last executing test programs: 9m28.900548994s ago: executing program 3 (id=1065): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000440)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[], 0x1, 0x2c3, &(0x7f0000000100)="$eJzs3EFrE2sUxvFzm94mTWmTC5eCgnrQjd0MbfwAGqQFMaDWpqgLYWonGjImZSZUUsRmI279HMVld4L6BboRN+7dFUF0YRfiiJmknbSTNNUmpvb/gzInec+TvKUknBTybt56/rCQc42cWZaBmMqASFW2RJI/q7p/6teBWj0kQVWZGPny/tTN23eupjOZ6KzqTHruQkpVx868evT4xdk35ZH59bGXUdlI3t38lPqwMb5xYvP73IO8q3lXi6WymrpQKpXNBdvSxbxbMFSv25bpWpovupbTtJ6zS0tLFTWLi6PxJcdyXTWLFS1YFS2XtOxU1Lxv5otqGIaOxuV4G+ygJ7s2O2umWy57kUPdEbpuOOxOx0lXRWRo72J2rRebAgAA/aX9/O/P+q3n/8y8f23M/9OHM/+LMP93SbXp1j7zP/4KjpM24/XXbzPmfwAAAAAAAAAAAAAAAAAAAAAAjoItz0t4npdoXBs/URGJiUjj9p/eJ7pjv7//5/DYxV7vE90R+OJeTMR+tpxdzvpXfz2dk7zYYsmkJORb7f2gzq9nrmSmJ7Xmq+d5q/X86nI2ItFGviEZlj/935SfV3ltB/L/Sjz4/ClJyP/hz58KzQ/dOH8ukDckIW/vSUlsWay9r+3kn0ypXr6W2ZUfrvW1FHrSAgAAAAAA/cnQbcnmz7/+2Y9GrSEme9f9/AH+P7Dr8/WgnOzkiEoAAAAAAPDb3MpKwbRtywkp1kWkxVKtiIpIm/hxLSLSF9vYVVwSkT7YRq+KmIj49+gvxMc/bsc7Snkd9Azu82rqtyL0wGAAAAAAR9jO0H+A0LunXdwRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHT9tjwCZG/KbKSqHR39QTfKA2jxPoivTuNwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6z48AAAD//0vYF3I=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x2) getdents64(r0, 0xfffffffffffffffe, 0x29) 9m27.994552661s ago: executing program 3 (id=1070): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xff, 0x11, 0x7, 0xffffffff, 0x20, "01000000000e65300000001e00000200"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240)=0x6) 9m27.180359502s ago: executing program 3 (id=1078): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, &(0x7f00000008c0)) 9m26.516068735s ago: executing program 3 (id=1081): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@minixdf}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file2\x00', 0x42, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) 9m25.02743207s ago: executing program 3 (id=1089): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x6}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x98}}, 0x0) 9m24.080344236s ago: executing program 3 (id=1093): r0 = socket(0x2, 0x80805, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8}, 0x94) getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006) 9m21.590123123s ago: executing program 32 (id=1093): r0 = socket(0x2, 0x80805, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8}, 0x94) getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006) 6m43.153324247s ago: executing program 1 (id=1748): openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) 6m42.432709019s ago: executing program 1 (id=1753): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = socket$inet6(0xa, 0x805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec) 6m41.761751557s ago: executing program 1 (id=1757): r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) write$UHID_INPUT(r0, &(0x7f00000005c0)={0x9, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b073172090890e0878f0e1ac6e7049b3371959b6e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6b922f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa0b9d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897f3411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2de8a50ddefeb12c46342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f02f4cded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f00000001c0)={0x4, 0xff, 0x2, 0x1}) 6m40.752631867s ago: executing program 1 (id=1764): syz_mount_image$exfat(&(0x7f0000000b80), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000080)={[{@utf8}, {@discard}, {@namecase}, {}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@keep_last_dots}, {@sys_tz}, {@dmask={'dmask', 0x3d, 0x5}}]}, 0x1, 0x1534, &(0x7f0000002d00)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0) mount$binder(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0xe2ca6, 0x0) 6m39.567038471s ago: executing program 1 (id=1772): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) setns(r0, 0xa000000) 6m38.818582527s ago: executing program 1 (id=1775): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x6, &(0x7f0000000040)=0x100000001) 6m35.874292124s ago: executing program 33 (id=1775): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) migrate_pages(0x0, 0x7, &(0x7f0000000000)=0x6, &(0x7f0000000040)=0x100000001) 2m49.966438936s ago: executing program 6 (id=2956): sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x24008851}, 0x40040) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0) 2m49.242616607s ago: executing program 6 (id=2959): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000180)={0x0, 0x0, 0x7}) 2m48.718143413s ago: executing program 6 (id=2963): openat$ipvs(0xffffffffffffff9c, &(0x7f0000000c40)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) r0 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x3, 0x10100, 0x1fd}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 2m47.931905005s ago: executing program 6 (id=2967): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nodioread_nolock}, {@quota}, {@quota}]}, 0x3, 0x443, &(0x7f0000000dc0)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=") mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00') 2m46.855823227s ago: executing program 6 (id=2974): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8042, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) write$P9_RSTATu(r0, &(0x7f0000000580)={0x208, 0x2, 0x0, {{0x500, 0xf8, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239) 2m41.66230219s ago: executing program 6 (id=3003): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, @private0, 0x1, 0x6, 0x0, 0x100, 0x6, 0x180107, r2}) 2m39.774020577s ago: executing program 34 (id=3003): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, @private0, 0x1, 0x6, 0x0, 0x100, 0x6, 0x180107, r2}) 48.579611057s ago: executing program 0 (id=3602): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=@bridge_delneigh={0x30, 0x1c, 0x1, 0x1, 0x25dfdbfe, {0x7, 0x0, 0x0, r2, 0x680ab616bf3f02fd, 0x0, 0x6}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, @NDA_VLAN={0x6, 0x5, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x40091}, 0x40c0) 48.009600381s ago: executing program 0 (id=3607): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x8, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840) 46.913159561s ago: executing program 0 (id=3616): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$inet6(r0, &(0x7f0000000440)={&(0x7f0000000240)={0xa, 0x4e22, 0x3, @remote, 0x1}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000340)="ce", 0x1}], 0x1}, 0x44044) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x2}, 0xc) 46.234619748s ago: executing program 0 (id=3621): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x901095, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202) 45.643318295s ago: executing program 0 (id=3625): r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0) 45.010855835s ago: executing program 0 (id=3629): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2600a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r2}, @IFLA_HSR_SLAVE1={0x8, 0x1, r1}]}}}]}, 0x40}}, 0x8000) 43.196910196s ago: executing program 35 (id=3629): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2600a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r2}, @IFLA_HSR_SLAVE1={0x8, 0x1, r1}]}}}]}, 0x40}}, 0x8000) 6.083792702s ago: executing program 2 (id=3828): syz_emit_ethernet(0x26, &(0x7f0000000000)={@local, @random="429e82211cf8", @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x0, 0x18, 0x67, 0x0, 0x2, 0x89, 0x0, @rand_addr=0x64010100, @multicast1}, "7550d72e"}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 4.612057698s ago: executing program 5 (id=3832): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = gettid() tkill(r0, 0x12) pselect6(0x40, &(0x7f0000000040)={0x9, 0x5, 0x7fffffff, 0x1, 0x2, 0x100, 0x8, 0xab8}, 0x0, 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x2]}, 0x8}) 4.447059047s ago: executing program 2 (id=3834): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") creat(&(0x7f0000000100)='./file1\x00', 0xe0) unlink(&(0x7f0000000080)='./file1\x00') unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) 4.063911226s ago: executing program 8 (id=3836): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0xec, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x9c, 0x11, [{@in=@private=0xa010100, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0x33, 0x3, 0x0, 0x2, 0x2, 0xa}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@dev={0xfe, 0x80, '\x00', 0x44}, @in=@rand_addr=0x64010102, @in6=@rand_addr=' \x01\x00', 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}]}]}, 0xec}}, 0x0) 4.000133401s ago: executing program 7 (id=3837): sendmsg$L2TP_CMD_TUNNEL_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c"], 0x1c}}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r0}, 0x38) 3.994126239s ago: executing program 5 (id=3838): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_POLL(r0, &(0x7f0000002140)={0x18, 0x0, r1, {0x5}}, 0x18) preadv(r0, &(0x7f0000004800)=[{&(0x7f0000002580)=""/4096, 0x1000}, {&(0x7f0000003740)=""/4096, 0x1000}], 0x2, 0x91, 0x3) 3.553402606s ago: executing program 7 (id=3840): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x7800, 0xfffffffc, 0xdc64}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'syztnl1\x00', &(0x7f0000000240)={'syztnl0\x00', r1, 0x29, 0x0, 0x6, 0x7f, 0x5, @ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, 0x0, 0x40, 0x6, 0x41}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000000c0)={'ip6_vti0\x00', r1, 0x0, 0x0, 0x0, 0x0, 0xd, @dev={0xfe, 0x80, '\x00', 