last executing test programs: 1.770159688s ago: executing program 3 (id=535): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local, 0x1}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x7fffffff}) 1.652594977s ago: executing program 0 (id=537): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00') 1.652387267s ago: executing program 3 (id=538): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x1, 0x4, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%pI4 \x00'}, 0x20) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 1.551775085s ago: executing program 3 (id=540): unshare(0x600) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x121000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000000c0)={0xdddd0000, 0xc000, 0x100}) 1.357168201s ago: executing program 2 (id=541): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x4004810) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0) 1.342752632s ago: executing program 3 (id=543): sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0, 0x300}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @broadcast}, 0x10) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 1.254450599s ago: executing program 1 (id=544): bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x1f, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0xbc3, &(0x7f0000000480)={0x0, 0x1568, 0x11080, 0x0, 0x264}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}}) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) 1.165184926s ago: executing program 2 (id=545): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x40000000001, 0x107382) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000200)={r1, 0x1, {0x0, 0x0, 0x0, 0xffffffffffffff86, 0x7, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2984fcaf1860b3b61f8e2078de86be39f1bb99370491de6bb2c742bcf61f316c63790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ccfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "f7a78adde4baffaed544f59b58ae3151b9dd0fe9ca0206d8b02266a0443e8ae6", [0x3b, 0x4]}}) 1.144247618s ago: executing program 1 (id=546): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) write$binfmt_aout(r0, &(0x7f0000000940)=ANY=[], 0xff2e) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000240)) 1.042520196s ago: executing program 2 (id=547): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x4, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x402, @remote, 0x3}, @in={0x2, 0x4e20, @broadcast}, @in6={0xa, 0x4e21, 0x3, @local, 0x100}], 0x48) sendmmsg$inet6(r0, &(0x7f0000002d00)=[{{&(0x7f0000000000)={0xa, 0x4e27, 0xfffff922, @rand_addr=' \x01\x00', 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f00000000c0)="b1", 0x1}], 0x1}}], 0x1, 0x400c04d) 909.344777ms ago: executing program 2 (id=548): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10) listen(r0, 0x0) shutdown(r0, 0x1) 892.635088ms ago: executing program 2 (id=549): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="a40600000d0a010800000000000000000a0000010900020073797a31000000000900010073797a310000000078060380140000800800034000000002080003"], 0x6a4}, 0x1, 0x0, 0x0, 0x24000801}, 0x4008000) 751.679709ms ago: executing program 0 (id=550): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0xd}}, &(0x7f00000000c0)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x28011, r0, 0x0) 749.52855ms ago: executing program 2 (id=558): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x2, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=") syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0x1, 0x27f, &(0x7f0000000480)="$eJzs3T9v00AYx/HfOWkbaFXcPwgJMRUqMaG2LIilCGVgZ2FCQBOkiqhIUMSfKTAj2Nl5C7wARibEjMTGxAvIFnTnC3HSOA5W00vS70dKlNT32M/F5949rqoIwKl1u/rr8/Xf9mGkkkqSbkqRpIpUlnReFyovDg73Dxv12rAdlVyEfRglkeZIm72D+qBQG+civNi+K2sp/TOMR+Wnmh9v3XkZOg+E5a7+ASJpwV+dbnvlxDMbj2boBAIzLbX0Ssuh8wAAhOXn/8jP80t+/R5F0qaf9nvn/ymfQFuhExizrznbU/O/q7Laxp7fc25Tt95zJZzdHnWqxCK5zCsZWT0LTJNXVbpcojOP9xv1a3tPG7VI77TrzXWbrbvnWjJ0O9LZvj26640BtekQxfu+6PowZ/uwk84/1WTteI+Yz3wz3819E+uTav/Wf+W2safJnam470wl+W9l79H1cl6uVUYvV9xBLvojeEN7WVJGRaLOiFpR7w2COC9PF7XaF5X0bjsnam1g1E5O1Hp/VHc0Z0eOm/lg7pkN/dEXVVPr/8h+2psa5cq0bVxLPzKG9qfsWsZuPvFXXfPSwJZR0R6hgPd6pBtafv76zZOHjUb92cy+sFfiBKQxUS86g2BS8pnZF/ZDDnL0zrxTfD/BfjPhBHVP+n8G8reZWWHXXSap/1L1ypZbrNmnuHedvpCObeftPLXH7YzaYNU9n82u4HoYd+thMbuCG7XmunxVujLKEROxz3Py7BYJMlX90APu/wMAAAAAAAAAAAAAAAAAAEyb4/uXg4qyNoXuIwAAAAAAAAAAAAAAAAAAAAAA027ivv/3rpJ3fP8vMHZ/AwAA////DnhI") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db) writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x60000}], 0x1) 469.685422ms ago: executing program 0 (id=551): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000001c0)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f325, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg(r0, &(0x7f0000001240)={0x0, 0x0, 0x0}, 0x40000120) 373.29472ms ago: executing program 3 (id=552): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x0, @local, 0xf}, @in6={0xa, 0x4e23, 0x7, @remote, 0x8}, @in6={0xa, 0x4e24, 0x7, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x3}], 0x54) sendmmsg$inet6(r0, &(0x7f0000001d80)=[{{&(0x7f00000003c0)={0xa, 0x4e20, 0x9, @local, 0x9}, 0x1c, &(0x7f0000001c00)=[{&(0x7f0000001740)='p', 0x1}], 0x1}}], 0x1, 0x5dc) 371.44741ms ago: executing program 0 (id=553): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x58, &(0x7f00000000c0)}, 0x10) 270.328208ms ago: executing program 3 (id=554): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x3a, 0x0, 0x200000000000000}]}) 227.168912ms ago: executing program 0 (id=555): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)=0x23) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0x7, 0x3fe, 0xfffffffd, 0x7ff, 0x3, "04ae080000000000007800000500080100", 0x7, 0x200}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x8) 225.102732ms ago: executing program 1 (id=556): r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4620, @private=0xa010101}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000240), &(0x7f0000000080)=0x4) getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000000080)=""/4060, &(0x7f00000010c0)=0xfdc) 69.282014ms ago: executing program 1 (id=557): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f00000000c0)="b2", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c) 65.651774ms ago: executing program 0 (id=559): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101900, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000080)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000100)=0xffff0000) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000002540)=0x1) 40.554417ms ago: executing program 1 (id=560): pipe2$watch_queue(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xb5) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=561): creat(&(0x7f00000002c0)='./file0\x00', 0x109) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x10000], 0x0, 0x0, 0x1, 0x1}}, 0x40) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.85' (ED25519) to the list of known hosts. [ 57.145008][ T5768] cgroup: Unknown subsys name 'net' [ 57.310913][ T5768] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 58.654028][ T5768] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 60.559279][ T5787] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 60.567366][ T5787] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.576261][ T5787] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 60.584263][ T5787] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 60.589586][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.591765][ T5787] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 60.607255][ T5787] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 60.607442][ T5790] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 60.622568][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 60.623606][ T5787] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 60.636830][ T5790] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.641126][ T5787] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 60.645116][ T5790] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.651521][ T5787] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 60.660033][ T5790] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 60.665733][ T5787] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 60.674107][ T5790] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 60.679802][ T5787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 60.686441][ T5790] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 60.694264][ T5787] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 60.700934][ T5790] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 60.709185][ T5787] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 60.714416][ T5790] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 60.723078][ T5787] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 61.201525][ T5779] chnl_net:caif_netlink_parms(): no params data found [ 61.263860][ T5778] chnl_net:caif_netlink_parms(): no params data found [ 61.275382][ T5777] chnl_net:caif_netlink_parms(): no params data found [ 61.367913][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 61.419528][ T5779] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.426804][ T5779] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.434263][ T5779] bridge_slave_0: entered allmulticast mode [ 61.441550][ T5779] bridge_slave_0: entered promiscuous mode [ 61.455754][ T5779] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.464290][ T5779] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.471438][ T5779] bridge_slave_1: entered allmulticast mode [ 61.478466][ T5779] bridge_slave_1: entered promiscuous mode [ 61.499074][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.506361][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.513580][ T5777] bridge_slave_0: entered allmulticast mode [ 61.520926][ T5777] bridge_slave_0: entered promiscuous mode [ 61.529324][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.536544][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.543699][ T5777] bridge_slave_1: entered allmulticast mode [ 61.550532][ T5777] bridge_slave_1: entered promiscuous mode [ 61.625547][ T5778] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.632729][ T5778] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.640364][ T5778] bridge_slave_0: entered allmulticast mode [ 61.648041][ T5778] bridge_slave_0: entered promiscuous mode [ 61.674039][ T5779] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.685758][ T5779] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.695130][ T5778] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.702266][ T5778] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.710220][ T5778] bridge_slave_1: entered allmulticast mode [ 61.717172][ T5778] bridge_slave_1: entered promiscuous mode [ 61.725885][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.738636][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.805828][ T5779] team0: Port device team_slave_0 added [ 61.849129][ T5779] team0: Port device team_slave_1 added [ 61.857653][ T5778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.869745][ T5778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.881036][ T5777] team0: Port device team_slave_0 added [ 61.887668][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.894951][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.902083][ T5780] bridge_slave_0: entered allmulticast mode [ 61.909103][ T5780] bridge_slave_0: entered promiscuous mode [ 61.939268][ T5777] team0: Port device team_slave_1 added [ 61.968483][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.975830][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.982954][ T5780] bridge_slave_1: entered allmulticast mode [ 61.989860][ T5780] bridge_slave_1: entered promiscuous mode [ 62.028620][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.035694][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.062648][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.089592][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.096759][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.122851][ T5779] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.135532][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.142487][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.168453][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.182393][ T5778] team0: Port device team_slave_0 added [ 62.188955][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.196204][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.222149][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.236129][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 62.248508][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 62.264654][ T5778] team0: Port device team_slave_1 added [ 62.310183][ T5780] team0: Port device team_slave_0 added [ 62.335541][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.342515][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.368953][ T5778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.383095][ T5780] team0: Port device team_slave_1 added [ 62.410652][ T5778] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.417784][ T5778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.444184][ T5778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.494957][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 62.501931][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.528601][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 62.542505][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 62.549526][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.575482][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 62.589814][ T5779] hsr_slave_0: entered promiscuous mode [ 62.596520][ T5779] hsr_slave_1: entered promiscuous mode [ 62.616987][ T5777] hsr_slave_0: entered promiscuous mode [ 62.623288][ T5777] hsr_slave_1: entered promiscuous mode [ 62.629379][ T5777] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.637546][ T5777] Cannot create hsr debugfs directory [ 62.713534][ T5778] hsr_slave_0: entered promiscuous mode [ 62.720223][ T5778] hsr_slave_1: entered promiscuous mode [ 62.728590][ T5778] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.736210][ T5778] Cannot create hsr debugfs directory [ 62.794681][ T50] Bluetooth: hci0: command tx timeout [ 62.795365][ T5780] hsr_slave_0: entered promiscuous mode [ 62.800435][ T5782] Bluetooth: hci1: command tx timeout [ 62.807043][ T50] Bluetooth: hci2: command tx timeout [ 62.812169][ T5782] Bluetooth: hci3: command tx timeout [ 62.818288][ T5780] hsr_slave_1: entered promiscuous mode [ 62.829128][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.836737][ T5780] Cannot create hsr debugfs directory [ 63.159191][ T5777] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.171969][ T5777] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.181319][ T5777] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.192461][ T5777] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.256489][ T5779] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 63.273673][ T5779] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 63.289834][ T5779] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 63.300761][ T5779] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 63.378187][ T5778] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 63.389656][ T5778] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 63.411004][ T5778] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 63.420972][ T5778] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 63.514599][ T5780] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 63.525372][ T5780] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 63.537178][ T5780] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 63.548026][ T5780] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 63.607814][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.638231][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.679683][ T5779] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.696551][ T5777] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.710550][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.717875][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.751922][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.759088][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.798392][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.805525][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.816412][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.823505][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.900102][ T5778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.921373][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.965493][ T5778] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.990609][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.997790][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.017034][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.039380][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.046560][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.072997][ T1327] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.080178][ T1327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.118083][ T1327] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.125357][ T1327] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.276448][ T5780] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.356893][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.495745][ T5779] veth0_vlan: entered promiscuous mode [ 64.519892][ T5779] veth1_vlan: entered promiscuous mode [ 64.547398][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.650456][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.672853][ T5779] veth0_macvtap: entered promiscuous mode [ 64.705459][ T5779] veth1_macvtap: entered promiscuous mode [ 64.721073][ T5777] veth0_vlan: entered promiscuous mode [ 64.741166][ T5777] veth1_vlan: entered promiscuous mode [ 64.751788][ T5778] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.781224][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.802911][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.819002][ T5779] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.828364][ T5779] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.837852][ T5779] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.847152][ T5779] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.882869][ T5777] veth0_macvtap: entered promiscuous mode [ 64.883321][ T5782] Bluetooth: hci3: command tx timeout [ 64.892804][ T5777] veth1_macvtap: entered promiscuous mode [ 64.894473][ T50] Bluetooth: hci2: command tx timeout [ 64.900258][ T5787] Bluetooth: hci0: command tx timeout [ 64.905653][ T50] Bluetooth: hci1: command tx timeout [ 64.940780][ T5780] veth0_vlan: entered promiscuous mode [ 64.963001][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.975481][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.988279][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.009886][ T5778] veth0_vlan: entered promiscuous mode [ 65.033633][ T5780] veth1_vlan: entered promiscuous mode [ 65.050207][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.061205][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.074631][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.112380][ T5778] veth1_vlan: entered promiscuous mode [ 65.126922][ T5777] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.135932][ T5777] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.144807][ T5777] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.153501][ T5777] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.175334][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.184428][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.239010][ T5780] veth0_macvtap: entered promiscuous mode [ 65.251583][ T5780] veth1_macvtap: entered promiscuous mode [ 65.284286][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.292135][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.330384][ T5778] veth0_macvtap: entered promiscuous mode [ 65.363028][ T5778] veth1_macvtap: entered promiscuous mode [ 65.384191][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.392109][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.409527][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.420319][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.430436][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.441373][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.453286][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.464692][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.480964][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.490868][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.501729][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.513093][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.591157][ T5780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.603348][ T5780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.622041][ T5780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.634705][ T5780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.653401][ T5867] syz.2.5[5867]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 65.689001][ T5867] loop2: detected capacity change from 0 to 1024 [ 65.704461][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.725667][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.745666][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.766113][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.780734][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 65.791434][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.803197][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.813241][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.823435][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.837787][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.853390][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.868182][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.880924][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.893402][ T5778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.904152][ T5778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.917772][ T1309] hfsplus: b-tree write err: -5, ino 4 [ 65.918152][ T5778] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.991619][ T5778] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.008813][ T5778] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.019871][ T5778] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.041341][ T5778] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.220163][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.244592][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.285518][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.293379][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.423695][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.440304][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.445564][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 66.456897][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.708017][ T27] audit: type=1326 audit(1755574075.878:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5884 comm="syz.2.10" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1b6478ebe9 code=0x0 [ 66.888847][ T5888] loop3: detected capacity change from 0 to 4096 [ 66.921478][ T5888] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 66.954833][ T50] Bluetooth: hci0: command tx timeout [ 66.954855][ T5790] Bluetooth: hci3: command tx timeout [ 66.960421][ T50] Bluetooth: hci2: command tx timeout [ 66.966223][ T5787] Bluetooth: hci1: command tx timeout [ 67.343409][ T5890] loop1: detected capacity change from 0 to 40427 [ 67.387893][ T5890] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 67.410357][ T5892] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.433438][ T5890] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 67.469518][ T5890] F2FS-fs (loop1): invalid crc value [ 67.482007][ T5892] hsr0: entered allmulticast mode [ 67.491770][ T5890] F2FS-fs (loop1): Found nat_bits in checkpoint [ 67.492684][ T5894] @: renamed from vlan0 (while UP) [ 67.666887][ T5890] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 67.704132][ T5890] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 67.788468][ T5904] loop3: detected capacity change from 0 to 1024 [ 67.995275][ T5871] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 68.225601][ T5871] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 68.244509][ T5871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.269567][ T5871] usb 3-1: config 0 descriptor?? [ 68.280729][ T5871] cp210x 3-1:0.0: cp210x converter detected [ 68.509982][ T5918] loop0: detected capacity change from 0 to 1024 [ 68.694073][ T5871] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 68.746993][ T5871] usb 3-1: cp210x converter now attached to ttyUSB0 [ 68.989065][ T785] usb 3-1: USB disconnect, device number 2 [ 69.021054][ T785] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 69.034387][ T5790] Bluetooth: hci3: command tx timeout [ 69.039826][ T5790] Bluetooth: hci2: command tx timeout [ 69.045467][ T5787] Bluetooth: hci1: command tx timeout [ 69.050886][ T5787] Bluetooth: hci0: command tx timeout [ 69.053134][ T785] cp210x 3-1:0.0: device disconnected [ 69.075426][ T5916] loop1: detected capacity change from 0 to 32768 [ 69.090685][ T5916] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.18 (5916) [ 69.124125][ T5916] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 69.135233][ T5922] loop3: detected capacity change from 0 to 32768 [ 69.142541][ T5922] ======================================================= [ 69.142541][ T5922] WARNING: The mand mount option has been deprecated and [ 69.142541][ T5922] and is ignored by this kernel. Remove the mand [ 69.142541][ T5922] option from the mount to silence this warning. [ 69.142541][ T5922] ======================================================= [ 69.177734][ T5916] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 69.187930][ T5916] BTRFS info (device loop1): doing ref verification [ 69.195548][ T5916] BTRFS info (device loop1): disabling tree log [ 69.201951][ T5916] BTRFS info (device loop1): enabling auto defrag [ 69.209409][ T5916] BTRFS info (device loop1): max_inline at 4096 [ 69.218326][ T5916] BTRFS info (device loop1): using free space tree [ 69.293678][ T5922] JBD2: Ignoring recovery information on journal [ 69.334126][ T5916] BTRFS info (device loop1): enabling ssd optimizations [ 69.341127][ T5916] BTRFS info (device loop1): auto enabling async discard [ 69.365827][ T5922] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 69.481558][ T27] audit: type=1800 audit(1755574078.648:3): pid=5922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.25" name="file1" dev="loop3" ino=17058 res=0 errno=0 [ 69.644666][ T5922] syz.3.25 (5922) used greatest stack depth: 19504 bytes left [ 69.755692][ T5780] ocfs2: Unmounting device (7,3) on (node local) [ 69.790840][ T5950] loop2: detected capacity change from 0 to 2048 [ 69.852085][ T5950] EXT4-fs: Ignoring removed mblk_io_submit option [ 69.978832][ T5778] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 70.004797][ T5950] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.136972][ T5950] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.28: bg 0: block 234: padding at end of block bitmap is not set [ 70.202679][ T5950] EXT4-fs (loop2): Remounting filesystem read-only [ 70.427072][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.345313][ T5988] netem: change failed [ 71.465377][ T5972] loop0: detected capacity change from 0 to 32768 [ 71.526625][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.533254][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.557615][ T5972] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 71.741169][ T6000] loop2: detected capacity change from 0 to 1024 [ 71.864638][ T5972] XFS (loop0): Ending clean mount [ 71.882863][ T6008] loop3: detected capacity change from 0 to 512 [ 71.885714][ T6000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.941762][ T5972] XFS (loop0): Quotacheck needed: Please wait. [ 71.954019][ T6008] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 72.042723][ T5972] XFS (loop0): Quotacheck: Done. [ 72.043880][ T6008] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.078197][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.123604][ T5777] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 72.154971][ T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 72.321602][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.384413][ T9] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 72.422631][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 72.451660][ T9] usb 2-1: Product: syz [ 72.461642][ T9] usb 2-1: Manufacturer: syz [ 72.478776][ T9] usb 2-1: SerialNumber: syz [ 72.493903][ T6017] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 72.512788][ T9] usb 2-1: config 0 descriptor?? [ 72.530072][ T9] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 002 [ 72.742695][ T6025] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.965735][ T9] (null): failure reading functionality [ 72.988267][ T9] i2c i2c-1: connected i2c-tiny-usb device [ 73.033101][ T6032] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 73.051671][ T6032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 73.080215][ T6032] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 73.084411][ T785] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 73.097459][ T6032] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 73.104265][ T6032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 73.114537][ T6032] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 73.125335][ T6032] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 73.131522][ T6032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 73.141018][ T6032] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 73.149998][ T6032] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 73.160758][ T6032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 73.170554][ T6032] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 73.248566][ T9] usb 2-1: USB disconnect, device number 2 [ 73.274433][ T785] usb 4-1: Using ep0 maxpacket: 16 [ 73.296190][ T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.311160][ T785] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.323471][ T785] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 73.364065][ T785] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 73.373162][ T785] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.419569][ T785] usb 4-1: config 0 descriptor?? [ 73.449332][ T6037] netlink: 'syz.0.57': attribute type 1 has an invalid length. [ 73.469640][ T6037] netlink: 'syz.0.57': attribute type 2 has an invalid length. [ 73.607844][ T6042] netlink: 180 bytes leftover after parsing attributes in process `syz.2.60'. [ 73.617516][ T6043] loop0: detected capacity change from 0 to 256 [ 73.626174][ T6043] exfat: Deprecated parameter 'utf8' [ 73.631553][ T6043] exfat: Deprecated parameter 'utf8' [ 73.643896][ T6043] exfat: Deprecated parameter 'namecase' [ 73.650957][ T6043] exfat: Deprecated parameter 'utf8' [ 73.669557][ T6043] exfat: Deprecated parameter 'utf8' [ 73.702969][ T6043] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e8072e, utbl_chksum : 0xe619d30d) [ 73.848899][ T785] microsoft 0003:045E:07DA.0001: No inputs registered, leaving [ 73.909110][ T785] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 73.952540][ T785] microsoft 0003:045E:07DA.0001: no inputs found [ 73.973398][ T785] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway [ 74.132595][ T5871] usb 4-1: USB disconnect, device number 2 [ 74.239282][ T6054] loop0: detected capacity change from 0 to 1024 [ 74.350820][ T48] hfsplus: b-tree write err: -5, ino 4 [ 74.470113][ T6045] loop2: detected capacity change from 0 to 32768 [ 74.505230][ T6045] (syz.2.61,6045,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 74.539303][ T6045] (syz.2.61,6045,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 74.628946][ T6045] JBD2: Ignoring recovery information on journal [ 74.776275][ T6045] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 75.025896][ T6009] udevd[6009]: failed to send result of seq 10804 to main daemon: Connection refused [ 75.035515][ T5790] Bluetooth: hci2: command 0x0c1a tx timeout [ 75.113873][ T5790] Bluetooth: hci0: command 0x0c1a tx timeout [ 75.193910][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 75.197703][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 75.206752][ T6056] loop1: detected capacity change from 0 to 40427 [ 75.243502][ T6056] F2FS-fs (loop1): heap/no_heap options were deprecated [ 75.282489][ T6056] F2FS-fs (loop1): invalid crc value [ 75.308417][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 75.324932][ T6056] F2FS-fs (loop1): Found nat_bits in checkpoint [ 75.481731][ T6056] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 75.642898][ T5778] syz-executor: attempt to access beyond end of device [ 75.642898][ T5778] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.661729][ T5778] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 76.099284][ T6104] pimreg: tun_chr_ioctl cmd 1074812117 [ 76.138171][ T6106] block device autoloading is deprecated and will be removed. [ 76.503113][ T6102] loop2: detected capacity change from 0 to 32768 [ 76.523633][ T6120] loop1: detected capacity change from 0 to 64 [ 76.562989][ T6120] hfs: unable to locate alternate MDB [ 76.569065][ T6102] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 76.582075][ T6120] hfs: continuing without an alternate MDB [ 76.631433][ T6123] loop0: detected capacity change from 0 to 2048 [ 76.674438][ T6102] XFS (loop2): Ending clean mount [ 76.698485][ T6102] XFS (loop2): Quotacheck needed: Please wait. [ 76.730199][ T6123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.769684][ T6102] XFS (loop2): Quotacheck: Done. [ 76.769909][ T6123] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.954091][ T6139] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.90: bg 0: block 345: padding at end of block bitmap is not set [ 77.004034][ T6139] EXT4-fs (loop0): Remounting filesystem read-only [ 77.032606][ T42] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4868: inode #15: block 1: len 15: ext4_ext_map_blocks returned -5 [ 77.114450][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 77.194018][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 77.276275][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 77.276294][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 77.324188][ T6138] loop1: detected capacity change from 0 to 32768 [ 77.332902][ T6138] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.95 (6138) [ 77.364159][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.400829][ T6138] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 77.460065][ T6138] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 77.483970][ T6138] BTRFS info (device loop1): enabling ssd optimizations [ 77.490962][ T6138] BTRFS info (device loop1): not using ssd optimizations [ 77.523371][ T5779] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 77.532106][ T6138] BTRFS info (device loop1): turning off barriers [ 77.543882][ T6138] BTRFS info (device loop1): using free space tree [ 77.575828][ T6134] loop3: detected capacity change from 0 to 40427 [ 77.593122][ T6134] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 77.621568][ T6134] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 77.645129][ T6134] F2FS-fs (loop3): invalid crc value [ 77.684999][ T6134] F2FS-fs (loop3): Found nat_bits in checkpoint [ 77.844429][ T6163] Bluetooth: MGMT ver 1.22 [ 77.866465][ T6164] netlink: 24 bytes leftover after parsing attributes in process `syz.0.98'. [ 77.876298][ T6134] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 77.883355][ T6134] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 77.936239][ T5778] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 77.991811][ T6134] syz.3.94: attempt to access beyond end of device [ 77.991811][ T6134] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 78.018438][ T6167] loop2: detected capacity change from 0 to 1024 [ 78.122040][ T6167] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.188092][ T6167] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.202625][ T6134] syz.3.94: attempt to access beyond end of device [ 78.202625][ T6134] loop3: rw=2049, sector=53256, nr_sectors = 2048 limit=40427 [ 78.234758][ T6167] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.264644][ T6167] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.278326][ T6134] syz.3.94: attempt to access beyond end of device [ 78.278326][ T6134] loop3: rw=2049, sector=55304, nr_sectors = 1840 limit=40427 [ 78.302811][ T6168] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.305076][ T6134] syz.3.94: attempt to access beyond end of device [ 78.305076][ T6134] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 78.322730][ T6168] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.337447][ T6170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.101'. [ 78.398792][ T58] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.420424][ T6172] process 'syz.1.100' launched './file2' with NULL argv: empty string added [ 78.429260][ T58] hfsplus: request for non-existent node 33554434 in B*Tree [ 78.627462][ T6181] loop0: detected capacity change from 0 to 1024 [ 78.636479][ T6181] EXT4-fs: Ignoring removed i_version option [ 78.655612][ T6181] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 78.727135][ T6181] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #3: block 1: comm syz.0.105: lblock 1 mapped to illegal pblock 1 (length 1) [ 78.746993][ T6181] Quota error (device loop0): write_blk: dquota write failed [ 78.763440][ T6186] netlink: 'syz.2.107': attribute type 29 has an invalid length. [ 78.788355][ T6181] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 78.802949][ T6181] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.105: Failed to acquire dquot type 0 [ 78.803191][ T6186] netlink: 'syz.2.107': attribute type 29 has an invalid length. [ 78.843240][ T6181] EXT4-fs error (device loop0): ext4_free_blocks:6681: comm syz.0.105: Freeing blocks not in datazone - block = 0, count = 4096 [ 78.906383][ T6181] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.105: Invalid inode bitmap blk 0 in block_group 0 [ 78.924034][ T48] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 78.956174][ T6181] EXT4-fs error (device loop0) in ext4_free_inode:363: Corrupt filesystem [ 78.974715][ T48] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 78.993398][ T48] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:3: Failed to release dquot type 0 [ 79.026382][ T6181] EXT4-fs (loop0): 1 orphan inode deleted [ 79.033380][ T6181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.150560][ T6181] EXT4-fs error (device loop0): ext4_nfs_get_inode:1551: inode #12: comm syz.0.105: iget: bad extra_isize 65535 (inode size 256) [ 79.204157][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 79.274092][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 79.328990][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.353983][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 79.354024][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 79.396977][ T6197] bridge0: port 3(syz_tun) entered blocking state [ 79.404471][ T6197] bridge0: port 3(syz_tun) entered disabled state [ 79.411272][ T6197] syz_tun: entered allmulticast mode [ 79.419597][ T6197] syz_tun: entered promiscuous mode [ 79.429016][ T6197] bridge0: port 3(syz_tun) entered blocking state [ 79.435870][ T6197] bridge0: port 3(syz_tun) entered forwarding state [ 79.480419][ T6202] loop1: detected capacity change from 0 to 512 [ 79.489980][ T6203] loop0: detected capacity change from 0 to 128 [ 79.522574][ T6203] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 79.539111][ T6203] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 79.556110][ T6202] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 79.569633][ T6202] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 79.577660][ T6203] EXT4-fs warning (device loop0): __ext4_ioctl:1259: Setting inode version is not supported with metadata_csum enabled. [ 79.600886][ T6202] EXT4-fs (loop1): 1 truncate cleaned up [ 79.615176][ T6202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.637581][ T5777] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 79.657927][ T6202] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 79.677022][ T6202] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 79.699950][ T6211] loop2: detected capacity change from 0 to 128 [ 79.712467][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.725100][ T6211] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 79.759544][ T6211] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 79.814034][ T5815] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 79.863061][ T5779] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 79.996859][ T5815] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 80.022639][ T5815] usb 4-1: config 0 has no interface number 0 [ 80.034267][ T5815] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 80.051039][ T5815] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 80.067933][ T5815] usb 4-1: config 0 interface 255 has no altsetting 0 [ 80.075259][ T5815] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 80.085455][ T5815] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.106142][ T5815] usb 4-1: config 0 descriptor?? [ 80.113218][ T5815] ums-realtek 4-1:0.255: USB Mass Storage device detected [ 80.270703][ T6234] loop2: detected capacity change from 0 to 1024 [ 80.299954][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.309532][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.322421][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.358099][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.376828][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.387045][ T5815] usb 4-1: USB disconnect, device number 3 [ 80.404748][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.413174][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.422435][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.433252][ T6235] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.449117][ T6235] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.458466][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.466669][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.475924][ T6235] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.483408][ T6235] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.491027][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.500095][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.502644][ T6227] loop1: detected capacity change from 0 to 32768 [ 80.510097][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.521901][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.525899][ T6227] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 80.529868][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.545273][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.559272][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.564917][ T6227] XFS (loop1): Ending clean mount [ 80.571749][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.576771][ T6227] XFS (loop1): Quotacheck needed: Please wait. [ 80.583508][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.592576][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.601318][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.609003][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.615782][ T6227] XFS (loop1): Quotacheck: Done. [ 80.616562][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.630829][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.638860][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.646298][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.654209][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.661515][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.668978][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.676336][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.684089][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.691397][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.698785][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.708082][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.715510][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.732588][ T6234] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.741727][ T27] audit: type=1800 audit(1755574089.908:4): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.124" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 80.799070][ T58] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.811039][ T58] hfsplus: request for non-existent node 16777216 in B*Tree [ 80.845084][ T5778] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 80.979987][ T6249] loop0: detected capacity change from 0 to 2048 [ 81.008294][ T6249] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.009778][ T6253] loop3: detected capacity change from 0 to 128 [ 81.027258][ T6249] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.101482][ T6249] EXT4-fs error (device loop0): __ext4_new_inode:1284: comm syz.0.127: failed to insert inode 13: doubly allocated? [ 81.227662][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.389093][ T6262] loop3: detected capacity change from 0 to 128 [ 81.400209][ T6261] netlink: 20 bytes leftover after parsing attributes in process `syz.2.132'. [ 81.406030][ T6262] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 81.428523][ T6262] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 81.437890][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 81.765095][ T28] cfg80211: failed to load regulatory.db [ 81.864009][ T6285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.143'. [ 81.912470][ T6283] loop2: detected capacity change from 0 to 4096 [ 82.039430][ T6283] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 82.111411][ T6283] ntfs3: loop2: ino=21, "memory.events.local" mmap(write) compressed not supported [ 82.186441][ T6274] loop3: detected capacity change from 0 to 32768 [ 82.245240][ T6274] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 82.282713][ T6299] sch_fq: defrate 1 ignored. [ 82.313171][ T6274] XFS (loop3): Ending clean mount [ 82.321586][ T6274] XFS (loop3): Quotacheck needed: Please wait. [ 82.369895][ T6303] loop1: detected capacity change from 0 to 512 [ 82.386799][ T6303] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 82.424386][ T6274] XFS (loop3): Quotacheck: Done. [ 82.433454][ T6303] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 82.454966][ T6303] EXT4-fs (loop1): 1 truncate cleaned up [ 82.482319][ T6303] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.542923][ T6303] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #2: block 13: comm syz.1.147: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 82.583566][ T6303] EXT4-fs (loop1): Remounting filesystem read-only [ 82.685583][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.784103][ T6322] mmap: syz.1.154 (6322) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 82.838103][ T5780] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 82.915066][ T6327] loop2: detected capacity change from 0 to 8 [ 82.922155][ T6327] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 83.297171][ T6342] loop2: detected capacity change from 0 to 64 [ 83.421687][ T27] audit: type=1800 audit(1755574092.588:5): pid=6342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.164" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 83.889442][ T6345] loop3: detected capacity change from 0 to 32768 [ 83.923936][ T6345] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 83.992099][ T6345] XFS (loop3): Ending clean mount [ 83.995435][ T6343] loop1: detected capacity change from 0 to 40427 [ 84.001383][ T6345] XFS (loop3): Quotacheck needed: Please wait. [ 84.038491][ T6343] F2FS-fs (loop1): heap/no_heap options were deprecated [ 84.058989][ T6343] F2FS-fs (loop1): invalid crc value [ 84.068910][ T6345] XFS (loop3): Quotacheck: Done. [ 84.082778][ T6343] F2FS-fs (loop1): Found nat_bits in checkpoint [ 84.155921][ T6343] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 84.253000][ T5778] syz-executor: attempt to access beyond end of device [ 84.253000][ T5778] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 84.271950][ T5778] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 84.300006][ T5780] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 84.344342][ T786] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 84.483962][ T785] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 84.554388][ T786] usb 3-1: Using ep0 maxpacket: 8 [ 84.575108][ T786] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 84.593859][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.618585][ T786] pvrusb2: Hardware description: Terratec Grabster AV400 [ 84.626420][ T786] pvrusb2: ********** [ 84.630914][ T786] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 84.642905][ T786] pvrusb2: Important functionality might not be entirely working. [ 84.658953][ T786] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 84.674097][ T785] usb 1-1: Using ep0 maxpacket: 16 [ 84.676453][ T786] pvrusb2: ********** [ 84.684335][ T785] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.704195][ T785] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 84.722886][ T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.744158][ T785] usb 1-1: config 0 descriptor?? [ 84.834496][ T2314] pvrusb2: Invalid write control endpoint [ 84.938131][ T2314] pvrusb2: Invalid write control endpoint [ 84.959542][ T2314] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 84.973961][ T2314] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 84.981907][ T2314] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 84.992399][ T2314] pvrusb2: Device being rendered inoperable [ 85.009831][ T2314] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 85.019050][ T2314] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 85.042450][ T2314] pvrusb2: Attached sub-driver cx25840 [ 85.053332][ T28] usb 3-1: USB disconnect, device number 3 [ 85.063463][ T2314] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 85.079413][ T2314] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 85.134386][ T6396] loop1: detected capacity change from 0 to 1024 [ 85.168432][ T785] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 85.221146][ T48] hfsplus: b-tree write err: -5, ino 4 [ 85.286393][ T6402] loop3: detected capacity change from 0 to 512 [ 85.293478][ T6402] EXT4-fs: Ignoring removed mblk_io_submit option [ 85.301683][ T6402] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 85.313190][ T6402] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 85.331206][ T6402] EXT4-fs (loop3): 1 truncate cleaned up [ 85.339979][ T6402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.432186][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.577532][ T9] usb 1-1: USB disconnect, device number 2 [ 85.594109][ T785] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 85.773934][ T6410] loop3: detected capacity change from 0 to 32768 [ 85.782261][ T6410] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.190 (6410) [ 85.797670][ T6410] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 85.808312][ T6410] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 85.817430][ T6410] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 85.827671][ T6410] BTRFS info (device loop3): force zstd compression, level 3 [ 85.835536][ T6410] BTRFS info (device loop3): turning on sync discard [ 85.836054][ T785] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 