last executing test programs: 2.825177719s ago: executing program 3 (id=1929): r0 = socket$kcm(0xa, 0x1, 0x106) setsockopt$sock_int(r0, 0x1, 0x1, 0x0, 0x0) 2.673290444s ago: executing program 0 (id=1920): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x158, 0x10, 0x1, 0x0, 0x0, {{@in6=@remote, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {@in=@loopback, 0x0, 0x32}, @in6=@loopback, {0x0, 0x2a3, 0x7f, 0xffffffffffffffff, 0x0, 0x33}, {0x7}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0xaf}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x0, 0x0, 0x70bd2b}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x200}}]}, 0x158}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 2.621901046s ago: executing program 3 (id=1921): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0585609, &(0x7f0000000000)={0x5, 0xb, 0x2}) 2.535471189s ago: executing program 0 (id=1922): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafbd63e"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0}}, 0x10) 2.339273935s ago: executing program 3 (id=1924): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x64, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x4}, @IFLA_GRE_OKEY={0x8, 0x5, 0xda4b}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x64}}, 0x0) 2.339082125s ago: executing program 0 (id=1925): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback, 0x4000000}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="8000102e7577", 0x6}, {&(0x7f0000000180)="acab", 0x2}], 0x2, &(0x7f00000002c0)=ANY=[], 0x2}}], 0x1, 0x0) 2.150309741s ago: executing program 3 (id=1928): syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x1c5001, 0x0) 2.135311112s ago: executing program 0 (id=1930): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01fa0000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000040000000160a0101000b000000000000010000000900020073797a30000000000900010073797a300000000014000380080001400000005a"], 0xc8}}, 0x0) 1.806982842s ago: executing program 0 (id=1933): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceeca11a757cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5cf8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12a0000800100000000b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe39b131cab48d99bd1b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYRES16=0x0, @ANYRES16], 0x1, 0x6246, &(0x7f0000006740)="$eJzs3c2OHFfZB/Cn+ms+/MaxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhceaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoPOeMa5pu99jOdPXM+f2kcdVTp2r6lP5d092uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvuDM1VEXPp5WnAs4v+iH9GLWGnqtYhYWTuW1x9ExAvxoDmej4jhUkSVG5+NeCMiPj4ace/+rfVm0dk99uM7f/zbb3945Pt//f3w1L//dKP/5rT1bt781b/+fPvJ9xcAAABKVNd1XaWP+cfT5/te150CAOYiv/7XSV6uXrh6c8H6o1arD3w9XLD+qOdRt9WT3W4XEbHZ3qZ5z+B0PAAcMJvxSdddoEPyL9ogIo503QlgoVVdd4B9ce/+rfUq5Vu1Xw/WttvztSC78t+sdu7vmDadZfwak3k9v7aiH89N6c/KnPqwSHL+vfH8L223j9J6+53/vEzLf7R961Nxcv798fzHHJ78exPzL1XOf/BY+fflDwAAAAAACyz///+xjs//Lj39ruzJo87/rs2pDwAAAAAAAADwWXva8f92VMb/AwAAgEXVfFZv/Prow2XTvoutWX6xinhmbH2gMOlmmdWu+wEAAAAAAAAAAAAAJRlsX8N7sYoYRsQzq6t1XTc/beP143ra7Q+60vcfStb1H3kAANj28dGxe/mriOWIuJi+62+4urpa18srq/VqvbKU38+Olpbrldbn2jxtli2N9vCGeDCqm1+23Nqubdbn5Vnt47+veaxR3d9Dx+ajw8ABICK2X43ueUU6ZOr62ej6XQ4Hg+P/8HH8sxddP08BAACA/VfXdV2lr/M+ns7597ruFAAwF/n1f/y8gFqtVqvV6sNXt9WT3W4XEbHZ3qZ5z2A4fgA4YDbjk667QIfkX7RBRLzQdSeAhVZ13QH2xb37t9arlG/Vfj1I47vna0F25b9ZPdgubz9pOsv4NSbzen5tRT+em9Kf5+fUh0WS8++N539pu32U1tvv/OdlWv7Nfh7roD9dy/n3x/Mfc3jy703Mv1Q5/8Fj5d+XPwAAAAAALLD8///HFur87+hJd2emR53/Xdu3RwUAAAAAAACA/XXv/q31fN9rPv//uQnruf/zcMr5V/IvUs4/3f+/c+HNK2Pr9Vvzd995mP8/799a/92Nf/x/nu41/6U8U6VnVpWeEVV6pGqQpk+4Y1NsDfuj5pGGVa8/SNf81MP34kpcjY04vWvdXjoeHraf2dXe9HT4oL3ub7ef3dU+2GnP25/b1T5MVzrVK7n9ZKzHT+JqvPugvWlbmrH/yzPa6xntOf++479IOf9B66fJfzW1V2PTxt07vf857tvTSY/z9pXP//L0/u/OTFtxZ+LyZv9emntvYvsvzpFR/Oz6xrWTNy/fuHHtTKTJrqVnI00+Yzn/YfrJ+b/y8nZ7/rvfPl7v3hk9dv6LYisGO8/ttib/l1vzzf6+Oue+dSHnP0o/Of93U/vk4/8g59+fmv9rHfQHAAAAAAAAAAAAAAAAHqWu6we3iL4dEefT/T9d3ZsJAMxXfv2vk7x8XnX/Sbf/w+796Kr/avWc62rB+jPX+tN6sfqjXsj6PwvWn4Wr2+rJ3moXEfGX9jbNe4ZfTPplAMAi+zQi/t51J+iM/AuWv++vmZ7oujPAXF3/8KMfXb56dePa9a57AgAAAAAAAAA8qTz+51pr/OcTdV3fHltv1/iv78Ta047/OcgzOwOMThmouv/4+/QoW71Rv9cabvzFmDb+93Bn7lHjfw9mPN5wRvtoRvvSjPblGe0Tb/Royfm/2Brv/EREHB8bfr2E8V/Hx7wvQc7/pdbzucn/S2PrtfOvf3OQ8+/tyv/UjQ9+eur6hx+9fuWDy+9vvL/x43Nnzpw+d/78hQsXTr135erG6e1/O+zx/sr557GvXQdalpx/zlz+Zcn5fyHV8i9Lzv+LqZZ/WXL++f2e/MuS88+ffeRflpz/q6mWf1ly/l9OtfzLkvN/LdXyL0vO/yupln9Zcv6vp1r+Zcn5n0y1/MuS8z+V6j3mv7Lf/WI+cv75DJfjvyw5/3xlg/zLkvM/m2r5lyXnfy7V8i9Lzv+NVMu/LDn/r6Za/mXJ+Z9PtfzLkvP/WqrlX5ac/4VUy78sOf+vp1r+Zcn5fyPV8i9Lzv/NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/m+lWv5lefj9/2lmOcaXmDFjpriZrv8yAQAAAAAAAAAAAADj5nE5cdf7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27i1Grru+A/iZvXnjQGIgpE5qwsYxwTib7PoSX2hdTLg23EpCKPSC7XrXZsE3vHYJNKodBUokjIoq2oaHtoBQm5cKq+KBVoDygFpVqkTaB/qCqFB5iKqAAlJVWgFbzZz//78zs7Mzu97x+sw5n48U/7wzZ+acOXNmdr/efOcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADN7nzD7KdqWZbVarX8gk1Z9qL6vGFiU+OS117f7QMAAADW7ueNP1+4OV1waAU3alrmn+749lcXFhYWsvcN/+no5xYW0hUTWTa6Icsa10VXvv/+WvMywRPZeG2o6euhHqsf7nH9SI/rR3tcP9bj+g09rh/vcf2SHbDEDVkt3dm2xl835bs0uyUbbVy3rcOtnqhtGKrvu3TbrNa4zcLo8WwuO5nNZtMty+fL1hrLf/3O+rremsV1DTWta0v9CPnxY8fiNtTCPt7Wsq7F+4x++Pps4ic/fuzYX59//rZOs+duaLm/fDu3b61v5yfCJfm21rINaZ/E7Rxq2s4tHZ6T4ZbtrDVuV/97+3a+sMLtHF7czHXV/pyPZ0ONvz/b2E8jtazDftoSLvvpXVmWXVrc7PZllqwrG8o2tlwytPj8jOdHZP0+6ofSS7ORVR2nd67gOK3PmW2tx2n7ayI+/3eG240ssw3NT9MPHx9ret5/tnA1x2lUf9TLvVbaj8F+v1aKcgzG4+LZxoN+suMxuC08/sfuXv4Y7HjsdDgG0+NuOga39joGh8aGG9ucnoRa4zaLx+DOluWHG2uqNeZzd3c/BqfOnzo7Nf+xj987d+roidkTs6d379w5vXvv3v37908dnzs5O53/eZV7u/g2ZkPpNbA17Lv4Gnh127LNh+rCF8eWvP9e7etwvMvrcFPbsv1+HY60P7ja+rwglx7T+WvjPfWdPn55KFvmNdZ4fnas/XWYHnfT63Ck6XXY8XtKh9fhyApeh/Vlzu5Y2c8sI03/ddqG5b8XrO0Y3NR0DLb/PNJ+DPb755GiHIPj4bj47o7lvxdsCdv75ORqfx4ZXnIMpocb3nvql6Sf98f3N0an4/L2+hU3jmUX5mfP3ffo0fPnz+3MwlgXL2s6VtqP141NjylbcrwOrfp4PTR3x5O3d7h8U9hX4/fW/xhf9rmqL7Pnvu7PVeO7W+f92XLpriyMPlvv/dnpu3l9f45l2ee/9fhD33js829Ydn/W8+Ynptb+s3jKpU3vv6PLvP/G3P+LfH3prp4YHh3JX7/Dae+Mtrwftz5VI433rlpj3S9Mrez9eDT8t97vx7d0eT/e3LZsv9+PR9sfXHw/rvX61461aX8+x8NxcnK6+/txfZnNu1Z7TI50fT++K8xa2P+vCUkh5aKmY2e54zata2RkNDyukbiG1uN0d8vyoyGb1df19K6rO06335Xf13B6dIvW6zidaFu238dp+rev5Y7TWq9/fbs67c/neDgubtnd/TitL/PMnrW/d94Q/9r03jnW6xgcHR6rb/NoOggb7/fZwg3xGLwvO5adyU5mM41rxxrHU62xrsn7V3YMjoX/1vu9cnOXY3B727L9PgbT97Hljr3ayNIH3wftz+d4OC6eur/7MVhf5o37+vuz6/ZwSVqm6WfX9n9fW+7fvG5v203X6lgZCdv5rX3d/222vszJ/avNmd330z3hkhs77Kf21+9yr6mZbH320+awnc/vX34/1benvsznDqzweDqUZdnFjzzw7Nb6U5//fuXvLnznqy2/d+n0O52LH3ngRy8+/o+r2X4ABt8v8rEx/17X9Juplfz+HwAAABgIMfcPhZnI/wAAAFAaMffH/ys8kf8BAACgNGLuHwkzqUj+3/zG5+d+cTFLzfyFIF6fdsOD+XKx4zodvp5YWFS//IEvz/73P1xc2bqHsiz72YN/0HH5zQ/G7cpNhO288qbWy5f46r0rWveRRy6m9Tb3178Q7j8+npUeBp0quNNZln395s801jPx/suN+cyDRxrzoUtPPlFf5oUD+dfx9s+9LF/+L0L599Dxoy23fy7shx+EOf22zvsj3u4rl1+zZd97F9cXb1fbelPjYT/1gfx+4+fkfPaJfPm4n5fb/m98+umv1Jd/9FWdt//iUOftfzrc75fD/N9X5Ms3Pwf1r+PtPhm2P64v3u6+L32z4/Zf+VS+/Nk358sdCTOuf3v4etubn59r3l+P1o62PK7sLflycf3T3/njxvXx/uL9t2//+OHLLfuj/fh45t/y+5lqWz5eHtcT/X3b+uv303x8xvU//UdHWvZzr/Vfeei5V9Tvt33997Qtd/YjOxrrX7y/1k9s+stPfqbj+uL2HPrbsy2P59C7w+s4rP+pD4TjMVz/f1fy+2v/dIUj7259/4nLf2HTxZbHE731J/n6r7zuRGNuGL9h440vevFNl15Z33dZ9uyG/P56rf/EX51p2f4v3prvj3h97Oi3r385cf3nPjp5+sz8hbmZtFcfu7nx2Tlvz7cnbu/N4b21/evDZ85/cPbcxPTEdJZNlPcj9K7al8L8UT4udV96Yck76I5HwvN5+59/fePd//rpePm/vye//PLb8u9brw7LfTZcvik8f6tb/1JP3Xlr4/VdeyZs4cLSzwteiy3b/mv/ihYMj7/954J4vJ99+Qcb+6F+XeP7Rnxdr3H7vzeT38/Xwn5dCJ/MvPXWxfU1Lx8/G+Hyw/nrfc37L7zNxef1b8Lz/Y4f5Pcftys+3u+Fn2O+ubn1/S4eH1+7ONR+/41P8bgU3k+yS/n1cam4vy+/cGvHzYufQ5Jduq3x9Z+k+7ltVQ9zOfMfm586OXf6wqNT52fnz0/Nf+zjh0+duXD6/OHGZ3ke/lCv2y++P21svD/NzO7dkzXerc7k4xq73tt/9pFjM/um756ZPX70wvHzj5ydPXfi2Pz8sdmZ+buPHj8++9Fet5+bObhz14Hd+3ZNnpibObj/wIHdBybnTp+pb0a+UT3snf7w5Olzhxs3mT+458DO++/fMz156szM7MF909OTF3rdvvG9abJ+69+fPDd78uj5uVOzk/NzH589uPPA3r27en4a4Kmzx+cnps5dOD11YX723FT+WCbONy6uf+/rdXvKaf4/8p9n29XyD+LL3nXP3vT5rHVffnzZu8oXafsA0efDZ9H880vO7l/J1zH3j4aZVCT/AwAAQBXE3D8WZiL/AwAAQGnE3L8hzET+BwAAgNKIuX88zKQi+b90/f/NF1e0fv3/vvT/Fy7q/+v/D2L//+Gi9f/z9wv9//5Ya/9e/z/Q/9f/1//X/9f/pw+K1v+Puf+GLKtk/gcAAIAqiLl/Y5iJ/A8AAAClEXP/jWEm8j8AAACURsz9LwozqUj+1//X/3f+f/1//f/O69f/H0z6/93p//eg/z+VVav/f6mf26//r//PUkXr/8fc/+Iwk4rkfwAAAKiCmPtvCjOR/wEAAKA0Yu6/OcxE/gcAAIDSiLl/U5hJRfK//r/+v/6//r/+f+f16/8PJv3/7vT/e9D/d/5//X/9f/qqaP3/mPtfEmZSkfwPAAAAVRBz/0vDTOR/AAAAKJ6Rq7tZzP0vCzNZkv+vcgUAAADAdRdz/y1ZWxG8Ir//1//X/y9+/39Duk7/X/8/K2T/fzjT/y8O/f/u9P970P/X/9f/1/+nr4rW/2/k/mw8e3mYSUXyPwAAAFRBzP23hpnI/wAAAFAaMff/UpiJ/A8AAAClEXP/5jCTiuR//X/9/+L3/53/X/+/6P1/5/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf+2MJOK5H8AAACogpj7bw8zkf8BAACgNGLu/+UwE/kfAAAASiPm/i1hJhXJ//r/Be//x+ao/r/+v/6//r/+/4ro/3en/9+D/r/+v/6//j99VbT+f8z9rwgzqUj+BwAAgCqIuf+OMBP5HwAAAEoj5v5XhpnI/wAAAFAaMfdPhJlUJP/r/xe8/5/34Mec/1//X/9f/1//f2X0/7vT/+9B/1//vy/9/4WLHfr/G3rdXv+fMipa/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/87/r/9PXxWt/x9z/6vCTCqS/wEAAKAKYu6/O8xE/gcAAIDSiLn/1WEm8j8AAACURsz928NMKpL/9f/1//X/9f/1/zuvX/9/MK21f1//UUD/X/9f/1//X/9f/5/+KFr/P+b+14SZVCT/AwAAQBXE3L8jzET+BwAAgNKIuf+eMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zuvX/x9Mzv/fnf5/D/r/+v/6//r/9FXR+v8x998bZlKR/A8AAABVEHP/fWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6//r/+v+r6v+/cvF+9f9z+v/Fov/fnf5/DyXp/4+u6kEvut79+bW63tvfn/7/qP4/pVK0/n/M/TvDTCqS/wEAAKAKYu7fFWYi/wMAAEBpxNy/O8xE/gcAAIDSiLl/T5hJRfK//r/+v/6//r/z/3dev/7/YNL/767//f/4EPX/i9T/v1rXuz8/6Nvv/P/6/yxVtP5/zP33h5lUJP8DAABAFcTcvzfMRP4HAACA0oi5f1+YifwPAAAApRFz//4wk4rkf/1//f/r2f/Pskv6//r/+v/6/32l/9+d8//3oP+v/6//r//PGj38h81fFa3/H3P/gTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1/5//X/9f/b9D/H0z6/93p//eg/6//r/+v/09fLdv/D9F7vfv/MfcfDDOpSP4HAACAKoi5/9fCTOR/AAAAKI2Y+18XZiL/AwAAQGnE3H8ozKQi+V//f/DO/x/rM/r/+v/6/+Xq/4/F+9X/X5M19O8bT63+f6D/r/+v/6//r/9PHxTt/P8x978+zKQi+R8AAACqIOb+B8JM5H8AAAAojZj73xBmIv8DAABAacTc/8Ywk4rkf/3/wev/O/+//r/+f65s/X/n/+8P5//vTv+/B/1//X/9f/1/+qpo/f+Y+98UZlKR/A8AAABVEHP/m8NM5H8AAAAojZj73xJmIv8DAABAacTc/9Ywk4rk/3Xv/zcVhfX/9f/1//X/9f/1//tt7f3/n4U9rf+v/6//r/+v/6//z1oVrf8fc/+vh5lUJP8DAABAFcTc/2CYifwPAAAApRFz/9vCTOR/AAAAKI2Y+98eZlKR/O/8//r/+v/6//r/ndev/z+YnP+/uwHr///8pnC5/n9O/7/Y27/a/v9I29fXpP///eX6/wsb2m+v/8+1ULT+f8z97wgzqUj+BwAAgCqIuf+dYSbyPwAAAJRGzP3vCjOR/wEAAKA0Yu7/jTCTiuR//f/6diy2l/X/y9r/H9L/1//X/68I/f/uBqz/Pwjn/x/W/1+k/+/8//r/tCta/z/m/neHmVQk/wMAAEAVxNz/UJiJ/A8AAAClEXP/w2Em8j8AAACURsz97wkzqUj+1/93/v9q9P+d/z/T/9f/rwj9/+70/3tw/n/9/6L1//9T/5/BVrT+f8z9j4SZVCT/AwAAQBXE3P/eMBP5HwAAAEoj5v7fDDOR/wEAAKA0Yu5/X5hJRfK//v+g9P8nBrT//7j+/zXs/99xU76c/r/+P4v0/7vT/+9B/1//v2j9f+f/Z8AVrf8fc//7w0xWnv/HV7wkAAAAcF3E3P9bYSYV+f0/AAAAVEHM/b8dZiL/AwAAQGnE3P87YSYVyf/6/4PS/3f+/0z/3/n/2x6P/r/+fyfr1/+P7zz6//r/+v+R/r/+v/4/7YrW/4+5/3fDTCqS/wEAAKAKYu7/QJiJ/A8AAAADodP/k90u5v7DYSbyPwAAAJRGzP1Hwkwqkv/1//X/9f8L2v//s63/8t1vv/PITv1//X/9/1VZ1/P/11/8zv+v/6//n+j/6//r/9OuaP3/mPuPhplUJP8DAABAFcTc/3thJvI/AAAAlEbM/cfCTOR/AAAAKI2Y+2fCTCqS//X/9f/1/wva/x/g8//H/aH/36pv/f/4pqv/31Hev09H0bXt/793sSeu/7/a/v9Yx0v1//X/B3n79f/1/1mqaP3/mPtnw0wqkv8BAACgCkLuHzqez8Ur5H8AAAAojZj7T4SZyP8AAABQGjH3fzDMpCL5X/9f/1//X//f+f87r79b/7824vz/RZX69z9tvFD0/9sUp//fmf6//v8gb7/+v/4/SxWt/x9z/1yYSUXyPwAAAFRBzP0fCjOR/wEAAKA0Yu7/cJiJ/A8AAAClEXP/yTCTiuR//X/9f/1//X/9/87rL+z5//X/u1pr/17/P9D/r3b//3/0//X/9f/pj6L1/2PuPxVm8v/s3UeTZfV5x/Hb9uDpKbzwzgtvXOWlXwILe22/AC+88cZVLi9wwDbODMY5YCEJZQmBckABBAIkgXIAJSSUQRLKOaCERqJGRffzPNPh9LndM7dvn/P/fz6LeUx7mntFTc3wm54vp5P9DwAAAD3I3X9l3GL/AwAAQDNy9/9Z3GL/AwAAQDNy9/953NLJ/tf/X0r/f6FS1v/vfv+T6P9/R/9/0Ovr//X/LdP/j9P/L6H/9/x//b/+n5WaWv+fu/8v4pZO9j8AAAD0IHf/X8Yt9j8AAAA0I3f/VXGL/Q8AAADNyN3/V3FLJ/t/T/+/seiz/8+M1/P/W+r/Pf//wNfX/+v/W7be/v/aJ3/m0//r//X/Qf9/qP7/9EGfr/+nRVPr/3P3/3Xc0sn+BwAAgB7k7v+buMX+BwAAgGbk7r86brH/AQAAoBm5+/82bulk/6/u+f9ntj4+0/6/6P/1/1sf0P/r//X/s+X5/+N66v+veujyKx+78zfuOsrr6//1/57/f7T+f+d/zED/z5Cp9f+5+/8ubulk/wMAAEAPcvf/fdxi/wMAAEAzcvf/Q9xi/wMAAEAzcvf/Y9zSyf5fXf8/6+f/F/2//n/rA/p//b/+f7b0/+N66v8v5vX1//p//b/n/7NaU+v/c/f/U9zSyf4HAACAHuTu/+e4xf4HAACAZuTuvyZusf8BAACgGbn7z8Ytnex//f/x9/9P6P/1/3H1//p//f/x0/+P0/8vof/X/+v/9f+s1NT6/9z918Ytnex/AAAA6EHu/n+JW+x/AAAAaEbu/uviFvsfAAAAmpG7/1/jlk72v/7f8//1//p//f/w6+v/50n/P07/v4T+/1L7+cv0//p//T87HbH/Pzfy0/ZK+v/c/f8Wt3Sy/wEAAKAHufv/PW6x/wEAAKAZufv/I26x/wEAAKAZufv/M27pZP/r//X/+n/9/0X3//t/6G3R/w/T/6+H/n/cZPr/jVODH9b/z77/9/x//b/+n12m9vz/3P3/Fbd0sv8BAACgB7n7/ztuGdn/R/7NfAAAAOBE5e7/n7jF1/8BAABg9rI6y93/v3FLJ/tf/6//1//r/z3/f/j1x/r/u3a8P/3/tOj/x02m/z+A/l//P+f3r//X/7Pf1Pr/3P3/F7d0sv8BAACgB7n7r49b7H8AAABoRu7+/49b7H8AAABoRu7+p8Qtnez/4f7/wv9f/384+v/d71//P/zjY1X9f/4d9f+j/f/vev5/n/T/49bf/5/W/+/+++v/j9FJv//G+/8zyz5f/8+QqfX/uftviFs62f8AAADQg9z9T41b7H8AAABoRu7+p8Ut9j8AAAA0I3f/0+OWTva/5//r//X/8+v/Pf9/20k+/3+x9v7/lP7/kPT/4zz/fwn9v/5f/+/5/6zU1Pr/3P03xi2d7H8AAADowY2PL7Z2/zMWC/sfAAAA5mjnnx3Y+wdKQ+7+Z8Yt9j8AAAA0I3f/s+KWTva//l//r//X/+v/h19/Wv2/5/8flv5/3Fz6/zP6/8G3N9P+/1Rj/f9NB33+FPr/a/T/TMyu/v/eCx8/qf4/d/+z45ZO9j8AAAD0IHf/c+IW+x8AAACakbv/uXGL/Q8AAADNyN3/vLilk/1/7P3/mYNfW/+v/9f/6//1//r/VdP/j5tL/+/5/031/57/7/n/+v+OXej/d/98eFL9f+7+58ctnex/AAAA6EHu/hfELfY/AAAANCN3/01xi/0PAAAAzcjd/8K4pZP97/n/+n/9v/5f/z/8+vr/edL/j9P/L6H/1//r//X/rNSu5//vcFL9f+7+m+OWTvY/AAAA9CB3/y1xi/0PAAAAzcjd/6K4xf4HAACAZuTuf3Hc0sn+1/8fb/+fH9f/6/8X+n/9v/5/Lbrt/zeGfiXa74D+/4E/Ofv7uz+i/9f/6//1//p/VmAS/f/5C/92mbv/JXFLJ/sfAAAAepC7/6Vxi/0PAAAAzcjd/7K4xf4HAACAZuTuf3nccsT9/2srfVfro//3/H/9v/5f/z/8+vr/eeq2/z8kz/9fQv+v/9f/6/9ZqUn0/zv+Onf/K+IWX/8HAACAZuTuf2XcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/6f/2//l//P/z6R+//t38kbi6G6f/XQ/8/Tv+/hP5f/6//1/+zUlPr/3P33xq3dLL/AQAAoAe5+18Tt9j/AAAA0Izc/a+NW+x/AAAAaEbu/tfFLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//On9f/6f/2//p+LNLX+P3f/6+OWTvY/AAAA9CB3/21xi/0PAAAAzcjdf3vcYv8DAABAM3L3vyFu6WT/6//1//p//b/+f/j19f/zpP8fp/9fwvP/9f/6f/0/KzW1/j93/x1xSyf7HwAAAHqQu//OuMX+BwAAgGbk7n9j3GL/AwAAQDNy998Vt3Sy//X/+n/9v/7/WPr/s/r/vfT/63F8/f9C/6//1/8vof/X/+v/2Wtd/f+5+Pl+Wf+fu//uuKWT/Q8AAAA9yN1/T9xi/wMAAEAzcve/KW6x/wEAAKAZufvfHLd0sv/1//p//b/+3/P/h19f/z9Pnv8/Tv+/hP5f/6//1/+zUuvq/w/q/ff+de7+t8Qtnex/AAAA6EHu/nvjFvsfAAAAmpG7/764xf4HAACAZuTuf2vc0sn+1//r/3f3/4uF/l//r//ftob+f3Oh/185/f84/f8S+v82+/9fWjTU/5858PP1/0zR1Pr/3P1vi1s62f8AAADQg9z9b49b7H8AAABoRu7+d8Qt9j8AAAA0I3f/O+OWlvb/Ewenb/Pv/0/v+UT9/2KxePhqz//X/4+8vv5/Mv1//VPV/6+O/n+c/n8J/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7//3fqL+f3FJz//X/299QP+v/9f/z9al9vc3b8avafp//b/+f7Cf3zjg33sW+n/9v/6fAVPr/3P3vy9u6WT/AwAAQA9y998ft9j/AAAA0Izc/Q/ELfY/AAAANCN3//vjlk72v/5f/6//n2f/v6n/1//r/wdN5fn/V1zxew/q//X/Lfb/Y/T/+n/9P3tNrf/P3f+BuKWT/Q8AAAA9yN3/wbjF/gcAAIBm5O7/UNxi/wMAAEAzcvd/OG7pZP/v7/8vW2wXqtuG+v9o1PT/O+j/d79//f/wjw/P/9f/6/+P31T6/2k8/3//r076/yX0//r/dfX/v7n/8/X/tGhq/X/u/gfjlk72PwAAAPQgd/9H4hb7HwAAAJqRu/+jcYv9DwAAAM3I3f9Q3NLJ/vf8f/2//l//r/8ffn39/zzp/8fp/5fQ/196P58/q+r/5/v8/1/W/7M6U+v/c/d/LG7ZGn6/9asX+T8TAAAAmJDc/R+PWzr5+j8AAAD0IHf/J+IW+x8AAACakbv/k3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8S/fT/m0MfPOl+/lKd9Ptvpv/3/H9WaGr9f+7+T8Utnex/AAAAaNvjW9/m7v903GL/AwAAQDNy938mbrH/AQAAoBm5+x+OWzrZ//p//X/7/f8f6f/3vL7+f+39/3V36//XRv+fv6IP0/8v0U//P+ik+/m5v3/9v/6f/abW/+fufyRu6WT/AwAAQA9y9382brH/AQAAoBm5+z8Xt9j/AAAA0Izc/Z+PWzrZ//r/vvr/jUWP/b/n/+v/T7z/36L/X4/59P+3nBr6qOf/6//1//N9//p//T/7Ta3/z93/6MapLvc/AAAAzNUf/PafPnLY7/vo1rebiy/ELfY/AAAANCN3/xfjFvsfAAAAmpG7/0txSyf7X//fV//f5/P/9f/6f/1/T+bT/w/T/+v/9f/zff/6f/0/+02t/8/d/+W4ZcfwG/wP9AAAAAAn51eO9t1z938lbunk6/8AAADQg9z9X41b9u3/84f8U+0AAADA1OTu/1rc0snX//X/E+//F8fU/8f30/9v0//r/4deX/8/T/r/cZfY/5/f0P/r/0fo//X/+n/2mlr/n7v/njsWXe5/AAAAaNSu31H4+ta3m4tvxC32PwAAADQjd/834xb7HwAAAJqRu/9bcUsn+1//P/H+/6Ke/3+m/i/P/++8/79+c/D19f/6/5bp/8d5/v8S+n/9v/5f/89KHaH/3xqkx93/5+7/dtzSyf4HAACAHuTu/07cYv8DAABAM3L3fzdusf8BAACgGbn7vxe3dLL/9f8n0P/fcHqxONb+/xDP/9f/99H/H/D67fT/v3752fv/8I9vv1X/zwXr7P/zx4L+X/+v/9+m/9f/6//Za2rP/8/d//24pZP9DwAAAD3I3f9Y3GL/AwAAQDNy9/8gbnly/993Uu8KAAAAWKXc/T+MWzr5+r/+v8Xn/8+z/89/1ifQ/5+dX/+fTXHv/b/n/+v/9/P8/3H6/yX0//p//b/+n5WaWv+fu/9HcUsn+x8AAAB6kLv/x3FL7v+NI//WPQAAADAxuft/Erf4+j8AAAA0I3f/43FLJ/t/jv3/uT3vcfcn6v8XM+3/k+f/X/g8z//fpv/X/x+F/n+c/n8J/b/+X/+v/2elptb/5+7/adzSyf4HAACAHuTuPxe32P8AAADQjNz9P4tb7H8AAABoRu7+n8ctnez/Ofb/nv+v/9f/6/8X+n/9/wH0/+P0/0vo//X/+n/9Pys1tf4/d/8vAgAA///bQndU") creat(&(0x7f0000000240)='./file1\x00', 0x10c) 1.281456029s ago: executing program 2 (id=1941): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004180)=@newtaction={0x894, 0x30, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x101, 0x1000, 0x800, 0x5ff, 0xfff, 0x7fff, 0x3a9a, 0xfff, 0xfffffffa, 0x6, 0x2, 0x8001, 0xdc, 0x1, 0x8, 0x4, 0x3, 0x5242, 0x0, 0x114e, 0x80000000, 0x6, 0x101, 0x3, 0xff, 0x7ff, 0xfffffffb, 0x80000000, 0x6177d997, 0xb63b8771, 0x1, 0xc, 0x1, 0x123a9273, 0x4, 0xff, 0x5, 0x100, 0x9, 0x5, 0x6, 0x4, 0x20, 0x4, 0x0, 0x9, 0x7ff, 0x3, 0x1, 0x7, 0x7, 0xd, 0xfffffffd, 0x7, 0x488, 0xc, 0xf74d, 0x8, 0x3d, 0x401, 0x5, 0x1, 0x7ff, 0x3, 0x9, 0xc, 0x3ff, 0x4139df5d, 0x1, 0xfffffff7, 0x1, 0x2, 0x1, 0x0, 0x8000, 0x0, 0x2, 0x100, 0x66, 0x3, 0x5, 0x2, 0x200, 0x9, 0x76, 0x4, 0xfffffff8, 0x4, 0x9, 0xfffffffe, 0x0, 0xf9, 0x9, 0x4ade, 0x2, 0x4000008, 0x4, 0xff, 0x0, 0x1, 0x800, 0x2bc, 0xffff, 0x7fff, 0x3b0a, 0x2, 0x0, 0x3, 0x200, 0x2, 0x9, 0x6, 0x9, 0x4, 0xc34d, 0x80000000, 0x50, 0x8, 0x3, 0xe, 0x6, 0x4, 0x4, 0x3, 0xe256, 0x80000000, 0xb, 0x7, 0x3, 0x5, 0x7, 0x5, 0x6, 0x6, 0x200, 0x7, 0xffffffff, 0x2, 0x5, 0xce3, 0x10c, 0x8000, 0x8, 0x6, 0x2, 0x7ff, 0x5, 0x6, 0xaa, 0x8, 0x1, 0x8, 0x4, 0x9, 0x1b9b, 0x3ff, 0x7, 0x40, 0x1, 0x4, 0x0, 0x8, 0x10000, 0x8, 0x7, 0x3, 0x4, 0x7fff, 0x6, 0x3, 0x7, 0x5, 0x2, 0x5, 0x9, 0x1, 0x0, 0x7, 0x5, 0x7, 0x0, 0x80000001, 0x9, 0x6, 0xfff, 0x5e, 0x7fff, 0x6, 0xa159, 0x4, 0x1, 0x7, 0x4, 0x2, 0x8, 0x80, 0xfffffffc, 0x9e, 0x61aa91f9, 0x7, 0x81, 0xffff21e7, 0x4, 0x6, 0x9, 0x5, 0x3, 0x4ea, 0xfffffffd, 0x6d1, 0x8, 0x5, 0x6, 0x3, 0x6, 0x8, 0xfffffffb, 0x8, 0x1, 0xffff, 0x6, 0xfa9, 0x8, 0x10000, 0x2, 0x5635, 0x3ff, 0x3, 0x200, 0xedc, 0x8, 0x7, 0xd, 0xea1, 0xbef, 0x9, 0x3, 0xffff0000, 0x4, 0x335e, 0x3, 0xffffffff, 0x210f993b, 0x5, 0x6, 0x7, 0x6, 0x9, 0x2e6, 0xb, 0x0, 0x6, 0xffffffff, 0x2947, 0x8, 