last executing test programs: 2.589330222s ago: executing program 2 (id=1981): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000e00)=@phonet={0x23, 0x0, 0x0, 0x1f}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27050200590200000600002fb96dbcf706e105000700810000008100accb", 0x1e}, {&(0x7f00000002c0)="88a8", 0xfffe}], 0x2}, 0x0) 2.560008113s ago: executing program 1 (id=1982): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x220104, 0xb, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000000380), 0x2, r0}, 0x38) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r0}, 0x38) 2.380780415s ago: executing program 2 (id=1985): syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x1008454, &(0x7f00000005c0)={[{@shortname_win95}, {@fat=@time_offset={'time_offset', 0x3d, 0xffffffffffffffaa}}, {@numtail}, {@shortname_lower}, {@shortname_win95}, {@numtail}, {@uni_xlate}, {@fat=@dos1xfloppy}, {@rodir}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@uni_xlate}, {@shortname_mixed}, {@rodir}, {@shortname_lower}]}, 0xf5, 0x30f, &(0x7f0000000200)="$eJzs3ctrG0ccwPHf6mFJdl3pUEopLQwulJbixRL01oNNsaFU0GJbhbpQWMfrRGgtGa0wKIRYh0CuOefgQ44hEAK55RJCrr7kL8jr5otv8cFkgrQPydZafoTIDv5+DtZ4f/PzzGpnvfbYO7vz2521yqo7Jh6dmJaW7BmSk5jE/Y0t+fn51qvvF5594X2u1NzMYr6gVExE/rvxYOJpY+yfx18+Scl27v+d3cLb7e8WRd4vXiu7quyqqtbKUsu1WsNoJ6+U3Yqp1N+Obbm2Klddu97w49ayY6tVp7a+3lRWdWV8dL1uu66yqk1VsZuqUVONelNZV61yVZmmqcZHBSKSC0uxvpghkj4ysXR/T2vZ1VrrVEu01kZ/nVZQSPqvqY/uLy6M4Pi3B47WemDdvsER/5Q9wzDs6UTv+X/e3cGQeef/67sc/8tp4d+lP2eKxdl5pdIia7c3Shsl79WLvxyTsjhiy9b8L0v7nWuET4z2x7k/irNTqiMnP65t+vmbGyXv4jCz6ufnJdv+OaUnX4L8vJevDuYnZbQ3vyBZ+So6vxDkS6wnf0R++qEn35SsvLgiNXFkpXOt6+bfzCv1+1/FQ+1nOvUiZIZ4eAAAAAAAAAAAOBNThbrz90b3T72mmer8x0cY78x+t+t58XB+fUqysh89Pz8VOb+fkG8T57ffAAAAAABcJm7zesVyHLs+oCAnqHNEIX4vM6CJpIi0CyK3JtqdGfgFv/Z7fLLWR0SkPxQf3MSBQuZXr72H837H5KxvwhALwc0aFct5FIQyElU5dooB4DYnRyLf+fRQd/BE4zC42+W0TaQidzC412VQurEfbPkmso42jm9dW04y3JIRkWP7PH2q0+HIQlof2jL5xt/jAd803oVTfAAAAAA+Iz2/OAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHNypsXD/HX7O4vNdUPiPyI+XDgtXFng8HPiWfcfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAX0IQAA//808K3y") open(&(0x7f0000000000)='./bus\x00', 0x14927e, 0x17d) setxattr(&(0x7f0000000200)='./bus\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x1) 1.986649361s ago: executing program 2 (id=1988): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x18, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0) 1.868016603s ago: executing program 2 (id=1989): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000000580)=[{{&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000100)=""/230, 0xe6}, {&(0x7f0000000240)=""/200, 0xc8}, {&(0x7f0000000340)=""/175, 0xaf}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000440)=""/119, 0x77}], 0x4, &(0x7f0000000540)=""/55, 0x37}, 0x80000000}], 0x400000000000222, 0x12142, 0x0) 1.798606024s ago: executing program 3 (id=1990): syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55a"], 0x4, 0x24e, &(0x7f0000000a00)="$eJzs3cFLk38YAPBnOtGf8GMeAkmC3ug+1OiuhII0KJId6pSkUjgTEoQ6qJ06d+pS/0Jdgq5Bh+jaPxBBWNBFO3kIFvqq07nlrLZFfj6XPez7PPt+33cv+26HPe/NM/Nz0wuLsxsba9HTk+nKjsTLgc1M9EVHdEZqNQCAf8lmuRzr5VS71wIAtIb9HwBOnsr+nzm0/2dW974TXG39ygCAZvH7HwBOnsnrNy6PFgpj19aTnoj5R0vFpWL6mI6PzsadKMVMDEYuvkeU96Txk4nC2GCy5XNfFOdXdupXloqdB+uHIhd9h+vHJwpjQ0nqYH1X9O7Uf+iNmRiOXJyqXT9cq74rIs7vmz8fuXh/KxaiFNOxVVupXx5KkktXClXzd2/nAQAAAAAAAAAAAAAAAAAAAABAM+Q7tlvnlLuTpGb/nnw+2VU1ntbv7w/0X43+QON7/YGq+/tkYyDb3mMHAAAAAAAAAAAAAAAAAACAv8Xi/QdzU6XSzL2fBXffPX9zVE6DQWZn3po53RHx+1M0GPx/7tPT+jkPj3N+/mzw+myLJ9067cetert2+/SFxf6L9XIi27Q1d/zKm/I117RL68VuMPLtyOTHk626wjurn+l/NjL1avnjl0Zfp40fSgAAAAAAAAAAAAAAAAAAcEJV/vTb7pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtU7v9fJ8hE3aEGg9V2HyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAD//8pHpIo=") mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xe0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x1) 1.720183195s ago: executing program 1 (id=1991): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x284, &(0x7f0000000880)="$eJzs281qE18Yx/Ff2/z/fbNNtFptRXzQjW6GNl5BKC2IAaU24gsIUzvRkDQpmVCJiO3OrXchFJfuBPEGuvEKXLjrxmUX4khmYpu0EW1Fpy/fz2aecOYXzslzEs4is3H31WIx7zt5t6buLlNC6tOmlFK3ehTpal67w/p/tVrV1ZHspwu3792/kclmp2fNZjJz19JmNnzx/dPnby59qA3eeTv8rlfrqYcbX9Kf10fXxza+zT0p+FbwrVypmWvzlUrNnS95tlDwi47ZrZLn+p4Vyr5XbRvPlypLS3VzywtDA0tVz/fNLdet6NWtVrFatW7uY7dQNsdxbGhA+JXc2uysm4l7Fvi7qtWMOyVpfNdIbi2WCQEAgFh1OP+vcv4/Ljj/HweN8/+D5ve3Hed/AAAAAAAAAAAAAAAAAAAAAAAOg80gSAZBkPxx/U8Kn/AJmq/7JQ1IGpR0QtKQpGEp0cimJJ2UdErSiKTTks5IGpV0VtI5SWMt7xX3WrHbPvuv5B/1vz/OJaNFPP3HQUH/j7eWB3f7pMWXy7nlXHSNxjN5FVSSpwkl9TXsZVNUz1zPTk9YKKXziyvN/Mpyrqc9P6lkY8N0yk9GeWvP94b7biufVrKxwTrl0x3zfbpyuSXvKKmPj1RRSQvhntzOv5g0m7qZ3ZEfD+876hzb0rF/jvOz8Si/h/2x4/NNaDwR79oh+fVnRbdU8qoUFEeheK0DMY3DX8T9y4R/Ybvpcc8EAAAAAAAAAAAAAAAAALAX+/2HYLAS5X/n5rjXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADATt8DAAD//3t0XZ0=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb) write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7) 1.703948985s ago: executing program 2 (id=1992): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC") r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBDIACR(r0, 0x4bfb, &(0x7f0000000440)=""/252) 1.486190058s ago: executing program 3 (id=1993): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}}, 0x0) 1.254612792s ago: executing program 1 (id=1994): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20) 1.223910232s ago: executing program 3 (id=1995): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.217574172s ago: executing program 2 (id=1996): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000064c0)='./bus\x00', 0x28108c0, &(0x7f0000006980)=ANY=[], 0xfe, 0x61cb, &(0x7f0000006c00)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/kO/vmmdknAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID4/vd+sNKJiGs/TwuWIj4TvYhuxEJdL0fEwvJSXr8fEc/FTnM8GxGDuYj69jv/PB3xakR89FTE1vb6ar344iH78d0//v13P3zirb/9YXD+v3+603tt0np37/7qP3++d7RtBgAAgNJUVVV10sf8M+nzfbftTgEAU5Ff/6skLz/19a//+dZfZqk/arVarVZPoW6qxrvXLCJio3mb+j2Dw/EAcMJsxMdtd4EWyb9o/Yh4ou1OADOt03YHOBZb2+urnZRvp/l6sLzbns8F2Zf/RufB9R2TpgcZPcdkWvvXZvTimQn9WZhSH2ZJzr87mv+13fZhWu+485+WSfkPdy99Kk7Ovzea/4jTk393bP6lyvn3Hyn/nvwBAAAAAGCG5b//L7V8/Hfu6JtyKJ90/Hd5Sn0AAAAAAAAAgMftqOP/PWD8PwAAAJhZ9Wf12m+e2ls26bvY6uVXOxFPjqwPFCZdLLPYdj8AAAAAAAAAAAAAoCT93XN4r3YiBhHx5OJiVVX1T9No/aiOevuTrvTth5K1/SQPAAC7Pnpq5Fr+TsR8RFxN3/U3WFxcrKr5hcVqsVqYy+9nh3Pz1ULjc22e1svmhod4Q9wfVvUvm2/crumgz8sHtY/+vvq+hlXvEB17TAbpf3NCc0thA0Cy+2q05RXplKmqpye9+YB9PP5PoaVYanu/Yva1vZsCAAAAx6+qqqqTvs77TDrm3227UwDAVOTX/9HjAkequxPaIx7P71er1Wq1Wv2p6qZqvHvNIiI2mrep3zMYjh8ATpiN+LjtLtAi+RetHxHPtd0JYKZ12u4Ax2Jre321k/LtNF8P0vju+VyQfflvdHZul28/bnqQ0XNMprV/bUYvnpnQn2en1IdZkvPvjuZ/bbd9mNY77vynZVL+w51L5sqT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfnv/0uO/+ZNBgAAAAAAAIATZ2t7fTVf95qP/39uzHqu/zydcv6dR81/Ic3L/0TL+XdH8v/yyHq9xvz9N/ce///eXl/9/Z1/fTZPD5v/XJ7ppD2rk/aITrqnTj9Nj7J1D9sc9Ib1PQ063V4/nfNTDd6JG3Ez1uLCvnW76f9jr31lX3vd08G+9ov72vsPtV/a1z5I3ztQLeT2c7EaP4mb8fZOe902d8D2zx/QXh3QnvPvef4vUs6/3/ip819M7Z2Rae3+h92HHvfN6bj7eePG53954fg350CbMT92eb19Z6fem9h9xnliGD+7vXbr3N3rd+7cWok02bf0YqTJY5bzH+z8zO09/7+w256f95uP1/sfDh85/1mxGf0H+3ZTnf8Ljfl6e1+act/akPMfpp+c/9upffzj/yTn35uY/8st9AcAAAAAAAAAAAAAAAA+SVVVO5eIvhERl9P1P21dmwkATFd+/a+SvFytVqvVavXpq5uq8V5vFhHx1+Zt6vcMvxj3ywCAWfa/iPhH252gNfIvWP6+v3r6YtudAabq9vsf/Oj6zZtrt2633RMAAAAAAAAA4NPK438uN8Z/fjEilkbW2zf+65uxfNTxP/t55sEAo495oO8JNrvDXrcx3PjzsTM+97lJ43+fjYfH/85j4vaa2zHB4ID24QHtcwe0jx/NeC+tsRd6NOT8n2+Md17nf2Zk+PUSxn8dHfO+BDn/s439uc7/SyPrNfOvfjtz+W8cdsXN6O7L//yd9356/vb7H7xy473r7669u/bjSysrFy5dvnzlypXz79y4uXZh99/j6fUMyPnnsa+dB1qWnH/OXP5lyfl/IdXyL0vO/4upln9Zcv75/Z78y5Lzz5995F+WnP9LqZZ/WXL+X0m1/Muytb0+V+f/cqrlX5b8+P9qquVflpz/K6mWf1ly/udSLf+y5PzPp/oQ+ft6+FMk55+PcHn8lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP7M3rx1CDITg5G9gk5iQy5Jd24kv/OvGhGsDlAIJhV6wXe/aLPiG1y6BItk0UCJhVFRRNX3RFhBqI1UVVsULWlGaF1Uvr0r7gr6pQJWQGlUBBVSktqLZauY8z+OZ2dmZWe94PXuez0eyf7szZ+acOXNmdr9rf/cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Oz2N85/tlYURf1P46+tRfGi+sebp7Y2Lnv99d5CAAAAYK3+t/H38zelCw72caOmZf7uVf/49aWlpaXi/aO/O/7FpaV0xVRRjG8qisZ10eV/+0CteZngiWKyNtL0+UiP1Y/2uH6sx/XjPa6f6HH9ph7XT/a4ftkOWGZz+fOYxp3taHy4tdylxc3FeOO6HR1u9URt08hI/FlOQ61xm6XxY8VCcaKYL2Zbli+XrTWW/+bt9XW9rYjrGmla1/b6EfKjTx6N21AL+3hHy7qu3Gf0gzcUUz/+0SeP/vG5527tNHvuhpb7K7fz7jvq2/npcEm5rbViU9oncTtHmrZze4fnZLRlO2uN29U/bt/O5/vcztErm7mu2p/zyWKk8fG3G/tprPnHemk/bQ+X/dedRVFcvLLZ7cssW1cxUmxpuWTkyvMzWR6R9fuoH0ovLcZWdZze3sdxWp9zO1qP0/bXRHz+bw+3G1thG5qfph98amLZ877a4zSqP+qVXivtx+CgXyvDcgzG4+LbjQf9ZMdjcEd4/J+8a+VjsOOx0+EYTI+76Ri8o9cxODIx2tjm9CTUGre5cgzubFl+tLGmWmM+e1f3Y3Dm3MkzM4sf/8TrFk4eOT5/fP7U7p07Z3fv2bNv376ZYwsn5mfLv69ybw+/LcVIeg3cEfZdfA28tm3Z5kN16cuDex1Odnkdbm1bdtCvw7H2B1dbnxfk8mO6fG08Wt/pk5dGihVeY43n5961vw7T4256HY41vQ47fk3p8Doc6+N1WF/mzL39fc8y1vSn0zZcq68FW5uOwfbvR9qPwUF/PzIsx+BkOC7+9d6VvxZsD9v75PRqvx8ZXXYMpocb3nvql6Tv9yf3NUan4/K2+hU3TBTnF+fP3v/4kXPnzu4swlgXL2s6VtqP1y1Nj6lYdryOrPp4Pbjwqidv63D51rCvJl9X/2tyxeeqvswD93d/rhpf3Trvz5ZLdxVhDNh6789OX83r+zNlyS77s77Mp2fW/r14yqVN77/jK7z/xtz/Qrm+dFdPjI6Pla/f0bR3xlvej1ufqrHGe1etse7nZ/p7Px4Pf9b7/fjmLu/H29qWHfT78Xj7g4vvx7VeP+1Ym/bnczIcJydmu78f15fZtmu1x+RY1/fjO8Oshf1/T0gKKRc1HTsrHbdpXWNj4+FxjcU1tB6nu1uWHw/ZrL6up3dd3XF6953lfY2mR3fFeh2nU23LDvo4Te9XKx2ntV4/fbs67c/nZDgubt7d/TitL/PMA2t/79wcP2x675zodQyOj07Ut3k8HYTl+/3S5ngM3l8cLU4XJ4q5xrUTjeOp1ljX9IP9HYMT4c96v1du63IM3t227KCPwfR1bKVjrza2/MEPQPvzORmOi6ce7H4M1pd5097Bfu96d7gkLdP0vWv7z9dW+pnXbW276Vr+zKu+nX+zt/vPZuvLnNi32pzZfT/dFy65ocN+an/9rvSamivWZz9tC9v53L6V91N9e+rLfHF/n8fTwaIoLnz04cbPe8O/r/z5+e98veXfXTr9m86Fjz78wxuP/e1qth+Aje+Fcmwpv9Y1/ctUP//+DwAAAGwIMfePhJnI/wAAAFAZMffH/xWeyP8AAABQGTH3j4WZZJL/t73puYUXLhSpmb8UxOvTbnikXC52XGfD51NLV9Qvf/ir8z/5ywv9rXukKIqfPvIbHZff9kjcrtJU2M7Lb269fPkNL/S1/sOPXVmuub/+pXD/8fH0exh0quDOFkXxzZs+31jP1AcuNeYzjxxuzPdcfPKJ+jLP7y8/j7d/9mXl8n8Qyr8Hjx1puf2zYT98P8zZt3feH/F2X7t0z/a977uyvni72h0vbjzspz5Y3m/8PTlfeKJcPu7nlbb/rz739Nfqyz/+ms7bf2Gk8/Y/He73q2H+9yvL5Zufg/rn8XafCdsf1xdvd/9XvtVx+y9/tlz+zFvK5Q6HGdd/d/h8x1ueW2jeX4/XjrQ8ruKt5XJx/bPf+e3G9fH+4v23b//koUst+6P9+Hjmn8v7mWlbPl4e1xP9Rdv66/fTfHzG9T/9W4db9nOv9V9+z7OvrN9v+/rva1tutO327b+x6Q8/8/mO64vbc/DPzrQ8noPvDq/jsP6nPhiOx3D9/1z+fMt6o8Pvbn3/ict/aeuFlscTve3H5fovP3S8Mf996ie/f8OLbnzxxVfX911RfPu95f31Wv/xPzrdsv1fvuXexvMRr48d/fb1rySu/+zHpk+dXjy/MNe0Vxu/O+cd5fZsmty8pb69N4X31vbPD50+96H5s1OzU7NFMVXdX6F31b4S5g/LcXG1t7/3sfB83vZ739xy1z99Ll7+L4+Wl196e/l167VhuS+Ey7eWz99SbY3rf+r2Wxqv79oz5ectPfYB2L7jP/b1tWB4/O3fF8Tj/czLP9TYD/XrGl834ut6jdv/3bnyfr4R9utS+M3Md9xyZX3Ny8ffjXDpveXrfc37L7zNxef1T8Lz/c7vl/cftys+3u+G72O+ta31/S4eH9+4MNJ+/43f4nExvJ8UF8vr41Jxf196/paOmxd/D0lx8dbG57+T7ufWVT3MlSx+fHHmxMKp84/PnJtfPDez+PFPHDp5+vypc4cav8vz0Id73f7K+9OWxvvT3PyeB4rZzUVRnC5m1+EN69psf/2j/rb/zGNH5/bO3jU3f+zI+WPnHjszf/b40cXFo/Nzi3cdOXZs/mO9br8wd2Dnrv279+6aPr4wd2Df/v27908vnDpd34xyo3rYM/uR6VNnDzVusnjggf07H3zwgdnpk6fn5g/snZ2dPt/r9o2vTdP1W//69Nn5E0fOLZycn15c+MT8gZ379+zZ1fO3AZ48c2xxaubs+VMz5xfnz86Uj2XqXOPi+te+Xrenmha/V34/265W/iK+4l337Um/n7Xuq59a8a7KRdp+gehz4XfR/MNLzuzr5/OY+8fDTDLJ/wAAAJCDmPsnwkzkfwAAAKiMmPs3hZnI/wAAAFAZMfdPhplkkv/1//X/++v/l9fr/+fV/z/z0bJXutH7/7E/r/+fh+vc/1/z+vX/9f+r1//vvz+/0bdf/1//n+WGrf8fc//mosgy/wMAAEAOYu7fEmYi/wMAAEBlxNx/Q5iJ/A8AAACVEXP/i8JMMsn/+v999f939SpcVb//7/z/+v/Fxuz/xydH/z8bq+7fv+/Rlk/1/wP9f/1//X/9f/1/1mx8xWuuV/8/5v4bw0wyyf8AAACQg5j7XxxmIv8DAABAZcTcf1OYifwPAAAAlRFz/9Ywk0zyv/6/8//r/+v/V7r/v9bz/zdtjP7/xuD8/93p//dw1f3/Sf3/jdj/Hx/s9g93/7/n5uv/c00sfu+eC8N0/v+Y+18SZpJJ/gcAAIAcxNz/0jAT+R8AAAAqI+b+l4WZyP8AAABQGTH33xxmkkn+1//X/9f/1//X/++8/t7n/y8/0v8fLvr/3en/9+D8/3n1/we8/cPd/x/0+f/H39x+e/1/Oln8Xvn9bLvr1f+Puf/lYSaZ5H8AAADIQcz9t4SZyP8AAABQGTH3vyLMRP4HAACAyoi5f1uYSSb5X///Gvf/Dxb6//r/+v/xuKxc/7+k/z9c9P+70//vQf9f/1//v7/+f4dvfvX/6WTY+v8x998aZpJJ/gcAAIAcxNx/W5iJ/A8AAACVEXP//wszkf8BAACgMmLu3x5mkkn+1/93/n/9/7z6//dN6P/r/1eb/n93+v896P/r/+v/93n+/+VW0//f1OvOqIxh6//H3P/KMJNM8j8AAADkIOb+V4WZyP8AAABQGTH3vzrMRP4HAACAyoi5fyrMJJP8r/9frf7/n/71U68u9P/1/3usfxD9/1q4dIj6//EwGPr+/0P6/9eU/n93+v896P/r/+v/r0v/n3wMW/8/5v7bw0wyyf8AAACQg5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f0eYSSb5X/+/Wv3/SP9f/7/b+p3/3/n/q0z/v4OmF6n+fw/6//r/2ff/43e/+v8MxrD1/2Puf02YSSb5HwAAAHIQc/9dYSbyPwAAAFRGzP2vDTOR/wEAAKAyYu6/O8wkk/yv/6//r/+v/6//33n9+v8bk/5/d6vt/0/o/+v/6/+vsv8/UWzs/v/azv+/OXys/080bP3/mPvvCTPJJP8DAABADmLuvzfMRP4HAACAyoj/f7P8f6/yPwAAAFRRzP3TYSaZ5H/9f/3/nPr/Nf1//X/9/8rT/+/O+f970P/X/8/+/P9r6/87/z/thq3/H3P/68JMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8JM5H/AQAAoDJi7p8NM8kk/+v/6//n1P93/n/9f/3/6tP/707/vwf9f/3/qvX/i0L/n+tq2Pr/MffvDDPJJP8DAABADmLu3xVmIv8DAABAZcTcvzvMRP4HAACAyoi5/4Ewk0zyv/6//r/+v/6//n/n9ev/b0z6/93p//eg/6//X7X+v/P/c50NW/8/5v4Hw0wyyf8AAACQg5j794SZyP8AAABQGTH37w0zCfm/0//rBgAAADaWmPv3hZlk8u//+v8V6f//5t+3rFv/X/+/2/oH0//frP8fpv7/cKlo/7/9ZXHV9P970P/X/9f/1/9noFbV/69H0mvc/4+5f3+YSSb5HwAAAHIQc//rw0zkfwAAAKiMmPv/f5iJ/A8AAACVEXP/z4SZZJL/9f8r0v9vo/+v/99t/c7/r/9fZRXt/w9Mpfr/I/r/+v/Dtf36//r/LLeq/n/9+/1V9//jR/31/2PuPxBmkkn+BwAAgBzE3P+zYSbyPwAAAFRGzP0PhZnI/wAAAFAZMfcfDDPJJP/r/+v/6//r/1+b/v9DRbth7P/XDx79/2rR/++uUv1/5//X/x+y7df/1/9nuWvf/1/d+f9j7n9DmEkm+R8AAAByEHP/w2Em8j8AAABURsz9bwwzkf8BAACgMmLuf1OYSSb5X/9f/1//X//f+f87r1//f2PS/+9O/78H/X/9f/1//X8Gatj6/zH3vznMJJP8DwAAADmIuf8tYSbyPwAAAFRGzP1vDTOR/wEAAKAyYu5/W5hJJvlf/1//X/9f/1//v/P69f83Jv3/7vT/e9D/1//X/9f/Z6CGrf8fc//PhZlkkv8BAAAgBzH3PxJmIv8DAABAZcTc//YwE/kfAAAAKiPm/neEmWSS//X/N3D/f0z/X/9f/1//v/d6c6P/353+fw/6//r/+v/6/wzUsPX/Y+5/Z5hJJvkfAAAAchBz/8+Hmcj/AAAAUBkx978rzET+BwAAgMqIuf8Xwkwyyf/6/xu4/1/J8/8vXWi+XcX6//XF9P+vV/+/fiP9/yzo/3en/99Dh/7/Jv1//X/9f/1/rtqw9f9j7n93mEkm+R8AAAByEHP/e8JM5H8AAACojJj73xtmIv8DAABAZcTc/2iYSSb5X/8/y/5/esjD1/93/n/9f+f/1/9fm+r2/1d9Vx3p//fg/P/6//r/+v8M1LD1/2PufyzMJJP8DwAAADmIuf99YSbyPwAAAFRGzP2/GGYi/wMAAEBlxNz//jCTTPK//n+W/f8hPv9/1fr/Yy3HR079/8mm5zMdl/r/+v/roLr9/8FYh/7/+Fq2X/9f/38jb/817/+Ho3nzCrfX/2cYDVv/P+b+D4SZZJL/AQAAIAcx9/9SmIn8DwAAAJURc/8vh5nI/wAAAFAZMff/SphJJvlf/1//X//f+f+d/7/z+vX/Nyb9/+6c/78H/X/9/2Hu//eg/88wGrb+f8z9vxpmsmLw++F/9vEwAQAAgCESc/8Hw0wy+fd/AAAAyEHM/YfCTOR/AAAAqIyY+w+HmWSS//X/2/v/8Yyq+v/6//r/+v/6/xvR4Pr/r7ixKPT/K9P/n+xzA/T/9f/1//X/Gahh6//H3H8kzCST/A8AAAA5iLn/18JM5H8AAACojJj7j4aZyP8AAABQGTH3z4WZZJL/r2P/f3w4+//O/3+1/f+f6v/r/wf6/53p/68P5//vLtv+f7/0//X/9f/1/xmoYev/x9w/H2aSSf4HAACACks/Do65/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/g+FmWSS/53/X//f+f+vR/9/rGV5/f+S/r/+/yDo/3en/9+D/r/+v/6//j8DNWz9/5j7F8JMMsn/AAAAkIOY+z8cZiL/AwAAQGXE3P+RMBP5HwAAACoj5v4TYSaZ5H/9f/3/3Pv/taK46Pz/+v+d1q//vzHp/3en/9+D/r/+v/6//j8DNWz9/5j7T4aZZJL/AQAA/o+9+2iu6y7jOH4Jjm2xgZeQNSuWsAovgS07ZljTQy+J6R1M7yX00HuH0HvvPfReQw3MiIn8PI8t6eoc2zrSPef//3w2D/JY3KtYCfyi+c6BHuTuv3fcYv8DAABAM3L33ydusf8BAACgGbn77xu3dLL/9f/6/977/9VGnv+/+/fr/8/R/+v/p7Cvvz+x/vcdFIUf2P/f6c7X3EP/r//X/w/S/+v/9f/sNbf+P3f//eKWTvY/AAAA9CB3//3jFvsfAAAAmpG7/wFxi/0PAAAAzcjdf03c0sn+1//r//X/+v9d/f+N+n/9/7J5/v8w/f8I/b/+X/+v/2dSc+v/c/c/MG7pZP8DAABAD3L3Pyhusf8BAACgGbn7Hxy32P8AAADQjNz9D4lbOtn/+n/9v/5/Kf3/Sc//3/P16P/1/+vo/4fp/0fo//X/+n/9P5OaW/+fu/+hcUsn+x8AAAB6kLv/YXGL/Q8AAADNyN3/8LjF/gcAAIBm5O5/RNzSyf7X/+v/9f9L6f+P6fn/+n/9/8Jdvzr/zwT9/376/xEj/f9qpf8fctH9/Povbznv/wD6f/0/+82t/8/d/8i45a6r1cnL/SIBAACAWcnd/6i4pZOf/wMAAEAPcvdfG7fY/wAAANCM3P3XxS2d7H/9v/5f/6//1/+vf339/zJ5/v+ww/f/d7zDve7Zb//fzPP/t9f9P5fN9/OHten3P33/f+t3hv6fZZtb/5+7/0zc0sn+BwAAgB7k7n903GL/AwAAQDNy9z8mbrH/AQAAoBm5+x8bt3Sy//X/rfX/t931eRf0/zu1i/5f/6//1/+3Tv8/zPP/R+z8Y26rPmy2/z/Apvv5pb//mT///9TY5+v/OQpz6/9z9z8ubulk/wMAAEAPcvc/Pm6x/wEAAKAZufufELfY/wAAANCM3P1PjFs62f/6/9b6/92f5/n/+v91r6//1/+3TP8/TP8/opXn/1/md82m+/nD2vT7n3n/7/n/bMTc+v/c/U+KWzrZ/wAAANCD3P1PjlvsfwAAAGhG7v6nxC32PwAAADQjd/9T45ZO9r/+X/+/jP4/X0H/r/8/+v4/6f+X53b6/1H6/xGt9P+XadP9/NLfv/5f/89+c+v/c/c/LW7pZP8DAABAD3L3Pz1usf8BAACgGbn7nxG32P8AAADQjNz9z4xbOtn/+n/9/zL6/6N4/v+Jek39v/5/3evr/5dJ/z9M/z9C/6//1//r/5nU3Pr/3P1n45ZO9j8AAAD0IHf/s+IW+x8AAACakbv/2XGL/Q8AAADNyN3/nLilk/0/Xf9/7vP1/+fp/+fe/5+n/9f/r3t9/f8y6f+H6f9H6P/1//p//T+TmlH/f8FnnV49N27pZP8DAABAD3L3Py9usf8BAACgGbn7nx+32P8AAADQjNz9L4hbOtn/nv8/m/5/J+drq//fWq1W+v9Vp/3/1gV/nvV9qf/X/x8D/f8w/f8I/b/+X/+v/2dSM+r/dz7O3f/CuKWT/Q8AAAA9yN3/orjF/gcAAIBm5O5/cdxi/wMAAEAzcve/JG7pZP/r/2fT/+9oq//3/P+93x899f+e/7+f/v946P+H6f9H6P/1//p//T+Tmlv/n7v/pXHTySsv+0sEAAAAZiZ3/8vilk5+/g8AAAA9yN3/8rjF/gcAAICFOrvvV3L3vyJu6WT/6/+n7f9PXvBr+n/9/97vD/2//l//f/T0/8P0/yP0//p//b/+n0nNrf/P3f/KuKWT/Q8AAAA9yN1/fdxi/wMAAEAzcve/Km6x/wEAAKAZuftfHbd0sv/1/57/r//X/+v/17++/n+Z9P/D9P8j9P/6/832/6fO/0f9P224hP5/e3v72iPv/3P3vyZu6WT/AwAAQJP2/Kw0d/9r4xb7HwAAAJqRu/91cYv9DwAAAM3I3f/6uKWT/a//77T/z2/1ZfX/161W+n/9v/5f/z9M/z9M/z9C/6//9/x//T+Tmtvz/3P3vyFu6WT/AwAAQA9y998Qt9j/AAAA0Izc/W+MW+x/AAAAaEbu/jfFLZ3sf/1/p/2/5//r//X/x93/37LS/x+LRfT/Wwe//tz7/zP6f/3/gO76/7vdZdeH+n/9P/vNrf/P3f/muKWT/Q8AAAA9yN3/lrjF/gcAAIBm5O5/a9xi/wMAAEAzcve/LW460cn+1//r//X/+n/9//rXP+bn/59crVb6/wksov8fMPf+f5rn/+/9u/w8/b/+f8nvX/+v/2e/ufX/ufvfHrd0sv8BAACgB7n73xG32P8AAADQjNz974xb7H8AAABoRu7+d8Utnex//b/+X/+v/2++/z+ziP7f8/8nov8fNo/+/2D6f/3/kt+//l//z8XbVP+fu//dcUsn+x8AAAB6kLv/PXGL/Q8AAADNyN3/3rjF/gcAAIBm5O5/X9zSyf7X/+v/L6X/z/ep/2+r/z81u/7/9K7/vk6e/6//n4j+f5j+f4T+X/+v/z+r/2dKc3v+f+7+98ctnex/AAAA6EHu/g/ErX91a/8DAABAM3L3fzBusf8BAACgGbn7PxS3dLL/9f/6f8//1/83//x//X9X9P/D9P8j9P/6f/2/5/8zqbn1/7n7Pxy3dLL/AQAAoAe5+z8St9j/AAAA0Izc/R+NW+x/AAAAaEbu/hvjlk72v/5f/6//1//r/8/9Ger/26D/H3Y8/f+W/l//X/38beLvAv2//n/s82nT3Pr/3P0fi1s62f8AAADQg9z9H49b7H8AAABoRu7+T8Qt9j8AAAAs0ok1v5a7/5NxSyf7X/+v/9f/6//1/+tfX/+/TBvp//ObQv/v+f+hn/7/ql0fLe35/3v/90v/r/9nenPr/3P3fypu6WT/AwAAQA9y9386brH/AQAAoBm5+z8Tt9j/AAAA0Izc/Z+NWzrZ//p//f8h+v8z+n/9v/5f/z83nv8/TP8/Qv+/0efnL/396//1/+w3t/4/d//n4pZO9j8AAAD0IHf/5+MW+x8AAACakbv/C3GL/Q8AAADN2Nn9GZd1uP/1//p/z//X/+v/17++/n+Z9P/D9P8j9P/6/9n1/6dW+n+WbG79/xd3Puv06ktxSyf7HwAAAHqQu//LcYv9DwAAAM3I3f+VuMX+BwAAgGbk7v9q3NLJ/tf/6/+X0f9vb29f20f/v6X/v4z+/yb9P0X/P0z/P0L/r/+fXf/v+f8s29z6/9z9X4tbOtn/AAAA0IPc/V+PW+x/AAAAaEbu/m/ELfY/AAAANCN3/zfjlk72v/5/Bv3/af2/5/97/v/K8//1/xPR/w/T/49osf8/ffFf/qb7+cPa9PvX/+v/2W9u/X/u/m/FLZ3sfwAAAOhB7v5vxy32PwAAADQjd/934hb7HwAAAJqRu/+7cUsn+1//f3z9/61/7Xp5/v/Wav371//r//X/+v+jpv8fpv8f0WL/fwk23c8v/f3r//X/7De3/j93//filt3D78pL+yoBAACAOcnd//24pZOf/wMAAEAPcvf/IG6x/wEAAKAZuft/GLd0sv/1/zN4/n+D/b/n/6///tD/z7r/v0L/3wb9/zD9/wj9v/5f/z9R/5/fzfr/3s2t/8/d/6O4pZP9DwAAAD3I3f/juMX+BwAAgGbk7v9J3GL/AwAAQDNy998Ut1yw/9e13a3Q/+v/9f/6f/3/+tfX/y+T/n/Yxfb/p1aH6/+T/l//r//vtf/3/H/OmVv/n7v/p3GLn/8DAADA4lx5wK/n7v9Z3GL/AwAAQDNy9/88brH/AQAAoBm5+38Rt9x8xabe0rHS/+v/9f/6f/3/+tfX/y+T/n+Y5/+P0P9P0c9frf9vo/9frfT/HN7c+v/c/b+MW/z8HwAAAJqRu/9XcYv9DwAAAM3I3f/ruMX+BwAAgGbk7v9N3NLJ/tf/6/8P2f/vpJn6/3P0/+fo/9fT/x8P/f8w/f8I/b/n/+v/Pf+fSc2t/8/d/9u4pZP9DwAAAD3I3f+7uMX+BwAAgGbk7v993GL/AwAAQDNy9/8hbulk/0/a/98QFfbF9P/xl1r/v/j+3/P/9f/6f/3/rOj/h+n/R+j/9f/6f/0/k5pb/5+7/49xSyf7HwAAAHqQu/9PcYv9DwAAAM3I3f/nuMX+BwAAgGbk7v9L3NLJ/vf8f/2//l//r/9f//r6/2XS/w/T/69Xf1D6f/2//l//z6Tm1v/n7v9r3NLJ/gcAAIAe5O7/W9xi/wMAAEAzcvffHLfY/wAAANCM3P1/j1s62f/6f/2//l//r/9f//r6/2WaVf9/Qv9/4efe/fbjL+v5/xvv//Mt6P/1//p/JjG3/j93/z/ilk72PwAAAPQgd/8/4xb7HwAAAJqRu/9fcYv9DwAAAM3I3f/vuKWT/T/S/5+q36j/H6T/3/3+9f/rvz/0//p//f/Rm1X/7/n/i3n+f9H/e/6//l//z6Tm1v/n7v9P3NLJ/gcAAIAe5O6/JW6x/wEAAKAZufv/G7fY/wAAANCM3P3/i1s62f+e/7+k/v9q/b/+X/+v/9f/j9D/D9P/j9D/6/8v4f1ftedj/b/+n/3m1v/n7v9/AAAA//9mOUf9") unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0) 