85.842656][ T6410] BTRFS info (device loop3): force clearing of disk cache [ 85.852727][ T785] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 85.870798][ T785] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 85.879489][ T6410] BTRFS info (device loop3): enabling disk space caching [ 85.884591][ T785] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 85.888157][ T6410] BTRFS info (device loop3): turning off discard [ 85.907258][ T6410] BTRFS info (device loop3): disk space caching is enabled [ 85.917748][ T785] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 85.927813][ T785] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 85.938395][ T785] usb 2-1: Manufacturer: syz [ 85.949235][ T785] usb 2-1: config 0 descriptor?? [ 85.980106][ T6410] BTRFS info (device loop3): enabling ssd optimizations [ 85.990752][ T6410] BTRFS info (device loop3): rebuilding free space tree [ 86.006521][ T6430] loop2: detected capacity change from 0 to 512 [ 86.016559][ T6430] EXT4-fs: Ignoring removed nobh option [ 86.031636][ T6410] BTRFS info (device loop3): disabling free space tree [ 86.038782][ T6410] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 86.050053][ T6410] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 86.068890][ T6430] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #16: comm syz.2.192: corrupted inode contents [ 86.093859][ T6430] EXT4-fs (loop2): Remounting filesystem read-only [ 86.100886][ T6430] EXT4-fs (loop2): 1 truncate cleaned up [ 86.107865][ T6430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.122566][ T6430] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.144890][ T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 86.186384][ T58] Quota error (device loop2): write_blk: dquota write failed [ 86.188310][ T6435] loop0: detected capacity change from 0 to 128 [ 86.193865][ T58] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 86.214975][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.224109][ T58] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 86.237262][ T58] Quota error (device loop2): write_blk: dquota write failed [ 86.250636][ T58] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 86.261819][ T58] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 86.277096][ T58] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 86.277200][ T6435] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.289648][ T58] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 86.312084][ T5780] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 86.340030][ T6435] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 86.377712][ T785] rc_core: IR keymap rc-hauppauge not found [ 86.383653][ T785] Registered IR keymap rc-empty [ 86.427836][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.428844][ T5777] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.472814][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.513510][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.196'. [ 86.527293][ T785] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 86.540144][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.196'. [ 86.563279][ T785] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7 [ 86.647892][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.693405][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.739747][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.794142][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.834126][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.864864][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.904081][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.963343][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 86.993915][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 87.035724][ T785] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 87.086548][ T785] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 87.104777][ T785] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 87.132376][ T785] usb 2-1: USB disconnect, device number 3 [ 87.343569][ T6463] loop3: detected capacity change from 0 to 4096 [ 87.356959][ T6463] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 87.400793][ T27] audit: type=1800 audit(1755574096.568:6): pid=6463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.204" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 87.447435][ T6463] ntfs3: loop3: ino=1e, "file1" ntfs3_write_inode failed, -22. [ 87.471521][ T6455] loop0: detected capacity change from 0 to 32768 [ 87.510700][ T6455] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 87.523309][ T6455] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 87.556341][ T6455] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 87.667834][ T6459] loop2: detected capacity change from 0 to 32768 [ 87.679539][ T6455] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 87.697534][ T6459] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 87.760054][ T6459] XFS (loop2): Ending clean mount [ 87.776216][ T6459] XFS (loop2): Quotacheck needed: Please wait. [ 87.828776][ T6459] XFS (loop2): Quotacheck: Done. [ 87.898976][ T5779] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 88.580484][ T6500] loop1: detected capacity change from 0 to 4096 [ 88.770869][ T6509] loop1: detected capacity change from 0 to 128 [ 88.795405][ T6509] EXT4-fs: Ignoring removed nobh option [ 88.829733][ T6509] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 88.846327][ T6509] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 88.890817][ T6514] loop3: detected capacity change from 0 to 2048 [ 88.900183][ T6509] fscrypt (loop1, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS [ 88.916431][ T6514] EXT4-fs: Ignoring removed bh option [ 88.939099][ T6514] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.971244][ T6506] loop2: detected capacity change from 0 to 32768 [ 88.981714][ T6506] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 scanned by syz.2.219 (6506) [ 89.000103][ T5778] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 89.010222][ T6506] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 89.025200][ T6506] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 89.054608][ T6514] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 89.093506][ T6506] BTRFS info (device loop2): using free space tree [ 89.110999][ T6514] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28 [ 89.124284][ T6514] EXT4-fs (loop3): This should not happen!! Data will be lost [ 89.124284][ T6514] [ 89.134753][ T6514] EXT4-fs (loop3): Total free blocks count 0 [ 89.140776][ T6514] EXT4-fs (loop3): Free/Dirty block details [ 89.146907][ T6514] EXT4-fs (loop3): free_blocks=2415919104 [ 89.153164][ T6514] EXT4-fs (loop3): dirty_blocks=32 [ 89.158753][ T6514] EXT4-fs (loop3): Block reservation details [ 89.164876][ T6514] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 89.175336][ T6521] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 89.214963][ T6506] BTRFS info (device loop2): enabling ssd optimizations [ 89.236013][ T6506] BTRFS info (device loop2): auto enabling async discard [ 89.348868][ T5779] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f [ 89.490687][ T6550] loop0: detected capacity change from 0 to 512 [ 89.506915][ T6548] can0: slcan on ttyS3. [ 89.559346][ T6550] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.231: casefold flag without casefold feature [ 89.597049][ T6550] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.231: couldn't read orphan inode 15 (err -117) [ 89.615306][ T6550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.691021][ T6548] can0 (unregistered): slcan off ttyS3. [ 89.768923][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.925802][ T6563] tipc: Started in network mode [ 89.930988][ T6563] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 89.949370][ T6557] loop1: detected capacity change from 0 to 4096 [ 89.956788][ T6563] tipc: Enabling of bearer rejected, failed to enable media [ 89.980991][ T6557] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 90.045720][ T6569] loop2: detected capacity change from 0 to 256 [ 90.171584][ T6575] Attempt to restore checkpoint with obsolete wellknown handles [ 90.292542][ T6581] loop2: detected capacity change from 0 to 256 [ 90.301226][ T6581] exfat: Deprecated parameter 'namecase' [ 90.307173][ T6581] exfat: Deprecated parameter 'utf8' [ 90.320283][ T6581] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 90.359141][ T786] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 90.399600][ T6583] loop2: detected capacity change from 0 to 164 [ 90.420298][ T6583] rock: directory entry would overflow storage [ 90.426957][ T6583] rock: sig=0x4f50, size=4, remaining=3 [ 90.432538][ T6583] iso9660: Corrupted directory entry in block 5 of inode 1792 [ 90.553317][ T786] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 90.563674][ T28] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 90.577344][ T786] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 90.590492][ T6587] capability: warning: `syz.2.248' uses deprecated v2 capabilities in a way that may be insecure [ 90.593415][ T786] usb 4-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c [ 90.611516][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.614938][ T6587] loop2: detected capacity change from 0 to 512 [ 90.621100][ T786] usb 4-1: Product: syz [ 90.630202][ T786] usb 4-1: Manufacturer: syz [ 90.635863][ T786] usb 4-1: SerialNumber: syz [ 90.642064][ T786] usb 4-1: config 0 descriptor?? [ 90.651636][ T786] ims_pcu 4-1:0.0: Missing CDC union descriptor [ 90.652282][ T6587] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.658008][ T786] ims_pcu: probe of 4-1:0.0 failed with error -22 [ 90.677649][ T6587] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.746981][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.774900][ T28] usb 2-1: Using ep0 maxpacket: 32 [ 90.791533][ T28] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 90.805669][ T28] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 90.815019][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.823040][ T28] usb 2-1: Product: syz [ 90.827773][ T28] usb 2-1: Manufacturer: syz [ 90.832394][ T28] usb 2-1: SerialNumber: syz [ 90.839865][ T28] usb 2-1: config 0 descriptor?? [ 90.846712][ T6579] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 90.867849][ T28] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input8 [ 91.088633][ T9] usb 4-1: USB disconnect, device number 4 [ 91.117820][ C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 91.127073][ T28] usb 2-1: USB disconnect, device number 4 [ 91.192220][ T6598] netlink: 61959 bytes leftover after parsing attributes in process `syz.0.252'. [ 91.733674][ T6596] loop2: detected capacity change from 0 to 65536 [ 91.826356][ T6596] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 91.878599][ T6596] XFS (loop2): Ending clean mount [ 91.892792][ T6596] XFS (loop2): Quotacheck needed: Please wait. [ 91.953199][ T6596] XFS (loop2): Quotacheck: Done. [ 92.112803][ T6629] loop3: detected capacity change from 0 to 1024 [ 92.134874][ T6629] EXT4-fs: Ignoring removed mblk_io_submit option [ 92.141379][ T6629] EXT4-fs: inline encryption not supported [ 92.162660][ T6629] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 92.191448][ T6629] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c802e018, mo2=0000] [ 92.214326][ T6629] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.261: bad orphan inode 11 [ 92.229763][ T6629] ext4_test_bit(bit=10, block=4) = 1 [ 92.239024][ T6629] is_bad_inode(inode)=0 [ 92.243224][ T6629] NEXT_ORPHAN(inode)=3254779904 [ 92.252692][ T6629] max_ino=32 [ 92.256091][ T6629] i_nlink=0 [ 92.280784][ T5779] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 92.295511][ T6629] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.261: lblock 2 mapped to illegal pblock 2 (length 1) [ 92.333492][ T6629] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 92.351219][ T6629] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.261: lblock 0 mapped to illegal pblock 48 (length 1) [ 92.371568][ T6629] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 92.388811][ T6629] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.261: Failed to acquire dquot type 0 [ 92.420069][ T6629] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 92.433393][ T6629] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.261: mark_inode_dirty error [ 92.468139][ T6629] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 92.511806][ T6629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.614835][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.666969][ T5780] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 92.708736][ T5780] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 92.740925][ T5780] EXT4-fs error (device loop3): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error [ 92.766590][ T6640] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 92.811514][ T6634] loop1: detected capacity change