0x2]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0xd616, 0x3, 0x8, 0x2, 0x67, {0x5, 0x0, 0x7, 0x9, 0x101, 0xffffffff}, {0x9, 0x0, 0x6, 0x40, 0x3, 0x2}, 0xffffffff, 0x80000000, 0x100}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4, 0xd, 0x8, 0x2, 0x5, 0x6, 0x7ff, 0x1, 0x9, 0x4ff, 0x7, 0x4, 0x4, 0x6, 0x0, 0x0, 0x3ff, 0x100, 0x4, 0x5e9, 0x8, 0x5, 0x9, 0x401, 0x2, 0x2000, 0x6, 0x0, 0x401, 0x4, 0x1, 0x7, 0x2, 0x4, 0x8, 0x9, 0x93e, 0x6, 0x9, 0x4, 0x8, 0x80000000, 0x9d86, 0x10, 0x8, 0x8, 0x80000000, 0x9, 0x2, 0x6, 0x5dc4, 0x2, 0x0, 0x1, 0xc4c, 0x6, 0x6, 0x1, 0x7, 0x3, 0x7ff, 0x3, 0x1, 0x6, 0x4, 0x7, 0x1, 0x80, 0x9, 0x4, 0x7, 0x5, 0x8, 0xfd, 0x7, 0xf68, 0x7, 0x9, 0x0, 0x8, 0x101, 0x4, 0x3e0, 0xcfb4, 0x0, 0x5, 0x38c, 0xa, 0xfffffff2, 0x29, 0x101, 0x2, 0xc24, 0x3, 0x5, 0x2, 0x0, 0x1, 0x9, 0x2d98, 0x18c9, 0x101, 0x788, 0x1, 0xb, 0x8, 0x2, 0x0, 0x0, 0x40, 0x8, 0x0, 0x0, 0x5, 0x9, 0x8, 0x81, 0x214, 0x6, 0x6, 0x3, 0x5, 0x7fffffff, 0x2, 0xb3, 0x9, 0x4, 0x1, 0x0, 0x2, 0x6, 0x73, 0xb, 0x6, 0xd43, 0x6, 0x3, 0x5909, 0x7, 0x7ff, 0xfffffff7, 0x5, 0x1, 0x2, 0x7, 0x3, 0x9e, 0x6, 0xc8, 0x401, 0x3, 0x79, 0x2, 0x800, 0x7, 0x4, 0x0, 0xd7f8, 0x6, 0x3, 0x7, 0x3, 0xd88, 0x4, 0x3, 0x29, 0x7, 0x8, 0x4, 0x3, 0x5, 0x5, 0x9, 0x7045, 0x0, 0x6, 0x10000, 0x4, 0x7, 0x10000, 0x3, 0x6, 0x3, 0x1, 0x23, 0xdfe, 0x3, 0x9, 0xd6, 0x1, 0x101, 0x4, 0x9, 0xffff, 0x1000, 0x3f9c, 0x8, 0x1, 0xb2, 0xe7, 0x8, 0x5, 0x6, 0xfff, 0x7fff, 0x6, 0x9, 0x47b6d07, 0x80, 0xfffffff2, 0xffffffff, 0x8, 0x0, 0x10000, 0x6, 0x5, 0x80000000, 0x8, 0x1ff, 0x1, 0x8c, 0x33, 0x6b09, 0x80000000, 0x0, 0x7, 0x8, 0x7ff, 0xb, 0x5, 0x80, 0xc, 0xb29, 0x0, 0x40, 0x80000001, 0x3, 0xffff, 0x101, 0x100, 0x0, 0x9, 0xfffffffa, 0xe2, 0x4, 0x10000, 0xffffffff, 0x22000000, 0x6, 0xbb, 0xa, 0x3, 0x2, 0xbb9, 0xf, 0xffffffff]}, @TCA_POLICE_RESULT={0x8, 0x5, 0xffffffff}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x894}, 0x1, 0x0, 0x0, 0x44090}, 0x2400c810) 1.226929801s ago: executing program 4 (id=1942): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x2, 0xd, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x20, 0x0, @in6={0xa, 0x4e24, 0x8, @local, 0x8}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x32, 0x0, 0xfe, 0x0, 0x0, 0x0, @in6=@private2, @in6=@private1}}, @sadb_lifetime={0x4, 0x3, 0x0, 0xe32}]}, 0xc0}}, 0x0) 1.097336745s ago: executing program 2 (id=1944): r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_DRAIN(r0, 0xc0884123, 0x7ffffffff000) 992.613728ms ago: executing program 4 (id=1945): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)={0x14, 0x1a, 0x1, 0x70bd2a, 0x0, "", [@nested={0x4, 0x1d}]}, 0x14}], 0x1, 0x0, 0x0, 0x20400}, 0x0) 924.063791ms ago: executing program 2 (id=1946): r0 = socket(0x10, 0x803, 0x0) write(r0, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d0a0b49ff708800008002280008020200ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae) 923.662281ms ago: executing program 1 (id=1947): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f0000000280)={0x1, 0x1, 0x6, 0x0, @vifc_lcl_addr=@rand_addr=0x64010101, @private=0xa010101}, 0x10) 830.265534ms ago: executing program 4 (id=1948): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x100, 0x20800) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0) 790.294975ms ago: executing program 1 (id=1949): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x20, 0x6, 0x0, @scatter={0x18, 0x3, &(0x7f00000006c0)=[{&(0x7f0000000380)=""/204, 0xcc}, {0x0}]}, &(0x7f0000000240)="008d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0}) 739.342716ms ago: executing program 2 (id=1950): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xf4, &(0x7f0000000040), &(0x7f0000000000)=0x4) 656.542669ms ago: executing program 4 (id=1951): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffffdc2}]}) mincore(&(0x7f0000185000/0x3000)=nil, 0x3000, &(0x7f0000000240)=""/68) 620.59593ms ago: executing program 1 (id=1952): r0 = openat$damon_schemes(0xffffffffffffff9c, &(0x7f0000000280), 0x80c02, 0x0) readv(r0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000500)=""/220, 0xdc}], 0x2) 571.384012ms ago: executing program 2 (id=1953): r0 = socket$kcm(0x2, 0x922000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f00000000c0)=r0, 0x4) 494.643365ms ago: executing program 3 (id=1954): r0 = syz_open_dev$video4linux(&(0x7f0000000380), 0x2, 0x20) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000080)={0x0, 0x0, {0xffffffff, 0x401, 0x0, 0x82b}}) 465.640565ms ago: executing program 4 (id=1955): syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x610, &(0x7f0000001140)="$eJzs3V1vHFcdx/Hf+AE/IIUKUBWFND1NiuRIqbO7bhytejWdPWsP2d1ZzYwr+4YqataV5U0jpSBh3zS+oIAAccEr4JYbLrhHiBsk3ktBXAFSxaJ5stfrfXDjp1B9P6t2zp45c87/zIzmZLzzIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIMerlUplRw2/tbFpRvNqYdAcM7+o7+6xyZh2JSf5T/Pzup5lXf/u0ezXk//d1s3s203NJ5N57X/z9dfe+87MVLH8mIAuyoJ01Oyne/u7j7vdzvNRpacuK6yrsWYfKQr8prtmjR8Fprq6Wrq/Xo9M3W/YaCuKbdN4oXXjIDRL3l1TrlZXjF3eCjZaazW3YYvMh+9USqVV89PFbHu37v9gOfLW/UbDb62lZZLZSZmHyY74yI9NbN2mMds73c7KqOAO8u2UFCr35R/bgoWkUGVSdyulSqVcrlTKqw+qDx6WSjMnMkoDdKLEley0eIWc5+EbOJOpfPxXQ75a2tCmzNCPp5pCBWqOmJ8rxv/v37ejmvznXjY9HP+LUf76UZkbSsf/W9m3W6PG/xGxfOXPXFJ9nv5vr9c7xTLXvpfFtqd97eqxuuqqo+fnFVHf57UzLl84/8iM1mTVkq9IgXw15aY5Js8xqmpVqyrpQ62rrkhGdflqyCrSliLFsuke5SmUlatfKlAooyV5uiujsqqqakVGVsvaUqANtbSmmty0lm3tpOt9ZVz/i0Ll0xSq9Gf/5XihCeP/AuM/Jus7FH559gM4cAa9YvwHAAAAAABfW0761/fk/H9Wb6Sput+wpasOCwAAAAAAnKP0l/+byWQ2Sb0h5xTn/71vXU5wAAAAAADgXDjpPXaOpEW9maWKO6FG/hFg6nJDBAAAAAAAZ5T+/n8rmaTPXntTzuTzf+UXCwAAAAAAgP8PPx/1jP0/p7mOo6g95/zpHwrDWeegvfm289RNZrhPp7PlpgdrjOs3nGt5JelkdSb/5tmbTv70y8OHYH6RT7b74nCGPevXGQjgh0UNQwL4TZEcCEC/0lvZjLeeZNMnxZyslcW637DLXtB4ryzXTeLYjH/8yc5PlHb/F63mTF7xR8+6c0ctHjzNH6B44jmK6cpwNGRl6Efp8xbSey6GPt14Nr0RI2930dH2TrdT6t8A+WUYJ67GGL0B9LluZ2Vu50/aXzze//mkzfJy2vtrU7Ed6H0SRbbc287Tg2SJCT0fFcWdrMydpTvZ5CiKZK2mUVTGRrFTLVZ9tgpeal2MjuJwXayMj6LbWUm3yEG2F7xEFABwVbYnjELOyYE/P7wtDFY15ii3PelNPoOj+6R/XrzIvyWtzBezPtdSlli6kR5YZxZ08oheOjyiJx0YckTPxti0npca3X5/4h1Io8bYpN1fH7ZbTtv9XRK3RrYbNSqO5rKVWPwI8/jjzsedTyqVldXSu6XSg4pm027kk7j+2z8w9gAABkx+x87EEs676Vl1MnP4WfW3Dy8pWNZHeqaunuheerdBesXB/PSQWhf7LkO4N+GsdbHvDS/3Rp7V/avnSH9/J+93R5UxZY/X67xYuYQtAQDA5bndNw7rJcf/e4Pn3TdGjc/JWD7+7Lh/LAcAABfDhl84i/HPnDD02x+Wq9WyG69bEwbeIxP6tTVr/FZsQ2/dba1Z0w6DOPCCRpL4wK/ZyEQb7XYQxqYehKYdRP5m+uZ3k7/6PbJNtxX7XtRuWDeyxgtasevFpuZHnmlvvN/wo3UbpgtHbev5dd9zYz9omelgI/TssjGRtX0F/ZptxTt1P0m2TDv0m264ZT4IGhtNa2o28kK/HQdZhUVbfqsehM202uWrXtkAALwiPt3b333c7XaeX2DiqvsIAACO+wqj9NylBAQAAAAAAAAAAAAAAAAAAAAAAE443Z18X/bO4UbAOQ3kPLvImw6HJ/7411N1ee7SA7u6xL97mVclnr393c8k5Tm9z9S/20zpb+8nu+2FtT49ZNYLSVnOf3qvxPo5deIbe/u7C6deqnFNOsq56iMTgIv2vwAAAP//bdlHnA==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) 411.434127ms ago: executing program 0 (id=1956): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x560a, &(0x7f0000001040)={0x8, 0x3, 0x0, 0x20, 0x4, "0d0000000100"}) 405.277357ms ago: executing program 1 (id=1957): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xcb, &(0x7f0000000180), &(0x7f0000000080)=0x4) 383.434918ms ago: executing program 2 (id=1958): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, 0x1, 0x1, 0x213fd83e6bc36f93, 0x0, 0x0, {0x0, 0x0, 0x8}, [@CTA_FILTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc840) 187.383084ms ago: executing program 1 (id=1959): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="020d00001000000000000000000000000800120002000200feffffff00000000300032000200000000000000000000000a000000000000000000000000000000fc020000000000000000000000000004030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0) 187.280524ms ago: executing program 3 (id=1960): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10) 13.3971ms ago: executing program 4 (id=1961): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x7b, 0x43, 0x1}, 0x50) bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000100)={r0, 0x1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80004000, 0x8, 0x0, 0x0}}, 0x10) 0s ago: executing program 1 (id=1962): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="2400000020000103000000e0ffffffff81000000000000000000000008000d"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) kernel console output (not intermixed with test programs): n process `syz.0.63'. [ 69.862436][ T4493] netlink: 100 bytes leftover after parsing attributes in process `syz.0.63'. [ 69.901475][ T4493] netlink: 32 bytes leftover after parsing attributes in process `syz.0.63'. [ 70.340590][ T4514] netlink: 8 bytes leftover after parsing attributes in process `syz.3.74'. [ 70.510141][ T4519] loop1: detected capacity change from 0 to 256 [ 70.907777][ T4497] loop2: detected capacity change from 0 to 40427 [ 70.989477][ T4497] F2FS-fs (loop2): invalid crc value [ 70.998134][ T4531] loop1: detected capacity change from 0 to 4096 [ 71.024150][ T4497] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 71.255428][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.262089][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.275149][ T4497] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 71.322258][ T4497] F2FS-fs (loop2): Start checkpoint disabled! [ 71.421032][ T4497] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 71.455994][ T4551] netlink: 128 bytes leftover after parsing attributes in process `syz.1.90'. [ 71.495785][ T4551] netlink: 12 bytes leftover after parsing attributes in process `syz.1.90'. [ 71.542077][ T4551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.90'. [ 71.581123][ T4551] netlink: 8 bytes leftover after parsing attributes in process `syz.1.90'. [ 72.250719][ T26] audit: type=1326 audit(1778966183.286:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4576 comm="syz.1.104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 72.317888][ T4573] loop4: detected capacity change from 0 to 4096 [ 72.353644][ T26] audit: type=1326 audit(1778966183.286:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4576 comm="syz.1.104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 72.477501][ T4583] netlink: 40 bytes leftover after parsing attributes in process `syz.0.105'. [ 72.508669][ T26] audit: type=1326 audit(1778966183.326:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4576 comm="syz.1.104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 72.616493][ T26] audit: type=1326 audit(1778966183.336:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4576 comm="syz.1.104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 72.712292][ T26] audit: type=1326 audit(1778966183.336:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4576 comm="syz.1.104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 73.304419][ T4616] loop3: detected capacity change from 0 to 512 [ 73.537025][ T4616] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 73.581500][ T4616] ext4 filesystem being mounted at /27/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.688573][ T4616] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 73.746594][ T4616] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 73.797072][ T4616] EXT4-fs error (device loop3): ext4_acquire_dquot:6841: comm syz.3.122: Failed to acquire dquot type 0 [ 73.932490][ T4599] loop2: detected capacity change from 0 to 32768 [ 73.982717][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 74.004892][ T4599] ERROR: (device loop2): xtTruncate: XT_GETPAGE: xtree page corrupt [ 74.004892][ T4599] [ 74.051642][ T4599] ERROR: (device loop2): remounting filesystem as read-only [ 74.192032][ T4645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.133'. [ 74.242959][ T4645] netlink: 'syz.3.133': attribute type 1 has an invalid length. [ 74.677911][ T4665] process 'syz.3.143' launched '/dev/fd/3' with NULL argv: empty string added [ 74.967454][ T4679] netlink: 'syz.1.148': attribute type 10 has an invalid length. [ 75.378874][ T4697] loop4: detected capacity change from 0 to 128 [ 75.597634][ T4703] loop1: detected capacity change from 0 to 256 [ 75.627097][ T4703] FAT-fs (loop1): Directory bread(block 1285) failed [ 75.634341][ T4321] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 75.662661][ T4703] FAT-fs (loop1): Directory bread(block 1286) failed [ 75.669427][ T4703] FAT-fs (loop1): Directory bread(block 1287) failed [ 75.702819][ T4703] FAT-fs (loop1): Directory bread(block 1288) failed [ 75.740588][ T4703] FAT-fs (loop1): Directory bread(block 1285) failed [ 75.767348][ T4703] FAT-fs (loop1): Directory bread(block 1286) failed [ 75.793820][ T4703] FAT-fs (loop1): Directory bread(block 1287) failed [ 75.814260][ T4703] FAT-fs (loop1): Directory bread(block 1288) failed [ 75.835983][ T4703] FAT-fs (loop1): Directory bread(block 1285) failed [ 75.841957][ T4321] usb 3-1: too many configurations: 227, using maximum allowed: 8 [ 75.865205][ T4703] FAT-fs (loop1): Directory bread(block 1286) failed [ 75.869619][ T4321] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44 [ 75.911369][ T4321] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.932207][ T4321] usb 3-1: config 0 descriptor?? [ 75.983474][ T4321] pwc: Samsung MPC-C10 USB webcam detected. [ 75.989425][ T4321] pwc: Warning: more than 1 configuration available. [ 76.041874][ T4715] netlink: 'syz.1.168': attribute type 29 has an invalid length. [ 76.072479][ T4715] netlink: 'syz.1.168': attribute type 29 has an invalid length. [ 76.144263][ T4321] pwc: send_video_command error -71 [ 76.149531][ T4321] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 76.183104][ T4321] Philips webcam: probe of 3-1:0.0 failed with error -71 [ 76.204190][ T4321] usb 3-1: USB disconnect, device number 2 [ 76.375675][ T7] cfg80211: failed to load regulatory.db [ 76.625529][ T4705] loop0: detected capacity change from 0 to 40427 [ 76.655008][ T4705] F2FS-fs (loop0): invalid crc value [ 76.703954][ T4705] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 76.834425][ T4735] loop3: detected capacity change from 0 to 64 [ 76.891544][ T14] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 76.963631][ T4705] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 77.001954][ T4705] F2FS-fs (loop0): Start checkpoint disabled! [ 77.046154][ T4705] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 77.107992][ T14] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 77.124670][ T14] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 77.160956][ T14] usb 5-1: config 0 has no interface number 0 [ 77.189469][ T14] usb 5-1: config 0 interface 2 has no altsetting 0 [ 77.223050][ T14] usb 5-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 77.238986][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.275184][ T14] usb 5-1: Product: syz [ 77.279413][ T14] usb 5-1: Manufacturer: syz [ 77.295462][ T14] usb 5-1: SerialNumber: syz [ 77.322312][ T14] usb 5-1: config 0 descriptor?? [ 77.621429][ T7] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 77.796482][ T4394] usb 5-1: USB disconnect, device number 2 [ 77.809579][ T4760] loop1: detected capacity change from 0 to 1024 [ 77.821383][ T7] usb 3-1: Using ep0 maxpacket: 16 [ 77.837071][ T4394] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected. [ 77.852933][ T7] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 77.872939][ T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.881019][ T7] usb 3-1: Product: syz [ 77.897737][ T7] usb 3-1: Manufacturer: syz [ 77.909963][ T7] usb 3-1: SerialNumber: syz [ 77.916680][ T7] r8152-cfgselector 3-1: config 0 descriptor?? [ 77.939432][ T4760] hfsplus: invalid catalog entry type in lookup [ 78.038628][ T4764] loop0: detected capacity change from 0 to 4096 [ 78.085053][ T4764] ntfs: (device loop0): check_mft_mirror(): Incomplete multi sector transfer detected in mft record 2. [ 78.155000][ T4764] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 78.181779][ T4768] netlink: 'syz.3.192': attribute type 5 has an invalid length. [ 78.214315][ T4770] capability: warning: `syz.1.191' uses deprecated v2 capabilities in a way that may be insecure [ 78.260464][ T4764] ntfs: volume version 3.1. [ 78.265984][ T4764] ntfs: (device loop0): map_mft_record_page(): Mft record 0x2 is corrupt. Run chkdsk. [ 78.293522][ T4764] ntfs: (device loop0): map_mft_record(): Failed with error code 5. [ 78.311418][ T4764] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 78.334062][ T7] r8152-cfgselector 3-1: Unknown version 0x0000 [ 78.340691][ T7] r8152-cfgselector 3-1: bad CDC descriptors [ 78.375820][ T7] r8152-cfgselector 3-1: Unknown version 0x0000 [ 78.386621][ T4764] ntfs: (device loop0): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 78.418357][ T7] r8152-cfgselector 3-1: USB disconnect, device number 3 [ 78.508431][ T4764] ntfs: (device loop0): ntfs_read_locked_inode(): Index block size (0) < NTFS_BLOCK_SIZE (512) is not supported. Sorry. [ 78.541603][ T4777] loop4: detected capacity change from 0 to 64 [ 78.552545][ T4764] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -95. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 78.994886][ T4790] mmap: syz.4.202 (4790) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 79.545320][ T4807] loop3: detected capacity change from 0 to 4096 [ 79.579939][ T4813] loop2: detected capacity change from 0 to 256 [ 79.598498][ T4807] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 79.660963][ T4807] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 79.729904][ T4813] FAT-fs (loop2): Directory bread(block 64) failed [ 79.731561][ T4807] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 79.755543][ T4813] FAT-fs (loop2): Directory bread(block 65) failed [ 79.801521][ T4813] FAT-fs (loop2): Directory bread(block 66) failed [ 79.817986][ T4807] ntfs: volume version 3.1. [ 79.823795][ T4813] FAT-fs (loop2): Directory bread(block 67) failed [ 79.826249][ T4791] loop0: detected capacity change from 0 to 32768 [ 79.881476][ T4813] FAT-fs (loop2): Directory bread(block 68) failed [ 79.932426][ T4813] FAT-fs (loop2): Directory bread(block 69) failed [ 79.934054][ T4807] ntfs: (device loop3): parse_options(): Unrecognized mount option <\}OLqQ·χ [ 79.934054][ T4807] OQ6b. [ 79.970045][ T4813] FAT-fs (loop2): Directory bread(block 70) failed [ 79.997428][ T4807] ntfs: (device loop3): parse_options(): Unrecognized mount option 9_ _8B՚wUrG9sxV/M!