1.050735584s ago: executing program 1 (id=1997): r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x4a7, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f00000002c0)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f000001f880)={0x0, 0x0, r1}) 994.690265ms ago: executing program 3 (id=1999): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000080)=""/152) mincore(&(0x7f0000efe000/0x11000)=nil, 0x11000, 0x0) 876.507267ms ago: executing program 3 (id=2000): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x100004, 0x220104, 0xb, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000000380), 0x2, r0}, 0x38) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r0}, 0x38) 875.825387ms ago: executing program 0 (id=2008): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000280)={0x20, 0x1, 0x4, 0x5, 0x0, 0x0, {0x5}, [@NFULA_CFG_MODE={0xa, 0x2, {0x0, 0x1}}]}, 0x20}}, 0x0) 875.382007ms ago: executing program 1 (id=2001): sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)="18acf8b1ed479de320cdbff21bc648a4423880b9fb95564f48c38e3fdaea755288c2a91a1ef344702de01af77d599320e22a0ea41b13aa09f1b359b0e2d2e8b6074bb4119ea219d2055df8bab18280f3c3ea8e45510d60a28f7af2a9c471dbe0a88f57ae4580b0b420f5f90b70efb6805d81812d5d64c87c99f9c75e9f656dfd", 0x80}], 0x1}}], 0x1, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) keyctl$dh_compute(0x17, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000000)={0x0}) 754.468249ms ago: executing program 0 (id=2002): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000080)='./file0\x00', 0xa00004, &(0x7f00000006c0)={[{@anchor={'anchor', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@utf8}, {@uid}, {}, {@utf8}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@adinicb}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x5}}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@anchor={'anchor', 0x3d, 0x2}}]}, 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020) 732.437929ms ago: executing program 1 (id=2003): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r0, &(0x7f0000000000)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0xffffffff, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x40) 519.798563ms ago: executing program 0 (id=2004): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv4_newaddr={0x3c, 0x14, 0x1, 0x0, 0x25dfdbfc, {0x2, 0x1f, 0x49, 0xcb, r1}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_LABEL={0x14}, @IFA_BROADCAST={0x8, 0x4, @broadcast}]}, 0x3c}}, 0x0) 322.648855ms ago: executing program 0 (id=2005): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000800)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c"], 0x184}}, 0x0) 229.273556ms ago: executing program 3 (id=2006): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa, 0x0, 0x1}, 0x1c) setsockopt$packet_int(r0, 0x107, 0xc, &(0x7f0000000100)=0x9, 0x4) 153.518277ms ago: executing program 0 (id=2007): openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0) unshare(0x2040600) syz_io_uring_setup(0x950, &(0x7f0000000380)={0x0, 0x7e4e, 0x8a2, 0xfffffffd, 0x322}, 0x0, 0x0) 0s ago: executing program 0 (id=2009): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000003940)={0x1, 0x2}) kernel console output (not intermixed with test programs): e from 0 to 16 [ 168.224994][ T7937] erofs: (device loop3): mounted with root inode @ nid 36. [ 168.226370][ T7941] netlink: 52 bytes leftover after parsing attributes in process `syz.2.773'. [ 168.274399][ T28] audit: type=1800 audit(1752815890.480:14): pid=7937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.771" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 168.486065][ T7949] loop1: detected capacity change from 0 to 1024 [ 168.524105][ T7954] process 'syz.0.779' launched '/dev/fd/3' with NULL argv: empty string added [ 168.713321][ T61] hfsplus: b-tree write err: -5, ino 4 [ 168.808951][ T7960] netlink: 16 bytes leftover after parsing attributes in process `syz.2.782'. [ 168.862733][ T7961] loop3: detected capacity change from 0 to 512 [ 168.885489][ T7965] netlink: 12 bytes leftover after parsing attributes in process `syz.1.781'. [ 168.954300][ T7961] Quota error (device loop3): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 168.954450][ T7961] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 168.954487][ T7961] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.783: Failed to acquire dquot type 1 [ 169.052484][ T7961] EXT4-fs (loop3): 1 truncate cleaned up [ 169.053934][ T7961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.054043][ T7961] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 169.207846][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.525993][ T7984] loop2: detected capacity change from 0 to 4096 [ 170.045116][ T7982] loop1: detected capacity change from 0 to 32768 [ 170.052788][ T7982] XFS: noikeep mount option is deprecated. [ 170.143186][ T7982] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 170.320123][ T7982] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 170.423633][ T7982] XFS (loop1): Starting recovery (logdev: internal) [ 170.516812][ T7982] XFS (loop1): Ending recovery (logdev: internal) [ 170.571826][ T7988] loop3: detected capacity change from 0 to 32768 [ 170.614508][ T7988] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 170.627689][ T7988] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 170.659047][ T7988] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 170.665365][ T5786] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 170.699510][ T5852] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 170.706670][ T5852] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 170.807501][ T5852] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 100ms [ 170.854448][ T5852] gfs2: fsid=syz:syz.0: jid=0: Done [ 170.869521][ T7988] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 172.028182][ T8028] program syz.1.807 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 172.759319][ T8048] loop2: detected capacity change from 0 to 4096 [ 172.799595][ T8048] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 172.954478][ T28] audit: type=1326 audit(1752815895.160:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.025550][ T28] audit: type=1326 audit(1752815895.160:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.117815][ T28] audit: type=1326 audit(1752815895.160:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.180202][ T28] audit: type=1326 audit(1752815895.160:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.227749][ T28] audit: type=1326 audit(1752815895.160:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.295762][ T28] audit: type=1326 audit(1752815895.190:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.323868][ T28] audit: type=1326 audit(1752815895.190:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.347856][ T28] audit: type=1326 audit(1752815895.190:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8056 comm="syz.1.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 173.598943][ T8069] loop2: detected capacity change from 0 to 8 [ 173.618965][ T8069] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 173.648350][ T6262] udevd[6262]: incorrect cramfs checksum on /dev/loop2 [ 173.684939][ T8069] cramfs: Error -5 while decompressing! [ 173.707622][ T8069] cramfs: ffffffff96fd7298(16)->ffff8880562d0000(4096) [ 173.707718][ T6262] udevd[6262]: incorrect cramfs checksum on /dev/loop2 [ 173.714560][ T8069] cramfs: Error -5 while decompressing! [ 173.742471][ T8069] cramfs: ffffffff96fd7298(16)->ffff8880562d0000(4096) [ 173.772400][ T28] audit: type=1800 audit(1752815895.980:23): pid=8069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.823" name="file0" dev="loop2" ino=244 res=0 errno=0 [ 173.976334][ T8074] loop3: detected capacity change from 0 to 1024 [ 174.065905][ T8075] loop2: detected capacity change from 0 to 4096 [ 174.097839][ T8075] ntfs: volume version 3.1. [ 174.112879][ T8074] hfsplus: bad catalog entry type [ 174.205457][ T8075] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 174.265156][ T1079] hfsplus: b-tree write err: -5, ino 4 [ 174.267728][ T8075] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 174.300987][ T8075] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to map page. [ 174.321263][ T8075] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 174.685672][ T8088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.834'. [ 174.706458][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.834'. [ 174.735735][ T8088] nbd: socks must be embedded in a SOCK_ITEM attr [ 175.267796][ T8104] loop2: detected capacity change from 0 to 128 [ 175.545809][ T8115] Zero length message leads to an empty skb [ 176.487679][ T23] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 176.677667][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 176.718254][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.743945][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.767044][ T23] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 176.797694][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.820524][ T23] usb 2-1: config 0 descriptor?? [ 177.252980][ T23] apple 0003:05AC:024B.000C: unknown main item tag 0x6 [ 177.271658][ T23] apple 0003:05AC:024B.000C: ignoring exceeding usage max [ 177.303406][ T23] apple 0003:05AC:024B.000C: invalid report_size 16640 [ 177.339348][ T23] apple 0003:05AC:024B.000C: item 0 2 1 7 parsing failed [ 177.372931][ T23] apple 0003:05AC:024B.000C: parse failed [ 177.381107][ T23] apple: probe of 0003:05AC:024B.000C failed with error -22 [ 177.490426][ T5776] usb 2-1: USB disconnect, device number 5 [ 177.663354][ T8194] netlink: 16 bytes leftover after parsing attributes in process `syz.3.871'. [ 177.748128][ T23] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 177.845865][ T8198] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 177.852772][ T8198] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 177.870219][ T8198] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 177.880475][ T8198] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 177.887662][ T8198] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 177.896831][ T8198] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 177.902856][ T5852] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 177.916793][ T8198] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 177.924913][ T8198] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 177.940769][ T8198] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 177.956763][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 177.968542][ T23] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 177.982204][ T23] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 178.000906][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.037770][ T23] usb 3-1: config 0 descriptor?? [ 178.088480][ T5852] usb 1-1: Using ep0 maxpacket: 16 [ 178.095611][ T5852] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 178.133548][ T5852] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55 [ 178.157714][ T5852] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.167433][ T5852] usb 1-1: Product: syz [ 178.177687][ T5852] usb 1-1: Manufacturer: syz [ 178.182345][ T5852] usb 1-1: SerialNumber: syz [ 178.218721][ T5852] usb 1-1: config 0 descriptor?? [ 178.267650][ T5852] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 178.441580][ T5852] usb 1-1: USB disconnect, device number 8 [ 178.448822][ T1079] usb 1-1: Failed to submit usb control message: -71 [ 178.456369][ T1079] usb 1-1: unable to send the bmi data to the device: -71 [ 178.483595][ T1079] usb 1-1: unable to get target info from device [ 178.499006][ T23] konepure 0003:1E7D:2DB4.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.2-1/input0 [ 178.500211][ T1079] usb 1-1: could not get target info (-71) [ 178.556370][ T1079] usb 1-1: could not probe fw (-71) [ 178.711361][ T23] usb 3-1: USB disconnect, device number 10 [ 178.873925][ T8214] loop1: detected capacity change from 0 to 1024 [ 178.885446][ T8214] EXT4-fs: Ignoring removed orlov option [ 178.907182][ T8214] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 178.936108][ T8214] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 178.967437][ T8214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.143717][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.197383][ T8209] loop3: detected capacity change from 0 to 32768 [ 179.310863][ T8209] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 179.469147][ T8209] XFS (loop3): Ending clean mount [ 179.723106][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 179.839286][ T8243] loop2: detected capacity change from 0 to 16 [ 179.850920][ T5792] Bluetooth: hci0: command 0x0c1a tx timeout [ 179.909866][ T8243] cramfs: Error -3 while decompressing! [ 179.927983][ T5792] Bluetooth: hci3: command 0x0c1a tx timeout [ 179.931906][ T5796] Bluetooth: hci1: command 0x0c1a tx timeout [ 179.948546][ T8243] cramfs: ffffffff96fdb308(27)->ffff888056595000(4096) [ 179.978701][ T8243] cramfs: Error -3 while decompressing! [ 179.984396][ T8243] cramfs: ffffffff96fdb323(16)->ffff888056596000(4096) [ 180.031144][ T8243] cramfs: Error -3 while decompressing! [ 180.039580][ T8243] cramfs: ffffffff96fdb308(27)->ffff888056595000(4096) [ 180.054608][ T28] audit: type=1800 audit(1752815902.260:24): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.888" name="file2" dev="loop2" ino=348 res=0 errno=0 [ 180.467946][ T5776] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 180.566950][ T8253] loop1: detected capacity change from 0 to 32768 [ 180.657664][ T5776] usb 3-1: Using ep0 maxpacket: 32 [ 180.670893][ T5776] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 180.692895][ T5776] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.717922][ T5776] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 180.739135][ T5776] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.750163][ T5776] usb 3-1: config 0 descriptor?? [ 180.983795][ T5776] usbhid 3-1:0.0: can't add hid device: -71 [ 180.997726][ T5776] usbhid: probe of 3-1:0.0 failed with error -71 [ 181.035598][ T5776] usb 3-1: USB disconnect, device number 11 [ 181.378841][ T8280] netlink: 'syz.1.903': attribute type 10 has an invalid length. [ 