0x8}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x0, 0xfffffffc}}) 3.447477801s ago: executing program 2 (id=3841): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x3}, 0x48) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000540)={r1, r0}, 0xc) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000380)={r1, r0}, 0xc) 3.410741086s ago: executing program 5 (id=3842): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002780), 0x2, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000980)={0x0, 0x0, 0x10100}, &(0x7f0000000300)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 3.38506947s ago: executing program 8 (id=3843): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073794f310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f50000000000000000020000000900020073797a31000000000800034000000001"], 0x34}, 0x1, 0x0, 0x0, 0x66df5cfbe53006d1}, 0x0) 3.299834328s ago: executing program 4 (id=3844): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000001480)}], 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x8, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x43}, 0x94) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 2.938173279s ago: executing program 7 (id=3845): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x18, 0x3a, 0x0, @remote, @loopback, {[], @mld={0x82, 0x0, 0x0, 0x9, 0xc036, @remote}}}}}}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48) 2.87493996s ago: executing program 5 (id=3846): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004824}, 0x4814) 2.824240494s ago: executing program 4 (id=3847): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000240), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000000)={0x8, 0x1, 0x9, 0x10000, @vifc_lcl_addr=@local, @multicast2}, 0x10) close(0x3) 2.766752401s ago: executing program 8 (id=3848): syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2) r0 = syz_io_uring_setup(0x23d, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x514}}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 2.590372714s ago: executing program 2 (id=3849): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_matches\x00') syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./bus\x00', 0x12, &(0x7f0000000000)=ANY=[], 0xff, 0x5a53, &(0x7f0000007f00)="$eJzs3X+QHNV9IPDXM7Pa1a5+rAQOMpjVIqOE4Nha8av8IxVvcomdApuSyynH4mTDAisiWxIq/QggSBA58KECXDiFK5GTuiIuzB1GcVEFF6NQJvw4ibOxVVx81BWmzr7D/sN3hENlQEdRPu/V7vSbnemZ3p6dnRULfD4lbU+/efPt191vevr7uncnAAAA8I5w5JZdxy8+9Q++9xfjr934h/+47aYwUJ4q74sVBtPptW9WCzmReiurpqbZfvEb13/zZ8NX/N53H+j/xuuHrzxj849+/6QrHvnChYcO/M3jry596FcvFMWN/ens6fnkpSSEvu8c++qXDj99ymRZsmzyZ2lfCCuSlY+vSDIhkjdC+Hf96cyqzJMPvnbu5qlKmfLlmXn9/Z2tL+0je49f877w49/dePMPVn/r73sOvrhvukrSV9efQlh2Wf3re0IIi9P/k3rTaeyPsf9tCCH0173ugwXtem+b7V+XM39aOl2UTgcK4sTn12TmS5l62fmoJzPtL1jeXOW1o9N6RZZk5rPHlbnKa2csX5FOv51Oz55l/HK6DuUklJJQqTV/azLdR0LdfktCMrUv+2rzpdq+Den6Z+aTzHwpM1/uyazX1HLTjlZOksbyWC9THg/HlbT8jPpjdQufrntcX+/dsSx9o76erZMJOtD0oLZeU2K7js3QlhOhVHcMalVe2/HpzhhIywaSlU2vmWghPnd44+1ry5ueODKY047kgSSNn3QUf+/3Vyz5/P3792Q/12vxLyul8Usdxf/JRUdfvmT/17+WG//OGL/cUfxzHu1/6aInb1mTu32Oxe1T6Sj+2AtP3bH65MsP5rb/7hi/r1X8/708ZxGxwuiho71Ljz/6WG77R+L2WdxR+5//yMd+et+zD7+YGz/E+P0dxd90aMeXe4eOn5Ub/7G4fQY66z+vHLzguaGhnw/nxX8mxl/aUfx79x348D3Lb7swd/9uiNtnsKP4nzjzkZuXHH/49LxjZ3J3tz45Ad6ZTkrPsW5N52fKMyePz3l55lzV5Qt/PVypnvMtSf8v7eaCMiefk8tZ1s34AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBCeNf7/vPH/+dnBl+qpPO96YPnS9VpLF8UQrI4hLBr99jO3Vu2XzX8hav37Nw+tnV4bPfw+PbdO68bPu+3hneO79g6dt3ksyPvP7f6upUhqU6T05uW3TsxMVEabCyLy/tXZx788doP/q9/CWHkXT8cquS2f92Bbfec3OJnRjI68dFtey7+4fl/l67XYNquwRbtmpiYmAg57fo/n/3lPX957GdnhTDyazO166nnf+efGho0VTAdJ1XqDdUG9Sb9LdtRa3Xanri9Kpu3bB0fmXn7Tr6+nLMe//r6F9/YfO1Xflndvn2569Hm9l08OrG19FcbP/H//uqGakFRu7qx31+fqJrNfi/a3nEtYvvi9utLt/eydL2W5axXJWe9bvnBY89+59T9r+4LI5VXVjcvu369Wm3vnrQD9CTvbmu5cQn9yYqG8r60ftzj8XXrdm/bsW7XdXvfv2Xb2FXjV41v/9D689ZfMHL+Beevm1rzdV1e/7j8X29z/U9Efzo5LP/Tfd+OP9vrT43tWjTr7THZruLtUd+ivPdf/6e/dNeHDjx5cbWgqJ/H2rXjSTrtn9zP60Ndf2veVq3Wq2j/hBCGW22Hl1+9MJzy37bcXHQcqt8z9T8zktGJp9f84u8++LerfrtacEKO8/UN6vA4X2v1dHumtldfuj8mFuj27Q3ldL0GWrZr/dNP9tx+5F/+rNa+RYvCtWO7d+9cX/25JG3pkuS0lu3Klsb1Wj31sxzSzRJq3bRFf53UE6rtyx4/Y/XsVh1InxtIVrZcr6z43OGNt68tb3riSN6WTh6oLnFxWFqdJu/Jqbk188JyrcGtlt/G+6+hSy6U/jH08b996DMP/cN5Tf3jnOrPovVKcvr9t569965vfOXf/kP31uvjv3N08Bf//U/WVgsW/HGlXG1IrdVpe5L648o5IRS9/1aH1uuR+/4rtV6fovdfdjnT9VvHG87MD4RyR+/Xcx7tf+miJ29Zk/t+PTbT+7V+ZW9oeF254P26UPpP9v2VVBrbMX/vr4aOkoxOfPfWk/Y9fuOGU6sFRZ+Xtdqt+vW5beQfOev1T5c8N3T18L/5r907bnzztx689Edjo39eLeh8v8e2dGe/96Xbty9n+9ZaHfPO+u37gSuu3npltbxoO79557/ptCD/iYeSXdft/eLY1q3jO3e1t17tnm/F5WS3cqefp/HotrJgvUpN6zV/D9rZXu2+32L7r+x4ezW+3wZC0tHnwt7vr1jy+fv37xlselW6oMtKafxSR/F/ctHRly/Z//Wv5ca/M8avdBR/7IWn7lh98uUHc+PfnaTx+zqKP3roaO/S448+lht/JLZ/cUfxn//Ix35637MPv5gbP8T4A51t/1cOXvDc0NDPc+M/k6TLmTxHCuHB187dXJ1PQk/6fovt6GloV8jOJ5n5Uma+XD9fiqMI6QLKSdJYHuul5WfUtaWVP84pj2dhfauq09fjfMg+mLl8oSnVHftblRedpwIAvN3F6//xHDRe/x9PT5TyRxpg2lzzsFU5cWMeNj2e03iNdVUaP74+jgMOfSCMTE5vGq6e6M/2OkJ8P2THOeNyznpvY4zCcc6JqeU3jXMWjb+vyczHdlXHyyt1eWiqOa+phDbG35uXM/P4e2b1i69nDd/a1KzhunGr7P7rSUfMWt3vkGlvZTJCXv/IjovF+zmGloUNU8trs39k76OJ+yF7H01czqmZA2en99Hk9Y/B5u3Q0K7YP2K9GfrHVJOLr0c2778ww/ad3n+to2X33yz2d99k/fm+PtuFccOWh7QTN244v9fDjEvmxE/fYAt93DCWx/WotDme+Jmc8m6NJ8bDRWzXsRnaciIYTwTermL+Hz8jJvP/yRPw/5upV5SnZM8aY7zc+4TKrdtTlHc036fX39Hn+KZDO77cO3T8rNzznMfavU9vR8Ncf8F9P0XbcW1mvnA75gzQFOV72eUUbffsfRkDYWlH2/3efQc+fM/y2y7M3e4bqh+kxdv9roa5pQXb/S2QL7SOL1/oLF/oaS/+QskX5nv87E3LR9Ibn+YrH/mjnPLZ5iP9TQ9q6zVl4eYj0x+kDflIz4ltFwDw1hHz/9r1szT//x/xxCI9jyjKW8/OzMd4uXlrzvlJXt76yXR6bab+QPobFbM9b/7EmY/cvOT4w6e3Orfsmcor2s1D/0PD3GBhHjq3vDk3j9jQnfvFc/OIWp41tzwxt/21PHFueXrOZdq6PH1ueXTu9qnl0Y3jAHcdnc40ZoofxwFy49fGAbp4XexX05VOXJ5bMF6XWVicbXe87k3Jo5c1rue85NHpr8/OVx796Zzy2ebRA00Paus1ZeHm0Y3l8mgA4O0q5v/xNG4q/+8N4clMvbleZ8/NC7p03p79eyC1+M/MS15ZjR3Cvm5d/y3O++Y7b53vvH6+xyUW8P2iM+QQ03nxfI8LDU79Ac9ujpOFunGyN+368kLJi9OFvuPz4tp9sKPz0j4AAOYm5v+L0/l4/b85/59bftKUv/Wk19lr+Un38/PQxfuzW+Wf9fXk5znx3wr5eTeuW+fEXzjjX92/TybI//Oui78+8U7N/wEAWNBi/h9/7TH+/b//lM5n/279WzFPD66jy9PfCnn6J78aQrfH2WL8+vsAjAOc2PvjF0/XX6jjANl03jgAAMDbS89UptT8e/afS6fZ37PP+738S3Lqt6uSnh5fvnvn+Pile3ZcObZ7/NLtV185vuvSa3Zu2b17fHu13lzzxty8Jc0be0Il3R6t62XztuXp30NYnvP3ELL1Y9jTph40/z2E7GIXF/wdgen911578/ZfaYb6rfpH3v7Oxj/wdLWdf5xTP6rt/yv+5JxLN++6dMv2Lbu3jG3dsne8sd5k1to/i+/NTNL/s/q+1MyPJqXZf39n3D1za0epqR096fbI+372JNOOFWlLVuR9/0FOu7/3X/7yT8+c+OV9IYy8q/yeOW2/ZHTiP352/JO7j/xwx2T7SzO2v1YzbVfR95Vm68f1qWy9etfu922+es/27DdKdiaOZ5Rq8/M0npG+/cttjk9syimf7e/vl5seLExtj08AANAgXv+P57Px+uFX0hOoWN5+nj6368e5efpIe3l69nvJivL0bP24vu3m6X1zzNOzyy/K01vVb5Wn5+XdefH/KKf+bLXfTzq4zyOmn/fv35PbTy5rr59kv8+gqJ9k68+2nyRz7CfZ5Rf1k1b1W/WTvP2eF/9TOfXzFPWHSq0/zO2+nNz+cGd7/eE3M/NF/SFbf7b9oTTH/pBdflF/aFW/VX/I27958S/Oqd+uxv4x2TGm+sX4pddcvfOLdfXm+/svQvMtGe20b9H0a+f3+z861f72nd/7vube/vgXJfLaH68PLJpV+9u9r2zu7S/a/rO4r2xZaLqvLLf9z8xtJKz99s/v97tk5FVvfv2JGq9Nu13R/WdF47gbc8pnO467qOnBwmQcF948Mf+Pl3ti/n9bOu32ZaC3/vek+d7jlvEnj9jlud8fX3Qe0+3P8zcW+ud59pK7z3MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAt4Xeyqqp6ZFbdh2/+NQ/+N5fjL924x/+47abfuP6b/5s+Irf++4D/d94/fCVZ2z+0e+fdMUjX7jw0IG/efzVpQ/96oXCwINTPytnp7N9ISQvJSH0fefYV790+OlTJsuSEEI5GdwXwopk5eMrkkyEkTdCCFfW2tn45IOvnbt5cnrTbb0N5cszQbLrFQbKsT317Qzh2sI14i2oL+1ne49f877w49/dePMPVn/r73sOvrhvukrSV9efQlh2Wf3re0IIi9P/k2JvWxVfnE43hBD66173wYJ2vbfN9q/LmT8tnS5KpwMFceLzazLzpUy97HzUk5n2FyxvrvLa0Wm9Iksy89mD0VzltTOWr0in306nZ88yfjn+T0IpCZVa87cm030k1O23JCRT+7KvNl+q7duQrn9mPsnMlzLz5Z7Mek0tN+1o5SRpLI/1MuXxcFxJy8+oP1a38Omc8nen0770jfp6nA/ZB1UDTQ9q6zUltuvYDG1J/fvWxZXiV7ahVHcMalVe2/HpzhhIywaSlU2vmWghPnd44+1ry5ueODKY047kgSSNn2Tij7YVf+/3Vyz5/P3796zKi39ZKY1f6qj9P7no6MuX7P/613Lj3xnjlzuKf86j/S9d9OQta3K3z7G4fSodxR974ak7Vp98+cHc9t8d4/d1En949NDR3qXHH30st/0jcfss7qj9z3/kYz+979mHX8yNH2L8/o7ibzq048u9Q8fPyo3/WNw+A531n1cOXvDc0NDPh/PiPxPjL+0o/r37Dnz4nuW3XZi7fzfE7TPYUfxPnPnIzUuOP3x63rEzubtbn5wA70wnpedYt6bzneaZc1WXL/z1cKV6zrck/b+0mwvKmFzOsnmMDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA29M/33De5z770U9trCQhJDl1JlqIz5UXjY4Od7DcsReeumP1yZcfrC9b1UEcAAAAoFjMw0u1kr6wKlyTLA6nVWczgwJx9rQ4lzSWZ8cQYpzsGEGncUot4pQ6iFPuUnsqXYrT06U4i7oUp7dLcfoK4vSF9uIsniFOZbIHtNme/hnb036cgS7FWdKlOEszITqNs6xL7VnepTiDM8Zpvx+u6FKclV2Kc1KX4pzcpTjv6lKcX+tSnFO6FCc7pjzbfrg0rXlqXpypB+XCOJWkXHui1Xj6KelyTp/jcgYKlrO06PO4zeUsbnM57828rjTL5fS1uZxfn+NykjaX85tzXE6pYDmx316bbV9cTpxrs/9f16U4e7sU5/ouxbmhS3H+rEtx/rxLcW6cYxyAdsX8fzrfGwy9ld8O/ekR57RM/Zjvrp762fx5l3dAivHekylfVBQvm6hn4q2ebfuyAwiZeGsy5T0N8Sq1fGSGeH318dZmnpxpfT8y2rpt9fHOzpT3zhCvYQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AT45xvO+9xnP/qpjSEJk/9ammghPldeNDo63MFyD2+8fW150xNH6st6Kx0EAgAAAArFPLynVtIXeivrQ2+yqKFeXzoO0JfOlwer06FlYcPkNBkuTc33JytmfF0lfd263dt2rNt13d73b9k2dtX4VePbP7T+vPUXjJx/wfnrNm/ZOj5S/RlCb0G8EMLU8MOu6/Z+cWzr1vGdu6qF2favSl+3Kp1P0tcNfSCMTE5vStu/smB5pablzd+D4r0HAAAAAAAAAAAAAAAAAAAAAAAA/H927S5ErvJ8APhzZmZnxtX8nT9+jcGsQ4xiW9tquhZtxT1QqOBHcBHKrO1WQo1UupqgiVg71UDVKi0FJRBSvGiKlWqlN35UKfWDgMXaCt1UikrrRXvRoq1FJRclMmV358zOzM4420GSmP5+F+fjeZ/3fc57LhaeMwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHFrzjcnZ+tT0zHgSkQzIafaRjeWLaVoboe5Xnt72g9LEgbM7Y6XCCAsBAAAAQ2V9+Fg7Uo5SIR/5OHXxbn10DMRy3w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzvmW9MztanpmeOTSKSATnNPrKxfDFNayPUfePdRz/76sTE3zpj1RHWAQAAAIbL+vBcO1KOapwRY8mpC51/O5p9G1jbM38pb1m2zrpV5vV+OxiUd8Yq885aZd7HhuRtap1vDQAAAPjoy/r/QjtSiVJhzYp+OOv/h/X1Wd7pPXn51rnWmfSBiqtJAgAAAFYh6/9L7Ug1SoVqu19fbb+/vicvmz/sd/ts/pkD5g/7Pf+K1tnv9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw0THfmJytT03P5JOIZEBOs49sLF9M09oIdTc+M/6Py/bdtb4zViqMsBAAAAAwVNaHL7fe5SgVxmMsjl3s+ycueeDxLz3+5GRELLX5xWLcunn79ps2LhxjY5Z33kv7xr7/wlvfXpF33tLxsG0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD40Mw3JmfrU9MzxyQRyYCcZh/ZWL6YprUR6r7++S/+5eFXnnqzM1YdYR0AAABguKwPX+79y1GNYhTj5MW7zl5/Qa5n/qBvBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDR4+Zv3vaNzXNzW25ycXgumvmII+AxXLjovjjcf5kAAIAP2+mRRPO/dMqVh/upAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI8F8Y3K2PjU9U04ikgE5zT6ysXwxTWsj1E2ffrm05sAzz3XGqiOsAwAAAAyX9eHLvX85qjEWY3HS4l2/bwKL/X/lED4kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcESZb0zO1qemZ9YkEcmAnGYf2Vi+mKa1Eeo+tHPP5x48/nuXdsZKhREWAgAAAIbK+vBiO1KOUuHjUYrTWvdz3ROSfOvc/7vA8rxtXdPGVz2v0TUvv+p59/TsrNDazdK8crZeZencnldbnpdrzat1zKtGu3ytPW/xZe3qqrZmyHOufPMAAABw6GT9f6kdqUSpUOro/3/alV/R5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8w3JmfrU9MzSRKRDMhp9pGN5YtpWhuh7m2//f/jvvqze3d0xqojrAMAAAAMl/Xhy71/OaqxLv4v1i32/VHpzs/y/lk/+OD9//rr2RHnnrx/otC77I+yi1+/fvGzvYeIXHd2LuL4Vr1kQL3f/P7+WzY0Dz4cce5J+dNW1IsPrte9ZNp8or7liu0v7N825OUAAADAUSLr/8fakUqUCjcO7P+zzntI/9+22IAff8vOX5zYOrY68p4ZuUqrXm5AvS9sePTPZ17w97cW+v+V9T7Zvvr0nhsePLGr4FKkR5I2p27YsWn/+Xtz2a6X6ud76mfv5cvfevPf191638Gl+uUot+Jrex5lqdrKY0/5SJtzud0zl7+/u9FdvzBg/3f97rlXfrX23vcW6r97+ni7/lnRr/7SzgsD68cxaXP8qrt3Xbhn36bu+hFR61f/7fcujVP+eP2dvfsf71m48813HntfQNp8af07ey94oHpRd/2kp372/n/+ykO7fnLfd5/M6mf/K3L2Gautn+up/+I9J+x8/o4r13bXzw3Y/7NXvzqxtfadP/Tu/9quVQsDn2Ll/h8557FrXtuc3t47BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHSZb0zO1qemZ3JJRDIgp9lHNpYvpmlthLpvXPby21ff++MfdsaqI6wDAAAADJf14cu9fzmqUYxijC/2/U/Ut1yx/YX926KyNJq0zoW5rTdv/8R1W3fceO1henIAAABgtd64LFns/wvtSCVKhQ0x1ur/p27YsWn/+XtzWf+fWzgnEXHd9XNbzo123ov3nLDz+TuuXNv+ThCx+G8B5YW8zyznXXLxy5V3/vT1M/vmbVzOe2n9O3sveKB6UZYXnXnnRfv7xCPnPHbNa5vT29vP15n3qa9tnWt9nsjWHb/q7l0X7tm3KZd9x2idx1vrZnlzud0zl7+/u5GrRGlhPN/KK7f2DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsNN+YnK1PTc9EPiIZkNPs1ApkY/limtZGqHv5hl/eedyBp9Z1xkqFERYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ww4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX26yY0rqqPA/A5M8mbSSZpk/YFo2KaVkWpixYF8WOj4hetSMFVpUi1tQtREESUujCVVixVcSNY3RRRQY1SqGBjsbRKKn4VNy5UUKguhFIMaEJxoZLJuZOZ27lOO42C+jwwnJxz7/3d/733zJlcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4R+npGq61R3Y8NHP7eTd98sS904/f+t4D2y557I0fRjfd8PHevldPTm5evuXrG5duOnDfmondLx3+ZeCd3461DX50rlmZupUQ4okYQuX9qeefnPz0nNmxGEIox8GxEIbiksNDMZew+tcQwuZ6nc0b901fsWW23barp2l8cS4kf12hWs7qmTPYXC//LpU0z7bOPHJZ+Pb69ds/X/b2W93jx8fmd4mz+5TTfAph0cbG47tDCL3pMyubbcPZwaldF0LoazjuqjZ1XXia9a8q6J+f2v+lttomJ9u+Itcv5fbL9zPdubavzfnOVlEdne7XTn+uP78YXX3LQuTX61zVenwote+mduUZ5pezTwylGLrq5d8f5+dIaHhuMcTas6zU+6X6sw3p+nP9mOuXcv1yd+66audNE60cY/N4tl9uPFuOu9L48sa1uoU7CsbPTW0lfVFPZv2Q/2NO9ZQ/6tdVk9U19Se1/B1KDWtQq/H6g08Po5rGqnHJKcf83kK2bXL90xeXN3xwZLCgjrg3pvzYUf7Wz4b673pz58PDRfkbSym/1FH+d2uP/nTnzpdfLMx/Lssvd5R/+cG+E2s/3LGi8P5Mza8gp5MfUz/bdvexj55Z9v97xls961rmnuz+Vzqq/7qJoz0DMwcPFda/Ors/vR3lf3Ptzd+//uX+44X5Icvv6yh/w8SDz/aMzFxamH9o7qtQrc3QDubPz+NXfjUy8uNoUf4X2f0faJEf2+a/Nrb7mlcW71pTOD/XZfdnMOX3nlH9t110YHv/zP4LitbOuGehfjkB/iuaf5GXpv+xnkr9du+Z+6ZLLd8zz1bD+8ILo11zv0D96TOwkCfKmT3Por8wHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5gBw5IAAAAAAT9f92OQAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//6JTNyc=") 2.227736508s ago: executing program 5 (id=3850): r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r1 = fcntl$dupfd(r0, 0x0, r0) write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d) ioctl$VIDIOC_S_STD(r1, 0x40085618, &(0x7f0000000000)=0xe0) 2.063790661s ago: executing program 8 (id=3851): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x67682, 0x0) r1 = dup(r0) unshare(0x28020480) fallocate(r1, 0x10, 0x0, 0x1062200) 2.009428275s ago: executing program 4 (id=3852): rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffdeffffe]}, 0x0, 0x8) r0 = gettid() rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8) tkill(r0, 0x29) 1.52636407s ago: executing program 5 (id=3853): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1b96, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0x3, "8d"}, @global=@item_012={0x2, 0x1, 0x4, "b314"}]}}, 0x0}, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) 1.310614452s ago: executing program 7 (id=3854): openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.034227525s ago: executing program 4 (id=3855): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x2c, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={r1}, 0x8) 899.63121ms ago: executing program 8 (id=3856): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x1}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f00000001c0)={0x0, 0x3}, 0x2) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f00000003c0)={0x2, 0x4}, 0x2) 765.735647ms ago: executing program 2 (id=3857): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x880}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x4040080) 533.376645ms ago: executing program 4 (id=3858): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000004c0)={0x5, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}}, 0x108) 516.069468ms ago: executing program 7 (id=3859): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="12000000400000000800000001"], 0x48) r1 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f0000000200), 0x0}, 0x20) 281.707872ms ago: executing program 2 (id=3860): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0x1}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0x1, 0x1000, 0x1}, 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x5, 0x4, 0x6, 0x0, r1}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r2, &(0x7f00000001c0), &(0x7f0000000300)=@udp6=r0}, 0x20) 212.989521ms ago: executing program 8 (id=3861): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x4, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1ff, 0x9, 0x0, 0x401, 0x4}, 0x4, r1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000c004) 43.694503ms ago: executing program 4 (id=3862): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="540000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000080002"], 0x54}}, 0x0) 0s ago: executing program 7 (id=3863): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x400000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000240)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31ee56a4bc5fdcd2dad721eb3b32dcc92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140400000000000000", @ANYRES32], 0x1, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=") fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) kernel console output (not intermixed with test programs): : 002b:00007fc67f640e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 846.504455][T12803] RAX: ffffffffffffffda RBX: 00007fc67f640ef0 RCX: 00007fc67e7900ca [ 846.504565][T12803] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fc67f640eb0 [ 846.504664][T12803] RBP: 0000200000000400 R08: 00007fc67f640ef0 R09: 0000000000200001 [ 846.504764][T12803] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 846.504853][T12803] R13: 00007fc67f640eb0 R14: 00000000000125bb R15: 0000200000000f00 [ 846.504986][T12803] [ 846.811718][T12803] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Error checking journal for spectator mount. [ 847.756599][T12828] loop4: detected capacity change from 0 to 1024 [ 847.925562][T12828] hfsplus: found bad thread record in catalog [ 847.999871][T12834] loop0: detected capacity change from 0 to 512 [ 848.172462][T12834] EXT4-fs (loop0): 1 orphan inode deleted [ 848.181025][T12834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 848.208380][ T9928] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 848.218938][ T9928] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1 [ 848.297880][T12834] ext4 filesystem being mounted at /542/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 848.339886][ T9928] hfsplus: b-tree write err: -5, ino 4 [ 848.797938][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 849.021139][T12849] ceph: Unexpected value for 'acl' [ 850.616781][T12867] loop4: detected capacity change from 0 to 256 [ 850.744921][T12867] FAT-fs (loop4): count of clusters too big (178174) [ 850.751905][T12867] FAT-fs (loop4): Can't find a valid FAT filesystem [ 852.487426][T12877] loop2: detected capacity change from 0 to 256 [ 852.591802][T12877] exfat: Deprecated parameter 'namecase' [ 852.822276][T12877] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d) [ 853.388360][T12892] loop4: detected capacity change from 0 to 64 [ 854.704690][T12907] loop6: detected capacity change from 0 to 2048 [ 854.829709][T12907] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 854.953576][T12907] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 856.047910][T12930] loop4: detected capacity change from 0 to 4096 [ 856.154544][T12937] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 856.203607][T12930] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 856.269869][T12939] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=0, inode=2, rec_len=16, name_len=11 [ 856.326055][T12941] cifs: Bad value for 'cache' [ 856.598497][ T30] audit: type=1326 audit(1751193888.497:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12932 comm="syz.6.2761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad0c78e929 code=0x7fc00000 [ 856.727112][T12944] loop5: detected capacity change from 0 to 764 [ 856.799594][T12944] rock: directory entry would overflow storage [ 856.806290][T12944] rock: sig=0x4654, size=5, remaining=4 [ 856.974859][T12948] loop2: detected capacity change from 0 to 256 [ 857.106574][T12948] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 857.213093][T12948] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 857.223011][T12948] exFAT-fs (loop2): Filesystem has been set read-only [ 858.555910][T12973] Invalid ELF header magic: != ELF [ 858.905826][T12966] loop0: detected capacity change from 0 to 32768 [ 858.985754][T12966] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 859.003042][T12966] XFS (loop0): Log