 112.918701][ T5758] Registered IR keymap rc-empty [ 112.935271][ T5758] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0 [ 112.943581][ T5946] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 112.958017][ T5758] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input6 [ 112.983559][ T5758] dvb-usb: schedule remote query interval to 300 msecs. [ 112.990534][ T5758] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected. [ 112.990862][ T6764] loop3: detected capacity change from 0 to 2048 [ 113.029399][ T5758] usb 2-1: USB disconnect, device number 4 [ 113.092426][ T6764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.137416][ T5758] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected. [ 113.143136][ T5946] usb 3-1: Using ep0 maxpacket: 8 [ 113.157168][ T5946] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 113.169101][ T5946] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 113.178947][ T5946] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 113.189061][ T5946] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 113.202372][ T5946] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 113.215173][ T6772] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.301: bit already cleared for inode 15 [ 113.226541][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.276890][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.477244][ T5946] usb 3-1: GET_CAPABILITIES returned 0 [ 113.486507][ T5946] usbtmc 3-1:16.0: can't read capabilities [ 113.695896][ C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 113.727762][ T786] usb 3-1: USB disconnect, device number 4 [ 113.833306][ T6771] loop0: detected capacity change from 0 to 32768 [ 113.885622][ T6771] JBD2: Ignoring recovery information on journal [ 113.935602][ T6771] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 114.099591][ T5772] ocfs2: Unmounting device (7,0) on (node local) [ 114.267220][ T6792] loop3: detected capacity change from 0 to 2048 [ 114.269857][ T6782] loop1: detected capacity change from 0 to 40427 [ 114.314242][ T6782] F2FS-fs (loop1): invalid crc value [ 114.322287][ T6792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.404320][ T6782] F2FS-fs (loop1): Found nat_bits in checkpoint [ 114.472957][ T6792] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.312: bit already cleared for inode 15 [ 114.569685][ T6782] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 114.599817][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.631704][ T27] audit: type=1800 audit(1767186272.082:15): pid=6782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.307" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 114.749973][ T5766] syz-executor: attempt to access beyond end of device [ 114.749973][ T5766] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 114.786676][ T5766] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 114.847741][ T6796] loop2: detected capacity change from 0 to 32768 [ 115.000614][ T6806] loop3: detected capacity change from 0 to 4096 [ 115.047736][ T6806] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 115.213650][ T27] audit: type=1800 audit(1767186272.662:16): pid=6806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.316" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 115.450152][ T5769] Bluetooth: hci3: unexpected cc 0x203e length: 2 > 1 [ 115.842319][ T6820] loop3: detected capacity change from 0 to 2048 [ 115.905713][ T6820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.992538][ T6816] loop1: detected capacity change from 0 to 32768 [ 115.999333][ T6820] EXT4-fs error (device loop3): ext4_free_inode:356: comm syz.3.323: bit already cleared for inode 15 [ 116.070883][ T6816] JBD2: Ignoring recovery information on journal [ 116.106334][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.161716][ T6816] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 116.287331][ T6830] loop3: detected capacity change from 0 to 128 [ 116.324337][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 116.603497][ T6826] loop2: detected capacity change from 0 to 40427 [ 116.632435][ T6826] F2FS-fs (loop2): invalid crc value [ 116.660347][ T1160] Bluetooth: hci4: Frame reassembly failed (-84) [ 116.698594][ T6826] F2FS-fs (loop2): Found nat_bits in checkpoint [ 116.813872][ T6826] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 116.846246][ T27] audit: type=1800 audit(1767186274.302:17): pid=6826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.324" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 