181.421565][ T8280] batman_adv: batadv0: Adding interface: team0 [ 181.429787][ T8282] loop3: detected capacity change from 0 to 256 [ 181.442006][ T8280] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.467219][ C0] vkms_vblank_simulate: vblank timer overrun [ 181.513783][ T8280] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 181.535751][ T8282] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 181.555302][ T8283] netlink: 'syz.1.903': attribute type 10 has an invalid length. [ 181.573114][ T8283] netlink: 2 bytes leftover after parsing attributes in process `syz.1.903'. [ 181.608107][ T8283] team0: entered promiscuous mode [ 181.655127][ T8283] team_slave_0: entered promiscuous mode [ 181.664355][ T8283] team_slave_1: entered promiscuous mode [ 181.689617][ T8283] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.726134][ T8283] batman_adv: batadv0: Interface activated: team0 [ 181.737756][ T8283] batman_adv: batadv0: Interface deactivated: team0 [ 181.758335][ T8283] batman_adv: batadv0: Removing interface: team0 [ 181.766410][ T8283] bridge0: port 3(team0) entered blocking state [ 181.794879][ T8283] bridge0: port 3(team0) entered disabled state [ 181.802090][ T8283] team0: entered allmulticast mode [ 181.807337][ T8283] team_slave_0: entered allmulticast mode [ 181.819424][ T8283] team_slave_1: entered allmulticast mode [ 181.832172][ T8283] bridge0: port 3(team0) entered blocking state [ 181.838641][ T8283] bridge0: port 3(team0) entered forwarding state [ 181.860447][ T8285] loop2: detected capacity change from 0 to 4096 [ 181.923167][ T8285] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 181.931129][ T5796] Bluetooth: hci0: command 0x0c1a tx timeout [ 181.956306][ T8285] UDF-fs: Scanning with blocksize 512 failed [ 182.002424][ T8285] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 182.011480][ T5796] Bluetooth: hci3: command 0x0c1a tx timeout [ 182.017992][ T5796] Bluetooth: hci1: command 0x0c1a tx timeout [ 182.438237][ T8304] tipc: Enabled bearer , priority 10 [ 182.700659][ T8308] loop3: detected capacity change from 0 to 4096 [ 183.109996][ T8325] GUP no longer grows the stack in syz.0.924 (8325): 200000009000-200000409000 (200000002440) [ 183.128162][ T8325] CPU: 1 PID: 8325 Comm: syz.0.924 Not tainted 6.6.99-syzkaller #0 [ 183.136118][ T8325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 183.146216][ T8325] Call Trace: [ 183.149531][ T8325] [ 183.152502][ T8325] dump_stack_lvl+0x16c/0x230 [ 183.157238][ T8325] ? show_regs_print_info+0x20/0x20 [ 183.162503][ T8325] ? load_image+0x3b0/0x3b0 [ 183.167052][ T8325] ? find_vma+0x12e/0x1b0 [ 183.171446][ T8325] fixup_user_fault+0x652/0x710 [ 183.176356][ T8325] fault_in_user_writeable+0x71/0xe0 [ 183.181701][ T8325] futex_wake_op+0x599/0xd30 [ 183.186347][ T8325] ? futex_wake+0x4b0/0x4b0 [ 183.190915][ T8325] ? userfaultfd_unmap_complete+0x279/0x2d0 [ 183.196862][ T8325] ? vm_mmap_pgoff+0x2b3/0x400 [ 183.201689][ T8325] do_futex+0x385/0x3e0 [ 183.205892][ T8325] ? __ia32_sys_get_robust_list+0x90/0x90 [ 183.211668][ T8325] __se_sys_futex+0x36f/0x3f0 [ 183.216405][ T8325] ? __x64_sys_futex+0xf0/0xf0 [ 183.221211][ T8325] ? __x64_sys_futex+0x21/0xf0 [ 183.226013][ T8325] do_syscall_64+0x55/0xb0 [ 183.230471][ T8325] ? clear_bhb_loop+0x40/0x90 [ 183.235181][ T8325] ? clear_bhb_loop+0x40/0x90 [ 183.239913][ T8325] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 183.245865][ T8325] RIP: 0033:0x7f15e478e9a9 [ 183.250424][ T8325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.259241][ T8323] loop3: detected capacity change from 0 to 4096 [ 183.270046][ T8325] RSP: 002b:00007f15e5587038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 183.270175][ T8325] RAX: ffffffffffffffda RBX: 00007f15e49b5fa0 RCX: 00007f15e478e9a9 [ 183.270193][ T8325] RDX: 0000000000000002 RSI: 0000000000000085 RDI: 0000000000000000 [ 183.270207][ T8325] RBP: 00007f15e4810ca1 R08: 0000200000002440 R09: 0000000000000001 [ 183.270222][ T8325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.270235][ T8325] R13: 0000000000000000 R14: 00007f15e49b5fa0 R15: 00007fff174a98d8 [ 183.270266][ T8325] [ 183.395416][ T8323] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 183.513494][ T8316] loop1: detected capacity change from 0 to 32768 [ 183.529590][ T8329] netlink: 20 bytes leftover after parsing attributes in process `syz.0.926'. [ 183.574754][ T8316] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.920 (8316) [ 183.655559][ T8316] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 183.697935][ T8316] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 183.706726][ T8316] BTRFS info (device loop1): setting nodatasum [ 183.741822][ T8316] BTRFS info (device loop1): enabling auto defrag [ 183.758838][ T8316] BTRFS info (device loop1): disabling tree log [ 183.777682][ T8316] BTRFS info (device loop1): using free space tree [ 183.856528][ T28] audit: type=1326 audit(1752815906.060:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.2.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5cd18e9a9 code=0x7ffc0000 [ 183.886543][ T28] audit: type=1326 audit(1752815906.060:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.2.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5cd18e9a9 code=0x7ffc0000 [ 183.915576][ T28] audit: type=1326 audit(1752815906.060:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.2.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fe5cd18e9a9 code=0x7ffc0000 [ 183.944278][ T28] audit: type=1326 audit(1752815906.060:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.2.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5cd18e9a9 code=0x7ffc0000 [ 184.013445][ T5796] Bluetooth: hci0: command 0x0c1a tx timeout [ 184.024211][ T8316] BTRFS info (device loop1): enabling ssd optimizations [ 184.070062][ T8316] BTRFS info (device loop1): auto enabling async discard [ 184.089093][ T5796] Bluetooth: hci1: command 0x0c1a tx timeout [ 184.089118][ T5792] Bluetooth: hci3: command 0x0c1a tx timeout [ 184.334686][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 184.366142][ T8367] loop2: detected capacity change from 0 to 2048 [ 184.473586][ T8367] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 184.503032][ T8367] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 184.625222][ T8367] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 185.036815][ T8383] loop3: detected capacity change from 0 to 2048 [ 185.057394][ T8383] EXT4-fs: Ignoring removed bh option [ 185.113858][ T8387] netlink: 12 bytes leftover after parsing attributes in process `syz.1.946'. [ 185.119572][ T8383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.214864][ T8383] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 185.239896][ T8383] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 185.253381][ T8383] EXT4-fs (loop3): This should not happen!! Data will be lost [ 185.253381][ T8383] [ 185.263666][ T8383] EXT4-fs (loop3): Total free blocks count 0 [ 185.269917][ T8383] EXT4-fs (loop3): Free/Dirty block details [ 185.275979][ T8383] EXT4-fs (loop3): free_blocks=2415919104 [ 185.281926][ T8383] EXT4-fs (loop3): dirty_blocks=32 [ 185.287141][ T8383] EXT4-fs (loop3): Block reservation details [ 185.301924][ T8383] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 185.406817][ T61] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 186.206627][ T8427] loop1: detected capacity change from 0 to 4096 [ 186.380237][ T8427] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 186.408599][ T8427] ntfs3: loop1: Failed to load $Extend (-22). [ 186.414746][ T8427] ntfs3: loop1: Failed to initialize $Extend. [ 186.502963][ T8427] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 186.511176][ T28] audit: type=1800 audit(1752815908.710:29): pid=8427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.962" name="file1" dev="loop1" ino=30 res=0 errno=0 [ 186.745658][ T8445] netlink: 32 bytes leftover after parsing attributes in process `syz.3.971'. [ 187.131632][ T8455] loop1: detected capacity change from 0 to 4096 [ 187.143775][ T8455] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 187.214829][ T8455] ntfs3: loop1: failed to convert "c46c" to iso8859-13 [ 187.793395][ T8473] loop2: detected capacity change from 0 to 2048 [ 187.822650][ T8473] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 187.860169][ T8476] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 187.871406][ T8473] syz.2.982: attempt to access beyond end of device [ 187.871406][ T8473] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 188.192796][ T8486] loop2: detected capacity change from 0 to 2048 [ 188.210802][ T8486] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 188.245644][ T8486] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 188.769836][ T8501] loop1: detected capacity change from 0 to 2048 [ 188.803703][ T8501] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 188.846763][ T8501] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 188.901903][ T8501] UDF-fs: error (device loop1): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 189.120706][ T8515] loop2: detected capacity change from 0 to 512 [ 189.138474][ T8515] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 189.242939][ T8515] EXT4-fs (loop2): 1 truncate cleaned up [ 189.269963][ T8515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.336867][ T8528] tipc: Enabled bearer , priority 10 [ 189.524219][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.674495][ T8536] loop2: detected capacity change from 0 to 512 [ 189.757716][ T8536] Quota error (device loop2): v2_read_file_info: Free block number 1 out of range (1, 6). [ 189.801623][ T8536] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 189.899314][ T8536] EXT4-fs (loop2): mount failed [ 189.978290][ T28] audit: type=1326 audit(1752815912.190:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 190.043190][ T28] audit: type=1326 audit(1752815912.190:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 190.117018][ T8534] loop3: detected capacity change from 0 to 32768 [ 190.125321][ T28] audit: type=1326 audit(1752815912.190:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 190.177219][ T8534] (syz.3.1012,8534,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 190.187656][ T28] audit: type=1326 audit(1752815912.190:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 190.230712][ T8534] (syz.3.1012,8534,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 190.237705][ T28] audit: type=1326 audit(1752815912.190:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8543 comm="syz.1.1016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 190.350801][ T8534] JBD2: Ignoring recovery information on journal [ 190.459231][ T5872] tipc: Node number set to 100663296 [ 190.512773][ T8534] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 190.723924][ T5784] ocfs2: Unmounting device (7,3) on (node local) [ 190.835121][ T8563] tipc: Started in network mode [ 190.849250][ T8563] tipc: Node identity ac14142a, cluster identity 4711 [ 190.870281][ T8563] tipc: Enabled bearer , priority 10 [ 191.672063][ T8559] loop1: detected capacity change from 0 to 40427 [ 191.700894][ T8559] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 191.727842][ T8559] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 191.750490][ T8559] F2FS-fs (loop1): invalid crc value [ 191.769639][ T8559] F2FS-fs (loop1): Found nat_bits in checkpoint [ 191.977695][ T8559] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 191.984805][ T8559] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 191.994765][ T5852] tipc: Node number set to 2886997034 [ 192.103191][ T8597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1038'. [ 192.124473][ T8597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1038'. [ 192.609889][ T8604] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 192.704065][ T8595] loop3: detected capacity change from 0 to 32768 [ 192.739246][ T8595] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 192.900498][ T8595] XFS (loop3): Ending clean mount [ 193.001394][ T5784] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 193.193397][ T8623] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1048'. [ 193.327169][ T8609] loop1: detected capacity change from 0 to 32768 [ 193.381214][ T8609] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 193.417358][ T8609] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 193.561806][ T6262] udevd[6262]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 193.602293][ T8638] netlink: 'syz.2.1049': attribute type 3 has an invalid length. [ 193.673175][ T8609] XFS (loop1): Ending clean mount [ 193.706017][ T8609] XFS (loop1): Quotacheck needed: Please wait. [ 193.830678][ T8609] XFS (loop1): Quotacheck: Done. [ 193.955386][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 194.248550][ T5823] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 194.415028][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.421644][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.437690][ T5823] usb 3-1: Using ep0 maxpacket: 16 [ 194.445749][ T5823] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 194.454963][ T5823] usb 3-1: config 0 has no interface number 0 [ 194.461541][ T5823] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.472985][ T5823] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.483361][ T5823] usb 3-1: config 0 interface 8 has no altsetting 0 [ 194.490469][ T5823] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 194.500265][ T5823] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.512577][ T5823] usb 3-1: config 0 descriptor?? [ 194.751864][ T8657] loop1: detected capacity change from 0 to 32768 [ 194.782320][ T8657] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 194.823224][ T8657] XFS (loop1): Ending clean mount [ 194.951175][ T5823] uclogic 0003:5543:0522.000E: unknown main item tag 0x0 [ 194.961455][ T5786] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 194.968857][ T5823] uclogic 0003:5543:0522.000E: unknown main item tag 0x0 [ 194.982509][ T5823] uclogic 0003:5543:0522.000E: unknown main item tag 0x0 [ 194.990103][ T5823] uclogic 0003:5543:0522.000E: unknown main item tag 0x0 [ 194.997318][ T5823] uclogic 0003:5543:0522.000E: unknown main item tag 0x0 [ 195.006447][ T5823] uclogic 0003:5543:0522.000E: No inputs registered, leaving [ 195.038017][ T5823] uclogic 0003:5543:0522.000E: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.2-1/input8 [ 195.213049][ T5823] usb 3-1: USB disconnect, device number 12 [ 195.217838][ T8668] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1059'. [ 195.484900][ T8675] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1062'. [ 195.851803][ T8686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1067'. [ 196.484260][ T8704] loop3: detected capacity change from 0 to 1024 [ 196.504253][ T8704] EXT4-fs: Ignoring removed i_version option [ 196.535024][ T8704] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 196.572438][ T8709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1078'. [ 196.601651][ T8704] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:478: comm syz.3.1077: Invalid block bitmap block 0 in block_group 0 [ 196.648023][ T8709] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1078'. [ 196.660650][ T8714] tmpfs: Bad value for 'nr_inodes' [ 196.669560][ T8704] Quota error (device loop3): write_blk: dquota write failed [ 196.677021][ T8704] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 196.725870][ T8704] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.1077: Failed to acquire dquot type 0 [ 196.754585][ T8704] EXT4-fs error (device loop3): ext4_free_blocks:6681: comm syz.3.1077: Freeing blocks not in datazone - block = 0, count = 4096 [ 196.787914][ T8704] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1077: Invalid inode bitmap blk 0 in block_group 0 [ 196.819344][ T1079] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7 [ 196.828606][ T1079] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:6: Failed to release dquot type 0 [ 196.840744][ T8704] EXT4-fs error (device loop3) in ext4_free_inode:363: Corrupt filesystem [ 196.860354][ T8704] EXT4-fs (loop3): 1 orphan inode deleted [ 196.878036][ T8704] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.894546][ T8692] loop1: detected capacity change from 0 to 40427 [ 196.927817][ T8692] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 196.957278][ T8692] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 196.971401][ T8692] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x7ffff [ 197.039960][ T8692] F2FS-fs (loop1): invalid crc value [ 197.086582][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.102625][ T8692] F2FS-fs (loop1): Found nat_bits in checkpoint [ 197.113412][ T12] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7 [ 197.137141][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:1: Failed to release dquot type 0 [ 197.307686][ T8692] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 197.334512][ T8692] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 197.370760][ T8727] netlink: 'syz.3.1083': attribute type 3 has an invalid length. [ 197.789224][ T8735] loop2: detected capacity change from 0 to 1024 [ 197.847867][ T5823] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 197.997470][ T8741] loop2: detected capacity change from 0 to 512 [ 198.034504][ T8741] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 198.048536][ T5823] usb 4-1: Using ep0 maxpacket: 32 [ 198.061136][ T5823] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.077647][ T5823] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.088064][ T8741] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.088610][ T5823] usb 4-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00 [ 198.108138][ T5823] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.120341][ T5823] usb 4-1: config 0 descriptor?? [ 198.137682][ T8745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1091'. [ 198.146821][ T8745] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1091'. [ 198.183175][ T8741] EXT4-fs warning (device loop2): ext4_empty_dir:3156: inode #12: comm syz.2.1090: directory missing '..' [ 198.278364][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.554624][ T5823] glorious 0003:258A:0033.000F: unknown main item tag 0x2 [ 198.578157][ T5823] glorious 0003:258A:0033.000F: hidraw0: USB HID v0.00 Device [Glorious Model D] on usb-dummy_hcd.3-1/input0 [ 198.760283][ T8752] loop2: detected capacity change from 0 to 32768 [ 198.764985][ T5823] usb 4-1: USB disconnect, device number 5 [ 198.785365][ T8752] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 198.843280][ T8752] XFS (loop2): Ending clean mount [ 198.954935][ T5789] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 199.203100][ T8765] loop1: detected capacity change from 0 to 2048 [ 199.239187][ T8766] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 199.338674][ T8765] NILFS (loop1): error -2 truncating bmap (ino=16) [ 199.425468][ T8766] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 199.438102][ T8766] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16) [ 199.459518][ T8766] Remounting filesystem read-only [ 199.465238][ T61] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 199.472202][ T61] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 199.479581][ T61] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 199.486878][ T61] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 199.494603][ T61] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 199.501992][ T61] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 199.509025][ T61] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 199.516305][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.525208][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.541753][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.552913][ T61] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 199.560629][ T61] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 199.568096][ T61] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 199.575393][ T61] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 199.582758][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.591672][ T61] NILFS (loop1): discard dirty page: offset=229376, ino=3 [ 199.600020][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.608969][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.618002][ T61] NILFS (loop1): discard dirty block: blocknr=50, size=1024 [ 199.625323][ T61] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.634645][ T5786] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 199.643714][ T5786] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 199.650523][ T5786] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 199.662043][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.671094][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.680595][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.691998][ T5786] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 199.698768][ T5786] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 199.706070][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.715048][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 199.724027][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 200.048006][ T5872] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 200.257747][ T5872] usb 2-1: Using ep0 maxpacket: 32 [ 200.270148][ T5872] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 200.281321][ T8774] loop3: detected capacity change from 0 to 16 [ 200.288215][ T5872] usb 2-1: config 0 has no interface number 0 [ 200.298713][ T5872] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 200.323003][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.333599][ T8774] erofs: (device loop3): mounted with root inode @ nid 36. [ 200.349487][ T5872] usb 2-1: Product: syz [ 200.353712][ T5872] usb 2-1: Manufacturer: syz [ 200.383514][ T8774] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 200.394310][ T5872] usb 2-1: SerialNumber: syz [ 200.415062][ T5872] usb 2-1: config 0 descriptor?? [ 200.426203][ T5872] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 200.435432][ T8774] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 200.457366][ T8774] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 200.787208][ T8787] loop3: detected capacity change from 0 to 512 [ 201.022974][ T5872] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 201.059128][ T5872] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 201.265160][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 201.273429][ T5872] usb 2-1: USB disconnect, device number 6 [ 201.294547][ T5872] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 201.320138][ T5872] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 201.333881][ T5872] quatech2 2-1:0.51: device disconnected [ 201.575983][ T8815] loop3: detected capacity change from 0 to 256 [ 201.599918][ T8815] exfat: Deprecated parameter 'utf8' [ 201.605342][ T8815] exfat: Deprecated parameter 'namecase' [ 201.643906][ T8815] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 201.688889][ T28] audit: type=1800 audit(1752815923.900:35): pid=8815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1119" name="file2" dev="loop3" ino=1048629 res=0 errno=0 [ 202.067717][ T5823] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 202.161628][ T28] audit: type=1326 audit(1752815924.370:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 202.173218][ T8825] loop1: detected capacity change from 0 to 512 [ 202.190703][ T28] audit: type=1326 audit(1752815924.370:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 202.224161][ T8825] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 202.246559][ T28] audit: type=1326 audit(1752815924.370:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 202.275025][ T5823] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 202.287352][ T5823] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.303204][ T5823] usb 4-1: config 0 descriptor?? [ 202.326470][ T8825] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 202.343276][ T5823] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 202.351267][ T8825] EXT4-fs (loop1): 1 truncate cleaned up [ 202.362889][ T28] audit: type=1326 audit(1752815924.370:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8a67b8e9e3 code=0x7ffc0000 [ 202.371859][ T8825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.392822][ T28] audit: type=1326 audit(1752815924.370:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8a67b8d45f code=0x7ffc0000 [ 202.478655][ T28] audit: type=1326 audit(1752815924.370:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f8a67b8ea37 code=0x7ffc0000 [ 202.533948][ T28] audit: type=1326 audit(1752815924.370:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a67b8d310 code=0x7ffc0000 [ 202.577070][ T28] audit: type=1326 audit(1752815924.370:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8a67b8e5ab code=0x7ffc0000 [ 202.578085][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.602093][ T28] audit: type=1326 audit(1752815924.420:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz.1.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8a67b8d60a code=0x7ffc0000 [ 202.730606][ T5823] gspca_cpia1: usb_control_msg 03, error -32 [ 202.737114][ T5823] gspca_cpia1: usb_control_msg 03, error -71 [ 202.757116][ T5823] gspca_cpia1: usb_control_msg 01, error -71 [ 202.773021][ T5823] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 202.799989][ T5823] usb 4-1: USB disconnect, device number 6 [ 202.923156][ T8839] loop1: detected capacity change from 0 to 1024 [ 203.026168][ T8839] hfsplus: invalid extended attribute record [ 203.105819][ T61] hfsplus: b-tree write err: -5, ino 4 [ 203.407038][ T5792] Bluetooth: hci0: unexpected event for opcode 0x200b [ 203.727371][ T8843] loop2: detected capacity change from 0 to 40427 [ 203.788466][ T8843] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 203.796276][ T8843] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 203.848168][ T8843] F2FS-fs (loop2): invalid crc value [ 203.872805][ T8843] F2FS-fs (loop2): Found nat_bits in checkpoint [ 204.044981][ T8843] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 204.063686][ T8843] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 204.130238][ T8869] loop1: detected capacity change from 0 to 8192 [ 204.221193][ T8869] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 2195) [ 204.244495][ T8869] FAT-fs (loop1): Filesystem has been set read-only [ 204.252757][ T8869] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 2195) [ 204.265198][ T43] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 204.277729][ T8869] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 2195) [ 204.298434][ T8869] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 2195) [ 204.308749][ T8869] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 2195) [ 204.311691][ T43] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 204.497029][ T8875] loop3: detected capacity change from 0 to 4096 [ 204.542536][ T8875] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 204.666477][ T8875] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 205.117992][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 205.325005][ T9] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 205.346080][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.365393][ T9] usb 2-1: Product: syz [ 205.387649][ T9] usb 2-1: Manufacturer: syz [ 205.402386][ T9] usb 2-1: SerialNumber: syz [ 205.436875][ T9] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 205.491700][ T5872] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 206.041743][ T9] usb 2-1: USB disconnect, device number 7 [ 206.509395][ T8899] loop2: detected capacity change from 0 to 32768 [ 206.537796][ T8899] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 206.711924][ T8899] XFS (loop2): Ending clean mount [ 206.745786][ T8899] XFS (loop2): Quotacheck needed: Please wait. [ 206.751718][ T8911] loop1: detected capacity change from 0 to 4096 [ 206.769683][ T8911] __ntfs_warning: 20 callbacks suppressed [ 206.769699][ T8911] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 206.807835][ T5872] usb 2-1: Service connection timeout for: 256 [ 206.833197][ T8911] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 206.848064][ T8911] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 206.852125][ T5872] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services [ 206.859913][ T8911] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 206.908496][ T5872] ath9k_htc: Failed to initialize the device [ 206.915288][ T9] usb 2-1: ath9k_htc: USB layer deinitialized [ 206.938163][ T8899] XFS (loop2): Quotacheck: Done. [ 206.968050][ T8911] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 207.073654][ T8911] ntfs: volume version 3.1. [ 207.086059][ T5789] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 207.094375][ T8911] ntfs: (device loop1): load_and_init_quota(): Failed to find inode number for $Quota. [ 207.146615][ T8911] ntfs: (device loop1): load_system_files(): Failed to load $Quota. Will not be able to remount read-write. Run chkdsk. [ 207.418657][ T8911] ntfs: (device loop1): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set cp932. You might want to try to use the mount option nls=utf8. [ 207.451383][ T8911] ntfs: (device loop1): ntfs_filldir(): Skipping unrepresentable inode 0x4. [ 207.664667][ T28] audit: type=1326 audit(1752815929.870:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.3.1168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 207.708195][ T8921] loop3: detected capacity change from 0 to 512 [ 207.736683][ T8921] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 207.818032][ T8921] EXT4-fs (loop3): 1 truncate cleaned up [ 207.825960][ T8921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.010115][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.039895][ T5823] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 208.189017][ T8931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1170'. [ 208.257751][ T5823] usb 2-1: Using ep0 maxpacket: 32 [ 208.274059][ T5823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.287697][ T5823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.297525][ T5823] usb 2-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00 [ 208.332660][ T8929] loop2: detected capacity change from 0 to 32768 [ 208.339351][ T5823] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.354339][ T5823] usb 2-1: config 0 descriptor?? [ 208.395550][ T8929] (syz.2.1169,8929,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 208.403648][ T8933] loop3: detected capacity change from 0 to 512 [ 208.417073][ T8929] (syz.2.1169,8929,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 208.428951][ T8933] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 208.440513][ T8933] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51802!