՟vV 3)ϖC[ iķ;roJijs p. [ 80.007350][ T4791] JBD2: Ignoring recovery information on journal [ 80.022801][ T4791] jbd2_journal_bmap: journal block not found at offset 32 on loop0-75 [ 80.027920][ T4813] FAT-fs (loop2): Directory bread(block 71) failed [ 80.033776][ T4820] loop4: detected capacity change from 0 to 128 [ 80.038868][ T4813] FAT-fs (loop2): Directory bread(block 72) failed [ 80.051398][ T4813] FAT-fs (loop2): Directory bread(block 73) failed [ 80.074182][ T4791] JBD2: bad block at offset 32 [ 80.119156][ T4820] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 80.163054][ T4820] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 80.190705][ T4791] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 80.248200][ T26] audit: type=1326 audit(1778966191.286:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4824 comm="syz.1.218" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 80.347993][ T4272] ntfs: (device loop3): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 80.370808][ T26] audit: type=1326 audit(1778966191.286:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4824 comm="syz.1.218" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 80.470010][ T26] audit: type=1326 audit(1778966191.316:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4824 comm="syz.1.218" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 80.541378][ T26] audit: type=1326 audit(1778966191.316:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4824 comm="syz.1.218" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f5cdd39ce59 code=0x7ffc0000 [ 80.653975][ T4277] ocfs2: Unmounting device (7,0) on (node local) [ 80.932646][ T4842] loop2: detected capacity change from 0 to 512 [ 81.016053][ T4850] netlink: 272 bytes leftover after parsing attributes in process `syz.4.231'. [ 81.083172][ T4842] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 81.119354][ T4842] ext4 filesystem being mounted at /26/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.222658][ T4842] EXT4-fs error (device loop2): ext4_acquire_dquot:6841: comm syz.2.230: Failed to acquire dquot type 0 [ 81.252783][ T93] block nbd1: Attempted send on invalid socket [ 81.259361][ T93] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 81.269498][ T4861] F2FS-fs (nbd1): Unable to read 1th superblock [ 81.281926][ T52] block nbd1: Attempted send on invalid socket [ 81.288154][ T52] I/O error, dev nbd1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 81.308464][ T4861] F2FS-fs (nbd1): Unable to read 2th superblock [ 81.472618][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 81.619410][ T4874] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 81.713470][ T4877] deleting an unspecified loop device is not supported. [ 82.002461][ T4887] set_capacity_and_notify: 1 callbacks suppressed [ 82.002476][ T4887] loop0: detected capacity change from 0 to 256 [ 82.042600][ T4887] FAT-fs (loop0): "posix" option is obsolete, not supported now [ 82.145616][ T4893] loop1: detected capacity change from 0 to 256 [ 82.231546][ T4893] exfat: Deprecated parameter 'utf8' [ 82.271518][ T4893] exfat: Deprecated parameter 'namecase' [ 82.311903][ T4893] exfat: Deprecated parameter 'namecase' [ 82.375963][ T4893] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xbf24f927, utbl_chksum : 0xe619d30d) [ 82.410353][ T4896] loop3: detected capacity change from 0 to 4096 [ 82.454919][ T4896] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 82.536641][ T4896] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 83.100191][ T4923] loop0: detected capacity change from 0 to 128 [ 83.400016][ T4935] misc userio: The device must be registered before sending interrupts [ 83.791436][ T7] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 83.842338][ T4957] loop3: detected capacity change from 0 to 64 [ 83.926915][ T4960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.282'. [ 83.985128][ T7] usb 5-1: unable to get BOS descriptor or descriptor too short [ 84.002625][ T7] usb 5-1: not running at top speed; connect to a high speed hub [ 84.020322][ T4962] sock: sock_timestamping_bind_phc: sock not bind to device [ 84.029346][ T7] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 84.059110][ T7] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 84.092216][ T7] usb 5-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40 [ 84.141390][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.180160][ T7] usb 5-1: Product: syz [ 84.184689][ T7] usb 5-1: Manufacturer: syz [ 84.189309][ T7] usb 5-1: SerialNumber: syz [ 84.456612][ T7] usb 5-1: unit 0 not found! [ 84.523000][ T7] usb 5-1: USB disconnect, device number 3 [ 84.713937][ T4987] usb usb9: usbfs: process 4987 (syz.0.296) did not claim interface 7 before use [ 85.311629][ T5014] sctp: [Deprecated]: syz.3.310 (pid 5014) Use of struct sctp_assoc_value in delayed_ack socket option. [ 85.311629][ T5014] Use struct sctp_sack_info instead [ 85.508154][ T5018] netlink: 6 bytes leftover after parsing attributes in process `syz.4.312'. [ 85.840955][ T5028] netlink: 'syz.0.316': attribute type 5 has an invalid length. [ 85.845878][ T5000] loop1: detected capacity change from 0 to 32768 [ 85.935586][ T5000] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.303 (5000) [ 85.949064][ T5010] loop2: detected capacity change from 0 to 32768 [ 85.981866][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 86.036364][ T5032] netlink: 16 bytes leftover after parsing attributes in process `syz.3.319'. [ 86.038696][ T5030] loop4: detected capacity change from 0 to 4096 [ 86.062159][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 86.117384][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 86.131902][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 86.156721][ T5010] JBD2: Ignoring recovery information on journal [ 86.184684][ T5000] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 86.251347][ T5030] __ntfs_error: 2 callbacks suppressed [ 86.251363][ T5030] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 86.282629][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 86.301705][ T5000] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 86.319231][ T5000] BTRFS info (device loop1): enabling auto defrag [ 86.341706][ T5010] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 86.357136][ T5000] BTRFS info (device loop1): use no compression [ 86.377243][ T5000] BTRFS info (device loop1): max_inline at 4096 [ 86.390582][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 86.405839][ T5030] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 86.411393][ T5000] BTRFS info (device loop1): using free space tree [ 86.489213][ T5030] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 86.506606][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 86.604010][ T5030] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 86.681604][ T5030] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 86.712336][ T5010] (syz.2.308,5010,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 86.756275][ T5030] ntfs: volume version 3.1. [ 86.773110][ T5010] (syz.2.308,5010,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 86.798006][ T5030] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 86.829551][ T5010] (syz.2.308,5010,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 86.843371][ T5010] (syz.2.308,5010,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 86.853328][ T5010] (syz.2.308,5010,0):ocfs2_quota_read:201 ERROR: status = -5 [ 86.860799][ T5010] Quota error (device loop2): find_tree_dqentry: Can't read quota tree block 5 [ 86.870060][ T5010] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 86.879539][ T5010] (syz.2.308,5010,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 86.889110][ T5010] (syz.2.308,5010,0):ocfs2_mknod:314 ERROR: status = -5 [ 86.896296][ T5010] (syz.2.308,5010,0):ocfs2_mknod:502 ERROR: status = -5 [ 86.904970][ T5010] (syz.2.308,5010,0):ocfs2_mkdir:659 ERROR: status = -5 [ 86.907513][ T5030] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 86.962933][ T5000] BTRFS info (device loop1): enabling ssd optimizations [ 86.964693][ T5030] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 87.025038][ T4286] ocfs2: Unmounting device (7,2) on (node local) [ 87.266258][ T4276] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 87.767460][ T5091] loop0: detected capacity change from 0 to 512 [ 87.848890][ T5091] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 87.904230][ T5091] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.930720][ T5097] netlink: 'syz.2.339': attribute type 5 has an invalid length. [ 87.935976][ C1] vkms_vblank_simulate: vblank timer overrun [ 88.140394][ T5091] EXT4-fs error (device loop0): ext4_validate_block_bitmap:420: comm syz.0.336: bg 0: bad block bitmap checksum [ 88.241700][ T5091] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6180: Filesystem failed CRC [ 88.404238][ T5094] loop4: detected capacity change from 0 to 32768 [ 88.436550][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 88.512797][ T5111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.345'. [ 88.564331][ T5094] JBD2: Ignoring recovery information on journal [ 88.677851][ T5094] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 88.939777][ T4282] ocfs2: Unmounting device (7,4) on (node local) [ 89.817465][ T5121] loop3: detected capacity change from 0 to 40427 [ 89.888156][ T5121] F2FS-fs (loop3): invalid crc value [ 89.973229][ T5121] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 90.217510][ T5121] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 90.439003][ T5144] loop2: detected capacity change from 0 to 32768 [ 90.529392][ T5144] JBD2: Ignoring recovery information on journal [ 90.614463][ T5144] jbd2_journal_bmap: journal block not found at offset 32 on loop2-75 [ 90.684507][ T5144] JBD2: bad block at offset 32 [ 90.721663][ T5144] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 90.893512][ T4286] ocfs2: Unmounting device (7,2) on (node local) [ 91.614143][ T5208] netlink: 48 bytes leftover after parsing attributes in process `syz.3.387'. [ 91.700916][ T5210] cgroup: name respecified [ 91.713585][ T5177] loop4: detected capacity change from 0 to 32768 [ 91.823876][ T5177] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 91.887419][ T5177] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 92.012725][ T5177] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 92.038286][ T127] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 92.056388][ T127] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 92.252123][ T127] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 195ms [ 92.310594][ T127] gfs2: fsid=syz:syz.0: jid=0: Done [ 92.329612][ T5177] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 92.761413][ T4321] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 92.946221][ T4321] usb 2-1: unable to get BOS descriptor or descriptor too short [ 92.978000][ T4321] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 93.001864][ T4321] usb 2-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 93.025059][ T5259] loop2: detected capacity change from 0 to 16 [ 93.040664][ T4321] usb 2-1: config 1 interface 0 has no altsetting 1 [ 93.049103][ T5259] erofs: (device loop2): z_erofs_parse_cfgs: algorithm 1 isn't enabled on this kernel [ 93.074490][ T4321] usb 2-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 93.094506][ T4321] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.111459][ T4321] usb 2-1: Product: syz [ 93.115675][ T4321] usb 2-1: Manufacturer: syz [ 93.120286][ T4321] usb 2-1: SerialNumber: syz [ 93.186235][ T4321] smsusb:smsusb_probe: board id=8, interface number 0 [ 93.370751][ T4321] smsusb:smsusb_probe: Device initialized with return code -19 [ 93.644790][ T5281] loop0: detected capacity change from 0 to 764 [ 93.664651][ T4321] usb 2-1: USB disconnect, device number 2 [ 93.718467][ T5281] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 94.045320][ T5295] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.306911][ T5304] loop4: detected capacity change from 0 to 256 [ 94.409555][ T5304] FAT-fs (loop4): Directory bread(block 64) failed [ 94.437093][ T5304] FAT-fs (loop4): Directory bread(block 65) failed [ 94.460291][ T5304] FAT-fs (loop4): Directory bread(block 66) failed [ 94.491409][ T5304] FAT-fs (loop4): Directory bread(block 67) failed [ 94.512825][ T5304] FAT-fs (loop4): Directory bread(block 68) failed [ 94.536468][ T5304] FAT-fs (loop4): Directory bread(block 69) failed [ 94.557227][ T5304] FAT-fs (loop4): Directory bread(block 70) failed [ 94.570774][ T5304] FAT-fs (loop4): Directory bread(block 71) failed [ 94.587960][ T5304] FAT-fs (loop4): Directory bread(block 72) failed [ 94.611531][ T5304] FAT-fs (loop4): Directory bread(block 73) failed [ 94.641103][ T5314] loop3: detected capacity change from 0 to 256 [ 94.707302][ T5306] infiniband syz0: set down [ 94.738893][ T5314] FAT-fs (loop3): Directory bread(block 64) failed [ 94.751494][ T5306] infiniband syz0: added ipvlan1 [ 94.765915][ T5314] FAT-fs (loop3): Directory bread(block 65) failed [ 94.787029][ T5314] FAT-fs (loop3): Directory bread(block 66) failed [ 94.831757][ T5314] FAT-fs (loop3): Directory bread(block 67) failed [ 94.888812][ T5314] FAT-fs (loop3): Directory bread(block 68) failed [ 94.939296][ T5314] FAT-fs (loop3): Directory bread(block 69) failed [ 94.952306][ T5314] FAT-fs (loop3): Directory bread(block 70) failed [ 94.971464][ T5306] RDS/IB: syz0: added [ 94.992106][ T5306] smc: adding ib device syz0 with port count 1 [ 95.011588][ T5314] FAT-fs (loop3): Directory bread(block 71) failed [ 95.019993][ T5314] FAT-fs (loop3): Directory bread(block 72) failed [ 95.021718][ T5306] smc: ib device syz0 port 1 has pnetid [ 95.048382][ T5314] FAT-fs (loop3): Directory bread(block 73) failed [ 95.642157][ T5331] loop4: detected capacity change from 0 to 2048 [ 95.751429][ T5333] loop1: detected capacity change from 0 to 2048 [ 95.767797][ T5331] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 95.793575][ T5331] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.826668][ T5333] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 95.944477][ T4282] EXT4-fs (loop4): unmounting filesystem. [ 96.101618][ T5341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.449'. [ 96.134920][ T5341] netlink: 580 bytes leftover after parsing attributes in process `syz.2.449'. [ 96.398882][ T5354] loop1: detected capacity change from 0 to 256 [ 96.484433][ T5354] FAT-fs (loop1): Directory bread(block 64) failed [ 96.491024][ T5354] FAT-fs (loop1): Directory bread(block 65) failed [ 96.535468][ T5354] FAT-fs (loop1): Directory bread(block 66) failed [ 96.576656][ T5354] FAT-fs (loop1): Directory bread(block 67) failed [ 96.608257][ T5354] FAT-fs (loop1): Directory bread(block 68) failed [ 96.619123][ T5354] FAT-fs (loop1): Directory bread(block 69) failed [ 96.651613][ T5354] FAT-fs (loop1): Directory bread(block 70) failed [ 96.662596][ T5354] FAT-fs (loop1): Directory bread(block 71) failed [ 96.691876][ T5354] FAT-fs (loop1): Directory bread(block 72) failed [ 96.698473][ T5354] FAT-fs (loop1): Directory bread(block 73) failed [ 96.725877][ T5360] loop4: detected capacity change from 0 to 4096 [ 96.795325][ T5360] __ntfs_error: 6 callbacks suppressed [ 96.795341][ T5360] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 96.859095][ T5360] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 96.918702][ T5360] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 96.971460][ T5360] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 97.027908][ T5370] netlink: 148 bytes leftover after parsing attributes in process `syz.2.462'. [ 97.074199][ T5370] netlink: 'syz.2.462': attribute type 1 has an invalid length. [ 97.102502][ T5360] ntfs: volume version 3.1. [ 97.121778][ T5370] netlink: 8 bytes leftover after parsing attributes in process `syz.2.462'. [ 97.147752][ T5375] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 97.189608][ T5360] ntfs: (device loop4): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 97.251536][ T5360] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 97.891507][ T14] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 97.988021][ T5407] loop0: detected capacity change from 0 to 512 [ 98.028312][ T5407] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 98.047886][ T5407] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.083121][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 98.098581][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 98.101057][ T5417] netlink: 'syz.2.484': attribute type 10 has an invalid length. [ 98.108471][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 98.108503][ T14] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 98.111397][ T14] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 98.147472][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.155651][ T14] usb 5-1: Product: syz [ 98.159968][ T14] usb 5-1: Manufacturer: syz [ 98.164668][ T14] usb 5-1: SerialNumber: syz [ 98.172146][ T14] usb 5-1: config 0 descriptor?? [ 98.260356][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 98.383417][ T14] adutux 5-1:0.0: Could not retrieve serial number [ 98.390088][ T14] adutux: probe of 5-1:0.0 failed with error -5 [ 98.602675][ T3597] usb 5-1: USB disconnect, device number 4 [ 98.724526][ T5435] Cannot find del_set index 0 as target [ 98.753017][ T5437] netlink: 'syz.1.494': attribute type 32 has