116.870140][ T6826] syz.2.324: attempt to access beyond end of device [ 116.870140][ T6826] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 116.892716][ T6826] syz.2.324: attempt to access beyond end of device [ 116.892716][ T6826] loop2: rw=2049, sector=45104, nr_sectors = 120 limit=40427 [ 116.909757][ T6826] syz.2.324: attempt to access beyond end of device [ 116.909757][ T6826] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 116.985882][ T5767] syz-executor: attempt to access beyond end of device [ 116.985882][ T5767] loop2: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 117.008515][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 117.009093][ T6832] loop1: detected capacity change from 0 to 32768 [ 117.041684][ T6832] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.168568][ T6832] XFS (loop1): Ending clean mount [ 117.187508][ T6832] XFS (loop1): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 [ 117.230444][ T6832] XFS (loop1): Unmount and run xfs_repair [ 117.239428][ T6832] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 117.255406][ T6832] 00000000: 46 49 42 33 00 00 00 00 ff ff ff ff ff ff ff ff FIB3............ [ 117.266161][ T6832] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 80 ................ [ 117.278535][ T6832] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 117.290836][ T6832] 00000030: 00 00 00 00 37 43 cf 4c 00 00 24 40 00 00 40 37 ....7C.L..$@..@7 [ 117.302425][ T6832] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 117.311599][ T6832] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 117.320743][ T6832] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 117.329919][ T6832] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 117.348061][ T6832] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x1d7/0x2d0" at daddr 0x10 len 4 error 74 [ 117.360133][ T6832] XFS (loop1): Failed to initialize disk quotas. [ 117.485660][ T5766] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.507252][ T6852] loop0: detected capacity change from 0 to 256 [ 117.564669][ T6854] syz.2.330 uses obsolete (PF_INET,SOCK_PACKET) [ 117.855101][ T6860] loop2: detected capacity change from 0 to 2048 [ 117.918939][ T6860] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.965273][ T6860] EXT4-fs error (device loop2): ext4_free_inode:356: comm syz.2.334: bit already cleared for inode 15 [ 118.118987][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.326339][ T6866] loop1: detected capacity change from 0 to 32768 [ 118.388996][ T6866] JBD2: Ignoring recovery information on journal [ 118.433714][ T6876] capability: warning: `syz.0.340' uses deprecated v2 capabilities in a way that may be insecure [ 118.470447][ T6866] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 118.610338][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 118.723034][ T5782] Bluetooth: hci4: command 0x1003 tx timeout [ 118.723140][ T5769] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 118.771518][ T6885] loop0: detected capacity change from 0 to 1024 [ 118.878762][ T6887] loop3: detected capacity change from 0 to 128 [ 118.935568][ T6887] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 119.039726][ T6871] loop2: detected capacity change from 0 to 40427 [ 119.056751][ T6887] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 119.079476][ T6871] F2FS-fs (loop2): invalid crc value [ 119.122004][ T6871] F2FS-fs (loop2): Found nat_bits in checkpoint [ 119.146582][ T5770] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 119.254534][ T6894] loop0: detected capacity change from 0 to 2048 [ 119.310488][ T6894] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.326958][ T6871] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 119.375580][ T27] audit: type=1800 audit(1767186276.832:18): pid=6871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.338" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 119.395826][ C1] vkms_vblank_simulate: vblank timer overrun [ 119.413486][ T6871] syz.2.338: attempt to access beyond end of device [ 119.413486][ T6871] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 119.436261][ T6894] EXT4-fs error (device loop0): ext4_free_inode:356: comm syz.0.347: bit already cleared for inode 15 [ 119.454588][ T6871] syz.2.338: attempt to access beyond end of device [ 119.454588][ T6871] loop2: rw=2049, sector=45104, nr_sectors = 120 limit=40427 [ 119.511952][ T6871] syz.2.338: attempt to access beyond end of device [ 119.511952][ T6871] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 119.548479][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.632291][ T5767] syz-executor: attempt to access beyond end of device [ 119.632291][ T5767] loop2: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 119.667745][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 120.315948][ T6908] loop3: detected capacity change from 0 to 32768 [ 120.373703][ T6924] loop0: detected capacity change from 0 to 2048 [ 120.395457][ T6908] JBD2: Ignoring recovery information on journal [ 120.462275][ T6924] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.522290][ T6908] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 120.588818][ T6924] EXT4-fs error (device loop0): ext4_free_inode:356: comm syz.0.360: bit already cleared for inode 15 [ 120.707511][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.738351][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 121.454623][ T6934] loop2: detected capacity change from 0 to 40427 [ 121.487215][ T6934] F2FS-fs (loop2): invalid crc value [ 121.507780][ T6934] F2FS-fs (loop2): Found nat_bits in checkpoint [ 121.582958][ T6934] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 121.635654][ T27] audit: type=1800 audit(1767186279.092:19): pid=6934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.362" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 121.662409][ T6934] syz.2.362: attempt to access beyond end of device [ 121.662409][ T6934] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 121.696070][ T6934] syz.2.362: attempt to access beyond end of device [ 121.696070][ T6934] loop2: rw=2049, sector=45104, nr_sectors = 120 limit=40427 [ 121.731421][ T6934] syz.2.362: attempt to access beyond end of device [ 121.731421][ T6934] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 121.792676][ T5767] syz-executor: attempt to access beyond end of device [ 121.792676][ T5767] loop2: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 121.818248][ T5767] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 122.169512][ T6962] loop1: detected capacity change from 0 to 32768 [ 122.191975][ T6962] JBD2: Ignoring recovery information on journal [ 122.303705][ T6962] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 122.385607][ T6966] loop2: detected capacity change from 0 to 2048 [ 122.440177][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 122.457496][ T6966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.573615][ T6954] loop3: detected capacity change from 0 to 65536 [ 122.599809][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.614519][ T6954] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 122.788093][ T6954] XFS (loop3): Ending clean mount [ 122.792508][ T6979] loop2: detected capacity change from 0 to 4096 [ 122.843433][ T6982] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 122.913324][ T5770] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 122.930633][ T6984] bridge_slave_0: left allmulticast mode [ 122.939423][ T6984] bridge_slave_0: left promiscuous mode [ 122.948721][ T6979] syz.2.376 (6979) used greatest stack depth: 19336 bytes left [ 122.974023][ T6984] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.037640][ T6984] bridge_slave_1: left allmulticast mode [ 123.070219][ T6984] bridge_slave_1: left promiscuous mode [ 123.105292][ T6984] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.178566][ T6984] bond0: (slave bond_slave_0): Releasing backup interface [ 123.232931][ T6984] bond0: (slave bond_slave_1): Releasing backup interface [ 123.325843][ T6984] team0: Port device team_slave_0 removed [ 123.373665][ T6984] team0: Port device team_slave_1 removed [ 123.388546][ T6984] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 123.413674][ T6984] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 123.441244][ T6984] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 123.459616][ T6984] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 123.478988][ T6985] team0: Mode changed to "broadcast" [ 123.712869][ T5758] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 123.905199][ T5758] usb 3-1: config 9 has an invalid interface number: 12 but max is 0 [ 123.915433][ T5758] usb 3-1: config 9 has no interface number 0 [ 123.921632][ T5758] usb 3-1: config 9 interface 12 altsetting 3 endpoint 0x6 has invalid maxpacket 512, setting to 64 [ 123.934223][ T5758] usb 3-1: config 9 interface 12 has no altsetting 0 [ 123.943923][ T5758] usb 3-1: New USB device found, idVendor=0499, idProduct=1008, bcdDevice=ca.03 [ 123.967715][ T5758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.991957][ T5758] usb 3-1: Product: syz [ 124.004733][ T5758] usb 3-1: Manufacturer: syz [ 124.017476][ T5758] usb 3-1: SerialNumber: syz [ 124.137656][ T7001] loop0: detected capacity change from 0 to 2048 [ 124.210424][ T7001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.262526][ T5758] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 124.307149][ T5758] snd-usb-audio: probe of 3-1:9.12 failed with error -2 [ 124.317876][ T5758] usb 3-1: USB disconnect, device number 5 [ 124.385463][ T5771] udevd[5771]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:9.12/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 124.415452][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.543063][ T6999] loop1: detected capacity change from 0 to 32768 [ 124.560690][ T7008] loop0: detected capacity change from 0 to 8 [ 124.625134][ T6999] JBD2: Ignoring recovery information on journal [ 124.679728][ T6999] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 124.793835][ T7003] loop3: detected capacity change from 0 to 40427 [ 124.818411][ T7003] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 124.850331][ T7003] F2FS-fs (loop3): invalid crc value [ 124.887444][ T7003] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 2 [ 124.890825][ T5766] ocfs2: Unmounting device (7,1) on (node local) [ 124.933797][ T7003] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117) [ 125.176818][ T27] audit: type=1326 audit(1767186282.632:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7019 comm="syz.0.393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c6778f749 code=0x0 [ 125.512222][ T7032] loop3: detected capacity change from 0 to 2048 [ 125.559725][ T7032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.714021][ T7027] loop2: detected capacity change from 0 to 32768 [ 125.724486][ T7027] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.392 (7027) [ 125.752207][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.788659][ T7027] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 125.799360][ T7027] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 125.816116][ T7027] BTRFS error (device loop2): superblock checksum mismatch [ 125.829400][ T7027] BTRFS error (device loop2): open_ctree failed: -22 [ 125.880168][ T5900] udevd[5900]: incorrect btrfs checksum on /dev/loop2 [ 126.562368][ T7062] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 126.632892][ T7062] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.640508][ T7062] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.659856][ T7062] bridge0: entered allmulticast mode [ 126.717661][ T7041] loop3: detected capacity change from 0 to 32768 [ 126.787298][ T7041] JBD2: Ignoring recovery information on journal [ 126.846484][ T7041] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 126.906063][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 127.072873][ T5819] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 127.282926][ T5819] usb 3-1: Using ep0 maxpacket: 16 [ 127.294400][ T5819] usb 3-1: unable to get BOS descriptor or descriptor too short [ 127.312949][ T5819] usb 3-1: config 6 has an invalid interface number: 239 but max is 0 [ 127.321147][ T5819] usb 3-1: config 6 has no interface number 0 [ 127.327323][ T5819] usb 3-1: config 6 interface 239 altsetting 9 has an invalid endpoint with address 0x80, skipping [ 127.339029][ T5819] usb 3-1: config 6 interface 239 altsetting 9 has an invalid endpoint with address 0x52, skipping [ 127.349783][ T5819] usb 3-1: config 6 interface 239 altsetting 9 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 127.363057][ T5819] usb 3-1: config 6 interface 239 has no altsetting 0 [ 127.378685][ T5819] usb 3-1: New USB device found, idVendor=040b, idProduct=6521, bcdDevice=57.b8 [ 127.387998][ T5819] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.396122][ T5819] usb 3-1: Product: syz [ 127.400395][ T5819] usb 3-1: Manufacturer: syz [ 127.405187][ T5819] usb 3-1: SerialNumber: syz [ 127.413186][ T7072] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 127.493572][ T7076] loop3: detected capacity change from 0 to 65536 [ 127.527770][ T7076] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 127.661097][ T7076] XFS (loop3): Ending clean mount [ 127.672314][ T5819] xbox_remote_probe: Unexpected endpoint_in [ 127.713192][ T5819] usb 3-1: USB disconnect, device number 6 [ 127.783752][ T5770] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 