=33349) [ 208.450766][ T8933] EXT4-fs (loop3): group descriptors corrupted! [ 208.545805][ T8929] JBD2: Ignoring recovery information on journal [ 208.744197][ T8929] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 208.800548][ T5823] glorious 0003:258A:0033.0010: unknown main item tag 0x2 [ 208.831010][ T5823] glorious 0003:258A:0033.0010: hidraw0: USB HID v0.00 Device [Glorious Model D] on usb-dummy_hcd.1-1/input0 [ 208.936121][ T8929] (syz.2.1169,8929,1):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 208.959989][ T8937] loop3: detected capacity change from 0 to 4096 [ 208.977720][ T8929] (syz.2.1169,8929,0):ocfs2_get_suballoc_slot_bit:2709 ERROR: read block 47244640256 failed -12 [ 209.004164][ T8929] (syz.2.1169,8929,0):ocfs2_get_suballoc_slot_bit:2741 ERROR: status = -12 [ 209.043730][ T5823] usb 2-1: USB disconnect, device number 8 [ 209.048378][ T8929] (syz.2.1169,8929,0):ocfs2_test_inode_bit:2823 ERROR: get alloc slot and bit failed -12 [ 209.087113][ T8940] fido_id[8940]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 209.098502][ T8929] (syz.2.1169,8929,0):ocfs2_test_inode_bit:2864 ERROR: status = -12 [ 209.141477][ T8929] (syz.2.1169,8929,0):ocfs2_get_dentry:78 ERROR: test inode bit failed -12 [ 209.274902][ T5789] ocfs2: Unmounting device (7,2) on (node local) [ 209.618905][ T8955] loop2: detected capacity change from 0 to 64 [ 209.721436][ T8957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1181'. [ 209.733113][ T8957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1181'. [ 210.311341][ T8977] loop3: detected capacity change from 0 to 512 [ 210.397745][ T8977] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1191: bad orphan inode 17 [ 210.421773][ T8983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1194'. [ 210.457374][ T8983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1194'. [ 210.471836][ T8977] ext4_test_bit(bit=16, block=4) = 1 [ 210.477331][ T8977] is_bad_inode(inode)=0 [ 210.482066][ T8977] NEXT_ORPHAN(inode)=0 [ 210.486171][ T8977] max_ino=32 [ 210.489652][ T8977] i_nlink=1 [ 210.494156][ T8977] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 210.590122][ T8977] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.1191: bg 0: block 7: invalid block bitmap [ 210.649610][ T8977] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 210.737350][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.876394][ T8991] netlink: 'syz.1.1198': attribute type 29 has an invalid length. [ 210.967762][ T5852] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 211.167810][ T5852] usb 3-1: Using ep0 maxpacket: 8 [ 211.177547][ T5852] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 211.209691][ T5852] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 211.237682][ T5852] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 211.237709][ T5852] usb 3-1: Product: syz [ 211.237723][ T5852] usb 3-1: Manufacturer: syz [ 211.237737][ T5852] usb 3-1: SerialNumber: syz [ 211.263247][ T8997] loop3: detected capacity change from 0 to 8192 [ 211.273392][ T8999] loop1: detected capacity change from 0 to 4096 [ 211.285987][ T8999] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 211.338398][ T8997] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 211.352355][ T8997] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 211.363133][ T8997] REISERFS (device loop3): using ordered data mode [ 211.369913][ T8997] reiserfs: using flush barriers [ 211.377426][ T8997] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 211.394848][ T8997] REISERFS (device loop3): checking transaction log (loop3) [ 211.488839][ T5852] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 211.517419][ T5852] usb 3-1: Handspring Visor / Palm OS: Number of ports: 1 [ 211.570406][ T8997] REISERFS (device loop3): Using tea hash to sort names [ 211.598124][ T8997] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 211.713290][ T5852] usb 3-1: palm_os_3_probe - error -71 getting bytes available request [ 211.747818][ T5852] visor 3-1:1.0: Handspring Visor / Palm OS converter detected [ 211.781290][ T5852] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 211.783388][ T9008] loop1: detected capacity change from 0 to 512 [ 211.796217][ T5852] usb 3-1: USB disconnect, device number 13 [ 211.825279][ T5852] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 211.825292][ T9008] EXT4-fs: inline encryption not supported [ 211.842460][ T9008] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 211.855192][ T5852] visor 3-1:1.0: device disconnected [ 211.884528][ T9008] EXT4-fs (loop1): 1 truncate cleaned up [ 211.903936][ T9008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 212.083323][ T28] kauditd_printk_skb: 29 callbacks suppressed [ 212.083338][ T28] audit: type=1326 audit(1752815934.290:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.118730][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.191682][ T28] audit: type=1326 audit(1752815934.330:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.267396][ T28] audit: type=1326 audit(1752815934.350:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.304140][ T9019] loop3: detected capacity change from 0 to 512 [ 212.310258][ T9017] loop1: detected capacity change from 0 to 512 [ 212.317254][ T28] audit: type=1326 audit(1752815934.350:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.344941][ T28] audit: type=1326 audit(1752815934.350:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.371999][ T28] audit: type=1326 audit(1752815934.350:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.394948][ T28] audit: type=1326 audit(1752815934.350:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.419211][ T9019] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1210: iget: bad i_size value: 38620345925642 [ 212.432682][ T9017] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 212.448284][ T28] audit: type=1326 audit(1752815934.350:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 212.515115][ T9017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.529031][ T9019] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1210: couldn't read orphan inode 15 (err -117) [ 212.535253][ T9017] ext4 filesystem being mounted at /306/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 212.599187][ T9019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.672435][ T9019] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.1210: bg 0: block 5: invalid block bitmap [ 212.698207][ T9017] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 212.713837][ T9017] EXT4-fs: Cannot change journaled quota options when quota turned on [ 212.795062][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.839062][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.174220][ T9034] loop1: detected capacity change from 0 to 4096 [ 213.178302][ T9037] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1217'. [ 213.621612][ T9052] netlink: 'syz.2.1223': attribute type 29 has an invalid length. [ 214.219373][ T9075] loop3: detected capacity change from 0 to 512 [ 214.254493][ T9075] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 214.335426][ T9075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.361154][ T9075] ext4 filesystem being mounted at /332/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 214.519554][ T9075] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 214.545040][ T9075] EXT4-fs: Cannot change journaled quota options when quota turned on [ 214.615247][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.982816][ T9104] loop3: detected capacity change from 0 to 64 [ 215.015192][ T5792] Bluetooth: hci0: unexpected event for opcode 0x0809 [ 215.174329][ T9094] loop2: detected capacity change from 0 to 32768 [ 215.225489][ T9094] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 215.235587][ T9109] devpts: called with bogus options [ 215.270332][ T9094] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 215.297661][ T9094] BTRFS info (device loop2): using free space tree [ 215.406426][ T9094] BTRFS info (device loop2): enabling ssd optimizations [ 215.444340][ T9094] BTRFS info (device loop2): auto enabling async discard [ 215.556491][ T5789] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 215.813304][ T6262] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (6262) [ 215.857563][ T9137] loop3: detected capacity change from 0 to 2048 [ 215.965730][ T9139] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 216.296625][ T9143] netlink: 312 bytes leftover after parsing attributes in process `syz.3.1258'. [ 216.866092][ T9156] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1264'. [ 217.295764][ T9178] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 217.713739][ T9182] loop1: detected capacity change from 0 to 32768 [ 218.428971][ T9209] tipc: Enabling of bearer rejected, failed to enable media [ 218.993540][ T9229] loop3: detected capacity change from 0 to 1024 [ 219.017363][ T9229] EXT4-fs: Ignoring removed orlov option [ 219.066174][ T9229] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 219.087932][ T9229] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 219.138160][ T9229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.332470][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.475366][ T9242] loop3: detected capacity change from 0 to 512 [ 219.490764][ T9241] loop1: detected capacity change from 0 to 1024 [ 219.504297][ T9242] EXT4-fs (loop3): Test dummy encryption mode enabled [ 219.526036][ T9242] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 219.553102][ T9241] hfsplus: bad catalog entry type [ 219.561763][ T9242] EXT4-fs (loop3): 1 truncate cleaned up [ 219.578968][ T9242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.661020][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.902772][ T9249] netlink: 'syz.3.1306': attribute type 2 has an invalid length. [ 219.965951][ T9251] program syz.1.1308 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 220.009239][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.825391][ T9266] loop1: detected capacity change from 0 to 32768 [ 220.871132][ T9266] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 220.891532][ T9266] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 220.923037][ T9266] BTRFS info (device loop1): using free space tree [ 220.940975][ T9270] binder: Bad value for 'stats' [ 221.087352][ T9266] BTRFS info (device loop1): enabling ssd optimizations [ 221.112017][ T9266] BTRFS info (device loop1): auto enabling async discard [ 221.317260][ T5786] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 221.558450][ T9300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1321'. [ 221.584675][ T6262] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (6262) [ 221.614297][ T9300] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 221.962397][ T9309] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.1326'. [ 223.037746][ T9332] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 223.051124][ T9332] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 223.057443][ T9332] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 223.114498][ T9321] loop3: detected capacity change from 0 to 32768 [ 223.168239][ T9321] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 223.190932][ T9321] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 223.217702][ T9321] BTRFS info (device loop3): using free space tree [ 223.369180][ T9321] BTRFS info (device loop3): enabling ssd optimizations [ 223.376224][ T9321] BTRFS info (device loop3): auto enabling async discard [ 223.553231][ T5784] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 223.879643][ T9362] netlink: 'syz.2.1344': attribute type 2 has an invalid length. [ 223.926385][ T6262] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by udevd (6262) [ 224.378675][ T9371] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1348'. [ 225.004946][ T9383] loop1: detected capacity change from 0 to 256 [ 225.052004][ T5792] Bluetooth: hci0: command 0x0c1a tx timeout [ 225.129638][ T5796] Bluetooth: hci1: command 0x0c1a tx timeout [ 225.135754][ T5792] Bluetooth: hci3: command 0x0c1a tx timeout [ 225.798787][ T9412] loop1: detected capacity change from 0 to 2048 [ 225.837126][ T9412] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 225.873511][ T9412] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 225.915124][ T9408] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 225.958327][ T9408] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 225.991841][ T9408] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 226.433906][ T9421] loop3: detected capacity change from 0 to 128 [ 226.470237][ T9421] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 226.511971][ T9421] ext4 filesystem being mounted at /365/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 226.625835][ T5784] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 226.779438][ T9431] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.1375'. [ 227.492195][ T9448] loop2: detected capacity change from 0 to 256 [ 227.565045][ T9448] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 227.928798][ T5792] Bluetooth: hci0: command 0x0c1a tx timeout [ 228.008481][ T5792] Bluetooth: hci3: command 0x0c1a tx timeout [ 228.014600][ T5792] Bluetooth: hci1: command 0x0c1a tx timeout [ 228.390988][ T9452] loop1: detected capacity change from 0 to 32768 [ 228.412769][ T9452] XFS: ikeep mount option is deprecated. [ 228.434004][ T9452] XFS: noikeep mount option is deprecated. [ 228.470108][ T9452] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 228.544020][ T9452] XFS (loop1): Ending clean mount [ 228.564915][ T9452] XFS (loop1): Quotacheck needed: Please wait. [ 228.679737][ T9452] XFS (loop1): Quotacheck: Done. [ 228.855156][ T5786] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 229.793116][ T9513] loop3: detected capacity change from 0 to 2048 [ 229.824573][ T9513] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 229.842628][ T9513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 230.479954][ T28] audit: type=1326 audit(1752815952.690:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9522 comm="syz.3.1413" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ae978e9a9 code=0x0 [ 230.769020][ T9528] tipc: MTU too low for tipc bearer [ 231.294534][ T9530] loop2: detected capacity change from 0 to 32768 [ 232.898406][ T3063] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 233.091253][ T3063] usb 4-1: too many configurations: 228, using maximum allowed: 8 [ 233.123381][ T3063] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 233.166533][ T3063] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.185520][ T3063] usb 4-1: Product: syz [ 233.190150][ T3063] usb 4-1: Manufacturer: syz [ 233.194796][ T3063] usb 4-1: SerialNumber: syz [ 233.230257][ T3063] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 233.278248][ T5823] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 233.794105][ T9586] loop2: detected capacity change from 0 to 256 [ 233.876661][ T9586] FAT-fs (loop2): Directory bread(block 64) failed [ 233.886385][ T9586] FAT-fs (loop2): Directory bread(block 65) failed [ 233.895558][ T9586] FAT-fs (loop2): Directory bread(block 66) failed [ 233.905549][ T9586] FAT-fs (loop2): Directory bread(block 67) failed [ 233.914598][ T9586] FAT-fs (loop2): Directory bread(block 68) failed [ 233.923720][ T9586] FAT-fs (loop2): Directory bread(block 69) failed [ 233.932754][ T9586] FAT-fs (loop2): Directory bread(block 70) failed [ 233.944140][ T3063] usb 4-1: USB disconnect, device number 7 [ 233.955165][ T9586] FAT-fs (loop2): Directory bread(block 71) failed [ 233.955322][ T9586] FAT-fs (loop2): Directory bread(block 72) failed [ 233.955371][ T9586] FAT-fs (loop2): Directory bread(block 73) failed [ 234.017920][ T5872] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 234.217840][ T5872] usb 2-1: Using ep0 maxpacket: 8 [ 234.227032][ T5872] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 234.241124][ T5872] usb 2-1: config 1 has no interface number 1 [ 234.247368][ T5872] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 234.269095][ T5872] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 234.282231][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.290653][ T5872] usb 2-1: Product: syz [ 234.294853][ T5872] usb 2-1: Manufacturer: syz [ 234.304177][ T5872] usb 2-1: SerialNumber: syz [ 234.529318][ T5872] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 234.536790][ T5872] usb 2-1: 2:1 : sample bitwidth 243 in over sample bytes 3 [ 234.553321][ T5872] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 234.567354][ T5872] usb 2-1: 2:1 : invalid channels 0 [ 234.578166][ T5823] usb 4-1: Service connection timeout for: 256 [ 234.597644][ T5823] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 234.625497][ T5823] ath9k_htc: Failed to initialize the device [ 234.629259][ T5872] usb 2-1: USB disconnect, device number 9 [ 234.645213][ T3063] usb 4-1: ath9k_htc: USB layer deinitialized [ 234.723310][ T6262] udevd[6262]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 235.175867][ T9606] loop2: detected capacity change from 0 to 764 [ 235.205758][ T9606] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 236.526070][ T9638] loop1: detected capacity change from 0 to 256 [ 236.626540][ T9638] FAT-fs (loop1): Directory bread(block 64) failed [ 236.639805][ T9638] FAT-fs (loop1): Directory bread(block 65) failed [ 236.671048][ T9638] FAT-fs (loop1): Directory bread(block 66) failed [ 236.707679][ T9638] FAT-fs (loop1): Directory bread(block 67) failed [ 236.714499][ T9638] FAT-fs (loop1): Directory bread(block 68) failed [ 236.741420][ T9638] FAT-fs (loop1): Directory bread(block 69) failed [ 236.758343][ T9638] FAT-fs (loop1): Directory bread(block 70) failed [ 236.781940][ T9638] FAT-fs (loop1): Directory bread(block 71) failed [ 236.797976][ T9638] FAT-fs (loop1): Directory bread(block 72) failed [ 236.837640][ T9638] FAT-fs (loop1): Directory bread(block 73) failed [ 236.877405][ T9642] loop2: detected capacity change from 0 to 1024 [ 236.940526][ T9642] hfsplus: bad catalog entry type [ 237.089110][ T1079] hfsplus: b-tree write err: -5, ino 4 [ 237.338584][ T9646] loop2: detected capacity change from 0 to 4096 [ 237.546110][ T9646] ntfs3: loop2: failed to convert "0080" to cp860 [ 237.555685][ T9646] ntfs3: loop2: failed to convert name for inode 1e. [ 237.896765][ T9660] netlink: 'syz.2.1482': attribute type 10 has an invalid length. [ 237.959586][ T9660] team0: Port device netdevsim0 added [ 237.968097][ T9661] netlink: 'syz.2.1482': attribute type 10 has an invalid length. [ 238.024422][ T9661] team0: Port device netdevsim0 removed [ 238.073071][ T9661] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 238.092772][ T9660] syz.2.1482 (9660) used greatest stack depth: 20232 bytes left [ 238.519985][ T9673] loop2: detected capacity change from 0 to 2048 [ 238.575745][ T9673] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.638107][ T9675] loop3: detected capacity change from 0 to 4096 [ 238.756897][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.860695][ T9675] ntfs3: loop3: failed to convert "0080" to cp860 [ 238.888637][ T9675] ntfs3: loop3: failed to convert name for inode 1e. [ 238.982503][ T9671] loop1: detected capacity change from 0 to 40427 [ 239.039793][ T9671] F2FS-fs (loop1): invalid crc value [ 239.061845][ T9671] F2FS-fs (loop1): Found nat_bits in checkpoint [ 239.063359][ T28] audit: type=1326 audit(1752815961.260:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9680 comm="syz.3.1491" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ae978e9a9 code=0x0 [ 239.220860][ T9671] F2FS-fs (loop1): Start checkpoint disabled! [ 239.250074][ T9671] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 239.329500][ T28] audit: type=1800 audit(1752815961.540:105): pid=9671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1487" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 239.460862][ T1079] kworker/u4:6: attempt to access beyond end of device [ 239.460862][ T1079] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 239.475154][ T1079] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 239.484263][ T1079] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 239.618904][ T9685] loop2: detected capacity change from 0 to 32768 [ 240.689951][ T9712] loop2: detected capacity change from 0 to 1024 [ 240.750386][ T9712] hfsplus: bad catalog entry type [ 240.789572][ T43] hfsplus: b-tree write err: -5, ino 4 [ 241.252366][ T9735] netlink: 'syz.1.1515': attribute type 10 has an invalid length. [ 241.282054][ T9735] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 241.313589][ T9735] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 241.339043][ T9735] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 241.356214][ T9735] team0: Port device netdevsim0 added [ 241.410749][ T9740] netlink: 'syz.1.1515': attribute type 10 has an invalid length. [ 241.451194][ T9740] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 241.493021][ T9740] netdevsim netdevsim1 netdevsim0: left allmulticast mode [ 241.584153][ T9740] team0: Port device netdevsim0 removed [ 241.598337][ T9740] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 242.286443][ T9765] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340 [ 242.417706][ T9767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1531'. [ 242.680291][ T9752] loop3: detected capacity change from 0 to 40427 [ 242.771743][ T9752] F2FS-fs (loop3): invalid crc value [ 242.803016][ T9752] F2FS-fs (loop3): Found nat_bits in checkpoint [ 242.993336][ T9752] F2FS-fs (loop3): Start checkpoint disabled! [ 243.024557][ T9752] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 243.157778][ T28] audit: type=1800 audit(1752815965.360:106): pid=9752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1532" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 243.260075][ T9795] loop2: detected capacity change from 0 to 256 [ 243.271305][ T9795] exfat: Deprecated parameter 'namecase' [ 243.340398][ T9795] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 243.498226][ T1079] kworker/u4:6: attempt to access beyond end of device [ 243.498226][ T1079] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 243.567813][ T1079] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 243.899250][ T9810] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 244.684051][ T9832] loop3: detected capacity change from 0 to 1024 [ 244.739085][ T9832] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 244.804635][ T9832] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.3.1560: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 244.872994][ T9832] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 244.890925][ T9832] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.1560: Deleting old file: nlink 4, error=-117 [ 244.923359][ T9843] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 244.986086][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.417837][ T23] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 245.628555][ T23] usb 3-1: too many configurations: 228, using maximum allowed: 8 [ 245.659394][ T23] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 245.671968][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.680162][ T23] usb 3-1: Product: syz [ 245.684443][ T23] usb 3-1: Manufacturer: syz [ 245.689968][ T23] usb 3-1: SerialNumber: syz [ 245.701716][ T23] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 245.721017][ T5823] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 246.401697][ T9] usb 3-1: USB disconnect, device number 14 [ 247.050785][ T5823] usb 3-1: Service connection timeout for: 256 [ 247.065524][ T5823] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 247.084332][ T5823] ath9k_htc: Failed to initialize the device [ 247.101160][ T9] usb 3-1: ath9k_htc: USB layer deinitialized [ 247.137683][ T5852] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 247.327781][ T5872] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 247.361722][ T5852] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 247.376399][ T5852] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 247.390068][ T5852] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 247.399401][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.414503][ T5852] usb 4-1: config 0 descriptor?? [ 247.518609][ T5872] usb 2-1: Using ep0 maxpacket: 16 [ 247.530642][ T5872] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.545987][ T5872] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.556320][ T5872] usb 2-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 247.570231][ T5872] usb 2-1: config 0 interface 0 has no altsetting 0 [ 247.577170][ T5872] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 247.586847][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.599904][ T5872] usb 2-1: config 0 descriptor?? [ 247.653152][ T23] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 247.693809][ T9932] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1606'. [ 247.857224][ T23] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 247.876863][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.886225][ T23] usb 3-1: Product: syz [ 247.890506][ T23] usb 3-1: Manufacturer: syz [ 247.895136][ T23] usb 3-1: SerialNumber: syz [ 247.902795][ T23] usb 3-1: config 0 descriptor?? [ 248.036700][ T5852] Bluetooth: Can't get version to change to load ram patch err [ 248.045469][ T5852] Bluetooth: Loading sysconfig file failed [ 248.046561][ T5872] hid (null): global environment stack underflow [ 248.058935][ T5852] ath3k: probe of 4-1:0.0 failed with error -71 [ 248.067076][ T5852] usb 4-1: USB disconnect, device number 8 [ 248.074409][ T5872] hid (null): usage index exceeded [ 248.081316][ T5872] hid (null): invalid report_count -2066043067 [ 248.090658][ T5872] hid (null): unknown global tag 0xc [ 248.152648][ T5872] usb 3-1: USB disconnect, device number 15 [ 248.265417][ T9] usb 2-1: USB disconnect, device number 10 [ 249.222364][ T9954] loop2: detected capacity change from 0 to 4096 [ 249.388869][ T9954] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 249.557783][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 249.755931][ T9] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 249.786318][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.803883][ T9] usb 2-1: Product: syz [ 249.813121][ T9] usb 2-1: Manufacturer: syz [ 249.823862][ T9] usb 2-1: SerialNumber: syz [ 249.832068][ T9] usb 2-1: config 0 descriptor?? [ 249.931908][ T9966] loop2: detected capacity change from 0 to 2048 [ 249.988585][ T9966] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.102625][ T9974] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.1623'. [ 250.148656][ T9974] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.1623'. [ 250.162764][ T5852] usb 2-1: USB disconnect, device number 11 [ 250.179083][ T9971] netlink: 4083 bytes leftover after parsing attributes in process `syz.0.1623'. [ 250.216990][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.366804][ T9978] loop2: detected capacity change from 0 to 512 [ 250.392568][ T9978] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 250.903861][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1635'. [ 250.931737][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1635'. [ 250.961875][ T9997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1635'. [ 251.358073][ T9984] loop3: detected capacity change from 0 to 40427 [ 251.385535][ T9984] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 251.401621][ T9984] F2FS-fs (loop3): invalid crc value [ 251.412706][ T9984] F2FS-fs (loop3): Found nat_bits in checkpoint [ 251.423332][T10017] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.1643'. [ 251.452554][T10017] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.1643'. [ 251.462725][T10012] netlink: 4083 bytes leftover after parsing attributes in process `syz.2.1643'. [ 251.521660][ T9984] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 251.580894][ T28] audit: type=1800 audit(1752815973.780:107): pid=9984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1628" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 251.615337][ T5784] syz-executor: attempt to access beyond end of device [ 251.615337][ T5784] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 251.649476][ T5784] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 252.192915][T10036] loop1: detected capacity change from 0 to 4096 [ 252.424622][T10036] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 252.690785][T10049] loop1: detected capacity change from 0 to 2048 [ 252.691348][ T28] audit: type=1326 audit(1752815974.900:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10052 comm="syz.0.1661" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f15e478e9a9 code=0x0 [ 252.698799][T10049] EXT4-fs: Ignoring removed bh option [ 252.737679][ T5872] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 252.753666][T10049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.843628][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.918106][ T5852] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 252.933484][ T5872] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 252.943427][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.951825][ T5872] usb 4-1: Product: syz [ 252.956174][ T5872] usb 4-1: Manufacturer: syz [ 252.961833][ T5872] usb 4-1: SerialNumber: syz [ 252.970832][ T5872] usb 4-1: config 0 descriptor?? [ 253.116109][ T5852] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.145831][ T5852] usb 3-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 253.155607][ T5852] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.174791][ T5852] usb 3-1: config 0 descriptor?? [ 253.248697][T10065] sch_tbf: burst 0 is lower than device vlan0 mtu (1514) ! [ 253.261277][ T3063] usb 4-1: USB disconnect, device number 9 [ 253.501366][T10071] loop1: detected capacity change from 0 to 128 [ 253.536036][T10071] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 253.573064][T10071] ext4 filesystem being mounted at /433/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 253.622451][ T5852] input: HID 28bd:0933 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28BD:0933.0012/input/input13 [ 253.659368][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 253.747275][ T5852] uclogic 0003:28BD:0933.0012: input,hidraw0: USB HID vff.ff Mouse [HID 28bd:0933] on usb-dummy_hcd.2-1/input0 [ 253.775370][ T28] audit: type=1326 audit(1752815975.980:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 253.901836][ T28] audit: type=1326 audit(1752815975.980:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 253.977513][ T28] audit: type=1326 audit(1752815976.010:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 254.007288][ T1187] usb 3-1: USB disconnect, device number 16 [ 254.048457][ T28] audit: type=1326 audit(1752815976.010:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 254.070852][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.092964][ T28] audit: type=1326 audit(1752815976.010:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 254.115695][ T28] audit: type=1326 audit(1752815976.020:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 254.138218][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.164102][ T28] audit: type=1326 audit(1752815976.020:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.1.1670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a67b8e9a9 code=0x7ffc0000 [ 254.186540][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.376704][ T28] audit: type=1326 audit(1752815976.580:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10090 comm="syz.3.1677" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ae978e9a9 code=0x0 [ 254.453251][T10094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1678'. [ 254.462855][T10094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1678'. [ 254.473877][T10094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1678'. [ 254.834364][T10087] loop1: detected capacity change from 0 to 32768 [ 254.933258][T10098] syz.0.1680 (10098): drop_caches: 2 [ 255.043265][T10105] loop2: detected capacity change from 0 to 256 [ 255.244165][T10105] FAT-fs (loop2): Directory bread(block 64) failed [ 255.263945][T10105] FAT-fs (loop2): Directory bread(block 65) failed [ 255.290344][T10105] FAT-fs (loop2): Directory bread(block 66) failed [ 255.337816][T10105] FAT-fs (loop2): Directory bread(block 67) failed [ 255.360605][T10105] FAT-fs (loop2): Directory bread(block 68) failed [ 255.382682][T10105] FAT-fs (loop2): Directory bread(block 69) failed [ 255.393275][T10105] FAT-fs (loop2): Directory bread(block 70) failed [ 255.404722][T10105] FAT-fs (loop2): Directory bread(block 71) failed [ 255.411759][T10105] FAT-fs (loop2): Directory bread(block 72) failed [ 255.423911][T10105] FAT-fs (loop2): Directory bread(block 73) failed [ 255.550864][T10110] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1685'. [ 255.854349][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.861187][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.952125][T10087] JBD2: Ignoring recovery information on journal [ 255.964891][T10101] syz.0.1680 (10101): drop_caches: 2 [ 256.049338][T10087] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 256.105049][T10118] sch_tbf: burst 0 is lower than device vlan0 mtu (1514) ! [ 256.162281][T10087] (syz.1.1675,10087,1):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 256.192687][T10087] (syz.1.1675,10087,1):ocfs2_group_add:495 ERROR: Can't read the group descriptor # 17179869184 from the device. [ 256.301111][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 256.593302][T10132] loop2: detected capacity change from 0 to 128 [ 256.603147][T10133] loop3: detected capacity change from 0 to 256 [ 256.682197][T10132] FAT-fs (loop2): Directory bread(block 128) failed [ 256.707368][T10132] FAT-fs (loop2): Directory bread(block 129) failed [ 256.723479][T10133] FAT-fs (loop3): Directory bread(block 64) failed [ 256.732078][T10133] FAT-fs (loop3): Directory bread(block 65) failed [ 256.748953][T10132] FAT-fs (loop2): Directory bread(block 130) failed [ 256.773479][T10133] FAT-fs (loop3): Directory bread(block 66) failed [ 256.780402][T10132] FAT-fs (loop2): Directory bread(block 131) failed [ 256.787100][T10132] FAT-fs (loop2): Directory bread(block 132) failed [ 256.809047][T10133] FAT-fs (loop3): Directory bread(block 67) failed [ 256.814021][T10132] FAT-fs (loop2): Directory bread(block 133) failed [ 256.822503][T10133] FAT-fs (loop3): Directory bread(block 68) failed [ 256.823402][T10132] FAT-fs (loop2): Directory bread(block 134) failed [ 256.838878][T10132] FAT-fs (loop2): Directory bread(block 135) failed [ 256.845801][T10132] FAT-fs (loop2): Directory bread(block 136) failed [ 256.852846][T10133] FAT-fs (loop3): Directory bread(block 69) failed [ 256.853038][T10133] FAT-fs (loop3): Directory bread(block 70) failed [ 256.866573][T10132] FAT-fs (loop2): Directory bread(block 137) failed [ 256.884717][T10133] FAT-fs (loop3): Directory bread(block 71) failed [ 256.897348][T10133] FAT-fs (loop3): Directory bread(block 