size 624 blocks too small, minimum size is 816 blocks [ 859.013627][T12966] XFS (loop0): AAIEEE! Log failed size checks. Abort! [ 859.026522][T12966] XFS (loop0): log mount failed [ 860.477694][ T5855] kernel read not supported for file /swradio4 (pid: 5855 comm: kworker/0:3) [ 861.207689][T13012] mkiss: ax0: crc mode is auto. [ 861.231755][T13014] loop2: detected capacity change from 0 to 64 [ 861.257115][ T5862] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 861.421476][T13016] loop6: detected capacity change from 0 to 512 [ 861.444105][ T5862] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 861.453607][ T5862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.503189][ T5862] usb 5-1: config 0 descriptor?? [ 861.530609][T13016] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 861.569393][ T5862] cp210x 5-1:0.0: cp210x converter detected [ 861.636133][T13016] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.2795: invalid indirect mapped block 2683928664 (level 1) [ 861.704871][T13016] EXT4-fs (loop6): Remounting filesystem read-only [ 861.721312][T13016] EXT4-fs (loop6): 1 truncate cleaned up [ 861.729860][T13016] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 861.853091][T13016] EXT4-fs (loop6): shut down requested (2) [ 861.958008][ T5862] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 862.157405][T10378] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 862.189943][ T5862] cp210x 5-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 862.198107][ T5862] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 862.236564][ T5862] usb 5-1: cp210x converter now attached to ttyUSB0 [ 862.265057][ T5862] usb 5-1: USB disconnect, device number 17 [ 862.292562][T13024] loop2: detected capacity change from 0 to 1024 [ 862.346344][ T5862] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 862.355966][ T5862] cp210x 5-1:0.0: device disconnected [ 862.702539][ T9928] hfsplus: b-tree write err: -5, ino 4 [ 862.997600][T13032] loop0: detected capacity change from 0 to 512 [ 863.056594][T13032] EXT4-fs: Ignoring removed nobh option [ 863.066669][T13034] tipc: Started in network mode [ 863.071783][T13034] tipc: Node identity , cluster identity 4711 [ 863.078543][T13034] tipc: Failed to obtain node identity [ 863.084472][T13034] tipc: Enabling of bearer rejected, failed to enable media [ 863.170115][T13032] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2801: iget: bad i_size value: 38620345925642 [ 863.238589][T13032] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2801: couldn't read orphan inode 15 (err -117) [ 863.282429][T13032] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.590026][T13046] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2807'. [ 863.599910][T13046] netlink: 43 bytes leftover after parsing attributes in process `syz.6.2807'. [ 863.620351][T13046] netlink: 'syz.6.2807': attribute type 6 has an invalid length. [ 863.629891][T13046] netlink: 'syz.6.2807': attribute type 5 has an invalid length. [ 863.638175][T13046] netlink: 43 bytes leftover after parsing attributes in process `syz.6.2807'. [ 863.660967][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 863.844776][T13049] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2808'. [ 864.662853][T13052] loop0: detected capacity change from 0 to 4096 [ 865.230158][T13060] loop2: detected capacity change from 0 to 32768 [ 865.277734][T13060] bcachefs: bch2_fs_open() bch_fs_open err opening /dev/loop2: erofs_nochanges [ 865.287562][T13060] bcachefs: bch2_fs_get_tree() error: erofs_nochanges [ 865.900220][T13066] loop4: detected capacity change from 0 to 2048 [ 866.047535][T13066] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 866.155886][ T30] audit: type=1800 audit(1751193898.057:75): pid=13066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2816" name="file1" dev="loop4" ino=1367 res=0 errno=0 [ 867.031455][T13081] loop0: detected capacity change from 0 to 4096 [ 867.144334][T13090] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 867.212505][T13081] NILFS (loop0): error -2 reading inode: ino=47569271064100864 [ 867.233607][T13092] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2826'. [ 868.054331][ T5855] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 868.214141][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 868.214328][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 868.214550][ T5855] usb 6-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00 [ 868.214678][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 868.243355][T10491] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 868.297155][ T5855] usb 6-1: config 0 descriptor?? [ 868.300956][T13096] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 868.480385][T10491] usb 5-1: Using ep0 maxpacket: 16 [ 868.489180][T10491] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 868.489375][T10491] usb 5-1: config 0 has no interface number 0 [ 868.489564][T10491] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 868.489771][T10491] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 868.546362][T10491] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 868.546532][T10491] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 868.546663][T10491] usb 5-1: Product: syz [ 868.546767][T10491] usb 5-1: SerialNumber: syz [ 868.555054][T10491] usb 5-1: config 0 descriptor?? [ 868.576673][T10491] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 868.579642][T10491] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input10 [ 868.751861][ T5855] apple 0003:05AC:0264.001E: unknown main item tag 0x6 [ 868.752184][ T5855] apple 0003:05AC:0264.001E: unbalanced delimiter at end of report description [ 868.762576][ T5855] apple 0003:05AC:0264.001E: parse failed [ 868.763340][ T5855] apple 0003:05AC:0264.001E: probe with driver apple failed with error -22 [ 868.864850][T13106] loop0: detected capacity change from 0 to 2048 [ 868.865745][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.866387][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.866910][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.867458][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.867981][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.868503][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.869039][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.869560][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.870065][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.870601][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 868.878746][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 868.878910][ T5855] usb 5-1: USB disconnect, device number 18 [ 868.887409][ T5855] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 868.959020][T10491] usb 6-1: USB disconnect, device number 9 [ 869.845262][ T5862] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 870.001555][T13119] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2839'. [ 870.001658][T13119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2839'. [ 870.001799][T13119] netlink: 'syz.5.2839': attribute type 18 has an invalid length. [ 870.008158][ T5862] usb 7-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 870.008323][ T5862] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 870.014399][ T5862] usb 7-1: config 0 descriptor?? [ 870.027165][ T5862] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 870.580086][T13125] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2841'. [ 870.695437][ T5862] gspca_sunplus: reg_w_riv err -71 [ 870.695806][ T5862] sunplus 7-1:0.0: probe with driver sunplus failed with error -71 [ 870.720384][ T5862] usb 7-1: USB disconnect, device number 6 [ 872.296191][T13148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2851'. [ 872.296311][T13148] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2851'. [ 872.310024][T13148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2851'. [ 872.343533][T13148] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2851'. [ 872.961252][T13156] loop0: detected capacity change from 0 to 1024 [ 873.075305][T13156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 873.621171][ T752] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 873.669883][ T752] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 52 with error 28 [ 873.682939][ T752] EXT4-fs (loop0): This should not happen!! Data will be lost [ 873.682939][ T752] [ 873.693163][ T752] EXT4-fs (loop0): Total free blocks count 0 [ 873.700154][ T752] EXT4-fs (loop0): Free/Dirty block details [ 873.707886][ T752] EXT4-fs (loop0): free_blocks=68451041280 [ 873.714192][ T752] EXT4-fs (loop0): dirty_blocks=64 [ 873.719602][ T752] EXT4-fs (loop0): Block reservation details [ 873.726157][ T752] EXT4-fs (loop0): i_reserved_data_blocks=4 [ 873.778677][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 875.274728][ T5856] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 875.477265][ T5856] usb 6-1: Using ep0 maxpacket: 32 [ 875.538585][ T5856] usb 6-1: config 0 has an invalid interface number: 146 but max is 0 [ 875.547502][ T5856] usb 6-1: config 0 has no interface number 0 [ 875.554520][ T5856] usb 6-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 875.566058][ T5856] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 875.578297][ T5856] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 875.594279][ T5856] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 875.606295][ T5856] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 875.618482][ T5856] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 875.629505][ T5856] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 875.640066][ T5856] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 2 [ 875.650572][ T5856] usb 6-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 875.738728][ T5856] usb 6-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 875.748648][ T5856] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 875.757104][ T5856] usb 6-1: Product: syz [ 875.761556][ T5856] usb 6-1: Manufacturer: syz [ 875.766633][ T5856] usb 6-1: SerialNumber: syz [ 875.783287][ T5856] usb 6-1: config 0 descriptor?? [ 875.791879][T13195] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 875.848058][T13195] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 875.863175][ T5856] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3 [ 875.872480][ T5856] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2 [ 875.888906][ T5856] scsi host1: microtekX6 [ 875.955681][T13208] loop6: detected capacity change from 0 to 2048 [ 876.042828][T13208] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 876.051277][T13208] UDF-fs: Scanning with blocksize 512 failed [ 876.152829][T13208] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 876.161712][ T5856] usb 6-1: USB disconnect, device number 10 [ 876.755584][T12814] Bluetooth: hci4: command 0x0405 tx timeout [ 876.895506][T13221] netlink: 'syz.0.2884': attribute type 6 has an invalid length. [ 877.875756][T13227] loop5: detected capacity change from 0 to 32768 [ 878.045093][T13227] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded=yes,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 878.051100][T13227] allowing incompatible features above 0.0: (unknown version) [ 878.051203][T13227] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 878.074037][ C0] vkms_vblank_simulate: vblank timer overrun [ 878.106761][T13227] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 878.116062][T13227] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 878.125837][T13227] bcachefs (loop5): Version upgrade required: [ 878.125837][T13227] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 878.125837][T13227] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 878.125837][T13227] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 878.199307][ C0] vkms_vblank_simulate: vblank timer overrun [ 878.212286][T13227] bcachefs (loop5): dropping and reconstructing all alloc info [ 878.278029][T13227] bcachefs (loop5): accounting_read... done [ 878.292893][T13227] bcachefs (loop5): alloc_read... done [ 878.301140][T13227] bcachefs (loop5): snapshots_read... done [ 878.314412][T13227] bcachefs (loop5): done starting filesystem [ 878.424252][ T8518] bcachefs (loop5): shutting down [ 878.481327][ T8518] bcachefs (loop5): shutdown complete [ 879.141597][T13256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2898'. [ 881.762742][T13283] loop0: detected capacity change from 0 to 512 [ 881.832195][T13283] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002] [ 881.832790][T13283] System zones: 1-12 [ 881.910265][T13283] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.2910: corrupted in-inode xattr: e_value size too large [ 881.919291][T13283] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2910: couldn't read orphan inode 15 (err -117) [ 881.926610][T13283] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 881.962827][T13289] loop2: detected capacity change from 0 to 256 [ 881.983189][T13289] exfat: Deprecated parameter 'namecase' [ 882.090098][T13289] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 882.273000][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 883.318140][T13307] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2919'. [ 884.234869][ T5855] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 884.418481][ T5855] usb 3-1: Using ep0 maxpacket: 8 [ 884.459558][ T5855] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 884.469080][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 884.477695][ T5855] usb 3-1: Product: syz [ 884.482595][ T5855] usb 3-1: Manufacturer: syz [ 884.487540][ T5855] usb 3-1: SerialNumber: syz [ 884.539987][T13322] loop6: detected capacity change from 0 to 1024 [ 884.587030][ T5855] usb 3-1: config 0 descriptor?? [ 884.631457][ T5855] gspca_main: sq930x-2.14.0 probing 2770:930c [ 884.926863][T13328] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2929'. [ 884.936383][T13328] netlink: 'syz.5.2929': attribute type 21 has an invalid length. [ 885.580594][ T5855] gspca_sq930x: ucbus_write failed -71 [ 885.586837][ T5855] sq930x 3-1:0.0: probe with driver sq930x failed with error -71 [ 885.687557][ T5855] usb 3-1: USB disconnect, device number 17 [ 885.840281][T13330] loop4: detected capacity change from 0 to 32768 [ 885.987331][T13330] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded=yes,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 885.987490][T13330] allowing incompatible features above 0.0: (unknown version) [ 885.987596][T13330] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 886.037664][T13330] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 886.048526][T13330] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 886.058379][T13330] bcachefs (loop4): Version upgrade required: [ 886.058379][T13330] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 886.058379][T13330] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 886.058379][T13330] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 886.134207][T13330] bcachefs (loop4): dropping and reconstructing all alloc info [ 886.208827][T13330] bcachefs (loop4): accounting_read... done [ 886.220633][T13330] bcachefs (loop4): alloc_read... done [ 886.228928][T13330] bcachefs (loop4): snapshots_read... done [ 886.248728][T13330] bcachefs (loop4): done starting filesystem [ 886.287316][T13336] loop5: detected capacity change from 0 to 16 [ 886.468461][ T5808] bcachefs (loop4): shutting down [ 886.573574][T13345] loop6: detected capacity change from 0 to 256 [ 886.631836][T13345] exfat: Bad value for 'uid' [ 886.637823][T13345] exfat: Bad value for 'uid' [ 886.638898][ T5808] bcachefs (loop4): shutdown complete [ 886.919183][T13349] loop2: detected capacity change from 0 to 256 [ 887.064879][T13349] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 887.356441][T13355] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2939'. [ 887.712916][T13359] loop0: detected capacity change from 0 to 1024 [ 888.159727][T13366] tun0: tun_chr_ioctl cmd 1074025676 [ 888.165667][T13366] tun0: owner set to 0 [ 889.315922][T13374] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2948'. [ 889.318572][T13370] loop0: detected capacity change from 0 to 32768 [ 889.673025][ T3621] read_mapping_page failed! [ 889.678046][ T3621] ERROR: (device loop0): txAbort: [ 889.678046][ T3621] [ 889.710016][ T3621] ERROR: (device loop0): remounting filesystem as read-only [ 889.718313][ T3621] jfs_write_inode: jfs_commit_inode failed! [ 891.175315][T13399] netlink: 232 bytes leftover after parsing attributes in process `syz.5.2958'. [ 892.209958][T13414] loop4: detected capacity change from 0 to 256 [ 892.545893][T13414] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 892.746513][T13421] exFAT-fs (loop4): error, data size is invalid(10) [ 893.030694][T13425] loop6: detected capacity change from 0 to 512 [ 893.094441][T13425] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 893.191197][T13425] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 893.366810][T13425] EXT4-fs (loop6): 1 truncate cleaned up [ 893.375428][T13425] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 893.540573][T13433] loop0: detected capacity change from 0 to 2048 [ 893.674501][T13433] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 893.890890][T10378] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path /209/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 893.962773][T10378] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.082826][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 894.138312][T10378] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path /209/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.201192][T10378] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.221728][ C0] vkms_vblank_simulate: vblank timer overrun [ 894.319221][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 894.365464][T10378] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path /209/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.388315][ C0] vkms_vblank_simulate: vblank timer overrun [ 894.486922][T10378] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.507314][ C0] vkms_vblank_simulate: vblank timer overrun [ 894.600296][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 894.631230][T10378] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path /209/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.700897][T10378] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.723256][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 894.751360][T10378] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path /209/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 894.863747][T10378] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0 [ 895.014076][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.098014][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.181162][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.229689][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.367312][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.474420][T13456] loop2: detected capacity change from 0 to 512 [ 895.504717][T10378] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60 [ 895.576745][T13456] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 895.590911][T13456] ext4 filesystem