127.968008][ T7097] loop1: detected capacity change from 0 to 2048 [ 127.996790][ T7097] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.925346][ T7103] loop3: detected capacity change from 0 to 32768 [ 128.965944][ T7103] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 129.216587][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.2.428'. [ 129.226607][ T7103] XFS (loop3): Ending clean mount [ 129.233772][ T7125] netlink: 'syz.2.428': attribute type 2 has an invalid length. [ 129.374590][ T5770] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 129.546642][ T7109] loop1: detected capacity change from 0 to 65536 [ 129.564290][ T7109] XFS: ikeep mount option is deprecated. [ 129.651258][ T7109] XFS (loop1): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 129.747962][ T7109] XFS (loop1): Ending clean mount [ 129.758828][ T7109] XFS (loop1): Quotacheck needed: Please wait. [ 129.830999][ T7109] XFS (loop1): Quotacheck: Done. [ 129.937357][ T5766] XFS (loop1): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 130.012912][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 130.189890][ T7143] loop3: detected capacity change from 0 to 32768 [ 130.206918][ T7143] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.433 (7143) [ 130.216635][ T9] usb 3-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55 [ 130.231522][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.241006][ T7143] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 130.241080][ T9] usb 3-1: Product: syz [ 130.261666][ T7143] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 130.267602][ T9] usb 3-1: Manufacturer: syz [ 130.279986][ T9] usb 3-1: SerialNumber: syz [ 130.283091][ T7143] BTRFS info (device loop3): force zlib compression, level 3 [ 130.304043][ T7143] BTRFS info (device loop3): force clearing of disk cache [ 130.304157][ T9] usb 3-1: config 0 descriptor?? [ 130.318887][ T7143] BTRFS info (device loop3): setting nodatasum [ 130.331902][ T7143] BTRFS info (device loop3): allowing degraded mounts [ 130.342075][ T7143] BTRFS info (device loop3): enabling disk space caching [ 130.344071][ T9] gspca_main: sonixb-2.14.0 probing 0c45:6005 [ 130.350535][ T7143] BTRFS info (device loop3): disk space caching is enabled [ 130.400489][ T7143] BTRFS info (device loop3): auto enabling async discard [ 130.419445][ T7143] BTRFS info (device loop3): rebuilding free space tree [ 130.502607][ T7143] BTRFS info (device loop3): disabling free space tree [ 130.523326][ T7143] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 130.552943][ T7143] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 130.697246][ T5770] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 130.765783][ T9] input: sonixb as /devices/platform/dummy_hcd.2/usb3/3-1/input/input7 [ 130.972079][ T9] usb 3-1: USB disconnect, device number 7 [ 131.037953][ T7172] libceph: resolve ' [ 131.037953][ T7172] -&õÌ×fÍY¹Ç²a×ïÅ2iˆ' (ret=-3): failed [ 131.473882][ T7186] loop1: detected capacity change from 0 to 4096 [ 131.495653][ T7186] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 131.695271][ T7186] ntfs3: loop1: ino=1b, "file0" directory corrupted [ 132.316923][ T7225] netlink: 'syz.3.463': attribute type 2 has an invalid length. [ 132.657971][ T7238] capability: warning: `syz.2.469' uses 32-bit capabilities (legacy support in use) [ 132.846309][ T7246] loop2: detected capacity change from 0 to 2048 [ 132.892719][ T7249] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 132.948486][ T7249] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 132.967971][ T7249] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4) [ 132.981307][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.988212][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.993464][ T7249] Remounting filesystem read-only [ 133.001557][ T5767] NILFS (loop2): discard dirty page: offset=0, ino=5 [ 133.036861][ T5767] NILFS (loop2): discard dirty block: blocknr=41, size=1024 [ 133.063736][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.082834][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.112855][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.121960][ T5767] NILFS (loop2): discard dirty page: offset=0, ino=4 [ 133.150720][ T5767] NILFS (loop2): discard dirty block: blocknr=40, size=1024 [ 133.158478][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.178999][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.189443][ T5767] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 