an invalid length. [ 98.760904][ T5437] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 99.000099][ T5447] loop3: detected capacity change from 0 to 64 [ 99.313148][ T5460] loop4: detected capacity change from 0 to 512 [ 99.969655][ T5480] netlink: 12 bytes leftover after parsing attributes in process `syz.0.514'. [ 100.321054][ T5469] loop4: detected capacity change from 0 to 32768 [ 100.432788][ T5469] XFS (loop4): Mounting V5 Filesystem [ 100.522550][ T5501] kernel profiling enabled (shift: 0) [ 100.649763][ T5469] XFS (loop4): Ending clean mount [ 100.854594][ T4282] XFS (loop4): Unmounting Filesystem [ 101.186367][ T5508] loop1: detected capacity change from 0 to 32768 [ 101.260766][ T5508] ERROR: (device loop1): dbAlloc: the hint is outside the map [ 101.260766][ T5508] [ 101.321656][ T5508] ialloc: diAlloc returned -5! [ 101.390003][ T5506] loop3: detected capacity change from 0 to 32768 [ 101.449682][ T5504] loop2: detected capacity change from 0 to 32768 [ 101.485515][ T5506] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.523 (5506) [ 101.552421][ T5506] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 101.605245][ T5506] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 101.636528][ T5506] BTRFS info (device loop3): enabling auto defrag [ 101.677791][ T5506] BTRFS info (device loop3): use no compression [ 101.707594][ T5506] BTRFS info (device loop3): max_inline at 4096 [ 101.761895][ T5506] BTRFS info (device loop3): using free space tree [ 102.071768][ T26] audit: type=1400 audit(1778966213.106:13): apparmor="DENIED" operation="change_hat" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=5516 comm="syz.4.528" [ 102.252579][ T5506] BTRFS info (device loop3): enabling ssd optimizations [ 102.262369][ T5540] netlink: 'syz.1.530': attribute type 21 has an invalid length. [ 102.270396][ T5540] netlink: 128 bytes leftover after parsing attributes in process `syz.1.530'. [ 102.362051][ T5540] netlink: 'syz.1.530': attribute type 4 has an invalid length. [ 102.413093][ T4272] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 102.431518][ T5540] netlink: 3 bytes leftover after parsing attributes in process `syz.1.530'. [ 102.476521][ T5543] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 102.507455][ T5545] loop4: detected capacity change from 0 to 64 [ 102.931461][ T4394] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 103.123427][ T4394] usb 5-1: unable to get BOS descriptor or descriptor too short [ 103.137963][ T5576] netlink: 88 bytes leftover after parsing attributes in process `syz.2.543'. [ 103.142002][ T4394] usb 5-1: config 0 has an invalid descriptor of length 190, skipping remainder of the config [ 103.191422][ T4394] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9 [ 103.231542][ T4394] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 63311, setting to 1024 [ 103.275528][ T4394] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1024 [ 103.308602][ T4394] usb 5-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39 [ 103.328674][ T4394] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.381478][ T4394] usb 5-1: Product: syz [ 103.405826][ T4394] usb 5-1: Manufacturer: syz [ 103.420801][ T4394] usb 5-1: SerialNumber: syz [ 103.449720][ T4394] usb 5-1: config 0 descriptor?? [ 103.469008][ T5545] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 103.481552][ T5545] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 103.505821][ C0] usb 5-1: NFC: Urb failure (status -71) [ 103.521754][ C0] usb 5-1: NFC: Urb failure (status -71) [ 103.529044][ T4394] usb 5-1: NFC: Unable to get FW version [ 103.540348][ T4394] pn533_usb: probe of 5-1:0.0 failed with error -71 [ 103.707371][ T5547] usb 5-1: USB disconnect, device number 5 [ 103.910078][ T5573] loop1: detected capacity change from 0 to 32768 [ 104.481478][ T4319] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 104.695627][ T5626] loop3: detected capacity change from 0 to 256 [ 104.702339][ T4319] usb 2-1: Using ep0 maxpacket: 32 [ 104.709976][ T4319] usb 2-1: config 0 has an invalid interface number: 35 but max is 0 [ 104.729582][ T4319] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.756110][ T4319] usb 2-1: config 0 has no interface number 0 [ 104.784305][ T4319] usb 2-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 104.865874][ T4319] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 104.896095][ T4319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.918637][ T4319] usb 2-1: Product: syz [ 104.949122][ T4319] usb 2-1: Manufacturer: syz [ 104.961539][ T4319] usb 2-1: SerialNumber: syz [ 104.979708][ T4319] usb 2-1: config 0 descriptor?? [ 104.994041][ T4319] radio-si470x 2-1:0.35: could not find interrupt in endpoint [ 105.011600][ T4319] radio-si470x: probe of 2-1:0.35 failed with error -5 [ 105.192372][ T4319] radio-raremono 2-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 105.206283][ T5618] loop4: detected capacity change from 0 to 32768 [ 105.246119][ T5618] (syz.4.563,5618,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 105.281097][ T5618] (syz.4.563,5618,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 105.355204][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 105.402259][ T4319] radio-raremono 2-1:0.35: raremono_cmd_main failed (-71) [ 105.415908][ T4319] radio-raremono 2-1:0.35: V4L2 device registered as radio48 [ 105.426004][ T4319] usb 2-1: USB disconnect, device number 3 [ 105.432533][ T4319] radio-raremono 2-1:0.35: Thanko's Raremono disconnected [ 105.528981][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 105.598685][ T5618] JBD2: Ignoring recovery information on journal [ 105.671561][ T3597] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 105.700793][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 105.741679][ T5618] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 105.751654][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 105.813483][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 105.871511][ T3597] usb 3-1: Using ep0 maxpacket: 32 [ 105.878678][ T3597] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.903458][ T3597] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.923350][ T3597] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 105.941643][ T3597] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 105.953971][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 106.000423][ T3597] usb 3-1: Product: syz [ 106.007571][ T5618] (syz.4.563,5618,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 106.010660][ T3597] usb 3-1: Manufacturer: syz [ 106.059256][ T3597] hub 3-1:4.0: USB hub found [ 106.087788][ T5618] (syz.4.563,5618,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 106.119446][ T5618] (syz.4.563,5618,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 106.138345][ T5618] (syz.4.563,5618,0):ocfs2_quota_read:201 ERROR: status = -5 [ 106.148496][ T5618] Quota error (device loop4): find_tree_dqentry: Can't read quota tree block 5 [ 106.173824][ T5618] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 106.200190][ T5618] (syz.4.563,5618,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 106.228854][ T5618] (syz.4.563,5618,0):ocfs2_mknod:314 ERROR: status = -5 [ 106.256669][ T5618] (syz.4.563,5618,0):ocfs2_mknod:502 ERROR: status = -5 [ 106.276840][ T3597] hub 3-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 106.315596][ T5618] (syz.4.563,5618,0):ocfs2_mkdir:659 ERROR: status = -5 [ 106.372366][ T5654] loop3: detected capacity change from 0 to 32768 [ 106.469438][ T5673] netlink: 'syz.0.590': attribute type 2 has an invalid length. [ 106.506562][ T4282] ocfs2: Unmounting device (7,4) on (node local) [ 106.701639][ T5547] usb 3-1: USB disconnect, device number 4 [ 107.038148][ T5691] loop3: detected capacity change from 0 to 736 [ 107.143686][ T5693] x_tables: duplicate underflow at hook 3 [ 107.354780][ T5699] netlink: 'syz.2.603': attribute type 1 has an invalid length. [ 107.597594][ T5712] netlink: 'syz.0.609': attribute type 10 has an invalid length. [ 107.618077][ T26] audit: type=1326 audit(1778966218.656:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 107.672827][ T26] audit: type=1326 audit(1778966218.686:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 107.721494][ T4319] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 107.728026][ T26] audit: type=1326 audit(1778966218.696:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 107.821688][ T26] audit: type=1326 audit(1778966218.696:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 107.901374][ T4319] usb 4-1: Using ep0 maxpacket: 16 [ 107.908787][ T26] audit: type=1326 audit(1778966218.696:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 107.909867][ T4319] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 107.996213][ T4319] usb 4-1: config 0 has no interface number 0 [ 107.998047][ T26] audit: type=1326 audit(1778966218.696:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 108.016501][ T4319] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 108.097976][ T26] audit: type=1326 audit(1778966218.696:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 108.131678][ T4319] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 108.163451][ T4319] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 108.168531][ T26] audit: type=1326 audit(1778966218.706:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 108.196097][ T4319] usb 4-1: Product: syz [ 108.200454][ T4319] usb 4-1: SerialNumber: syz [ 108.220722][ T4319] usb 4-1: config 0 descriptor?? [ 108.257231][ T4319] cm109 4-1:0.8: invalid payload size 208, expected 4 [ 108.290404][ T26] audit: type=1326 audit(1778966218.716:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.4.610" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 108.319946][ T4319] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input6 [ 108.359555][ T5737] syz.0.622 uses obsolete (PF_INET,SOCK_PACKET) [ 108.480118][ T5742] netlink: 24 bytes leftover after parsing attributes in process `syz.2.624'. [ 108.597104][ T5739] loop1: detected capacity change from 0 to 4096 [ 108.649287][ T5747] loop0: detected capacity change from 0 to 4096 [ 108.677443][ T5739] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 108.767873][ T5750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.627'. [ 108.778009][ C1] cm109 4-1:0.8: cm109_urb_irq_callback: urb status -71 [ 108.785738][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 108.793503][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 108.800587][ T4319] usb 4-1: USB disconnect, device number 3 [ 108.806639][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 108.806664][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 108.833879][ T5747] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 108.834554][ T5739] ntfs: volume version 3.1. [ 108.872994][ T5750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.627'. [ 108.888132][ T5747] ntfs3: loop0: Failed to load $Extend. [ 108.918884][ T4319] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 108.968128][ T5750] netlink: 24 bytes leftover after parsing attributes in process `syz.2.627'. [ 109.170649][ T5756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.632'. [ 109.186602][ T5757] netlink: 'syz.0.630': attribute type 1 has an invalid length. [ 109.730817][ T5781] Driver unsupported XDP return value 0 on prog (id 21) dev N/A, expect packet loss! [ 110.091452][ T3597] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 110.282633][ T3597] usb 4-1: Using ep0 maxpacket: 8 [ 110.302014][ T3597] usb 4-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 110.321483][ T3597] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.331370][ T3597] usb 4-1: Product: syz [ 110.346639][ T3597] usb 4-1: Manufacturer: syz [ 110.363348][ T3597] usb 4-1: SerialNumber: syz [ 110.395068][ T3597] usb 4-1: config 0 descriptor?? [ 110.413410][ T3597] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 110.439265][ T5811] netlink: 'syz.2.658': attribute type 3 has an invalid length. [ 110.487245][ T5817] comedi comedi1: No hardware detected at I/O base 0x8000 [ 110.673623][ T5825] loop4: detected capacity change from 0 to 256 [ 110.680894][ T5825] exfat: Deprecated parameter 'namecase' [ 110.721499][ T5825] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 110.848881][ T3597] gspca_m5602: Failed to find a sensor [ 110.854778][ T3597] ALi m5602 4-1:0.0: ALi m5602 webcam failed [ 110.892711][ T3597] usb 4-1: USB disconnect, device number 4 [ 110.961499][ T14] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 111.153184][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 111.181400][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 111.211132][ T14] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e [ 111.230729][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.261407][ T14] usb 2-1: Product: syz [ 111.265756][ T14] usb 2-1: Manufacturer: syz [ 111.270374][ T14] usb 2-1: SerialNumber: syz [ 111.299074][ T14] usb 2-1: config 0 descriptor?? [ 111.319544][ T14] hub 2-1:0.0: bad descriptor, ignoring hub [ 111.329110][ T14] hub: probe of 2-1:0.0 failed with error -5 [ 111.340934][ T14] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input7 [ 111.674431][ T5860] No such timeout policy "syz0" [ 111.851764][ T5864] netlink: 'syz.3.683': attribute type 10 has an invalid length. [ 111.964438][ T14] usb 2-1: USB disconnect, device number 4 [ 112.175162][ T5876] netlink: 'syz.2.689': attribute type 1 has an invalid length. [ 112.407603][ T5884] netlink: 'syz.2.692': attribute type 2 has an invalid length. [ 112.733945][ T5897] netlink: 'syz.1.699': attribute type 10 has an invalid length. [ 113.504795][ T5917] loop0: detected capacity change from 0 to 4096 [ 113.511534][ T5547] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 113.524281][ T5917] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 113.590577][ T5917] ntfs3: loop0: mft corrupted [ 113.602421][ T5917] ntfs3: loop0: Failed to load $Volume. [ 113.721228][ T5547] usb 4-1: config 0 has an invalid interface number: 199 but max is 1 [ 113.754986][ T5547] usb 4-1: config 0 has no interface number 1 [ 113.761163][ T5547] usb 4-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 113.808899][ T5547] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 113.856702][ T5547] usb 4-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 113.861751][ T5937] netlink: 'syz.4.718': attribute type 5 has an invalid length. [ 113.881221][ T5547] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 113.892384][ T5937] netlink: 176 bytes leftover after parsing attributes in process `syz.4.718'. [ 113.911813][ T5547] usb 4-1: SerialNumber: syz [ 113.919775][ T5547] usb 4-1: config 0 descriptor?? [ 113.954557][ T5547] usb 4-1: Found UVC 0.00 device (0002:0000) [ 113.978450][ T5547] usb 4-1: No valid video chain found. [ 114.158535][ T4319] usb 4-1: USB disconnect, device number 5 [ 114.162795][ T5946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.722'. [ 114.605791][ T5960] xt_CT: No such helper "pptp" [ 114.758162][ T5971] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.734'. [ 114.801729][ T5971] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.734'. [ 115.021021][ T5984] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 115.047521][ T5988] loop1: detected capacity change from 0 to 512 [ 115.085705][ T5988] EXT4-fs: Ignoring removed nobh option [ 115.111926][ T5988] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 115.191262][ T5988] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.739: invalid indirect mapped block 4294967295 (level 1) [ 115.276010][ T5988] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.739: invalid indirect mapped block 4294967295 (level 1) [ 115.292909][ T5988] EXT4-fs (loop1): 2 truncates cleaned up [ 115.298699][ T5988] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 115.321518][ T4394] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 115.341724][ T5993] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 115.431033][ T4276] EXT4-fs (loop1): unmounting filesystem. [ 115.519058][ T4394] usb 1-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 115.547533][ T4394] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.586194][ T4394] usb 1-1: Product: syz [ 115.590421][ T4394] usb 1-1: Manufacturer: syz [ 115.624291][ T4394] usb 1-1: SerialNumber: syz [ 115.651856][ T4394] usb 1-1: config 0 descriptor?? [ 115.888511][ T4394] mos7840 1-1:0.0: required endpoints missing [ 116.000580][ T6023] loop1: detected capacity change from 0 to 256 [ 116.030286][ T6023] exfat: Deprecated parameter 'namecase' [ 116.050332][ T6028] netlink: 'syz.3.762': attribute type 21 has an invalid length. [ 116.079727][ T6023] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 116.103550][ T4394] usb 1-1: USB disconnect, device number 2 [ 116.118003][ T6028] netlink: 132 bytes leftover after parsing attributes in process `syz.3.762'. [ 116.164891][ T6028] netlink: 'syz.3.762': attribute type 1 has an invalid length. [ 116.401756][ T6039] netlink: 20 bytes leftover after parsing attributes in process `syz.3.766'. [ 116.488323][ T6043] netlink: 'syz.1.769': attribute type 1 has an invalid length. [ 117.008994][ T6065] netlink: 'syz.3.779': attribute type 1 has an invalid length. [ 117.081542][ T127] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 117.266727][ T6077] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 117.291519][ T127] usb 5-1: Using ep0 maxpacket: 16 [ 117.307798][ T127] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 117.321508][ T127] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 117.351330][ T127] usb 5-1: config 0 has no interface number 0 [ 117.363048][ T127] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 