72) failed [ 256.907338][T10133] FAT-fs (loop3): Directory bread(block 73) failed [ 257.566960][T10159] loop2: detected capacity change from 0 to 64 [ 257.612052][T10159] hfs: request for non-existent node 38657 in B*Tree [ 257.642392][T10159] hfs: request for non-existent node 38657 in B*Tree [ 257.661777][T10159] hfs: request for non-existent node 38657 in B*Tree [ 257.674070][T10159] hfs: request for non-existent node 38657 in B*Tree [ 257.713146][T10159] hfs: request for non-existent node 38657 in B*Tree [ 257.726109][T10159] hfs: request for non-existent node 38657 in B*Tree [ 258.149652][T10179] loop2: detected capacity change from 0 to 512 [ 258.187099][T10179] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 258.237182][T10179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.291755][T10179] ext4 filesystem being mounted at /414/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.452724][T10176] loop3: detected capacity change from 0 to 32768 [ 258.495620][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.550523][T10176] JBD2: Ignoring recovery information on journal [ 258.695328][T10176] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 258.779347][T10176] (syz.3.1716,10176,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 258.809890][T10176] (syz.3.1716,10176,0):ocfs2_group_add:495 ERROR: Can't read the group descriptor # 17179869184 from the device. [ 258.863186][ T5784] ocfs2: Unmounting device (7,3) on (node local) [ 259.095668][T10201] tmpfs: Cannot disable swap on remount [ 259.349795][T10211] netlink: 766 bytes leftover after parsing attributes in process `syz.3.1731'. [ 259.509652][T10215] loop2: detected capacity change from 0 to 512 [ 259.558061][T10215] EXT4-fs (loop2): orphan cleanup on readonly fs [ 259.586012][T10215] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.1732: bad orphan inode 13 [ 259.679842][T10215] ext4_test_bit(bit=12, block=18) = 1 [ 259.685316][T10215] is_bad_inode(inode)=0 [ 259.744951][T10215] NEXT_ORPHAN(inode)=2130706432 [ 259.772645][T10215] max_ino=32 [ 259.775923][T10215] i_nlink=1 [ 259.806600][T10215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 259.914294][T10215] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1732: bg 0: block 248: padding at end of block bitmap is not set [ 259.995742][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.005068][T10233] netlink: 766 bytes leftover after parsing attributes in process `syz.1.1741'. [ 260.088999][T10235] loop3: detected capacity change from 0 to 256 [ 260.158906][T10237] loop1: detected capacity change from 0 to 512 [ 260.193718][T10237] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 260.291510][T10237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 260.313735][T10237] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.385960][T10246] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1746'. [ 260.450377][T10248] netlink: 16215 bytes leftover after parsing attributes in process `syz.2.1747'. [ 260.462171][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.578821][ T5872] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 260.587363][T10252] loop1: detected capacity change from 0 to 1024 [ 260.661490][ T1090] hfsplus: b-tree write err: -5, ino 4 [ 260.752701][T10256] tmpfs: Cannot disable swap on remount [ 260.777652][ T5872] usb 4-1: Using ep0 maxpacket: 16 [ 260.799137][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 260.816139][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 260.828878][ T5872] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 260.856628][ T5872] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 260.882792][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.928691][ T5872] usb 4-1: config 0 descriptor?? [ 261.107121][T10266] loop2: detected capacity change from 0 to 128 [ 261.120308][T10266] FAT-fs (loop2): Directory bread(block 11554) failed [ 261.145765][T10266] FAT-fs (loop2): Directory bread(block 11555) failed [ 261.158507][T10266] FAT-fs (loop2): Directory bread(block 11556) failed [ 261.165705][T10266] FAT-fs (loop2): Directory bread(block 11557) failed [ 261.176675][T10266] FAT-fs (loop2): Directory bread(block 11558) failed [ 261.184119][T10266] FAT-fs (loop2): Directory bread(block 11559) failed [ 261.199496][T10266] FAT-fs (loop2): Directory bread(block 11560) failed [ 261.206561][T10266] FAT-fs (loop2): Directory bread(block 11561) failed [ 261.215379][T10266] FAT-fs (loop2): Directory bread(block 11562) failed [ 261.223034][T10266] FAT-fs (loop2): Directory bread(block 11563) failed [ 261.344154][T10266] syz.2.1756: attempt to access beyond end of device [ 261.344154][T10266] loop2: rw=3, sector=11586, nr_sectors = 6 limit=128 [ 261.381336][ T5872] ryos 0003:1E7D:31CE.0013: unbalanced collection at end of report description [ 261.388073][T10266] syz.2.1756: attempt to access beyond end of device [ 261.388073][T10266] loop2: rw=2051, sector=11592, nr_sectors = 2 limit=128 [ 261.404954][ T5872] ryos 0003:1E7D:31CE.0013: parse failed [ 261.405018][ T5872] ryos: probe of 0003:1E7D:31CE.0013 failed with error -22 [ 261.643258][ T5852] usb 4-1: USB disconnect, device number 10 [ 261.655426][T10272] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1759'. [ 261.671847][T10260] loop1: detected capacity change from 0 to 40427 [ 261.687815][T10272] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1759'. [ 261.703416][T10260] F2FS-fs (loop1): build fault injection attr: rate: 691, type: 0x7ffff [ 261.716801][T10260] F2FS-fs (loop1): Image doesn't support compression [ 261.753683][T10260] F2FS-fs (loop1): invalid crc value [ 261.767884][T10260] F2FS-fs (loop1): Found nat_bits in checkpoint [ 261.886797][T10260] F2FS-fs (loop1): Start checkpoint disabled! [ 261.900861][T10260] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 261.924427][ T28] audit: type=1800 audit(1752815984.130:117): pid=10260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1753" name="file2" dev="loop1" ino=10 res=0 errno=0 [ 262.105467][ T1079] kworker/u4:6: attempt to access beyond end of device [ 262.105467][ T1079] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 262.121465][ T1079] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 262.128845][ T1079] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 262.155651][T10286] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1766'. [ 262.164933][T10286] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1766'. [ 262.174492][T10285] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1766'. [ 262.288007][ T23] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 262.507732][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 262.525855][ T23] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 262.557162][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.587162][ T23] usb 3-1: Product: syz [ 262.591553][ T23] usb 3-1: Manufacturer: syz [ 262.596175][ T23] usb 3-1: SerialNumber: syz [ 262.619123][ T23] usb 3-1: config 0 descriptor?? [ 262.639318][ T23] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 262.657744][ T23] usb 3-1: setting power ON [ 262.663011][ T23] dvb-usb: bulk message failed: -22 (2/0) [ 262.709867][ T23] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 262.749318][ T23] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 262.772906][ T23] usb 3-1: media controller created [ 262.842610][T10283] dvb-usb: bulk message failed: -22 (3/0) [ 262.857688][T10283] dvb-usb: bulk message failed: -22 (4/0) [ 262.863484][T10283] cxusb: i2c read failed [ 262.875084][ T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 262.963166][ T23] usb 3-1: selecting invalid altsetting 6 [ 262.985493][ T23] usb 3-1: digital interface selection failed (-22) [ 263.006353][ T23] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 263.044277][ T23] usb 3-1: setting power OFF [ 263.062139][ T23] dvb-usb: bulk message failed: -22 (2/0) [ 263.087657][ T23] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 263.097092][ T23] (NULL device *): no alternate interface [ 263.221605][ T23] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 263.294751][ T23] usb 3-1: USB disconnect, device number 17 [ 263.411777][T10311] loop1: detected capacity change from 0 to 2048 [ 263.505666][T10295] syz.3.1769 (10295): drop_caches: 2 [ 263.588411][ T6262] udevd[6262]: incorrect nilfs2 checksum on /dev/loop1 [ 263.618768][T10294] syz.3.1769 (10294): drop_caches: 2 [ 263.625984][T10311] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 263.660701][T10316] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1776'. [ 263.675044][T10317] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 263.690382][T10316] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1776'. [ 263.807898][T10311] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 262144 [ 263.816527][T10311] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15) [ 263.837431][T10311] Remounting filesystem read-only [ 263.842668][T10311] NILFS (loop1): error -5 truncating bmap (ino=15) [ 263.893602][T10323] loop2: detected capacity change from 0 to 256 [ 263.924953][ T5786] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 263.962957][ T5786] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 263.987881][ T5786] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 264.017935][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.047002][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.068883][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.110734][ T5786] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 264.121647][ T5786] NILFS (loop1): discard dirty block: blocknr=3, size=1024 [ 264.135542][ T5786] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 264.149160][ T5786] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 264.171840][ T5786] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 264.192098][T10328] loop2: detected capacity change from 0 to 1024 [ 264.198716][ T5786] NILFS (loop1): discard dirty page: offset=268697600, ino=6 [ 264.206154][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.237746][ T5786] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 264.245179][ T5786] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 264.262290][ T5786] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 264.275502][ T1079] hfsplus: b-tree write err: -5, ino 4 [ 264.283182][ T5786] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 264.290655][ T5786] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 264.318866][ T5786] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 264.326217][ T5786] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 264.351067][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.374722][ T5786] NILFS (loop1): discard dirty page: offset=196608, ino=3 [ 264.392279][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.412275][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 264.432055][ T5786] NILFS (loop1): discard dirty block: blocknr=49, size=1024 [ 264.462397][ T5786] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 265.251459][T10358] syz.2.1795 (10358): drop_caches: 2 [ 265.280607][T10353] syz.2.1795 (10353): drop_caches: 2 [ 265.660359][T10365] loop2: detected capacity change from 0 to 4096 [ 265.716255][T10365] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 266.170924][T10378] __nla_validate_parse: 5 callbacks suppressed [ 266.170942][T10378] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1802'. [ 266.230132][T10378] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1802'. [ 266.256558][T10377] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1802'. [ 266.745542][T10381] loop2: detected capacity change from 0 to 32768 [ 266.805160][T10381] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 266.964719][T10372] loop1: detected capacity change from 0 to 40427 [ 267.015450][T10372] F2FS-fs (loop1): invalid crc value [ 267.045349][ T5789] ocfs2: Unmounting device (7,2) on (node local) [ 267.062385][T10372] F2FS-fs (loop1): Found nat_bits in checkpoint [ 267.140668][T10372] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 267.417104][ T5786] syz-executor: attempt to access beyond end of device [ 267.417104][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 267.442779][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 267.811071][T10403] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1813'. [ 268.229860][T10413] syz.1.1807 (10413): drop_caches: 2 [ 268.230359][T10416] syz.1.1807 (10416): drop_caches: 2 [ 269.010597][T10435] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1828'. [ 269.297888][ T5852] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 269.325047][T10424] orangefs_mount: mount request failed with -4 [ 269.453581][T10449] loop2: detected capacity change from 0 to 64 [ 269.493111][ T5852] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 269.512798][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.544751][ T5852] usb 2-1: config 0 descriptor?? [ 269.579663][ T5852] cp210x 2-1:0.0: cp210x converter detected [ 270.224805][ T5852] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 270.253559][ T5852] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 270.279003][ T5852] usb 2-1: cp210x converter now attached to ttyUSB0 [ 270.316613][ T5852] usb 2-1: USB disconnect, device number 12 [ 270.347246][ T5852] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 270.373867][ T5852] cp210x 2-1:0.0: device disconnected [ 270.508885][T10464] loop3: detected capacity change from 0 to 32768 [ 270.558914][T10464] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 270.759206][ T5784] ocfs2: Unmounting device (7,3) on (node local) [ 271.191850][T10472] orangefs_mount: mount request failed with -4 [ 271.222946][T10478] loop2: detected capacity change from 0 to 32768 [ 271.305985][T10478] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 271.330161][T10490] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1851'. [ 271.580157][T10478] XFS (loop2): Ending clean mount [ 271.607892][T10478] XFS (loop2): Quotacheck needed: Please wait. [ 271.766906][T10478] XFS (loop2): Quotacheck: Done. [ 271.889242][ T5789] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 272.490172][T10517] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1862'. [ 272.500050][T10517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1862'. [ 272.657523][T10521] loop1: detected capacity change from 0 to 1024 [ 272.715102][T10521] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.728885][T10526] lo: entered promiscuous mode [ 272.739692][T10524] lo: left promiscuous mode [ 272.753310][T10521] ext4 filesystem being mounted at /475/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.870843][T10521] EXT4-fs: Ignoring removed orlov option [ 272.876682][T10521] EXT4-fs: can't change dax mount option while remounting [ 272.987196][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.477733][ T1187] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 273.592432][T10563] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 273.667918][ T1187] usb 2-1: Using ep0 maxpacket: 8 [ 273.687286][ T1187] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 273.706989][ T1187] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.716277][ T1187] usb 2-1: Product: syz [ 273.727114][ T1187] usb 2-1: Manufacturer: syz [ 273.732938][ T1187] usb 2-1: SerialNumber: syz [ 273.745812][ T1187] usb 2-1: config 0 descriptor?? [ 273.754770][ T1187] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 273.770187][ T1187] usb 2-1: setting power ON [ 273.774921][ T1187] dvb-usb: bulk message failed: -22 (2/0) [ 273.793697][ T1187] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 273.805190][ T1187] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 273.814337][ T1187] usb 2-1: media controller created [ 273.843791][ T1187] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 273.879292][ T1187] usb 2-1: selecting invalid altsetting 6 [ 273.885132][ T1187] usb 2-1: digital interface selection failed (-22) [ 273.897217][ T1187] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 273.911253][ T1187] usb 2-1: setting power OFF [ 273.915906][ T1187] dvb-usb: bulk message failed: -22 (2/0) [ 273.924786][ T1187] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 273.952440][ T1187] (NULL device *): no alternate interface [ 273.968038][T10545] dvb-usb: bulk message failed: -22 (3/0) [ 274.000153][T10545] dvb-usb: bulk message failed: -22 (4/0) [ 274.005969][T10545] cxusb: i2c read failed [ 274.063658][ T1187] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 