being mounted at /614/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 895.649637][T13456] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.748504][T13460] loop5: detected capacity change from 0 to 1024 [ 895.808795][T13460] EXT4-fs: Ignoring removed orlov option [ 895.824837][T13460] EXT4-fs (loop5): Test dummy encryption mode enabled [ 895.855378][T13460] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 895.871552][T13460] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal [ 896.978274][T13477] syzkaller0: tun_chr_ioctl cmd 2147767506 [ 897.838676][T13486] loop0: detected capacity change from 0 to 512 [ 897.980188][T13486] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.2994: inode #15: comm syz.0.2994: iget: illegal inode # [ 898.018155][T13486] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2994: couldn't read orphan inode 15 (err -117) [ 898.063634][T13486] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 898.348794][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 898.633517][T13500] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 898.967720][T10378] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 899.096513][ T752] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 899.359680][ T752] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 899.600334][ T752] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 899.637682][T13511] use of bytesused == 0 is deprecated and will be removed in the future, [ 899.646633][T13511] use the actual size instead. [ 899.779990][ T752] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 900.095128][ T752] bridge_slave_1: left allmulticast mode [ 900.101077][ T752] bridge_slave_1: left promiscuous mode [ 900.112233][ T752] bridge0: port 2(bridge_slave_1) entered disabled state [ 900.136801][ T752] bridge_slave_0: left allmulticast mode [ 900.142758][ T752] bridge_slave_0: left promiscuous mode [ 900.150155][ T752] bridge0: port 1(bridge_slave_0) entered disabled state [ 900.662669][ T752] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 900.706366][ T752] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 900.724183][ T752] bond0 (unregistering): Released all slaves [ 901.357449][ T752] hsr_slave_0: left promiscuous mode [ 901.399129][ T752] hsr_slave_1: left promiscuous mode [ 901.407957][ T752] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 901.416503][ T752] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 901.491226][ T752] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 901.505081][ T752] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 901.696332][ T752] veth1_macvtap: left promiscuous mode [ 901.707460][ T752] veth0_macvtap: left promiscuous mode [ 901.713446][ T752] veth1_vlan: left promiscuous mode [ 901.719444][ T752] veth0_vlan: left promiscuous mode [ 901.831932][T13526] binder: 13523:13526 ioctl 400c620e 0 returned -14 [ 901.917661][T13528] loop5: detected capacity change from 0 to 128 [ 901.932051][T13530] loop4: detected capacity change from 0 to 64 [ 902.145425][T12814] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 902.164246][T12814] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 902.179104][T12814] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 902.218192][T12814] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 902.246903][T12814] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 902.706396][T13529] slcan: can't register candev [ 903.228940][ T752] team0 (unregistering): Port device team_slave_1 removed [ 903.349033][ T752] team0 (unregistering): Port device team_slave_0 removed [ 904.345202][ T752] IPVS: stop unused estimator thread 0... [ 904.358009][T12814] Bluetooth: hci4: command tx timeout [ 904.478591][T13533] chnl_net:caif_netlink_parms(): no params data found [ 905.477784][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 905.484821][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 905.693055][T13560] loop0: detected capacity change from 0 to 32768 [ 906.438583][T12814] Bluetooth: hci4: command tx timeout [ 906.680749][T13569] loop2: detected capacity change from 0 to 32768 [ 906.757412][T13569] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 907.060965][ T5801] ocfs2: Unmounting device (7,2) on (node local) [ 907.073424][T13533] bridge0: port 1(bridge_slave_0) entered blocking state [ 907.082248][T13533] bridge0: port 1(bridge_slave_0) entered disabled state [ 907.090255][T13533] bridge_slave_0: entered allmulticast mode [ 907.100306][T13533] bridge_slave_0: entered promiscuous mode [ 907.176616][T13533] bridge0: port 2(bridge_slave_1) entered blocking state [ 907.184528][T13533] bridge0: port 2(bridge_slave_1) entered disabled state [ 907.192320][T13533] bridge_slave_1: entered allmulticast mode [ 907.202364][T13533] bridge_slave_1: entered promiscuous mode [ 907.473361][T13533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 907.507637][T13533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 907.866084][T13533] team0: Port device team_slave_0 added [ 907.915587][T13533] team0: Port device team_slave_1 added [ 908.143040][T13533] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 908.150456][T13533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 908.182177][T13533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 908.300820][T13533] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 908.308431][T13533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 908.335294][T13533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 908.372566][T13588] pimreg: entered allmulticast mode [ 908.387035][T13589] pimreg: left allmulticast mode [ 908.516875][T12814] Bluetooth: hci4: command tx timeout [ 908.908413][T13533] hsr_slave_0: entered promiscuous mode [ 908.919020][T13533] hsr_slave_1: entered promiscuous mode [ 908.927947][T13533] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 908.935869][T13533] Cannot create hsr debugfs directory [ 908.977212][T13595] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3033'. [ 909.086178][T13595] netlink: 176 bytes leftover after parsing attributes in process `syz.2.3033'. [ 909.229294][T13600] usb usb9: usbfs: process 13600 (syz.4.3041) did not claim interface 0 before use [ 909.979021][T13606] loop2: detected capacity change from 0 to 2048 [ 909.990837][T13533] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 910.084589][T13612] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 910.132924][T13533] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 910.212765][T13533] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 910.286150][T13533] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 910.604769][T12814] Bluetooth: hci4: command tx timeout [ 911.031534][T13533] 8021q: adding VLAN 0 to HW filter on device bond0 [ 911.188013][T13624] loop4: detected capacity change from 0 to 256 [ 911.261317][T13624] exfat: Deprecated parameter 'namecase' [ 911.262739][T13533] 8021q: adding VLAN 0 to HW filter on device team0 [ 911.388383][ T9928] bridge0: port 1(bridge_slave_0) entered blocking state [ 911.396275][ T9928] bridge0: port 1(bridge_slave_0) entered forwarding state [ 911.472280][ T9928] bridge0: port 2(bridge_slave_1) entered blocking state [ 911.480055][ T9928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 911.654242][T13624] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 912.654470][T13638] loop4: detected capacity change from 0 to 512 [ 912.740461][T13638] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 912.853023][T13638] EXT4-fs (loop4): 1 truncate cleaned up [ 912.866848][T13638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 913.386169][T13533] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 913.420434][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 913.474034][T13652] netlink: 452 bytes leftover after parsing attributes in process `syz.0.3062'. [ 913.859632][T13657] loop4: detected capacity change from 0 to 128 [ 913.953068][T13657] FAT-fs (loop4): Directory bread(block 162) failed [ 913.960374][T13657] FAT-fs (loop4): Directory bread(block 163) failed [ 913.968106][T13657] FAT-fs (loop4): Directory bread(block 164) failed [ 913.975742][T13657] FAT-fs (loop4): Directory bread(block 165) failed [ 913.982641][T13657] FAT-fs (loop4): Directory bread(block 166) failed [ 913.995918][T13657] FAT-fs (loop4): Directory bread(block 167) failed [ 914.002879][T13657] FAT-fs (loop4): Directory bread(block 168) failed [ 914.014136][T13657] FAT-fs (loop4): Directory bread(block 169) failed [ 914.127766][T13657] FAT-fs (loop4): Directory bread(block 162) failed [ 914.134969][T13657] FAT-fs (loop4): Directory bread(block 163) failed [ 914.922804][T13673] sp0: Synchronizing with TNC [ 914.955903][T13674] loop0: detected capacity change from 0 to 256 [ 915.583110][T13681] loop2: detected capacity change from 0 to 256 [ 915.629454][T13681] exfat: Deprecated parameter 'utf8' [ 915.638185][T13681] exfat: Deprecated parameter 'utf8' [ 915.786453][T13681] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 916.129144][T13533] veth0_vlan: entered promiscuous mode [ 916.248497][T13533] veth1_vlan: entered promiscuous mode [ 916.538239][T13533] veth0_macvtap: entered promiscuous mode [ 916.588648][T13533] veth1_macvtap: entered promiscuous mode [ 916.659687][T13533] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 916.698427][T13533] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 916.741862][T13533] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.760154][T13533] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.769602][T13533] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.778853][T13533] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 