117.391667][ T127] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.399722][ T127] usb 5-1: Product: syz [ 117.411441][ T127] usb 5-1: Manufacturer: syz [ 117.416124][ T127] usb 5-1: SerialNumber: syz [ 117.442399][ T127] usb 5-1: config 0 descriptor?? [ 117.654667][ T127] usb 5-1: Found UVC 0.00 device syz (046d:08d3) [ 117.669513][ T127] usb 5-1: No valid video chain found. [ 117.889704][ T6097] netlink: 'syz.1.796': attribute type 1 has an invalid length. [ 117.893427][ T6073] loop0: detected capacity change from 0 to 32768 [ 117.907424][ T127] usb 5-1: USB disconnect, device number 6 [ 117.939567][ T6073] (syz.0.782,6073,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 118.005250][ T6073] (syz.0.782,6073,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 118.096413][ T6073] (syz.0.782,6073,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 118.101876][ T6106] dns_resolver: Unsupported content type (240) [ 118.134978][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 118.164457][ T6073] JBD2: Ignoring recovery information on journal [ 118.281828][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 118.316230][ T6073] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 118.350540][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 118.388251][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 118.543633][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 118.600773][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 118.643215][ T6115] loop4: detected capacity change from 0 to 16 [ 118.653895][ T6073] (syz.0.782,6073,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 118.670253][ T6115] erofs: (device loop4): mounted with root inode @ nid 36. [ 118.717790][ T6073] (syz.0.782,6073,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 118.727099][ T6115] erofs: (device loop4): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet [ 118.747468][ T6073] (syz.0.782,6073,1):ocfs2_quota_read:201 ERROR: status = -5 [ 118.761695][ T6073] __quota_error: 5 callbacks suppressed [ 118.761711][ T6073] Quota error (device loop0): find_tree_dqentry: Can't read quota tree block 5 [ 118.829624][ T6073] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 118.855584][ T6073] (syz.0.782,6073,1):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 118.874875][ T6073] (syz.0.782,6073,1):ocfs2_mknod:314 ERROR: status = -5 [ 118.891482][ T6073] (syz.0.782,6073,1):ocfs2_mknod:502 ERROR: status = -5 [ 118.898512][ T6073] (syz.0.782,6073,1):ocfs2_mkdir:659 ERROR: status = -5 [ 119.130562][ T4277] ocfs2: Unmounting device (7,0) on (node local) [ 119.273255][ T14] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 119.481450][ T14] usb 3-1: Using ep0 maxpacket: 32 [ 119.488440][ T14] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.519859][ T14] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.541247][ T14] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 119.585533][ T14] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 119.614552][ T14] usb 3-1: Product: syz [ 119.624676][ T14] usb 3-1: Manufacturer: syz [ 119.635754][ T14] hub 3-1:4.0: USB hub found [ 119.837875][ T14] hub 3-1:4.0: 2 ports detected [ 119.971628][ T3597] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 120.045205][ T14] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 120.057348][ T14] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 120.103031][ T14] usb 3-1: USB disconnect, device number 5 [ 120.177897][ T3597] usb 2-1: Using ep0 maxpacket: 16 [ 120.195779][ T3597] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=81.0c [ 120.215148][ T3597] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.231454][ T3597] usb 2-1: Product: syz [ 120.250461][ T3597] usb 2-1: Manufacturer: syz [ 120.265580][ T3597] usb 2-1: SerialNumber: syz [ 120.292059][ T3597] r8152-cfgselector 2-1: config 0 descriptor?? [ 120.370087][ T6170] loop4: detected capacity change from 0 to 256 [ 120.379473][ T6172] netlink: zone id is out of range [ 120.709089][ T3597] r8152-cfgselector 2-1: Unknown version 0x0000 [ 120.719199][ T3597] r8152-cfgselector 2-1: USB disconnect, device number 5 [ 121.651413][ T4394] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 121.722404][ T6226] loop3: detected capacity change from 0 to 64 [ 121.780597][ T6230] netlink: 'syz.4.861': attribute type 10 has an invalid length. [ 121.839689][ T6232] xt_HMARK: spi-set and port-set can't be combined [ 121.851575][ T4394] usb 3-1: Using ep0 maxpacket: 16 [ 121.858460][ T4394] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 121.896850][ T4394] usb 3-1: config 0 has no interface number 0 [ 121.911423][ T4394] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 121.935006][ T4394] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 121.959584][ T4394] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 121.995862][ T4394] usb 3-1: Product: syz [ 122.007039][ T4394] usb 3-1: SerialNumber: syz [ 122.029378][ T4394] usb 3-1: config 0 descriptor?? [ 122.046907][ T4394] cm109 3-1:0.8: invalid payload size 208, expected 4 [ 122.060347][ T4394] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input8 [ 122.060348][ T6238] trusted_key: encrypted_key: master key parameter '' is invalid [ 122.144447][ T6242] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 122.171420][ T3597] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 122.290250][ T6244] xt_TCPMSS: Only works on TCP SYN packets [ 122.368094][ T3597] usb 4-1: unable to get BOS descriptor or descriptor too short [ 122.382089][ T3597] usb 4-1: config 0 has an invalid descriptor of length 190, skipping remainder of the config [ 122.415936][ T6248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.868'. [ 122.422422][ T3597] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9 [ 122.469419][ T3597] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 63311, setting to 1024 [ 122.481969][ T3597] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1024 [ 122.487674][ T5547] usb 3-1: USB disconnect, device number 6 [ 122.492109][ C0] cm109 3-1:0.8: cm109_urb_irq_callback: urb status -71 [ 122.504826][ C0] cm109 3-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 122.533851][ T5547] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 122.567914][ T3597] usb 4-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39 [ 122.602864][ T3597] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.610917][ T3597] usb 4-1: Product: syz [ 122.659789][ T3597] usb 4-1: Manufacturer: syz [ 122.661191][ T6254] netlink: 122896 bytes leftover after parsing attributes in process `syz.1.873'. [ 122.671365][ T3597] usb 4-1: SerialNumber: syz [ 122.688339][ T3597] usb 4-1: config 0 descriptor?? [ 122.698328][ T6226] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 122.717224][ T6226] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 122.740385][ C0] usb 4-1: NFC: Urb failure (status -71) [ 122.747442][ C0] usb 4-1: NFC: Urb failure (status -71) [ 122.757760][ T3597] usb 4-1: NFC: Unable to get FW version [ 122.771813][ T3597] pn533_usb: probe of 4-1:0.0 failed with error -71 [ 122.994945][ T6268] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 123.036807][ T5547] usb 4-1: USB disconnect, device number 6 [ 123.346559][ T6265] loop1: detected capacity change from 0 to 32768 [ 123.378034][ T6265] XFS (loop1): Mounting V5 Filesystem [ 123.409495][ T6265] XFS (loop1): Ending clean mount [ 123.476685][ T6282] block nbd4: NBD_DISCONNECT [ 123.483146][ T4276] XFS (loop1): Unmounting Filesystem [ 123.663021][ T6288] netlink: 34 bytes leftover after parsing attributes in process `syz.2.887'. [ 124.095224][ T6304] AppArmor: change_hat: Invalid input '0' [ 124.690607][ T6325] netlink: 144 bytes leftover after parsing attributes in process `syz.0.904'. [ 124.745699][ T6296] loop1: detected capacity change from 0 to 32768 [ 124.778562][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 124.813747][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 124.888989][ T6296] (syz.1.883,6296,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 124.914102][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 125.020056][ T6296] JBD2: Ignoring recovery information on journal [ 125.026367][ T6337] IPVS: set_ctl: invalid protocol: 60 10.1.1.1:20003 [ 125.072595][ T6341] libceph: resolve '0' (ret=-3): failed [ 125.141217][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC. [ 125.197655][ T6296] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 125.241887][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC. [ 125.283355][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC. [ 125.401601][ T4394] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 125.410395][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC. [ 125.464254][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x4d558a87. Applying ECC. [ 125.511383][ T6296] (syz.1.883,6296,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x5d2751af [ 125.565852][ T6296] (syz.1.883,6296,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 125.591366][ T6296] (syz.1.883,6296,1):ocfs2_quota_read:201 ERROR: status = -5 [ 125.598852][ T6296] Quota error (device loop1): find_tree_dqentry: Can't read quota tree block 5 [ 125.625642][ T4394] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 125.656015][ T4394] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 125.667233][ T6296] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 125.692332][ T6296] (syz.1.883,6296,0):ocfs2_acquire_dquot:878 ERROR: status = -5 [ 125.700341][ T6296] (syz.1.883,6296,0):ocfs2_mknod:314 ERROR: status = -5 [ 125.708811][ T6296] (syz.1.883,6296,0):ocfs2_mknod:502 ERROR: status = -5 [ 125.716944][ T4394] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e [ 125.726552][ T6296] (syz.1.883,6296,0):ocfs2_mkdir:659 ERROR: status = -5 [ 125.738807][ T4394] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.747443][ T4394] usb 3-1: Product: syz [ 125.751905][ T4394] usb 3-1: Manufacturer: syz [ 125.756533][ T4394] usb 3-1: SerialNumber: syz [ 125.759441][ T6364] loop0: detected capacity change from 0 to 1024 [ 125.778983][ T6365] comedi comedi2: c6xdigio: I/O port conflict (0x8,3) [ 125.780077][ T4394] usb 3-1: config 0 descriptor?? [ 125.818778][ T4394] hub 3-1:0.0: bad descriptor, ignoring hub [ 125.850179][ T4394] hub: probe of 3-1:0.0 failed with error -5 [ 125.901236][ T4276] ocfs2: Unmounting device (7,1) on (node local) [ 125.907745][ T4394] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9 [ 125.950092][ T26] audit: type=1800 audit(1778966236.986:23): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.922" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 126.293994][ T14] usb 3-1: USB disconnect, device number 7 [ 126.939354][ T6405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.944'. [ 126.965596][ T6405] netlink: 312 bytes leftover after parsing attributes in process `syz.0.944'. [ 127.000085][ T6405] netlink: 8 bytes leftover after parsing attributes in process `syz.0.944'. [ 127.226307][ T6417] xt_TCPMSS: Only works on TCP SYN packets [ 127.544332][ T6433] loop4: detected capacity change from 0 to 256 [ 127.667350][ T6433] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x190b464b, utbl_chksum : 0xe619d30d) [ 127.707666][ T6437] loop0: detected capacity change from 0 to 128 [ 127.985703][ T6447] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.963'. [ 128.039490][ T6449] loop3: detected capacity change from 0 to 512 [ 128.077724][ T6449] EXT4-fs: Ignoring removed nobh option [ 128.174766][ T6449] EXT4-fs (loop3): orphan cleanup on readonly fs [ 128.200168][ T6449] EXT4-fs error (device loop3): ext4_do_update_inode:5279: inode #15: comm syz.3.965: corrupted inode contents [ 128.336791][ T6466] netlink: 122896 bytes leftover after parsing attributes in process `syz.2.967'. [ 128.354580][ T6449] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem [ 128.367045][ T6466] debugfs: Directory '!!!' with parent 'ieee80211' already present! [ 128.386220][ T6449] EXT4-fs error (device loop3): ext4_do_update_inode:5279: inode #15: comm syz.3.965: corrupted inode contents [ 128.415267][ T6449] EXT4-fs error (device loop3): ext4_evict_inode:329: inode #15: comm syz.3.965: mark_inode_dirty error [ 128.490815][ T6449] EXT4-fs (loop3): 1 orphan inode deleted [ 128.501018][ T6449] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 128.657471][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 128.997335][ T6488] netlink: 'syz.0.983': attribute type 21 has an invalid length. [ 129.269295][ T6501] netlink: 20 bytes leftover after parsing attributes in process `syz.3.990'. [ 129.278913][ T6502] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 129.291537][ T4319] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 129.323199][ T6501] device gtp0 entered promiscuous mode [ 129.512990][ T4319] usb 5-1: config 0 has an invalid interface number: 69 but max is 0 [ 129.521142][ T4319] usb 5-1: config 0 has no interface number 0 [ 129.547801][ T6512] tmpfs: Bad value for 'mpol' [ 129.552802][ T4319] usb 5-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 129.581401][ T4319] usb 5-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 220, changing to 11 [ 129.624404][ T4319] usb 5-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 129.657417][ T4319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.691520][ T4319] usb 5-1: Product: syz [ 129.695746][ T4319] usb 5-1: Manufacturer: syz [ 129.700360][ T4319] usb 5-1: SerialNumber: syz [ 129.728611][ T4319] usb 5-1: config 0 descriptor?? [ 129.750211][ T6516] loop2: detected capacity change from 0 to 4096 [ 129.760943][ T6490] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 129.770171][ T4319] cyberjack 5-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 129.823199][ T4319] usb 5-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 130.195942][ T4319] usb 5-1: USB disconnect, device number 7 [ 130.230705][ T4319] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 130.278516][ T4319] cyberjack 5-1:0.69: device disconnected [ 130.640480][ T6549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 130.669690][ T6549] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 130.722399][ T6551] netlink: 'syz.1.1015': attribute type 2 has an invalid length. [ 130.781437][ T6551] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1015'. [ 130.811238][ T6555] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1016'. [ 130.891431][ T6549] syz.3.1014 (6549) used greatest stack depth: 20240 bytes left [ 132.605382][ T6627] loop3: detected capacity change from 0 to 2048 [ 132.606707][ T6631] loop1: detected capacity change from 0 to 64 [ 132.694594][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.700974][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.752055][ T6627] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 132.787831][ T6627] EXT4-fs error (device loop3): ext4_find_extent:936: inode #2: comm syz.3.1053: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 132.892034][ T6638] loop0: detected capacity change from 0 to 1024 [ 133.018955][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 133.035983][ T6641] loop2: detected capacity change from 0 to 4096 [ 133.475659][ T6657] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 133.527960][ T6657] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 133.729692][ T6668] netlink: 'syz.3.1072': attribute type 13 has an invalid length. [ 133.821062][ T6672] netlink: 'syz.0.1074': attribute type 1 has an invalid length. [ 133.945831][ T6676] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 133.971905][ T6680] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1077'. [ 134.137967][ T6682] loop0: detected capacity change from 0 to 4096 [ 134.208257][ T6682] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 134.346337][ T6682] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 134.435466][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 134.467780][ T6698] program syz.2.1086 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 134.514207][ T6698] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 134.531513][ T4319] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 134.731434][ T4319] usb 2-1: Using ep0 maxpacket: 8 [ 134.746281][ T4319] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 134.791478][ T4319] usb 2-1: config 0 interface 0 has no altsetting 0 [ 134.800513][ T4319] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 134.820227][ T6708] Option ' ' to dns_resolver key: bad/missing value [ 134.824132][ T4319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.859333][ T4319] usb 2-1: Product: syz [ 134.865867][ T4319] usb 2-1: Manufacturer: syz [ 134.870648][ T4319] usb 2-1: SerialNumber: syz [ 134.884672][ T4319] usb 2-1: config 0 descriptor?? [ 134.895455][ T4319] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 134.947176][ T6687] loop4: detected capacity change from 0 to 32768 [ 135.102151][ T4319] snd_usb_toneport 2-1:0.0: cannot get proper max packet size [ 135.124076][ T4319] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 135.143159][ T4319] snd_usb_toneport: probe of 2-1:0.0 failed with error -22 [ 135.161351][ T5548] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 135.315112][ T6722] loop2: detected capacity change from 0 to 512 [ 135.373089][ T5548] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 135.384873][ T6722] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 135.405036][ T6722] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 135.467173][ T5548] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 135.475537][ T6722] System zones: 0-1, 15-15, 18-18, 34-34 [ 135.502776][ T6722] EXT4-fs (loop2): orphan cleanup on readonly fs [ 135.511066][ T6722] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 