274.095372][ T1187] usb 2-1: USB disconnect, device number 13 [ 274.107790][T10577] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1888'. [ 274.121344][T10577] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1888'. [ 274.557752][T10590] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1894'. [ 274.586437][T10590] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1894'. [ 274.616053][T10590] netlink: 'syz.3.1894': attribute type 5 has an invalid length. [ 274.643706][T10590] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1894'. [ 274.817799][T10600] futex_wake_op: syz.2.1900 tries to shift op by 32; fix this program [ 274.886472][T10603] loop3: detected capacity change from 0 to 1024 [ 275.030935][ T12] hfsplus: b-tree write err: -5, ino 4 [ 275.184311][T10614] tmpfs: Cannot enable quota on remount [ 275.272927][T10616] loop2: detected capacity change from 0 to 1024 [ 275.445252][ T43] hfsplus: b-tree write err: -5, ino 3 [ 275.573786][T10624] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1912'. [ 275.900625][T10635] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org. [ 276.589845][T10655] loop2: detected capacity change from 0 to 64 [ 276.644383][T10658] loop3: detected capacity change from 0 to 512 [ 276.702881][T10658] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #17: comm syz.3.1928: iget: bogus i_mode (0) [ 276.745368][T10658] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1928: couldn't read orphan inode 17 (err -117) [ 276.808349][T10658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.848997][T10641] loop1: detected capacity change from 0 to 32768 [ 276.898535][T10641] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1919 (10641) [ 276.960551][T10641] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 276.992283][T10641] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 277.011869][T10641] BTRFS info (device loop1): setting nodatacow, compression disabled [ 277.022382][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.061670][T10641] BTRFS info (device loop1): max_inline at 0 [ 277.107666][T10641] BTRFS info (device loop1): enabling disk space caching [ 277.115240][T10641] BTRFS info (device loop1): turning off barriers [ 277.157807][T10641] BTRFS info (device loop1): turning on flush-on-commit [ 277.174983][T10641] BTRFS info (device loop1): doing ref verification [ 277.208551][T10641] BTRFS info (device loop1): force clearing of disk cache [ 277.233624][T10641] BTRFS info (device loop1): enabling ssd optimizations [ 277.253594][T10641] BTRFS info (device loop1): max_inline at 4096 [ 277.277724][T10641] BTRFS info (device loop1): disk space caching is enabled [ 277.316557][T10673] loop3: detected capacity change from 0 to 4096 [ 277.397716][T10673] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 277.468076][T10673] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096) [ 277.495438][T10641] BTRFS info (device loop1): auto enabling async discard [ 277.511671][T10641] BTRFS info (device loop1): rebuilding free space tree [ 277.551357][T10692] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 277.563484][T10641] BTRFS info (device loop1): disabling free space tree [ 277.577737][T10641] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 277.607793][T10641] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 277.854676][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 277.986305][T10696] loop3: detected capacity change from 0 to 2048 [ 278.112245][T10696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.135908][T10696] ext4 filesystem being mounted at /502/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.284191][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.767703][ T5852] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 278.799400][T10723] team0: Device gtp0 is of different type [ 278.830621][ T5872] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 278.947767][ T5852] usb 2-1: Using ep0 maxpacket: 16 [ 278.958431][ T5852] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 278.966518][ T5852] usb 2-1: config 0 has no interface number 0 [ 278.974163][ T5852] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 278.985260][ T5852] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 279.009519][ T5852] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 279.024569][ T5872] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 279.037856][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 279.045998][ T5852] usb 2-1: Product: syz [ 279.055604][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.068012][ T5852] usb 2-1: SerialNumber: syz [ 279.085909][ T5872] usb 3-1: config 0 descriptor?? [ 279.092456][ T5852] usb 2-1: config 0 descriptor?? [ 279.101602][ T5852] cm109 2-1:0.8: invalid payload size 0, expected 4 [ 279.112175][ T5872] cp210x 3-1:0.0: cp210x converter detected [ 279.125083][ T5852] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input15 [ 279.338652][ T5872] usb 3-1: cp210x converter now attached to ttyUSB0 [ 279.385683][ T3063] usb 2-1: USB disconnect, device number 14 [ 279.385702][ C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 279.398992][ C0] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 279.414864][ T3063] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 279.428268][ T28] audit: type=1326 audit(1752816001.630:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 279.437901][T10733] loop3: detected capacity change from 0 to 512 [ 279.475721][ T28] audit: type=1326 audit(1752816001.630:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 279.476921][T10733] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 279.509598][ T28] audit: type=1326 audit(1752816001.640:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6ae978e9a9 code=0x7ffc0000 [ 279.541512][ T28] audit: type=1326 audit(1752816001.640:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6ae978e9e3 code=0x7ffc0000 [ 279.558988][ T5872] usb 3-1: USB disconnect, device number 18 [ 279.576383][ T28] audit: type=1326 audit(1752816001.640:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6ae978d45f code=0x7ffc0000 [ 279.588657][ T5872] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 279.612966][ T5872] cp210x 3-1:0.0: device disconnected [ 279.618539][ T28] audit: type=1326 audit(1752816001.640:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6ae978ea37 code=0x7ffc0000 [ 279.620940][T10733] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 279.648508][ T28] audit: type=1326 audit(1752816001.640:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6ae978d310 code=0x7ffc0000 [ 279.668585][T10733] System zones: 0-2, 18-18, 34-34 [ 279.679826][ T28] audit: type=1326 audit(1752816001.640:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6ae978e5ab code=0x7ffc0000 [ 279.682872][T10733] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 279.702439][ T28] audit: type=1326 audit(1752816001.670:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6ae978d60a code=0x7ffc0000 [ 279.722355][T10733] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 279.740762][ T28] audit: type=1326 audit(1752816001.670:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10732 comm="syz.3.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6ae978d60a code=0x7ffc0000 [ 279.853090][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.077153][T10742] tipc: Enabling of bearer rejected, already enabled [ 280.789073][T10752] loop2: detected capacity change from 0 to 32768 [ 280.847970][ T1187] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 280.964747][ T5872] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 281.068312][ T1187] usb 2-1: Using ep0 maxpacket: 16 [ 281.081808][ T1187] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 281.109101][ T1187] usb 2-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc [ 281.132787][ T1187] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.141752][ T1187] usb 2-1: Product: syz [ 281.146050][ T1187] usb 2-1: Manufacturer: syz [ 281.159402][ T1187] usb 2-1: SerialNumber: syz [ 281.161588][T10768] loop2: detected capacity change from 0 to 4096 [ 281.164700][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 281.164733][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 281.164776][ T5872] usb 4-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 281.164802][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.167713][ T5872] usb 4-1: config 0 descriptor?? [ 281.225353][ T1187] usb 2-1: config 0 descriptor?? [ 281.239307][ T1187] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 281.254941][T10768] ntfs: volume version 3.1. [ 281.434499][T10770] loop2: detected capacity change from 0 to 512 [ 281.480031][ T1187] usb 2-1: USB disconnect, device number 15 [ 281.506201][T10770] EXT4-fs (loop2): 1 orphan inode deleted [ 281.516995][T10770] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 281.532388][T10770] ext4 filesystem being mounted at /492/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.541045][ T43] EXT4-fs error (device loop2): ext4_release_dquot:6974: comm kworker/u4:3: Failed to release dquot type 1 [ 281.644655][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.666892][ T5872] bigben 0003:146B:0902.0014: unexpected rdesc, please submit for review [ 281.723231][ T5872] bigben 0003:146B:0902.0014: hidraw0: USB HID v0.01 Device [HID 146b:0902] on usb-dummy_hcd.3-1/input0 [ 281.768044][ T5872] bigben 0003:146B:0902.0014: missing HID_OUTPUT_REPORT 0 [ 281.785354][ T5872] bigben 0003:146B:0902.0014: no output report found [ 281.873854][ T3063] usb 4-1: USB disconnect, device number 11 [ 281.897410][T10778] fido_id[10778]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:146B:0902.0014/report_descriptor': No such device [ 281.922292][T10780] loop2: detected capacity change from 0 to 22 [ 281.948394][T10780] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 281.976391][T10780] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 282.186619][T10788] loop1: detected capacity change from 0 to 1024 [ 282.655565][T10804] loop2: detected capacity change from 0 to 128 [ 282.718084][T10806] loop3: detected capacity change from 0 to 512 [ 282.730323][T10806] EXT4-fs (loop3): filesystem is read-only [ 282.743555][ T6262] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 282.755336][T10806] EXT4-fs (loop3): filesystem is read-only [ 282.762089][T10806] EXT4-fs (loop3): orphan cleanup on readonly fs [ 282.771765][T10806] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1986: bad orphan inode 16 [ 282.792061][T10806] ext4_test_bit(bit=15, block=3) = 0 [ 282.869118][T10806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 283.094738][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.276043][T10815] loop3: detected capacity change from 0 to 256 [ 283.311533][T10815] FAT-fs (loop3): Directory bread(block 1285) failed [ 283.332567][T10819] loop1: detected capacity change from 0 to 128 [ 283.351953][T10818] loop2: detected capacity change from 0 to 1024 [ 283.379055][T10815] FAT-fs (loop3): Directory bread(block 1285) failed [ 283.386812][T10815] FAT-fs (loop3): FAT read failed (blocknr 1281) [ 283.480025][T10818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.744092][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.641044][T10850] netlink: 340 bytes leftover after parsing attributes in process `syz.0.2005'. [ 284.674378][T10830] loop2: detected capacity change from 0 to 32768 [ 284.780147][T10830] ERROR: (device loop2): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 284.780147][T10830] [ 284.831865][T10830] ERROR: (device loop2): remounting filesystem as read-only [ 284.875281][T10830] ERROR: (device loop2): jfs_unlink: [ 284.875281][T10830] [ 284.906320][T10854] BUG: Bad page state in process syz.2.1996 pfn:50d91 [ 284.943171][T10854] page:ffffea0001436440 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x50d91 [ 285.012909][T10854] flags: 0xfff0800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff) [ 285.045118][T10854] page_type: 0xffffffff() [ 285.055264][T10854] raw: 00fff0800000820c ffffc90003347940 ffffc90003347940 0000000000000000 [ 285.082168][T10854] raw: 000000000000001c ffff88802e9e72e8 00000000ffffffff 0000000000000000 [ 285.108798][T10854] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 285.124725][T10854] page_owner tracks the page as allocated [ 285.134825][T10854] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 10830, tgid 10828 (syz.2.1996), ts 284732113922, free_ts 284476065132 [ 285.159965][T10854] post_alloc_hook+0x1cd/0x210 [ 285.164891][T10854] get_page_from_freelist+0x195c/0x19f0 [ 285.172656][T10854] __alloc_pages+0x1e3/0x460 [ 285.177473][T10854] folio_alloc+0x1e/0x30 [ 285.183399][T10854] filemap_alloc_folio+0xdf/0x470 [ 285.189003][T10854] do_read_cache_folio+0x36c/0x7e0 [ 285.194224][T10854] do_read_cache_page+0x32/0x250 [ 285.199692][T10854] __get_metapage+0x31a/0xfa0 [ 285.204507][T10854] diRead+0x6d3/0xb90 [ 285.209537][T10854] jfs_iget+0x8d/0x3c0 [ 285.213761][T10854] jfs_fill_super+0x70c/0xac0 [ 285.218595][T10854] mount_bdev+0x22b/0x2d0 [ 285.223003][T10854] legacy_get_tree+0xea/0x180 [ 285.227802][T10854] vfs_get_tree+0x8c/0x280 [ 285.232244][T10854] do_new_mount+0x24b/0xa40 [ 285.236754][T10854] __se_sys_mount+0x2da/0x3c0 [ 285.241521][T10854] page last free stack trace: [ 285.246220][T10854] free_unref_page_prepare+0x7ce/0x8e0 [ 285.251882][T10854] free_unref_page+0x32/0x2e0 [ 285.256704][T10854] vfree+0x1a6/0x320 [ 285.262410][T10854] __htab_map_lookup_and_delete_batch+0x1393/0x14c0 [ 285.269103][T10854] bpf_map_do_batch+0x477/0x610 [ 285.274013][T10854] __sys_bpf+0x725/0x800 [ 285.278355][T10854] __x64_sys_bpf+0x7c/0x90 [ 285.282797][T10854] do_syscall_64+0x55/0xb0 [ 285.287226][T10854] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 285.296304][T10854] Modules linked in: [ 285.307693][T10854] CPU: 1 PID: 10854 Comm: syz.2.1996 Not tainted 6.6.99-syzkaller #0 [ 285.315803][T10854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 285.325858][T10854] Call Trace: [ 285.329136][T10854] [ 285.332081][T10854] dump_stack_lvl+0x16c/0x230 [ 285.336886][T10854] ? show_regs_print_info+0x20/0x20 [ 285.342121][T10854] ? swiotlb_print_info+0x70/0x70 [ 285.347174][T10854] ? dump_page+0xba7/0x14d0 [ 285.351705][T10854] bad_page+0x14b/0x170 [ 285.355874][T10854] free_unref_page_prepare+0x887/0x8e0 [ 285.361362][T10854] free_unref_page_list+0xbe/0x860 [ 285.366510][T10854] ? __folio_memcg+0x63/0x160 [ 285.371201][T10854] release_pages+0x1fa0/0x2220 [ 285.375981][T10854] ? lru_cache_disable+0x30/0x30 [ 285.380931][T10854] ? workingset_activation+0x870/0x870 [ 285.386413][T10854] __folio_batch_release+0x71/0xe0 [ 285.391532][T10854] truncate_inode_pages_range+0x358/0xf00 [ 285.397271][T10854] ? filemap_fdatawait_range+0x40/0x40 [ 285.402755][T10854] ? mapping_evict_folio+0x510/0x510 [ 285.408073][T10854] ? mutex_unlock+0x10/0x10 [ 285.412603][T10854] ? jfs_sync_fs+0x87/0xa0 [ 285.417038][T10854] ? sync_filesystem+0x1e6/0x220 [ 285.422002][T10854] jfs_remount+0x33b/0x5b0 [ 285.426435][T10854] ? jfs_statfs+0x550/0x550 [ 285.430959][T10854] reconfigure_super+0x21e/0x880 [ 285.435915][T10854] path_mount+0xd19/0xfe0 [ 285.440351][T10854] __se_sys_mount+0x2da/0x3c0 [ 285.445052][T10854] ? __x64_sys_mount+0xc0/0xc0 [ 285.449836][T10854] ? lockdep_hardirqs_on+0x98/0x150 [ 285.455050][T10854] ? __x64_sys_mount+0x20/0xc0 [ 285.459847][T10854] do_syscall_64+0x55/0xb0 [ 285.464292][T10854] ? clear_bhb_loop+0x40/0x90 [ 285.469000][T10854] ? clear_bhb_loop+0x40/0x90 [ 285.473723][T10854] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 285.479649][T10854] RIP: 0033:0x7fe5cd18e9a9 [ 285.484076][T10854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.503705][T10854] RSP: 002b:00007fe5cdff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 285.512140][T10854] RAX: ffffffffffffffda RBX: 00007fe5cd3b6080 RCX: 00007fe5cd18e9a9 [ 285.520130][T10854] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000 [ 285.528120][T10854] RBP: 00007fe5cd210ca1 R08: 0000000000000000 R09: 0000000000000000 [ 285.536098][T10854] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000 [ 285.544077][T10854] R13: 0000000000000001 R14: 00007fe5cd3b6080 R15: 00007fffd80a3068 [ 285.552074][T10854] [ 285.555174][ C1] vkms_vblank_simulate: vblank timer overrun [ 285.587414][T10854] Disabling lock debugging due to kernel taint [ 285.606662][ T5789] ERROR: (device loop2): xtTruncate: XT_GETPAGE: xtree page corrupt [ 285.606662][ T5789] [ 285.617551][ T5789] ERROR: (device loop2): remounting filesystem as read-only