from 0 to 32768 [ 92.818246][ T786] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 92.840502][ T42] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 92.861142][ T6634] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.262 (6634) [ 92.877272][ T6634] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 92.889864][ T6634] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 92.898669][ T6634] BTRFS info (device loop1): turning on sync discard [ 92.905935][ T6634] BTRFS info (device loop1): setting nodatacow, compression disabled [ 92.914754][ T6634] BTRFS info (device loop1): turning off barriers [ 92.921923][ T6634] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 92.932734][ T6634] BTRFS info (device loop1): trying to use backup root at mount time [ 92.942539][ T6634] BTRFS info (device loop1): metadata ratio 3 [ 92.949030][ T6634] BTRFS info (device loop1): enabling auto defrag [ 92.959166][ T6634] BTRFS info (device loop1): doing ref verification [ 92.968611][ T6634] BTRFS info (device loop1): max_inline at 0 [ 92.977891][ T6634] BTRFS info (device loop1): using free space tree [ 92.985240][ T6647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'. [ 92.998586][ T6647] netlink: 4 bytes leftover after parsing attributes in process `syz.2.268'. [ 93.009064][ T6647] netlink: 'syz.2.268': attribute type 6 has an invalid length. [ 93.017715][ T6650] loop3: detected capacity change from 0 to 2048 [ 93.027097][ T786] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 93.046691][ T786] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 93.066886][ T6650] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 93.076517][ T786] usb 1-1: config 220 has an invalid descriptor of length 13, skipping remainder of the config [ 93.077102][ T3448] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 93.095303][ T786] usb 1-1: config 220 has no interface number 2 [ 93.107393][ T786] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 93.126487][ T786] usb 1-1: config 220 interface 0 has no altsetting 0 [ 93.133354][ T786] usb 1-1: config 220 interface 76 has no altsetting 0 [ 93.140646][ T786] usb 1-1: config 220 interface 1 has no altsetting 0 [ 93.142964][ T6634] BTRFS error (device loop1): failed to load root extent [ 93.151049][ T786] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 93.165752][ T786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.171483][ T6634] BTRFS warning (device loop1): try to load backup roots slot 1 [ 93.173741][ T786] usb 1-1: Product: syz [ 93.186326][ T786] usb 1-1: Manufacturer: syz [ 93.190946][ T786] usb 1-1: SerialNumber: syz [ 93.203200][ T48] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 93.241690][ T6634] BTRFS warning (device loop1): couldn't read tree root [ 93.250223][ T6634] BTRFS warning (device loop1): try to load backup roots slot 2 [ 93.268829][ T48] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 93.295883][ T6666] loop2: detected capacity change from 0 to 256 [ 93.297701][ T6634] BTRFS warning (device loop1): couldn't read tree root [ 93.313604][ T6634] BTRFS warning (device loop1): try to load backup roots slot 3 [ 93.338601][ T6666] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 93.352005][ T6666] FAT-fs (loop2): Filesystem has been set read-only [ 93.359080][ T6634] BTRFS info (device loop1): enabling ssd optimizations [ 93.359203][ T6666] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 93.374021][ T6634] BTRFS info (device loop1): rebuilding free space tree [ 93.379417][ T6666] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 93.400923][ T27] audit: type=1800 audit(1755574102.568:7): pid=6666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.271" name="file1" dev="loop2" ino=1048595 res=0 errno=0 [ 93.426686][ T6666] syz.2.271 (6666) used greatest stack depth: 19312 bytes left [ 93.454538][ T6634] BTRFS info (device loop1): checking UUID tree [ 93.466795][ T786] usb 1-1: selecting invalid altsetting 0 [ 93.495263][ T786] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 93.501709][ T786] usb 1-1: No valid video chain found. [ 93.530970][ T786] usb 1-1: selecting invalid altsetting 0 [ 93.548139][ T786] usbtest: probe of 1-1:220.1 failed with error -22 [ 93.575802][ T786] usb 1-1: USB disconnect, device number 3 [ 93.685559][ T5778] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 93.745515][ T6682] netlink: 52 bytes leftover after parsing attributes in process `syz.2.278'. [ 93.870544][ T6686] loop2: detected capacity change from 0 to 64 [ 94.103137][ T6693] veth1_macvtap: left promiscuous mode [ 94.238954][ T6699] loop2: detected capacity change from 0 to 256 [ 94.506986][ T6715] loop1: detected capacity change from 0 to 512 [ 94.515568][ T6715] EXT4-fs: Ignoring removed nobh option [ 94.539970][ T6717] netlink: 32 bytes leftover after parsing attributes in process `syz.2.294'. [ 94.573309][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #3: comm syz.1.293: corrupted inode contents [ 94.601947][ T6720] loop3: detected capacity change from 0 to 1024 [ 94.618711][ T6715] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #3: comm syz.1.293: mark_inode_dirty error [ 94.642139][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #3: comm syz.1.293: corrupted inode contents [ 94.657793][ T6715] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.293: mark_inode_dirty error [ 94.673106][ T6715] Quota error (device loop1): write_blk: dquota write failed [ 94.680972][ T6715] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 94.691517][ T6715] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.293: Failed to acquire dquot type 0 [ 94.703347][ T27] audit: type=1326 audit(1755574103.878:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.0.296" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f59da38ebe9 code=0x0 [ 94.723634][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #16: comm syz.1.293: corrupted inode contents [ 94.754032][ T6715] EXT4-fs error (device loop1): ext4_dirty_inode:6106: inode #16: comm syz.1.293: mark_inode_dirty error [ 94.768749][ T6729] netlink: 'syz.2.298': attribute type 11 has an invalid length. [ 94.789331][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #16: comm syz.1.293: corrupted inode contents [ 94.811079][ T6715] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.293: mark_inode_dirty error [ 94.827833][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #16: comm syz.1.293: corrupted inode contents [ 94.849405][ T6715] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 94.855414][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.2.300'. [ 94.859516][ T6715] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #16: comm syz.1.293: corrupted inode contents [ 94.881927][ T6715] EXT4-fs error (device loop1): ext4_truncate:4288: inode #16: comm syz.1.293: mark_inode_dirty error [ 94.896015][ T6715] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 94.909263][ T6715] EXT4-fs (loop1): 1 truncate cleaned up [ 94.919012][ T6715] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.936093][ T6715] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.025432][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.189795][ T6748] loop2: detected capacity change from 0 to 64 [ 95.219727][ T27] audit: type=1800 audit(1755574104.388:9): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.306" name="file1" dev="loop2" ino=21 res=0 errno=0 [ 95.243231][ T6750] netlink: 'syz.1.307': attribute type 39 has an invalid length. [ 95.268342][ T27] audit: type=1800 audit(1755574104.388:10): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.306" name="file1" dev="loop2" ino=21 res=0 errno=0 [ 95.440613][ T6755] loop2: detected capacity change from 0 to 64 [ 95.656874][ T5790] Bluetooth: hci0: Malformed LE Event: 0x0d [ 95.727015][ T6771] loop3: detected capacity change from 0 to 128 [ 95.783045][ T6771] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 95.811366][ T6771] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 95.964640][ T5780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 96.007663][ T6785] loop2: detected capacity change from 0 to 1024 [ 96.017107][ T6785] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 96.033168][ T6785] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 96.037976][ T6787] loop3: detected capacity change from 0 to 512 [ 96.050183][ T6787] EXT4-fs: Ignoring removed nobh option [ 96.059698][ T6785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.060186][ T6787] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 96.082186][ T6787] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.323: invalid indirect mapped block 256 (level 1) [ 96.097055][ T6787] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.323: invalid indirect mapped block 2683928664 (level 1) [ 96.097305][ T6785] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 96.113248][ T6787] EXT4-fs (loop3): 1 truncate cleaned up [ 96.127008][ T6787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.141012][ T6785] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.324: missing EA_INODE flag [ 96.162387][ T6785] EXT4-fs (loop2): Remounting filesystem read-only [ 96.169822][ T6785] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 96.196856][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.242370][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.292450][ T27] audit: type=1400 audit(1755574105.458:11): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A202020202030206B420A4C617A79467265653A202020202020202020202020202030206B420A416E6F6E4875676550616765733A20202020202020202030206B420A53686D656D506D644D61707065643A202020202020202030206B420A46696C65506D644D61707065643A20202020202020202030206B420A5368617265645F48756765746C623A202020202020202030206B420A50 pid=6793 comm="syz.3.325" [ 96.858385][ T6801] loop2: detected capacity change from 0 to 32768 [ 96.874019][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 96.896960][ T6801] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 97.016443][ T6801] XFS (loop2): Ending clean mount [ 97.039402][ T6801] XFS (loop2): Quotacheck needed: Please wait. [ 97.084129][ T6825] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.093509][ T6825] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.110846][ T6801] XFS (loop2): Quotacheck: Done. [ 97.131355][ T6812] loop1: detected capacity change from 0 to 32768 [ 97.172371][ T6812] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.334 (6812) [ 97.218260][ T6812] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 97.230128][ T6812] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 97.233046][ T5779] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 97.247110][ T6812] BTRFS info (device loop1): enabling auto defrag [ 97.254549][ T6812] BTRFS info (device loop1): doing ref verification [ 97.261290][ T6812] BTRFS info (device loop1): max_inline at 0 [ 97.270955][ T6812] BTRFS info (device loop1): force clearing of disk cache [ 97.278709][ T6812] BTRFS info (device loop1): turning on sync discard [ 97.296077][ T6812] BTRFS info (device loop1): using free space tree [ 97.470730][ T6812] BTRFS info (device loop1): enabling ssd optimizations [ 97.482659][ T6812] BTRFS info (device loop1): rebuilding free space tree [ 97.657839][ T5778] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 97.953190][ T6863] loop3: detected capacity change from 0 to 128 [ 97.965203][ T6863] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 97.980078][ T6863] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 97.999031][ T6863] fscrypt (loop3, inode 12): Unsupported encryption flags (0x08) [ 98.033273][ T5780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 98.209156][ T6877] loop3: detected capacity change from 0 to 1024 [ 98.244023][ T785] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 98.448943][ T785] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 98.473960][ T785] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 98.507116][ T785] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 98.519745][ T785] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.533877][ T785] usb 1-1: Product: syz [ 98.538078][ T785] usb 1-1: Manufacturer: syz [ 98.544365][ T785] usb 1-1: SerialNumber: syz [ 98.595510][ T6868] loop1: detected capacity change from 0 to 32768 [ 98.608153][ T6868] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 98.660777][ T6868] XFS (loop1): Ending clean mount [ 98.669346][ T6868] XFS (loop1): Quotacheck needed: Please wait. [ 98.700894][ T6868] XFS (loop1): Quotacheck: Done. [ 98.758067][ T785] cdc_ncm 1-1:1.0: bind() failure [ 98.775585][ T785] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 98.782857][ T785] cdc_ncm 1-1:1.1: bind() failure [ 98.790443][ T5778] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 98.818583][ T785] usb 1-1: USB disconnect, device number 4 [ 99.502681][ T6917] loop3: detected capacity change from 0 to 1024 [ 99.565866][ T6917] hfsplus: bad catalog entry used to create inode [ 99.605191][ T42] hfsplus: b-tree write err: -5, ino 