135.531869][ T127] usb 2-1: USB disconnect, device number 6 [ 135.540835][ T6722] EXT4-fs warning (device loop2): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 135.547498][ T5548] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e [ 135.600580][ T6722] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 135.616538][ T5548] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.628203][ T6722] EXT4-fs error (device loop2): ext4_orphan_get:1431: comm syz.2.1097: bad orphan inode 16 [ 135.638647][ T5548] usb 4-1: Product: syz [ 135.638669][ T5548] usb 4-1: Manufacturer: syz [ 135.638684][ T5548] usb 4-1: SerialNumber: syz [ 135.648609][ T5548] usb 4-1: config 0 descriptor?? [ 135.687926][ T6736] netlink: 'syz.4.1104': attribute type 2 has an invalid length. [ 135.688677][ T5548] hub 4-1:0.0: bad descriptor, ignoring hub [ 135.701997][ T5548] hub: probe of 4-1:0.0 failed with error -5 [ 135.704440][ T6736] netlink: 'syz.4.1104': attribute type 1 has an invalid length. [ 135.718287][ T6733] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 135.721474][ T6722] ext4_test_bit(bit=15, block=18) = 1 [ 135.725253][ T6733] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 135.738657][ T5548] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input10 [ 135.747955][ T6722] is_bad_inode(inode)=0 [ 135.747969][ T6722] NEXT_ORPHAN(inode)=0 [ 135.747977][ T6722] max_ino=32 [ 135.747986][ T6722] i_nlink=2 [ 135.748072][ T6722] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 135.758710][ T6733] vhci_hcd vhci_hcd.0: Device attached [ 135.761203][ T6738] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(6) [ 135.783779][ T6738] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 135.841146][ T6738] vhci_hcd vhci_hcd.0: Device attached [ 135.863959][ T6722] fscrypt (loop2, inode 16): Error -61 getting encryption context [ 135.912961][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 135.922595][ T6734] vhci_hcd: connection closed [ 135.926821][ T6739] vhci_hcd: connection closed [ 135.929785][ T11] vhci_hcd: stop threads [ 135.957204][ T11] vhci_hcd: release socket [ 136.001999][ T11] vhci_hcd: disconnect device [ 136.017170][ T11] vhci_hcd: stop threads [ 136.032802][ T11] vhci_hcd: release socket [ 136.041771][ T4319] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 136.049375][ T4319] usb 33-1: enqueue for inactive port 0 [ 136.055846][ T11] vhci_hcd: disconnect device [ 136.161546][ T4319] vhci_hcd: vhci_device speed not set [ 136.427674][ T6760] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1114'. [ 136.718505][ T6774] loop1: detected capacity change from 0 to 128 [ 136.747744][ T6774] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 136.862340][ T6774] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 137.242792][ T6790] sctp: [Deprecated]: syz.0.1130 (pid 6790) Use of int in max_burst socket option. [ 137.242792][ T6790] Use struct sctp_assoc_value instead [ 137.374351][ T6797] loop2: detected capacity change from 0 to 512 [ 137.599691][ T6797] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 137.641887][ T6797] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.742085][ T6797] fscrypt (loop2, inode 15): Error -61 getting encryption context [ 137.859634][ T6817] loop3: detected capacity change from 0 to 256 [ 137.904490][ T6820] netlink: 'syz.0.1144': attribute type 9 has an invalid length. [ 137.919147][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 137.964282][ T6817] FAT-fs (loop3): Directory bread(block 64) failed [ 137.993007][ T6817] FAT-fs (loop3): Directory bread(block 65) failed [ 138.048647][ T6817] FAT-fs (loop3): Directory bread(block 66) failed [ 138.062586][ T6817] FAT-fs (loop3): Directory bread(block 67) failed [ 138.076964][ T6825] rdma_rxe: rxe creation allowed on top of a real device only [ 138.092605][ T6817] FAT-fs (loop3): Directory bread(block 68) failed [ 138.099192][ T6817] FAT-fs (loop3): Directory bread(block 69) failed [ 138.155335][ T6817] FAT-fs (loop3): Directory bread(block 70) failed [ 138.175484][ T6817] FAT-fs (loop3): Directory bread(block 71) failed [ 138.192836][ T6817] FAT-fs (loop3): Directory bread(block 72) failed [ 138.250498][ T6817] FAT-fs (loop3): Directory bread(block 73) failed [ 138.438629][ T6837] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.632795][ T6844] loop2: detected capacity change from 0 to 256 [ 138.728435][ T6844] FAT-fs (loop2): Directory bread(block 64) failed [ 138.774607][ T6844] FAT-fs (loop2): Directory bread(block 65) failed [ 138.805177][ T6844] FAT-fs (loop2): Directory bread(block 66) failed [ 138.826507][ T6844] FAT-fs (loop2): Directory bread(block 67) failed [ 138.860779][ T6844] FAT-fs (loop2): Directory bread(block 68) failed [ 138.898249][ T6844] FAT-fs (loop2): Directory bread(block 69) failed [ 138.922071][ T6844] FAT-fs (loop2): Directory bread(block 70) failed [ 138.958339][ T6844] FAT-fs (loop2): Directory bread(block 71) failed [ 138.978435][ T6844] FAT-fs (loop2): Directory bread(block 72) failed [ 138.998191][ T6844] FAT-fs (loop2): Directory bread(block 73) failed [ 139.013846][ T6858] netlink: 2072 bytes leftover after parsing attributes in process `syz.0.1161'. [ 139.105221][ T6858] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1161'. [ 139.144388][ T6858] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1161'. [ 139.197669][ T6858] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1161'. [ 139.424223][ T6866] IPVS: length: 72 != 24 [ 139.847190][ T6889] trusted_key: encrypted_key: master key parameter is missing [ 140.071820][ T6901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1182'. [ 140.101592][ T6901] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1182'. [ 140.131493][ T6901] netlink: 'syz.3.1182': attribute type 3 has an invalid length. [ 140.157727][ T6901] netlink: 'syz.3.1182': attribute type 2 has an invalid length. [ 140.181417][ T6901] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1182'. [ 140.513466][ T3597] usb 4-1: USB disconnect, device number 7 [ 140.645312][ T6915] loop3: detected capacity change from 0 to 4096 [ 140.726469][ T6915] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 140.925879][ T64] ntfs3: loop3: ntfs3_write_inode r=3 failed, -22. [ 140.958309][ T4272] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 140.981406][ T4272] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 140.988949][ T4272] ntfs3: loop3: ntfs_set_state r=3 failed, -22. [ 141.040520][ T64] ntfs3: loop3: ntfs3_write_inode r=3 failed, -22. [ 141.075143][ T4272] ntfs3: loop3: ntfs_evict_inode r=3 failed, -22. [ 141.181916][ T6939] loop2: detected capacity change from 0 to 128 [ 141.213499][ T6939] befs: (loop2): No write support. Marking filesystem read-only [ 141.275968][ T6939] befs: (loop2): invalid magic header [ 141.316244][ T6944] netlink: 'syz.0.1201': attribute type 2 has an invalid length. [ 141.361599][ T6944] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1201'. [ 141.387417][ T6946] dlm: no locking on control device [ 141.509174][ T6952] loop2: detected capacity change from 0 to 512 [ 141.539735][ T6952] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 141.669770][ T6952] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 141.710027][ T6952] ext4 filesystem being mounted at /232/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 141.996694][ T4286] EXT4-fs (loop2): unmounting filesystem. [ 142.060684][ T6972] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1215'. [ 142.141317][ T3597] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 142.148956][ T14] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 142.367204][ T14] usb 1-1: Using ep0 maxpacket: 32 [ 142.381401][ T3597] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 142.393978][ T14] usb 1-1: unable to get BOS descriptor or descriptor too short [ 142.416898][ T3597] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 142.428367][ T14] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 142.444936][ T3597] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 142.461612][ T14] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 142.478848][ T3597] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.487034][ T14] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 142.505071][ T6967] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 142.526413][ T14] usb 1-1: string descriptor 0 read error: -22 [ 142.552076][ T14] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 142.561173][ T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.666714][ T14] usb 1-1: 0:2 : does not exist [ 142.819901][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1228'. [ 142.908171][ T5549] usb 2-1: USB disconnect, device number 7 [ 142.953292][ T4319] usb 1-1: USB disconnect, device number 3 [ 143.783559][ T7038] mmap: syz.3.1247 (7038): VmData 175874048 exceed data ulimit 9. Update limits or use boot option ignore_rlimit_data. [ 143.985126][ T7049] loop2: detected capacity change from 0 to 64 [ 144.301031][ T7066] __nla_validate_parse: 1 callbacks suppressed [ 144.301046][ T7066] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1256'. [ 144.584931][ T7075] loop1: detected capacity change from 0 to 64 [ 144.795097][ T7088] netlink: 'syz.0.1271': attribute type 13 has an invalid length. [ 145.036710][ T7098] netlink: 56537 bytes leftover after parsing attributes in process `syz.0.1276'. [ 145.707595][ T7128] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1290'. [ 145.741487][ T7128] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1290'. [ 145.775588][ T7128] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1290'. [ 145.806495][ T7128] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1290'. [ 146.354390][ T7148] loop1: detected capacity change from 0 to 4096 [ 146.487139][ T26] audit: type=1326 audit(1778966257.526:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 146.597811][ T4276] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22. [ 146.602736][ T26] audit: type=1326 audit(1778966257.566:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 146.610278][ T4276] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 146.651454][ T26] audit: type=1326 audit(1778966257.566:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 146.765559][ T26] audit: type=1326 audit(1778966257.566:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 146.849458][ T26] audit: type=1326 audit(1778966257.566:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 147.013185][ T7176] netlink: 'syz.4.1315': attribute type 3 has an invalid length. [ 147.048746][ T26] audit: type=1326 audit(1778966257.566:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 147.097734][ T7180] loop0: detected capacity change from 0 to 512 [ 147.138207][ T26] audit: type=1326 audit(1778966257.566:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 147.188069][ T7180] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (43205!=18645) [ 147.227974][ T26] audit: type=1326 audit(1778966257.566:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7163 comm="syz.4.1309" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3d2d79ce59 code=0x7ffc0000 [ 147.237309][ T7180] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 147.428391][ T7180] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (43205!=18645) [ 147.603065][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 147.757553][ T7203] netlink: 'syz.1.1328': attribute type 1 has an invalid length. [ 147.772911][ T7202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1327'. [ 147.777902][ T7205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1329'. [ 147.825592][ T7207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1330'. [ 147.886771][ T7207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1330'. [ 147.986987][ T7213] loop3: detected capacity change from 0 to 256 [ 147.996880][ T7210] loop4: detected capacity change from 0 to 512 [ 148.048267][ T7210] EXT4-fs: inline encryption not supported [ 148.090389][ T7213] FAT-fs (loop3): Directory bread(block 64) failed [ 148.124225][ T7213] FAT-fs (loop3): Directory bread(block 65) failed [ 148.130896][ T7213] FAT-fs (loop3): Directory bread(block 66) failed [ 148.139922][ T7210] EXT4-fs error (device loop4): ext4_xattr_inode_iget:401: inode #11: comm syz.4.1331: missing EA_INODE flag [ 148.177940][ T7213] FAT-fs (loop3): Directory bread(block 67) failed [ 148.180414][ T7210] EXT4-fs error (device loop4): ext4_xattr_inode_iget:406: comm syz.4.1331: error while reading EA inode 11 err=-117 [ 148.199934][ T7210] EXT4-fs (loop4): 1 orphan inode deleted [ 148.205827][ T7210] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 148.248578][ T7213] FAT-fs (loop3): Directory bread(block 68) failed [ 148.275487][ T4282] EXT4-fs (loop4): unmounting filesystem. [ 148.302096][ T7213] FAT-fs (loop3): Directory bread(block 69) failed [ 148.308780][ T7213] FAT-fs (loop3): Directory bread(block 70) failed [ 148.352069][ T7213] FAT-fs (loop3): Directory bread(block 71) failed [ 148.391584][ T7213] FAT-fs (loop3): Directory bread(block 72) failed [ 148.398174][ T7213] FAT-fs (loop3): Directory bread(block 73) failed [ 149.708517][ T7281] netlink: 'syz.1.1366': attribute type 27 has an invalid length. [ 149.751892][ T7281] netlink: 'syz.1.1366': attribute type 3 has an invalid length. [ 149.775984][ T7281] __nla_validate_parse: 1 callbacks suppressed [ 149.775999][ T7281] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1366'. [ 149.882656][ T7287] loop4: detected capacity change from 0 to 64 [ 149.932275][ T7286] netlink: 'syz.3.1368': attribute type 12 has an invalid length. [ 150.472259][ T5549] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 150.655256][ T5549] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 150.682610][ T5549] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.690663][ T5549] usb 5-1: Product: syz [ 150.717461][ T5549] usb 5-1: Manufacturer: syz [ 150.722661][ T5549] usb 5-1: SerialNumber: syz [ 150.742336][ T5549] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 150.839404][ T5549] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 151.073711][ C1] usb 5-1: ath: unknown panic pattern! [ 151.275297][ T3597] usb 5-1: USB disconnect, device number 8 [ 151.496069][ T7353] comedi comedi0: dt2815: I/O port conflict (0x9,2) [ 151.661508][ T5085] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 151.679403][ T7361] xt_nat: multiple ranges no longer supported [ 151.738150][ T4394] kernel write not supported for file /input/mice (pid: 4394 comm: kworker/0:8) [ 151.751550][ T127] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 151.841328][ T5085] usb 4-1: Using ep0 maxpacket: 16 [ 151.848306][ T5085] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.861397][ T14] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 151.879260][ T5085] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 151.913758][ T5085] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 151.951418][ T5085] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.958781][ T127] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 151.962500][ T5085] usb 4-1: Product: syz [ 151.980771][ T127] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 151.985009][ T5085] usb 4-1: Manufacturer: syz [ 151.998023][ T5549] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 151.999056][ T7371] netlink: 'syz.0.1410': attribute type 1 has an invalid length. [ 152.013619][ T5085] usb 4-1: SerialNumber: syz [ 152.020888][ T5549] ath9k_htc: Failed to initialize the device [ 152.031426][ T127] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 152.037423][ T5085] r8152-cfgselector 4-1: config 0 descriptor?? [ 152.049524][ T3597] usb 5-1: ath9k_htc: USB layer deinitialized [ 152.061036][ T127] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.064569][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.082833][ T7371] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1410'. [ 152.093634][ T7351] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 152.100397][ T14] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.141658][ T14] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 152.171453][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.179541][ T14] usb 2-1: Product: syz [ 152.231476][ T14] usb 2-1: Manufacturer: syz [ 152.236184][ T14] usb 2-1: SerialNumber: syz [ 152.275669][ T14] usb 2-1: config 0 descriptor?? [ 152.305695][ T14] usb 2-1: Found UVC 0.00 device syz (18ec:3288) [ 152.317191][ T5085] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 152.347621][ T11] usb 4-1: config 0 descriptor?? [ 152.348273][ T14] usb 2-1: No valid video chain found. [ 152.448371][ T14] usb 3-1: USB disconnect, device number 8 [ 152.543838][ T11] usb 4-1: can't set config #0, error -71 [ 152.543952][ T5085] usb 4-1: USB disconnect, device number 8 [ 152.559488][ T127] usb 2-1: USB disconnect, device number 8 [ 153.072975][ T7402] loop0: detected capacity change from 0 to 4096 [ 153.094875][ T7402] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 153.241738][ T7402] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 153.274008][ T7402] ntfs3: loop0: Failed to load $Extend. [ 153.490801][ T7419] loop4: detected capacity change from 0 to 256 [ 153.604977][ T7419] FAT-fs (loop4): Directory bread(block 64) failed [ 153.651545][ T7419] FAT-fs (loop4): Directory bread(block 65) failed [ 153.675856][ T7419] FAT-fs (loop4): Directory bread(block 66) failed [ 153.709655][ T7419] FAT-fs (loop4): Directory bread(block 67) failed [ 153.726758][ T7419] FAT-fs (loop4): Directory bread(block 68) failed [ 153.749429][ T7419] FAT-fs (loop4): Directory bread(block 69) failed [ 153.778947][ T7419] FAT-fs (loop4): Directory bread(block 70) failed [ 153.811187][ T7419] FAT-fs (loop4): Directory bread(block 71) failed [ 153.842014][ T7419] FAT-fs (loop4): Directory bread(block 72) failed [ 153.848608][ T7419] FAT-fs (loop4): Directory bread(block 73) failed [ 153.895433][ T14] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 154.101357][ T14] usb 1-1: Using ep0 maxpacket: 8 [ 154.108058][ T14] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.151389][ T14] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 154.178012][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.203959][ T14] usb 1-1: config 0 descriptor?? [ 154.227831][ T14] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 154.245851][ T7443] bridge0: port 1(bridge_slave_0) entered forwarding state [ 154.259874][ T7443] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 154.269277][ T7443] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 154.300907][ T7441] loop1: detected capacity change from 0 to 4096 [ 154.342556][ T7441] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 154.361935][ T5549] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 154.398952][ T7447] netlink: 'syz.4.1448': attribute type 2 has an invalid length. [ 154.419929][ T7447] netlink: 723 bytes leftover after parsing attributes in process `syz.4.1448'. [ 154.567565][ T5549] usb 3-1: Using ep0 maxpacket: 8 [ 154.574523][ T5549] usb 3-1: config 0 has too many interfaces: 65, using maximum allowed: 32 [ 154.609833][ T5549] usb 3-1: config 0 has an invalid interface number: 150 but max is 64 [ 154.628637][ T5549] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.639338][ T14] gspca_vc032x: reg_w err -71 [ 154.644611][ T14] vc032x: probe of 1-1:0.0 failed with error -71 [ 154.668292][ T5549] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 65 [ 154.691453][ T5549] usb 3-1: config 0 has no interface number 0 [ 154.692342][ T14] usb 1-1: USB disconnect, device number 4 [ 154.714651][ T5549] usb 3-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 154.757705][ T5549] usb 3-1: config 0 interface 150 has no altsetting 0 [ 154.772603][ T5549] usb 3-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 154.805128][ T5549] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.820386][ T5549] usb 3-1: config 0 descriptor?? [ 155.096612][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1459'. [ 155.110560][ T7465] xt_CT: No such helper "netbios-ns" [ 155.111867][ T7470] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1459'. [ 155.135617][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1459'. [ 155.149701][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1459'. [ 155.264719][ T5549] usb 3-1: USB disconnect, device number 9 [ 155.815947][ T7496] Cannot find del_set index 1536 as target [ 155.941570][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1474'. [ 156.262964][ T7520] (unnamed net_device) (uninitialized): option lacp_active: invalid value (7) [ 156.511450][ T14] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 156.708330][ T14] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 156.747165][ T14] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 156.798043][ T14] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 156.827561][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.859751][ T7518] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 157.261634][ T3597] usb 1-1: USB disconnect, device number 5 [ 157.644217][ T7575] overlayfs: unrecognized mount option "\" or missing value [ 158.276994][ T7598] loop2: detected capacity change from 0 to 736 [ 158.394663][ T7598] rock: directory entry would overflow storage [ 158.404293][ T7601] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1524'. [ 158.450909][ T7598] rock: sig=0x3b10, size=4, remaining=3 [ 158.537110][ T7593] infiniband syz1: set active [ 158.557018][ T7593] infiniband syz1: added bond_slave_1 [ 158.677323][ T7607] netlink: 'syz.0.1528': attribute type 3 has an invalid length. [ 158.708633][ T7593] RDS/IB: syz1: added [ 158.753190][ T7593] smc: adding ib device syz1 with port count 1 [ 158.794181][ T7593] smc: ib device syz1 port 1 has pnetid [ 158.938184][ T7618] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 159.889978][ T7655] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1549'. [ 160.075116][ T7655] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.116890][ T7655] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.136911][ T7655] bond0 (unregistering): Released all slaves [ 160.430632][ T7672] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 160.737789][ T7675] loop2: detected capacity change from 0 to 4096 [ 160.765650][ T7675] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 160.791806][ T7681] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1562'. [ 160.821194][ T7675] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 160.856001][ T7675] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 160.895694][ T7684] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1563'. [ 160.910227][ T7675] ntfs: volume version 3.1. [ 161.138425][ T4286] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 161.330147][ T7698] netlink: 'syz.0.1570': attribute type 8 has an invalid length. [ 161.721502][ T14] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 161.821364][ T4394] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 161.917405][ T14] usb 3-1: config 8 has an invalid interface number: 80 but max is 0 [ 161.941413][ T14] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 161.973924][ T14] usb 3-1: config 8 has no interface number 0 [ 162.004644][ T14] usb 3-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0xE7, skipping [ 162.017553][ T4394] usb 1-1: config 150 has an invalid interface number: 204 but max is 2 [ 162.036994][ T4394] usb 1-1: config 150 has an invalid descriptor of length 0, skipping remainder of the config [ 162.057904][ T14] usb 3-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 162.079086][ T4394] usb 1-1: config 150 has 1 interface, different from the descriptor's value: 3 [ 162.088527][ T14] usb 3-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 162.108704][ T4394] usb 1-1: config 150 has no interface number 0 [ 162.115336][ T14] usb 3-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14 [ 162.128775][ T4394] usb 1-1: config 150 interface 204 has no altsetting 0 [ 162.148941][ T14] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f [ 162.160487][ T4394] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 162.179923][ T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.188374][ T4394] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.201969][ T4394] usb 1-1: Product: syz [ 162.206175][ T4394] usb 1-1: Manufacturer: syz [ 162.222722][ T14] usb 3-1: NFC: intf ffff888051973000 id ffffffff8d406c00 [ 162.241355][ T4394] usb 1-1: SerialNumber: syz [ 162.268253][ T7711] loop3: detected capacity change from 0 to 32768 [ 162.310742][ T7711] ialloc: diAlloc returned -5! [ 162.462783][ T4394] xr_serial 1-1:150.204: skipping garbage [ 162.468572][ T4394] xr_serial 1-1:150.204: invalid descriptor buffer length [ 162.514120][ T4394] usb 1-1: USB disconnect, device number 6 [ 163.049085][ T7738] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 163.089682][ T4319] usb 3-1: USB disconnect, device number 10 [ 163.116574][ T7736] loop1: detected capacity change from 0 to 4096 [ 163.159678][ T7736] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 163.289912][ T7736] ntfs3: loop1: Failed to load $Extend. [ 163.438529][ T7751] loop3: detected capacity change from 0 to 1024 [ 163.818998][ T7761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1599'. [ 164.216560][ T7780] netlink: 'syz.2.1609': attribute type 10 has an invalid length. [ 164.234887][ T7780] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1609'. [ 164.249184][ T7780] bridge0: port 3(dummy0) entered blocking state [ 164.262028][ T7780] bridge0: port 3(dummy0) entered disabled state [ 164.270687][ T7780] device dummy0 entered promiscuous mode [ 164.284923][ T7780] bridge0: port 3(dummy0) entered blocking state [ 164.292591][ T7780] bridge0: port 3(dummy0) entered forwarding state [ 164.321459][ T4319] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 164.470815][ T7791] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1615'. [ 164.533704][ T4319] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 164.553729][ T4319] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 164.574069][ T4319] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 164.631058][ T4319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.676940][ T7771] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 165.035516][ T5085] usb 4-1: USB disconnect, device number 9 [ 165.480196][ T7829] loop4: detected capacity change from 0 to 8 [ 165.510075][ T7829] SQUASHFS error: lzo decompression failed, data probably corrupt [ 165.528117][ T7829] SQUASHFS error: Failed to read block 0x91: -5 [ 165.557310][ T7829] SQUASHFS error: Unable to read metadata cache entry [8f] [ 165.587036][ T7829] SQUASHFS error: Unable to read inode 0x11f [ 165.832670][ T7839] netlink: 'syz.2.1636': attribute type 21 has an invalid length. [ 166.022658][ T7848] fuse: blksize only supported for fuseblk [ 166.980050][ T7880] comedi comedi1: Cannot bond this driver to itself! [ 167.341874][ T7891] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 167.429649][ T7897] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1665'. [ 167.589261][ T7897] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 167.606692][ T7897] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 167.616892][ T7897] bond0 (unregistering): Released all slaves [ 167.634971][ T7903] netlink: 'syz.3.1667': attribute type 21 has an invalid length. [ 167.635044][ T7903] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1667'. [ 167.907735][ T7915] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1674'. [ 168.026820][ T26] audit: type=1326 audit(1778966279.066:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.3.1676" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f484279ce59 code=0x7ffc0000 [ 168.050739][ C0] vkms_vblank_simulate: vblank timer overrun [ 168.118642][ T26] audit: type=1326 audit(1778966279.066:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.3.1676" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f484279ce59 code=0x7ffc0000 [ 168.221491][ T26] audit: type=1326 audit(1778966279.066:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.3.1676" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f484279ce59 code=0x7ffc0000 [ 168.237017][ T7929] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 168.249852][ C0] vkms_vblank_simulate: vblank timer overrun [ 168.314749][ T26] audit: type=1326 audit(1778966279.066:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7916 comm="syz.3.1676" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f484279ce59 code=0x7ffc0000 [ 168.483827][ T7938] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1685'. [ 168.660979][ T7943] loop3: detected capacity change from 0 to 1024 [ 168.686756][ T7938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.730456][ T7938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.767649][ T7938] bond0 (unregistering): Released all slaves [ 168.780081][ T7943] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 168.799049][ T7943] EXT4-fs error (device loop3): ext4_get_journal_inode:5762: inode #32: comm syz.3.1688: iget: special inode unallocated [ 168.824483][ T7943] EXT4-fs (loop3): no journal found [ 168.829919][ T7943] EXT4-fs (loop3): can't get journal size [ 168.869524][ T7943] EXT4-fs (loop3): filesystem is read-only [ 168.877697][ T7943] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 168.931479][ T14] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 169.026817][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 169.053504][ T4394] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 169.059104][ T7955] device bridge1 entered promiscuous mode [ 169.124620][ T14] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 169.147273][ T7959] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 169.163113][ T14] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 169.171138][ T14] usb 3-1: Product: syz [ 169.185962][ T14] usb 3-1: SerialNumber: syz [ 169.207966][ T14] usb 3-1: config 0 descriptor?? [ 169.240164][ T7961] netdevsim netdevsim1: Direct firmware load for .. failed with error -2 [ 169.262134][ T7961] netdevsim netdevsim1: Falling back to sysfs fallback for: .. [ 169.268611][ T4394] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 169.291368][ T4394] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 169.321480][ T4394] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 169.341663][ T4394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.362503][ T7950] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 169.430642][ T14] hso 3-1:0.0: Failed to find BULK IN ep [ 169.561057][ T7973] loop3: detected capacity change from 0 to 512 [ 169.637779][ T4394] usb 3-1: USB disconnect, device number 11 [ 169.641526][ T7973] FAT-fs (loop3): FAT read failed (blocknr 128) [ 169.698248][ T14] usb 5-1: USB disconnect, device number 9 [ 170.001339][ T127] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 170.191343][ T127] usb 1-1: Using ep0 maxpacket: 16 [ 170.198346][ T127] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 170.219028][ T127] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 170.270730][ T127] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 170.290293][ T127] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.310526][ T127] usb 1-1: Product: syz [ 170.355231][ T127] usb 1-1: Manufacturer: syz [ 170.356228][ T7996] netlink: 'syz.4.1713': attribute type 12 has an invalid length. [ 170.370062][ T127] usb 1-1: SerialNumber: syz [ 170.370893][ T7996] netlink: 120 bytes leftover after parsing attributes in process `syz.4.1713'. [ 170.385546][ T127] r8152-cfgselector 1-1: config 0 descriptor?? [ 170.603122][ T127] usbip-host 1-1: 1-1 is not in match_busid table... skip! [ 170.799501][ T8011] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 170.831142][ T4394] usb 1-1: USB disconnect, device number 7 [ 170.860452][ T8011] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 170.897308][ T8011] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 170.932415][ T8011] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 170.950680][ T8017] netlink: 'syz.1.1722': attribute type 1 has an invalid length. [ 170.950847][ T8011] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 170.967891][ T8017] netlink: 220 bytes leftover after parsing attributes in process `syz.1.1722'. [ 170.978958][ T8017] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1722'. [ 171.000378][ T8013] loop2: detected capacity change from 0 to 4096 [ 171.006266][ T8015] netlink: 'syz.4.1721': attribute type 10 has an invalid length. [ 171.016616][ T8015] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1721'. [ 171.038148][ T8015] bridge0: port 3(dummy0) entered blocking state [ 171.046153][ T8015] bridge0: port 3(dummy0) entered disabled state [ 171.063309][ T8015] device dummy0 entered promiscuous mode [ 171.069830][ T8015] bridge0: port 3(dummy0) entered blocking state [ 171.076365][ T8015] bridge0: port 3(dummy0) entered forwarding state [ 172.301526][ T5085] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 172.322959][ T8027] loop3: detected capacity change from 0 to 32768 [ 172.483159][ T5085] usb 1-1: config 8 has an invalid interface number: 80 but max is 0 [ 172.511339][ T5085] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 172.538733][ T5085] usb 1-1: config 8 has no interface number 0 [ 172.564578][ T5085] usb 1-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0xE7, skipping [ 172.605943][ T5085] usb 1-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 172.627145][ T5085] usb 1-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 172.651385][ T5085] usb 1-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14 [ 172.680513][ T5085] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f [ 172.700356][ T5085] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.740291][ T5085] usb 1-1: NFC: intf ffff888058d4b000 id ffffffff8d406c00 [ 172.841967][ T8075] loop1: detected capacity change from 0 to 4096 [ 172.918655][ T8077] loop2: detected capacity change from 0 to 4096 [ 172.938730][ T8077] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 173.141335][ T5548] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 173.355490][ T5548] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 173.371938][ T5548] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.385866][ T5548] usb 5-1: Product: syz [ 173.390404][ T5548] usb 5-1: Manufacturer: syz [ 173.412733][ T5548] usb 5-1: SerialNumber: syz [ 173.439643][ T5548] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 173.476674][ T5548] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 173.509290][ T8085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1758'. [ 173.531457][ T8085] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1758'. [ 173.571864][ T8085] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1758'. [ 173.581107][ T8085] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1758'. [ 173.646512][ T8085] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1758'. [ 173.797249][ T14] usb 1-1: USB disconnect, device number 8 [ 173.913205][ T5085] usb 5-1: USB disconnect, device number 10 [ 174.024866][ T8095] loop2: detected capacity change from 0 to 2048 [ 174.062510][ T8095] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=301129, location=301129 [ 174.094887][ T8095] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 174.198649][ T8103] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1766'. [ 