919.222385][T13730] loop2: detected capacity change from 0 to 256 [ 919.270516][ T30] audit: type=1326 audit(1751193951.177:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13729 comm="syz.0.3091" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc67e78e929 code=0x0 [ 919.292641][ C1] vkms_vblank_simulate: vblank timer overrun [ 919.328115][T13728] loop5: detected capacity change from 0 to 1024 [ 919.422220][T13728] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 919.435080][T13728] ext4 filesystem being mounted at /393/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 919.684987][ T8518] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.385728][T13761] netlink: 332 bytes leftover after parsing attributes in process `syz.0.3101'. [ 921.395460][T13761] netlink: 'syz.0.3101': attribute type 2 has an invalid length. [ 921.403485][T13761] netlink: 'syz.0.3101': attribute type 5 has an invalid length. [ 922.090228][T13769] loop0: detected capacity change from 0 to 24 [ 922.956684][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 922.966064][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 923.007138][T13781] loop4: detected capacity change from 0 to 512 [ 923.081187][T13781] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 923.125521][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 923.133726][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 923.231819][T13781] EXT4-fs (loop4): 1 truncate cleaned up [ 923.240571][T13781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 923.357763][T13781] EXT4-fs (loop4): shut down requested (1) [ 923.552048][T13788] loop5: detected capacity change from 0 to 2048 [ 923.638196][T13788] loop5: p1 < > p3 p4 < > [ 923.679962][T13788] loop5: p3 start 4284289 is beyond EOD, truncated [ 923.721857][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 925.317106][T13800] loop2: detected capacity change from 0 to 32768 [ 925.327470][T13800] XFS: ikeep mount option is deprecated. [ 925.496752][T13800] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 925.545073][T13802] loop4: detected capacity change from 0 to 40427 [ 925.564623][T13802] F2FS-fs (loop4): Invalid log sectorsize (24) [ 925.571179][T13802] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 925.584759][T13802] F2FS-fs (loop4): heap/no_heap options were deprecated [ 925.596039][T13802] F2FS-fs (loop4): invalid crc value [ 925.934869][T13814] bridge0: entered promiscuous mode [ 925.940571][T13814] macvlan2: entered promiscuous mode [ 925.989839][T13802] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 925.997536][T13802] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 926.183779][ T5808] bio_check_eod: 14 callbacks suppressed [ 926.190358][ T5808] syz-executor: attempt to access beyond end of device [ 926.190358][ T5808] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 926.207509][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 926.207671][ T5808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 926.207759][ T5808] Call Trace: [ 926.207811][ T5808] [ 926.207864][ T5808] __dump_stack+0x26/0x30 [ 926.208043][ T5808] dump_stack_lvl+0x1df/0x270 [ 926.208253][ T5808] dump_stack+0x1e/0x25 [ 926.208410][ T5808] f2fs_handle_critical_error+0xa6f/0xc20 [ 926.208646][ T5808] f2fs_stop_checkpoint+0x65/0x80 [ 926.208844][ T5808] f2fs_write_end_io+0xb4b/0x1920 [ 926.209002][ T5808] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 926.209225][ T5808] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 926.209365][ T5808] bio_endio+0xe24/0xf80 [ 926.209543][ T5808] submit_bio_noacct+0x214/0x2710 [ 926.209771][ T5808] submit_bio+0x5a9/0x5d0 [ 926.209954][ T5808] f2fs_submit_write_bio+0x92/0x250 [ 926.210147][ T5808] __submit_merged_bio+0x16f/0x6a0 [ 926.210356][ T5808] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 926.210572][ T5808] __submit_merged_write_cond+0x458/0x9a0 [ 926.210791][ T5808] f2fs_write_data_pages+0x4bb2/0x5480 [ 926.211140][ T5808] ? kmsan_get_metadata+0xfb/0x160 [ 926.211338][ T5808] ? kmsan_get_metadata+0xfb/0x160 [ 926.211540][ T5808] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 926.211735][ T5808] ? folios_put_refs+0x21/0xb10 [ 926.211874][ T5808] ? filter_irq_stacks+0x49/0x190 [ 926.212027][ T5808] ? stack_depot_save_flags+0x35/0x7b0 [ 926.212209][ T5808] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 926.212399][ T5808] ? kmsan_get_metadata+0xfb/0x160 [ 926.212590][ T5808] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 926.212791][ T5808] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 926.213000][ T5808] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 926.213209][ T5808] do_writepages+0x3ef/0x860 [ 926.213385][ T5808] ? _raw_spin_unlock+0x30/0x50 [ 926.213595][ T5808] ? wbc_attach_and_unlock_inode+0x131/0x680 [ 926.213789][ T5808] filemap_fdatawrite+0x207/0x260 [ 926.214072][ T5808] f2fs_sync_dirty_inodes+0x2ab/0x9e0 [ 926.214289][ T5808] f2fs_write_checkpoint+0xfe2/0x2b00 [ 926.214605][ T5808] kill_f2fs_super+0x2ff/0x970 [ 926.214786][ T5808] ? __pfx_kill_f2fs_super+0x10/0x10 [ 926.214947][ T5808] deactivate_locked_super+0xc8/0x3c0 [ 926.215164][ T5808] deactivate_super+0x12f/0x140 [ 926.215345][ T5808] cleanup_mnt+0x6fb/0x780 [ 926.215484][ T5808] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 926.215682][ T5808] ? __pfx___cleanup_mnt+0x10/0x10 [ 926.215831][ T5808] __cleanup_mnt+0x22/0x30 [ 926.215973][ T5808] task_work_run+0x209/0x2b0 [ 926.216178][ T5808] exit_to_user_mode_loop+0x2a6/0x330 [ 926.216355][ T5808] do_syscall_64+0x1e3/0x210 [ 926.216494][ T5808] ? irqentry_exit+0x16/0x60 [ 926.216680][ T5808] ? clear_bhb_loop+0x40/0x90 [ 926.216835][ T5808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.216988][ T5808] RIP: 0033:0x7f25c7f8fc57 [ 926.217095][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 926.217225][ T5808] RSP: 002b:00007ffeb5a09fe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 926.217359][ T5808] RAX: 0000000000000000 RBX: 00007f25c8010925 RCX: 00007f25c7f8fc57 [ 926.217455][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeb5a0a0a0 [ 926.217543][ T5808] RBP: 00007ffeb5a0a0a0 R08: 0000000000000000 R09: 0000000000000000 [ 926.217627][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb5a0b130 [ 926.217722][ T5808] R13: 00007f25c8010925 R14: 00000000000e216b R15: 00007ffeb5a0b170 [ 926.217850][ T5808] [ 926.587554][ T5808] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 926.597660][T13800] XFS (loop2): Ending clean mount [ 926.707468][T13800] XFS (loop2): Quotacheck needed: Please wait. [ 926.831373][T13800] XFS (loop2): Quotacheck: Done. [ 926.878245][T13800] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 928.320373][T13832] loop0: detected capacity change from 0 to 4096 [ 928.386110][T13832] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 929.681726][T13849] loop2: detected capacity change from 0 to 2048 [ 929.850692][T13846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3130'. [ 930.046877][T13846] veth3: entered promiscuous mode [ 930.545826][T13864] loop2: detected capacity change from 0 to 256 [ 930.660824][T13864] exFAT-fs (loop2): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 931.517340][T13879] loop2: detected capacity change from 0 to 256 [ 931.675361][T13879] FAT-fs (loop2): Directory bread(block 64) failed [ 931.682178][T13879] FAT-fs (loop2): Directory bread(block 65) failed [ 931.689457][T13879] FAT-fs (loop2): Directory bread(block 66) failed [ 931.696431][T13879] FAT-fs (loop2): Directory bread(block 67) failed [ 931.708588][T13879] FAT-fs (loop2): Directory bread(block 68) failed [ 931.717611][T13879] FAT-fs (loop2): Directory bread(block 69) failed [ 931.724724][T13879] FAT-fs (loop2): Directory bread(block 70) failed [ 931.731527][T13879] FAT-fs (loop2): Directory bread(block 71) failed [ 931.738646][T13879] FAT-fs (loop2): Directory bread(block 72) failed [ 931.746085][T13879] FAT-fs (loop2): Directory bread(block 73) failed [ 931.918193][T13884] loop4: detected capacity change from 0 to 256 [ 932.398902][T13889] netlink: 'syz.2.3149': attribute type 83 has an invalid length. [ 933.023306][T13897] netlink: 'syz.2.3152': attribute type 10 has an invalid length. [ 933.031817][T13897] team0: Device dummy0 is up. Set it down before adding it as a team port [ 934.077954][ T5862] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 934.254326][ T5862] usb 5-1: Using ep0 maxpacket: 8 [ 934.315503][ T5862] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 934.325942][ T5862] usb 5-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 934.335585][ T5862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 934.406418][ T5862] usb 5-1: config 0 descriptor?? [ 934.455383][T13925] loop5: detected capacity change from 0 to 256 [ 934.665036][T13925] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 934.753325][T13930] netlink: 'syz.0.3168': attribute type 2 has an invalid length. [ 934.910735][ T5862] hid-multitouch 0003:0EEF:72C4.001F: unknown main item tag 0x0 [ 934.957161][ T5862] hid-multitouch 0003:0EEF:72C4.001F: hidraw0: USB HID v0.03 Device [HID 0eef:72c4] on usb-dummy_hcd.4-1/input0 [ 935.099742][ T5862] usb 5-1: USB disconnect, device number 19 [ 935.446180][T10491] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 935.634804][T10491] usb 3-1: Using ep0 maxpacket: 16 [ 935.676554][T10491] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 935.685140][T10491] usb 3-1: config 0 has no interface number 0 [ 935.691505][T10491] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 935.706833][T10491] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 935.778110][T10491] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 