133.308013][ T7262] loop2: detected capacity change from 0 to 1024 [ 133.318380][ T7262] EXT4-fs: Ignoring removed oldalloc option [ 133.367449][ T7262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.414596][ T7267] loop3: detected capacity change from 0 to 16 [ 133.446732][ T7267] erofs: (device loop3): mounted with root inode @ nid 36. [ 133.506328][ T7267] syz.3.481: attempt to access beyond end of device [ 133.506328][ T7267] loop3: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 133.539695][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.541742][ T7267] syz.3.481: attempt to access beyond end of device [ 133.541742][ T7267] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 133.808094][ T7258] loop1: detected capacity change from 0 to 32768 [ 133.841913][ T7258] find_entry called with index = 0 [ 133.850300][ T7258] read_mapping_page failed! [ 133.860341][ T7258] ERROR: (device loop1): txCommit: [ 133.860341][ T7258] [ 133.871370][ T7258] ERROR: (device loop1): remounting filesystem as read-only [ 133.909980][ T112] BUG at fs/jfs/jfs_txnmgr.c:932 assert(mp->nohomeok > 0) [ 133.918091][ T112] ------------[ cut here ]------------ [ 133.923856][ T112] kernel BUG at fs/jfs/jfs_txnmgr.c:932! [ 133.931594][ T112] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 133.937693][ T112] CPU: 1 PID: 112 Comm: jfsCommit Not tainted syzkaller #0 [ 133.942864][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 133.944880][ T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 133.962386][ T112] RIP: 0010:txUnlock+0xc87/0xcb0 [ 133.967354][ T112] Code: 8f 9d 5a 07 0f 0b e8 e8 02 84 fe 48 c7 c7 00 10 e4 8a 48 c7 c6 f9 0b e4 8a ba a4 03 00 00 48 c7 c1 e0 1c e4 8a e8 69 9d 5a 07 <0f> 0b e8 c2 02 84 fe 48 c7 c7 00 10 e4 8a 48 c7 c6 f9 0b e4 8a ba [ 133.986944][ T112] RSP: 0018:ffffc90002ca7d08 EFLAGS: 00010246 [ 133.993010][ T112] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 73ea883853f0b800 [ 134.000977][ T112] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 134.008931][ T112] RBP: ffffc9000281a120 R08: ffffc90002ca7a07 R09: 1ffff92000594f40 [ 134.016888][ T112] R10: dffffc0000000000 R11: fffff52000594f41 R12: ffff88802c8d0ba0 [ 134.024845][ T112] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88802e104094 [ 134.032805][ T112] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 134.041728][ T112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.048295][ T112] CR2: 00007fe79e78bd58 CR3: 0000000031229000 CR4: 00000000003506e0 [ 134.056252][ T112] Call Trace: [ 134.059512][ T112] [ 134.062427][ T112] ? lockdep_hardirqs_on+0x98/0x150 [ 134.067615][ T112] jfs_lazycommit+0x570/0xa60 [ 134.072294][ T112] ? txFreelock+0x5a0/0x5a0 [ 134.076783][ T112] ? do_task_dead+0xd0/0xd0 [ 134.081266][ T112] ? __kthread_parkme+0x7a/0x1c0 [ 134.086191][ T112] kthread+0x2fa/0x390 [ 134.090238][ T112] ? txFreelock+0x5a0/0x5a0 [ 134.094733][ T112] ? kthread_blkcg+0xd0/0xd0 [ 134.099324][ T112] ret_from_fork+0x48/0x80 [ 134.103728][ T112] ? kthread_blkcg+0xd0/0xd0 [ 134.108389][ T112] ret_from_fork_asm+0x11/0x20 [ 134.113158][ T112] [ 134.116187][ T112] Modules linked in: [ 134.122668][ T112] ---[ end trace 0000000000000000 ]--- [ 134.129250][ T112] RIP: 0010:txUnlock+0xc87/0xcb0 [ 134.132866][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 134.134447][ T112] Code: 8f 9d 5a 07 0f 0b e8 e8 02 84 fe 48 c7 c7 00 10 e4 8a 48 c7 c6 f9 0b e4 8a ba a4 03 00 00 48 c7 c1 e0 1c e4 8a e8 69 9d 5a 07 <0f> 0b e8 c2 02 84 fe 48 c7 c7 00 10 e4 8a 48 c7 c6 f9 0b e4 8a ba [ 134.147217][ T9] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 134.158950][ T112] RSP: 0018:ffffc90002ca7d08 EFLAGS: 00010246 [ 134.158970][ T112] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 73ea883853f0b800 [ 134.158981][ T112] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 134.169581][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.174196][ T112] RBP: ffffc9000281a120 R08: ffffc90002ca7a07 R09: 1ffff92000594f40 [ 134.182393][ T9] usb 3-1: Product: syz [ 134.190244][ T112] R10: dffffc0000000000 R11: fffff52000594f41 R12: ffff88802c8d0ba0 [ 134.190261][ T112] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88802e104094 [ 134.190273][ T112] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 134.190287][ T112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 134.190298][ T112] CR2: 00007fe79e78bd58 CR3: 0000000063454000 CR4: 00000000003506e0 [ 134.190314][ T112] Kernel panic - not syncing: Fatal exception [ 134.190623][ T112] Kernel Offset: disabled