174.371409][ T8112] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1770'. [ 174.491687][ T8112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.532306][ T5548] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 174.541556][ T5548] ath9k_htc: Failed to initialize the device [ 174.548104][ T5085] usb 5-1: ath9k_htc: USB layer deinitialized [ 174.557599][ T8112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.607410][ T8112] bond0 (unregistering): Released all slaves [ 175.125815][ T8137] loop2: detected capacity change from 0 to 2048 [ 175.175936][ T8137] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 175.215219][ T8137] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 175.261358][ T8137] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 175.261396][ T8137] UDF-fs: Scanning with blocksize 512 failed [ 175.275384][ T8137] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 175.643664][ T8159] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1789'. [ 175.778386][ T8159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 175.832841][ T8159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 175.869221][ T8159] infiniband syz1: set down [ 175.882267][ T8159] bond0 (unregistering): Released all slaves [ 175.900811][ T8167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1793'. [ 176.185136][ T8180] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1798'. [ 176.428454][ T8188] loop3: detected capacity change from 0 to 764 [ 176.492271][ T8188] rock: directory entry would overflow storage [ 176.518690][ T8188] rock: sig=0x4f50, size=4, remaining=3 [ 176.528904][ T8188] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 176.787996][ T8206] loop2: detected capacity change from 0 to 16 [ 176.854038][ T8206] erofs: (device loop2): mounted with root inode @ nid 36. [ 177.640320][ T8241] netlink: 'syz.1.1830': attribute type 12 has an invalid length. [ 177.702223][ T8246] netlink: 'syz.0.1832': attribute type 2 has an invalid length. [ 177.770968][ T8243] loop2: detected capacity change from 0 to 4096 [ 177.779038][ T8249] loop3: detected capacity change from 0 to 512 [ 177.913455][ T8249] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 177.953190][ T8249] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 178.059636][ T8260] xt_nfacct: accounting object `syz0' does not exist [ 178.071016][ T8249] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 178.152154][ T8249] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 178.251607][ T8249] EXT4-fs error (device loop3): ext4_acquire_dquot:6841: comm syz.3.1833: Failed to acquire dquot type 0 [ 178.308319][ T8265] usb usb8: usbfs: process 8265 (syz.0.1840) did not claim interface 0 before use [ 178.386545][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 178.694134][ T8280] syz.4.1847 uses old SIOCAX25GETINFO [ 178.801525][ T127] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 178.846276][ T8288] program syz.4.1851 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 178.903593][ T8285] loop0: detected capacity change from 0 to 4096 [ 179.013477][ T127] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 179.032098][ T127] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 179.063503][ T127] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 179.122532][ T127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 179.130621][ T127] usb 2-1: SerialNumber: syz [ 179.199556][ T127] usb 2-1: 0:2 : does not exist [ 179.242739][ T8299] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 179.617304][ T127] usb 2-1: USB disconnect, device number 9 [ 179.741434][ T5085] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 179.931409][ T5085] usb 3-1: Using ep0 maxpacket: 16 [ 179.938445][ T5085] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 179.957973][ T5085] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.984499][ T5085] usb 3-1: config 0 descriptor?? [ 180.018100][ T5085] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 180.100847][ T8330] loop0: detected capacity change from 0 to 1764 [ 180.101747][ T8333] device netdevsim0 entered promiscuous mode [ 180.143385][ T8330] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 180.162261][ T8333] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 180.172459][ T8333] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 180.220318][ T5085] usb 3-1: Detected FT232B [ 180.326506][ T8335] __nla_validate_parse: 3 callbacks suppressed [ 180.326523][ T8335] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1874'. [ 180.380153][ T8335] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1874'. [ 180.419909][ T8335] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1874'. [ 180.427695][ T5085] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 180.470744][ T5085] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 180.493194][ T5085] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 180.545130][ T5085] usb 3-1: USB disconnect, device number 12 [ 180.570388][ T5085] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 180.607687][ T5085] ftdi_sio 3-1:0.0: device disconnected [ 180.630107][ T8343] loop0: detected capacity change from 0 to 1764 [ 180.781136][ T8343] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 180.851417][ T4280] Bluetooth: hci2: command 0x0406 tx timeout [ 180.857534][ T4280] Bluetooth: hci1: command 0x0406 tx timeout [ 180.864368][ T4290] Bluetooth: hci0: command 0x0406 tx timeout [ 180.864388][ T4289] Bluetooth: hci3: command 0x0406 tx timeout [ 180.870399][ T4290] Bluetooth: hci4: command 0x0406 tx timeout [ 181.176402][ T8361] netlink: 'syz.4.1887': attribute type 1 has an invalid length. [ 181.267718][ T8351] loop3: detected capacity change from 0 to 32768 [ 181.333272][ T8351] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1881 (8351) [ 181.401866][ T8351] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 181.467488][ T8351] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 181.513161][ T8351] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 181.572668][ T8351] BTRFS info (device loop3): trying to use backup root at mount time [ 181.597850][ T8351] BTRFS info (device loop3): max_inline at 0 [ 181.606586][ T8351] BTRFS info (device loop3): using free space tree [ 181.628315][ T8379] netlink: 'syz.0.1895': attribute type 4 has an invalid length. [ 181.863519][ T8351] BTRFS info (device loop3): enabling ssd optimizations [ 182.072073][ T4272] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 182.585302][ T8430] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1909'. [ 182.655514][ T8435] netdevsim netdevsim0: Direct firmware load for .. failed with error -2 [ 182.655542][ T8435] netdevsim netdevsim0: Falling back to sysfs fallback for: .. [ 182.954271][ T8416] loop2: detected capacity change from 0 to 32768 [ 182.976762][ T8416] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1905 (8416) [ 183.044951][ T8416] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 183.076247][ T8416] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 183.117457][ T8448] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1916'. [ 183.117700][ T8416] BTRFS info (device loop2): force clearing of disk cache [ 183.132922][ T8448] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1916'. [ 183.181684][ T8416] BTRFS info (device loop2): metadata ratio 0 [ 183.196988][ T8416] BTRFS info (device loop2): enabling ssd optimizations [ 183.232482][ T8416] BTRFS info (device loop2): using spread ssd allocation scheme [ 183.279156][ T8416] BTRFS info (device loop2): using free space tree [ 183.543303][ T8416] BTRFS info (device loop2): rebuilding free space tree [ 183.907001][ T8483] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 183.960842][ T4286] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 184.198147][ T8494] cgroup: Unknown subsys name 'pcr' [ 184.234482][ T8495] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1930'. [ 184.452198][ T127] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 184.672166][ T127] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 184.697617][ T127] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 184.728324][ T127] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 184.751757][ T127] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.780409][ T8493] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 185.139240][ T127] usb 4-1: USB disconnect, device number 10 [ 185.330845][ T8529] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.1946'. [ 185.484806][ T8503] loop0: detected capacity change from 0 to 32768 [ 185.520491][ T8503] [ 185.520491][ T8503] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.520491][ T8503] [ 185.609155][ T8503] ERROR: (device loop0): xtTruncate: XT_GETPAGE: xtree page corrupt [ 185.609155][ T8503] [ 185.761822][ T4337] [ 185.761822][ T4337] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.761822][ T4337] [ 185.791358][ T4337] [ 185.791358][ T4337] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.791358][ T4337] [ 185.863482][ T4277] [ 185.863482][ T4277] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.863482][ T4277] [ 185.868694][ T8546] loop4: detected capacity change from 0 to 164 [ 185.890886][ T107] [ 185.890886][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.890886][ T107] [ 185.937841][ T4277] [ 185.937841][ T4277] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 185.937841][ T4277] [ 186.021875][ T8546] Symlink component flag not implemented [ 186.056036][ T8546] Symlink component flag not implemented (7) [ 186.157118][ T107] ================================================================== [ 186.165221][ T107] BUG: KASAN: use-after-free in txEnd+0x329/0x520 [ 186.171661][ T107] Write of size 8 at addr ffff888077c6e040 by task jfsCommit/107 [ 186.179393][ T107] [ 186.181745][ T107] CPU: 0 PID: 107 Comm: jfsCommit Not tainted syzkaller #0 [ 186.188951][ T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 186.199034][ T107] Call Trace: [ 186.202332][ T107] [ 186.205278][ T107] dump_stack_lvl+0x188/0x24e [ 186.209977][ T107] ? read_lock_is_recursive+0x10/0x10 [ 186.215375][ T107] ? show_regs_print_info+0x12/0x12 [ 186.220597][ T107] ? load_image+0x400/0x400 [ 186.225122][ T107] ? _raw_spin_lock_irqsave+0xbc/0x100 [ 186.230607][ T107] ? __virt_addr_valid+0x188/0x540 [ 186.235743][ T107] ? __virt_addr_valid+0x465/0x540 [ 186.240881][ T107] ? txEnd+0x329/0x520 [ 186.244968][ T107] print_report+0xa8/0x210 [ 186.249404][ T107] kasan_report+0x10b/0x140 [ 186.253930][ T107] ? mutex_unlock+0x10/0x10 [ 186.258455][ T107] ? txEnd+0x329/0x520 [ 186.262547][ T107] kasan_check_range+0x235/0x290 [ 186.267500][ T107] txEnd+0x329/0x520 [ 186.271393][ T107] jfs_lazycommit+0x5a0/0xa70 [ 186.276061][ T107] ? txFreelock+0x5a0/0x5a0 [ 186.280555][ T107] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 186.286437][ T107] ? do_task_dead+0xd0/0xd0 [ 186.290933][ T107] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 186.296815][ T107] ? __kthread_parkme+0x162/0x1c0 [ 186.301835][ T107] kthread+0x29d/0x330 [ 186.305890][ T107] ? txFreelock+0x5a0/0x5a0 [ 186.310383][ T107] ? kthread_blkcg+0xd0/0xd0 [ 186.314960][ T107] ret_from_fork+0x1f/0x30 [ 186.319374][ T107] [ 186.322380][ T107] [ 186.324688][ T107] Allocated by task 8503: [ 186.328999][ T107] kasan_set_track+0x4b/0x70 [ 186.333579][ T107] __kasan_kmalloc+0x8e/0xa0 [ 186.338161][ T107] lmLogOpen+0x2c0/0xf90 [ 186.342401][ T107] jfs_mount_rw+0xf8/0x5c0 [ 186.346808][ T107] jfs_fill_super+0x594/0xad0 [ 186.351476][ T107] mount_bdev+0x287/0x3c0 [ 186.355794][ T107] legacy_get_tree+0xe6/0x180 [ 186.360459][ T107] vfs_get_tree+0x88/0x270 [ 186.364865][ T107] do_new_mount+0x24a/0xa40 [ 186.369355][ T107] __se_sys_mount+0x2e3/0x3d0 [ 186.374020][ T107] do_syscall_64+0x4c/0xa0 [ 186.378427][ T107] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.384309][ T107] [ 186.386622][ T107] Freed by task 4277: [ 186.390583][ T107] kasan_set_track+0x4b/0x70 [ 186.395168][ T107] kasan_save_free_info+0x2d/0x50 [ 186.400177][ T107] ____kasan_slab_free+0x126/0x1e0 [ 186.405278][ T107] slab_free_freelist_hook+0x131/0x1a0 [ 186.410724][ T107] __kmem_cache_free+0xb6/0x1f0 [ 186.415559][ T107] lmLogClose+0x293/0x520 [ 186.419878][ T107] jfs_umount+0x28f/0x360 [ 186.424197][ T107] jfs_put_super+0x88/0x190 [ 186.428687][ T107] generic_shutdown_super+0x130/0x340 [ 186.434045][ T107] kill_block_super+0x7c/0xe0 [ 186.438708][ T107] deactivate_locked_super+0x93/0xf0 [ 186.443979][ T107] cleanup_mnt+0x42c/0x4b0 [ 186.448383][ T107] task_work_run+0x1d0/0x260 [ 186.452962][ T107] exit_to_user_mode_loop+0xe6/0x110 [ 186.458241][ T107] exit_to_user_mode_prepare+0xee/0x180 [ 186.463779][ T107] syscall_exit_to_user_mode+0x16/0x40 [ 186.469226][ T107] do_syscall_64+0x58/0xa0 [ 186.473634][ T107] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.479516][ T107] [ 186.481823][ T107] The buggy address belongs to the object at ffff888077c6e000 [ 186.481823][ T107] which belongs to the cache kmalloc-1k of size 1024 [ 186.495861][ T107] The buggy address is located 64 bytes inside of [ 186.495861][ T107] 1024-byte region [ffff888077c6e000, ffff888077c6e400) [ 186.509122][ T107] [ 186.511437][ T107] The buggy address belongs to the physical page: [ 186.517841][ T107] page:ffffea0001df1a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77c68 [ 186.527978][ T107] head:ffffea0001df1a00 order:3 compound_mapcount:0 compound_pincount:0 [ 186.536285][ T107] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 186.544262][ T107] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017441dc0 [ 186.552833][ T107] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 186.561401][ T107] page dumped because: kasan: bad access detected [ 186.567819][ T107] page_owner tracks the page as allocated [ 186.573518][ T107] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4073, tgid 4073 (dhcpcd), ts 37512000362, free_ts 37459657473 [ 186.594429][ T107] post_alloc_hook+0x173/0x1a0 [ 186.599188][ T107] get_page_from_freelist+0x1a1e/0x1ab0 [ 186.604725][ T107] __alloc_pages+0x1ec/0x4f0 [ 186.609304][ T107] alloc_slab_page+0x5d/0x160 [ 186.613975][ T107] new_slab+0x87/0x2c0 [ 186.618031][ T107] ___slab_alloc+0xbc6/0x1240 [ 186.622697][ T107] __kmem_cache_alloc_node+0x1a0/0x260 [ 186.628147][ T107] __kmalloc+0xa0/0x240 [ 186.632302][ T107] bpf_convert_filter+0x10e/0x5220 [ 186.637405][ T107] bpf_prepare_filter+0xe85/0x11d0 [ 186.642501][ T107] bpf_prog_create_from_user+0x2ce/0x420 [ 186.648117][ T107] do_seccomp+0x80d/0xe10 [ 186.652439][ T107] __se_sys_prctl+0x401/0x1100 [ 186.657195][ T107] do_syscall_64+0x4c/0xa0 [ 186.661607][ T107] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.667490][ T107] page last free stack trace: [ 186.672147][ T107] free_unref_page_prepare+0x8b4/0x9a0 [ 186.677599][ T107] free_unref_page+0x2e/0x3f0 [ 186.682267][ T107] qlist_free_all+0x76/0xe0 [ 186.686756][ T107] kasan_quarantine_reduce+0x144/0x160 [ 186.692201][ T107] __kasan_slab_alloc+0x1e/0x80 [ 186.697040][ T107] slab_post_alloc_hook+0x4b/0x480 [ 186.702138][ T107] kmem_cache_alloc+0x123/0x2f0 [ 186.706973][ T107] mas_alloc_nodes+0x2ec/0x890 [ 186.711725][ T107] mas_preallocate+0x161/0x3c0 [ 186.716475][ T107] do_mas_align_munmap+0x239/0x12b0 [ 186.721661][ T107] do_mas_munmap+0x240/0x2b0 [ 186.726240][ T107] __vm_munmap+0x1ac/0x2d0 [ 186.730643][ T107] __x64_sys_munmap+0x5c/0x70 [ 186.735308][ T107] do_syscall_64+0x4c/0xa0 [ 186.739715][ T107] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.745597][ T107] [ 186.747907][ T107] Memory state around the buggy address: [ 186.753519][ T107] ffff888077c6df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 186.761565][ T107] ffff888077c6df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 186.769612][ T107] >ffff888077c6e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 186.777657][ T107] ^ [ 186.783790][ T107] ffff888077c6e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 186.791833][ T107] ffff888077c6e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 186.799877][ T107] ================================================================== [ 187.014560][ T107] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 187.021815][ T107] CPU: 1 PID: 107 Comm: jfsCommit Not tainted syzkaller #0 [ 187.029027][ T107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 187.039073][ T107] Call Trace: [ 187.042351][ T107] [ 187.045268][ T107] dump_stack_lvl+0x188/0x24e [ 187.049947][ T107] ? memcpy+0x3c/0x60 [ 187.053916][ T107] ? show_regs_print_info+0x12/0x12 [ 187.059109][ T107] ? load_image+0x400/0x400 [ 187.063610][ T107] panic+0x2e5/0x730 [ 187.067498][ T107] ? bpf_jit_dump+0xd0/0xd0 [ 187.071990][ T107] ? _raw_spin_unlock_irqrestore+0x10d/0x120 [ 187.077963][ T107] ? _raw_spin_unlock+0x40/0x40 [ 187.082801][ T107] check_panic_on_warn+0x80/0xa0 [ 187.087735][ T107] ? txEnd+0x329/0x520 [ 187.091795][ T107] end_report+0x66/0x110 [ 187.096029][ T107] kasan_report+0x118/0x140 [ 187.100522][ T107] ? mutex_unlock+0x10/0x10 [ 187.105019][ T107] ? txEnd+0x329/0x520 [ 187.109080][ T107] kasan_check_range+0x235/0x290 [ 187.114010][ T107] txEnd+0x329/0x520 [ 187.117895][ T107] jfs_lazycommit+0x5a0/0xa70 [ 187.122563][ T107] ? txFreelock+0x5a0/0x5a0 [ 187.127058][ T107] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 187.132939][ T107] ? do_task_dead+0xd0/0xd0 [ 187.137434][ T107] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 187.143317][ T107] ? __kthread_parkme+0x162/0x1c0 [ 187.148335][ T107] kthread+0x29d/0x330 [ 187.152481][ T107] ? txFreelock+0x5a0/0x5a0 [ 187.156971][ T107] ? kthread_blkcg+0xd0/0xd0 [ 187.161550][ T107] ret_from_fork+0x1f/0x30 [ 187.165969][ T107] [ 187.169221][ T107] Kernel Offset: disabled [ 187.173539][ T107] Rebooting in 86400 seconds..