4 [ 99.934616][ T6910] loop1: detected capacity change from 0 to 40427 [ 99.952718][ T6910] F2FS-fs (loop1): invalid crc value [ 99.963657][ T6910] F2FS-fs (loop1): Found nat_bits in checkpoint [ 100.028766][ T6910] F2FS-fs (loop1): Start checkpoint disabled! [ 100.040722][ T6910] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 100.154601][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 100.228218][ T6939] loop3: detected capacity change from 0 to 512 [ 100.259550][ T6939] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 100.286802][ T6939] EXT4-fs (loop3): 1 truncate cleaned up [ 100.293738][ T6939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.396272][ T6947] loop2: detected capacity change from 0 to 256 [ 100.420517][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.432687][ T42] kworker/u4:2: attempt to access beyond end of device [ 100.432687][ T42] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 100.449505][ T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 100.454898][ T6947] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 100.539571][ T6949] netlink: 16 bytes leftover after parsing attributes in process `syz.3.377'. [ 100.662311][ T6952] loop3: detected capacity change from 0 to 256 [ 100.683353][ T6952] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 100.704443][ T6952] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 100.754070][ T6952] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 100.810674][ T6957] netlink: 12 bytes leftover after parsing attributes in process `syz.0.381'. [ 101.158306][ T27] audit: type=1326 audit(1755574110.328:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.242523][ T27] audit: type=1326 audit(1755574110.328:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.291682][ T27] audit: type=1326 audit(1755574110.348:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.351549][ T27] audit: type=1326 audit(1755574110.348:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.384571][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.389'. [ 101.401581][ T6953] loop2: detected capacity change from 0 to 32768 [ 101.414563][ T27] audit: type=1326 audit(1755574110.348:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.415892][ T6979] loop3: detected capacity change from 0 to 256 [ 101.437836][ T6953] XFS: ikeep mount option is deprecated. [ 101.468688][ T27] audit: type=1326 audit(1755574110.358:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.505664][ T27] audit: type=1326 audit(1755574110.358:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.533199][ T27] audit: type=1326 audit(1755574110.368:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.557194][ T27] audit: type=1326 audit(1755574110.368:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.569353][ T6953] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 101.624465][ T27] audit: type=1326 audit(1755574110.368:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59da38ebe9 code=0x7ffc0000 [ 101.721668][ T6953] XFS (loop2): Ending clean mount [ 101.744867][ T6953] XFS (loop2): Quotacheck needed: Please wait. [ 101.828315][ T6953] XFS (loop2): Quotacheck: Done. [ 101.887745][ T5779] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 102.018774][ T6999] loop1: detected capacity change from 0 to 8192 [ 102.040233][ T6999] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.377497][ T6997] loop0: detected capacity change from 0 to 40427 [ 102.400083][ T6997] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 102.410434][ T6997] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 102.421927][ T6997] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x7ffff [ 102.433627][ T6997] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x6 [ 102.441737][ T6997] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x5 [ 102.453687][ T6997] F2FS-fs (loop0): invalid crc value [ 102.475920][ T6997] F2FS-fs (loop0): Found nat_bits in checkpoint [ 102.543506][ T6997] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 102.543530][ T6997] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 102.677448][ T5777] syz-executor: attempt to access beyond end of device [ 102.677448][ T5777] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 102.726811][ T5777] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 102.734530][ T5777] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 102.741440][ T5777] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 102.754079][ T5777] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 103.399638][ T7032] loop1: detected capacity change from 0 to 32768 [ 103.431998][ T7032] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 103.542727][ T7032] XFS (loop1): Ending clean mount [ 103.549773][ T7051] sit0: entered promiscuous mode [ 103.561893][ T7051] netlink: 'syz.2.413': attribute type 1 has an invalid length. [ 103.571244][ T7051] netlink: 1 bytes leftover after parsing attributes in process `syz.2.413'. [ 103.610998][ T5778] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.053211][ T7067] netlink: 16 bytes leftover after parsing attributes in process `syz.1.422'. [ 104.073167][ T7065] loop2: detected capacity change from 0 to 4096 [ 104.090791][ T7065] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 104.411055][ T7078] loop1: detected capacity change from 0 to 512 [ 104.441830][ T7078] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 104.475412][ T7084] loop0: detected capacity change from 0 to 256 [ 104.494389][ T7078] EXT4-fs (loop1): 1 truncate cleaned up [ 104.501356][ T7078] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.570253][ T7090] loop0: detected capacity change from 0 to 2048 [ 104.578482][ T7090] EXT4-fs: Ignoring removed mblk_io_submit option [ 104.619254][ T7090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.677950][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.751985][ T7090] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.433: bg 0: block 234: padding at end of block bitmap is not set [ 104.768095][ T7094] netlink: 8 bytes leftover after parsing attributes in process `syz.2.434'. [ 104.794085][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 104.818400][ T7090] EXT4-fs (loop0): Remounting filesystem read-only [ 104.899467][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.899577][ T7082] loop3: detected capacity change from 0 to 32768 [ 104.955386][ T7082] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 105.014344][ T7082] XFS (loop3): Ending clean mount [ 105.040510][ T7082] XFS (loop3): Quotacheck needed: Please wait. [ 105.165382][ T7082] XFS (loop3): Quotacheck: Done. [ 105.319318][ T5780] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 105.369352][ T7121] loop0: detected capacity change from 0 to 256 [ 105.404103][ T7121] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 105.434363][ T7121] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 105.474900][ T7121] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 105.723301][ T7129] loop3: detected capacity change from 0 to 164 [ 105.745031][ T7129] rock: directory entry would overflow storage [ 105.751234][ T7129] rock: sig=0x4f50, size=4, remaining=3 [ 105.763905][ T7129] iso9660: Corrupted directory entry in block 5 of inode 1792 [ 105.901418][ T28] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 106.080439][ T7147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.454'. [ 106.109776][ T28] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 106.137872][ T28] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 106.157214][ T28] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 106.173847][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.181876][ T28] usb 2-1: Product: syz [ 106.186615][ T28] usb 2-1: Manufacturer: syz [ 106.191263][ T28] usb 2-1: SerialNumber: syz [ 106.374936][ T7160] tap0: tun_chr_ioctl cmd 1074025677 [ 106.381398][ T7160] tap0: linktype set to 6 [ 106.432042][ T28] cdc_ncm 2-1:1.0: bind() failure [ 106.447375][ T28] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 106.473847][ T28] cdc_ncm 2-1:1.1: bind() failure [ 106.494366][ T28] usb 2-1: USB disconnect, device number 5 [ 107.037534][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 107.037548][ T27] audit: type=1326 audit(1755574116.208:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.099223][ T27] audit: type=1326 audit(1755574116.238:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.121764][ T27] audit: type=1326 audit(1755574116.248:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.143818][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.163890][ T27] audit: type=1326 audit(1755574116.248:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.223444][ T27] audit: type=1326 audit(1755574116.248:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.272625][ T27] audit: type=1326 audit(1755574116.248:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.294622][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.328744][ T27] audit: type=1326 audit(1755574116.248:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.352733][ T27] audit: type=1326 audit(1755574116.248:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.374823][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.468085][ T27] audit: type=1326 audit(1755574116.248:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.490195][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.522653][ T27] audit: type=1326 audit(1755574116.248:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04d18ebe9 code=0x7ffc0000 [ 107.544734][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.660066][ T7198] loop2: detected capacity change from 0 to 64 [ 107.897526][ T7202] program syz.0.480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.044600][ T28] Process accounting resumed [ 108.159500][ T7206] loop1: detected capacity change from 0 to 8192 [ 108.178627][ T7206] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 108.212021][ T7206] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 108.225702][ T7206] REISERFS (device loop1): using ordered data mode [ 108.235655][ T7206] reiserfs: using flush barriers [ 108.252686][ T7206] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 108.280583][ T7206] REISERFS (device loop1): checking transaction log (loop1) [ 108.306438][ T7206] REISERFS (device loop1): Using r5 hash to sort names [ 108.338512][ T7206] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 108.358671][ T7213] block nbd0: server does not support multiple connections per device. [ 108.377511][ T7213] block nbd0: shutting down sockets [ 109.077697][ T7234] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 109.115804][ T7234] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 109.132648][ T7234] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 109.142084][ T7234] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 109.487612][ T7240] netlink: 'syz.2.496': attribute type 1 has an invalid length. [ 109.501454][ T7240] netlink: 'syz.2.496': attribute type 2 has an invalid length. [ 109.630079][ T7245] netlink: 180 bytes leftover after parsing attributes in process `syz.0.498'. [ 109.883882][ T5784] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 110.012282][ T7260] loop3: detected capacity change from 0 to 4096 [ 110.068764][ T5784] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 110.078715][ T5784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.086953][ T5784] usb 3-1: Product: syz [ 110.090002][ T7264] loop1: detected capacity change from 0 to 512 [ 110.091313][ T5784] usb 3-1: Manufacturer: syz [ 110.102756][ T5784] usb 3-1: SerialNumber: syz [ 110.109742][ T5784] usb 3-1: config 0 descriptor?? [ 110.120196][ T5784] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 004 [ 110.140021][ T7264] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.162575][ T7264] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 110.173144][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 110.260953][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.364099][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 110.371439][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.392843][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.406533][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 110.423954][ T9] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 110.443447][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.465164][ T9] usb 1-1: config 0 descriptor?? [ 110.543020][ T5784] (null): failure reading functionality [ 110.560994][ T5784] i2c i2c-1: connected i2c-tiny-usb device [ 110.798730][ T5784] usb 3-1: USB disconnect, device number 4 [ 110.898007][ T9] microsoft 0003:045E:07DA.0003: No inputs registered, leaving [ 110.927801][ T9] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 110.940881][ T9] microsoft 0003:045E:07DA.0003: no inputs found [ 110.949875][ T9] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway [ 111.113869][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 111.154041][ T5784] usb 1-1: USB disconnect, device number 5 [ 111.194017][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 111.194039][ T5787] Bluetooth: hci0: command 0x0c1a tx timeout [ 111.207268][ T5790] Bluetooth: hci1: command 0x0c1a tx timeout [ 111.233358][ T7289] pim6reg0: tun_chr_ioctl cmd 2148553947 [ 111.420504][ T7287] loop3: detected capacity change from 0 to 40427 [ 111.440120][ T7287] F2FS-fs (loop3): heap/no_heap options were deprecated [ 111.453600][ T7287] F2FS-fs (loop3): invalid crc value [ 111.461290][ T7287] F2FS-fs (loop3): Found nat_bits in checkpoint [ 111.544179][ T7287] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 111.714143][ T5780] syz-executor: attempt to access beyond end of device [ 111.714143][ T5780] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 111.742947][ T7303] loop0: detected capacity change from 0 to 512 [ 111.756117][ T5780] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 111.799779][ T7305] macsec1: entered allmulticast mode [ 111.802367][ T7303] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.813924][ T7305] macvlan0: entered allmulticast mode [ 111.823875][ T7305] veth1_vlan: entered allmulticast mode [ 111.845839][ T7305] macvlan0: left allmulticast mode [ 111.851064][ T7305] veth1_vlan: left allmulticast mode [ 111.858445][ T7303] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.013981][ T5777] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.549647][ T7318] loop2: detected capacity change from 0 to 8192 [ 112.823581][ T7340] block nbd0: Unsupported socket: shutdown callout must be supported. [ 113.171917][ T7335] loop0: detected capacity change from 0 to 32768 [ 113.196635][ T7335] (syz.0.537,7335,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 113.221405][ T7335] (syz.0.537,7335,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 113.274071][ T5790] Bluetooth: hci3: command 0x0c1a tx timeout [ 113.290365][ T7335] JBD2: Ignoring recovery information on journal [ 113.368549][ T7335] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 113.606294][ T5777] ocfs2: Unmounting device (7,0) on (node local) [ 113.857501][ T7370] netlink: 'syz.0.551': attribute type 29 has an invalid length. [ 113.869990][ T7370] netlink: 'syz.0.551': attribute type 29 has an invalid length. [ 113.930115][ T7366] loop2: detected capacity change from 0 to 32768 [ 113.958831][ T7373] syz.3.552 (7373) used greatest stack depth: 18824 bytes left [ 113.971136][ T7366] JBD2: Ignoring recovery information on journal [ 114.015891][ T7366] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 114.143328][ T27] audit: type=1800 audit(1755574123.308:54): pid=7366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.558" name="file1" dev="loop2" ino=17058 res=0 errno=0 [ 114.238883][ T7366] [ 114.241268][ T7366] ====================================================== [ 114.248294][ T7366] WARNING: possible circular locking dependency detected [ 114.255339][ T7366] 6.6.102-syzkaller #0 Not tainted [ 114.260455][ T7366] ------------------------------------------------------ [ 114.267480][ T7366] syz.2.558/7366 is trying to acquire lock: [ 114.273376][ T7366] ffff88805d595f58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}, at: ocfs2_del_inode_from_orphan+0x135/0x740 [ 114.286375][ T7366] [ 114.286375][ T7366] but task is already holding lock: [ 114.293748][ T7366] ffff88805e9e3120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_end_io+0x38c/0x10f0 [ 114.304381][ T7366] [ 114.304381][ T7366] which lock already depends on the new lock. [ 114.304381][ T7366] [ 114.314787][ T7366] [ 114.314787][ T7366] the existing dependency chain (in reverse order) is: [ 114.323809][ T7366] [ 114.323809][ T7366] -> #3 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 114.332682][ T7366] down_write+0x97/0x1f0 [ 114.337436][ T7366] ocfs2_create_local_dquot+0x1a4/0x1790 [ 114.343580][ T7366] ocfs2_acquire_dquot+0x7cf/0xaf0 [ 114.349212][ T7366] dqget+0x77c/0xeb0 [ 114.353620][ T7366] __dquot_initialize+0x3ba/0xcb0 [ 114.359153][ T7366] ocfs2_get_init_inode+0x13c/0x1b0 [ 114.364862][ T7366] ocfs2_mknod+0x867/0x20f0 [ 114.369874][ T7366] vfs_mknod+0x32b/0x360 [ 114.374624][ T7366] do_mknodat+0x37e/0x4f0 [ 114.379463][ T7366] __x64_sys_mknodat+0xa9/0xc0 [ 114.384731][ T7366] do_syscall_64+0x55/0xb0 [ 114.389653][ T7366] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 114.396060][ T7366] [ 114.396060][ T7366] -> #2 (&dquot->dq_lock){+.+.}-{3:3}: [ 114.403694][ T7366] __mutex_lock+0x129/0xcc0 [ 114.408705][ T7366] dqget+0x6fc/0xeb0 [ 114.413110][ T7366] __dquot_initialize+0x3ba/0xcb0 [ 114.418644][ T7366] ocfs2_get_init_inode+0x13c/0x1b0 [ 114.424349][ T7366] ocfs2_mknod+0x867/0x20f0 [ 114.429356][ T7366] vfs_mknod+0x32b/0x360 [ 114.434099][ T7366] do_mknodat+0x37e/0x4f0 [ 114.438932][ T7366] __x64_sys_mknodat+0xa9/0xc0 [ 114.444198][ T7366] do_syscall_64+0x55/0xb0 [ 114.449124][ T7366] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 114.455530][ T7366] [ 114.455530][ T7366] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 114.466032][ T7366] down_write+0x97/0x1f0 [ 114.470783][ T7366] ocfs2_evict_inode+0x1313/0x3e60 [ 114.476401][ T7366] evict+0x486/0x870 [ 114.480799][ T7366] ocfs2_dentry_iput+0x248/0x370 [ 114.486243][ T7366] __dentry_kill+0x431/0x650 [ 114.491340][ T7366] dentry_kill+0xb8/0x290 [ 114.496176][ T7366] dput+0xfe/0x1e0 [ 114.500403][ T7366] do_renameat2+0x8b1/0xc70 [ 114.505407][ T7366] __x64_sys_renameat2+0xd2/0xe0 [ 114.510846][ T7366] do_syscall_64+0x55/0xb0 [ 114.515764][ T7366] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 114.522165][ T7366] [ 114.522165][ T7366] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}: [ 114.532485][ T7366] __lock_acquire+0x2ddb/0x7c80 [ 114.537843][ T7366] lock_acquire+0x197/0x410 [ 114.542849][ T7366] down_write+0x97/0x1f0 [ 114.547602][ T7366] ocfs2_del_inode_from_orphan+0x135/0x740 [ 114.553919][ T7366] ocfs2_dio_end_io+0x47b/0x10f0 [ 114.559382][ T7366] dio_complete+0x254/0x710 [ 114.564388][ T7366] __blockdev_direct_IO+0x2dc8/0x3420 [ 114.570272][ T7366] ocfs2_direct_IO+0x240/0x2b0 [ 114.575542][ T7366] generic_file_direct_write+0x1d4/0x3e0 [ 114.581682][ T7366] __generic_file_write_iter+0x11b/0x230 [ 114.587846][ T7366] ocfs2_file_write_iter+0x1582/0x1d00 [ 114.593813][ T7366] do_iter_write+0x79a/0xc70 [ 114.598912][ T7366] do_writev+0x252/0x410 [ 114.603659][ T7366] do_syscall_64+0x55/0xb0 [ 114.608584][ T7366] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 114.614986][ T7366] [ 114.614986][ T7366] other info that might help us debug this: [ 114.614986][ T7366] [ 114.625194][ T7366] Chain exists of: [ 114.625194][ T7366] &ocfs2_sysfile_lock_key[args->fi_sysfile_type] --> &dquot->dq_lock --> &ocfs2_quota_ip_alloc_sem_key [ 114.625194][ T7366] [ 114.642121][ T7366] Possible unsafe locking scenario: [ 114.642121][ T7366] [ 114.649562][ T7366] CPU0 CPU1 [ 114.654929][ T7366] ---- ---- [ 114.660276][ T7366] lock(&ocfs2_quota_ip_alloc_sem_key); [ 114.665893][ T7366] lock(&dquot->dq_lock); [ 114.672809][ T7366] lock(&ocfs2_quota_ip_alloc_sem_key); [ 114.680946][ T7366] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]); [ 114.688036][ T7366] [ 114.688036][ T7366] *** DEADLOCK *** [ 114.688036][ T7366] [ 114.696159][ T7366] 4 locks held by syz.2.558/7366: [ 114.701161][ T7366] #0: ffff88801c3099c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2a3/0x330 [ 114.710376][ T7366] #1: ffff88802f83a418 (sb_writers#17){.+.+}-{0:0}, at: do_writev+0x236/0x410 [ 114.719331][ T7366] #2: ffff88805e9e3498 (&sb->s_type->i_mutex_key#23){+.+.}-{3:3}, at: ocfs2_file_write_iter+0x40b/0x1d00 [ 114.730640][ T7366] #3: ffff88805e9e3120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_end_io+0x38c/0x10f0 [ 114.741668][ T7366] [ 114.741668][ T7366] stack backtrace: [ 114.747551][ T7366] CPU: 0 PID: 7366 Comm: syz.2.558 Not tainted 6.6.102-syzkaller #0 [ 114.755518][ T7366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 114.765577][ T7366] Call Trace: [ 114.768841][ T7366] [ 114.771769][ T7366] dump_stack_lvl+0x16c/0x230 [ 114.776435][ T7366] ? load_image+0x3b0/0x3b0 [ 114.780927][ T7366] ? show_regs_print_info+0x20/0x20 [ 114.786111][ T7366] ? print_circular_bug+0x12b/0x1a0 [ 114.791293][ T7366] check_noncircular+0x2bd/0x3c0 [ 114.796220][ T7366] ? print_deadlock_bug+0x5d0/0x5d0 [ 114.801402][ T7366] ? lockdep_lock+0xe0/0x220 [ 114.805978][ T7366] ? _find_first_zero_bit+0xd3/0x100 [ 114.811252][ T7366] __lock_acquire+0x2ddb/0x7c80 [ 114.816103][ T7366] ? ocfs2_get_system_file_inode+0x1e3/0x7b0 [ 114.822070][ T7366] ? __lock_acquire+0x7c80/0x7c80 [ 114.827077][ T7366] ? verify_lock_unused+0x140/0x140 [ 114.832260][ T7366] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 114.837880][ T7366] ? do_raw_spin_lock+0x121/0x2c0 [ 114.842897][ T7366] ? mutex_unlock+0x10/0x10 [ 114.847393][ T7366] lock_acquire+0x197/0x410 [ 114.851882][ T7366] ? ocfs2_del_inode_from_orphan+0x135/0x740 [ 114.857850][ T7366] ? ocfs2_get_system_file_inode+0x1f1/0x7b0 [ 114.863816][ T7366] ? __might_sleep+0xe0/0xe0 [ 114.868400][ T7366] ? read_lock_is_recursive+0x20/0x20 [ 114.873759][ T7366] ? ocfs2_fast_symlink_read_folio+0x530/0x530 [ 114.879900][ T7366] ? do_raw_spin_unlock+0x121/0x230 [ 114.885085][ T7366] down_write+0x97/0x1f0 [ 114.889318][ T7366] ? ocfs2_del_inode_from_orphan+0x135/0x740 [ 114.895284][ T7366] ? down_read_killable+0x340/0x340 [ 114.900472][ T7366] ocfs2_del_inode_from_orphan+0x135/0x740 [ 114.906280][ T7366] ? __might_sleep+0xe0/0xe0 [ 114.910865][ T7366] ? read_lock_is_recursive+0x20/0x20 [ 114.916233][ T7366] ? ocfs2_add_inode_to_orphan+0x710/0x710 [ 114.922037][ T7366] ? __lock_acquire+0x1334/0x7c80 [ 114.927053][ T7366] ? down_write+0x162/0x1f0 [ 114.931553][ T7366] ? down_read_killable+0x340/0x340 [ 114.936753][ T7366] ocfs2_dio_end_io+0x47b/0x10f0 [ 114.941695][ T7366] ? ocfs2_dio_wr_get_block+0x17a0/0x17a0 [ 114.947404][ T7366] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 114.953284][ T7366] ? _raw_spin_unlock+0x40/0x40 [ 114.958127][ T7366] ? debug_check_no_obj_freed+0x51f/0x540 [ 114.963840][ T7366] ? mark_lock+0x94/0x320 [ 114.968170][ T7366] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 114.974135][ T7366] ? lock_chain_count+0x20/0x20 [ 114.978970][ T7366] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 114.984851][ T7366] ? lockdep_hardirqs_on+0x98/0x150 [ 114.990039][ T7366] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 114.995919][ T7366] ? ocfs2_dio_wr_get_block+0x17a0/0x17a0 [ 115.001625][ T7366] dio_complete+0x254/0x710 [ 115.006114][ T7366] __blockdev_direct_IO+0x2dc8/0x3420 [ 115.011477][ T7366] ? show_vfsstat+0x3a0/0x3a0 [ 115.016138][ T7366] ? ocfs2_lock_get_block+0x60/0x60 [ 115.021333][ T7366] ? filemap_write_and_wait_range+0x160/0x1f0 [ 115.027402][ T7366] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 115.033372][ T7366] ? file_update_time+0x197/0x1b0 [ 115.038379][ T7366] ? ocfs2_lock_get_block+0x60/0x60 [ 115.043565][ T7366] ocfs2_direct_IO+0x240/0x2b0 [ 115.048333][ T7366] generic_file_direct_write+0x1d4/0x3e0 [ 115.053955][ T7366] __generic_file_write_iter+0x11b/0x230 [ 115.059572][ T7366] ? ocfs2_file_write_iter+0x1559/0x1d00 [ 115.065196][ T7366] ocfs2_file_write_iter+0x1582/0x1d00 [ 115.070647][ T7366] ? ocfs2_file_read_iter+0xa30/0xa30 [ 115.076011][ T7366] ? verify_lock_unused+0x140/0x140 [ 115.081193][ T7366] ? aa_path_link+0xdd0/0xdd0 [ 115.085857][ T7366] ? __mutex_trylock_common+0x153/0x250 [ 115.091406][ T7366] ? trace_raw_output_contention_end+0xd0/0xd0 [ 115.097565][ T7366] ? end_current_label_crit_section+0x149/0x170 [ 115.103799][ T7366] ? common_file_perm+0x198/0x1f0 [ 115.108817][ T7366] do_iter_write+0x79a/0xc70 [ 115.113409][ T7366] ? vfs_iter_write+0xa0/0xa0 [ 115.118075][ T7366] ? rcu_read_lock_any_held+0xb4/0x120 [ 115.123528][ T7366] do_writev+0x252/0x410 [ 115.127768][ T7366] ? do_readv+0x3e0/0x3e0 [ 115.132090][ T7366] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 115.138053][ T7366] ? lock_chain_count+0x20/0x20 [ 115.142890][ T7366] ? lockdep_hardirqs_on+0x98/0x150 [ 115.148082][ T7366] do_syscall_64+0x55/0xb0 [ 115.152485][ T7366] ? clear_bhb_loop+0x40/0x90 [ 115.157147][ T7366] ? clear_bhb_loop+0x40/0x90 [ 115.161806][ T7366] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 115.167690][ T7366] RIP: 0033:0x7f1b6478ebe9 [ 115.172099][ T7366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.191703][ T7366] RSP: 002b:00007f1b65588038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 115.200110][ T7366] RAX: ffffffffffffffda RBX: 00007f1b649b5fa0 RCX: 00007f1b6478ebe9 [ 115.208082][ T7366] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004 [ 115.216034][ T7366] RBP: 00007f1b64811e19 R08: 0000000000000000 R09: 0000000000000000 [ 115.224000][ T7366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.231958][ T7366] R13: 00007f1b649b6038 R14: 00007f1b649b5fa0 R15: 00007fff3f1cd868 [ 115.239929][ T7366] [ 115.292598][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 120.794389][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!