935.787835][T10491] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 935.796441][T10491] usb 3-1: Product: syz [ 935.805497][T10491] usb 3-1: SerialNumber: syz [ 935.819919][T10491] usb 3-1: config 0 descriptor?? [ 935.881817][T10491] cm109 3-1:0.8: invalid payload size 0, expected 4 [ 935.893147][T10491] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input13 [ 936.076919][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 936.307388][ C0] cm109_urb_ctl_callback: 18 callbacks suppressed [ 936.307506][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.326198][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.335828][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.343430][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.356564][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.367588][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.375178][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.382804][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.391016][T10491] usb 3-1: USB disconnect, device number 18 [ 936.397316][ C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 936.397435][ C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 936.447463][T10491] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 936.581479][T13950] loop0: detected capacity change from 0 to 2048 [ 936.611772][T13950] EXT4-fs: Ignoring removed nobh option [ 936.714727][T13950] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 936.732517][T13950] ext4 filesystem being mounted at /629/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 936.805750][T13950] fs-verity: sha512 using implementation "sha512-generic" [ 937.173550][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 937.566017][T13963] loop2: detected capacity change from 0 to 2048 [ 937.672320][T13963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 937.880691][T13963] EXT4-fs: Ignoring removed bh option [ 937.935073][T13963] EXT4-fs (loop2): can't disable delalloc during remount [ 938.104876][T13974] loop0: detected capacity change from 0 to 512 [ 938.151732][T13974] EXT4-fs: Ignoring removed i_version option [ 938.221653][ T5801] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 938.277366][T13974] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 938.290779][T13974] ext4 filesystem being mounted at /632/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 938.338549][T13967] loop4: detected capacity change from 0 to 8192 [ 938.382397][ T5801] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 938.782497][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 939.044434][T13980] netem: incorrect ge model size [ 939.049780][T13980] netem: change failed [ 939.200330][T13982] netlink: 'syz.0.3188': attribute type 1 has an invalid length. [ 939.208736][T13982] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 940.143155][T13997] loop7: detected capacity change from 0 to 512 [ 940.179738][T13997] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem [ 940.258004][T13997] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.3196: bg 0: block 104: invalid block bitmap [ 940.278611][T13997] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 940.334118][T10491] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 940.345287][T13997] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.3196: invalid indirect mapped block 1 (level 1) [ 940.384423][T13997] EXT4-fs (loop7): 1 truncate cleaned up [ 940.392650][T13997] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 940.531134][T10491] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 940.541006][T10491] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 940.610164][T10491] usb 6-1: config 0 descriptor?? [ 940.803168][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.894923][T14001] loop0: detected capacity change from 0 to 4096 [ 941.736118][T10491] ath6kl: Failed to submit usb control message: -110 [ 941.750250][T10491] ath6kl: unable to send the bmi data to the device: -110 [ 941.760093][T10491] ath6kl: Unable to send get target info: -110 [ 941.885112][T10491] ath6kl: Failed to init ath6kl core: -110 [ 941.897197][T10491] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -110 [ 941.939998][T10491] usb 6-1: USB disconnect, device number 11 [ 942.704957][T14023] loop4: detected capacity change from 0 to 64 [ 943.051074][T14026] netlink: 'syz.0.3206': attribute type 10 has an invalid length. [ 943.166184][T14026] bond0: (slave veth1_to_bond): Enslaving as an active interface with an up link [ 943.399182][T14031] vxcan3: entered allmulticast mode [ 943.668401][T14038] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 944.418539][T14046] loop0: detected capacity change from 0 to 2048 [ 944.434531][T14050] loop4: detected capacity change from 0 to 128 [ 944.490653][T14050] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 944.578127][T14046] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 944.618536][T14046] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 944.920927][T14048] loop2: detected capacity change from 0 to 4096 [ 944.980857][T14048] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 945.445889][T14053] loop5: detected capacity change from 0 to 32768 [ 945.777454][T14060] loop4: detected capacity change from 0 to 128 [ 946.104706][T14060] syz.4.3224: attempt to access beyond end of device [ 946.104706][T14060] loop4: rw=2051, sector=104, nr_sectors = 25 limit=128 [ 946.769129][T14067] loop7: detected capacity change from 0 to 512 [ 946.787658][T14069] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3228'. [ 946.797857][T14069] netem: change failed [ 946.816294][T14067] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 946.936032][T14067] EXT4-fs (loop7): 1 truncate cleaned up [ 946.944364][T14067] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 947.109747][T14067] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 947.758957][T14073] loop2: detected capacity change from 0 to 32768 [ 947.827228][T14073] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 948.054194][ T5801] ocfs2: Unmounting device (7,2) on (node local) [ 948.406247][T14087] netlink: 27 bytes leftover after parsing attributes in process `syz.0.3234'. [ 949.456475][T14103] loop4: detected capacity change from 0 to 164 [ 949.495454][T14103] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 949.541876][T14103] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 949.567515][T14103] Symlink component flag not implemented [ 949.573569][T14103] Symlink component flag not implemented [ 949.580210][T14103] Symlink component flag not implemented (7) [ 949.586782][T14103] Symlink component flag not implemented (116) [ 949.767928][T14105] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 950.294145][T14113] loop4: detected capacity change from 0 to 256 [ 950.656216][ T5858] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 950.884918][ T5858] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 950.949243][ T5858] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 950.963012][ T5858] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 950.972701][ T5858] usb 6-1: SerialNumber: syz [ 951.758863][ T5858] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 951.868629][T10491] usb 6-1: USB disconnect, device number 12 [ 951.882896][T10491] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device [ 952.312117][T14141] loop4: detected capacity change from 0 to 256 [ 952.374185][T14141] FAT-fs (loop4): bogus number of FAT sectors [ 952.380633][T14141] FAT-fs (loop4): Can't find a valid FAT filesystem [ 952.395233][ T30] audit: type=1326 audit(1751193984.277:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.418612][ T30] audit: type=1326 audit(1751193984.277:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.444599][ T30] audit: type=1326 audit(1751193984.307:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.692882][ T30] audit: type=1326 audit(1751193984.407:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.715650][ C1] vkms_vblank_simulate: vblank timer overrun [ 952.727849][ T30] audit: type=1326 audit(1751193984.417:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.751766][ T30] audit: type=1326 audit(1751193984.417:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.775318][ T30] audit: type=1326 audit(1751193984.427:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1bb3d858e7 code=0x7ffc0000 [ 952.797789][ C1] vkms_vblank_simulate: vblank timer overrun [ 952.810344][ T30] audit: type=1326 audit(1751193984.427:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1bb3d2ab19 code=0x7ffc0000 [ 952.833288][ T30] audit: type=1326 audit(1751193984.437:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.856674][ T30] audit: type=1326 audit(1751193984.437:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14142 comm="syz.2.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bb3d8e929 code=0x7ffc0000 [ 952.879140][ C1] vkms_vblank_simulate: vblank timer overrun [ 954.474716][T14172] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3272'. [ 954.484527][T14172] netlink: 1 bytes leftover after parsing attributes in process `syz.5.3272'. [ 954.906003][T14179] program syz.0.3274 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 956.267685][T14202] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 956.584848][T14209] netlink: 128 bytes leftover after parsing attributes in process `syz.2.3288'. [ 956.601780][T14209] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3288'. [ 957.163604][T14220] tap0: tun_chr_ioctl cmd 1074025677 [ 957.171033][T14220] tap0: linktype set to 773 [ 958.819194][T14239] loop0: detected capacity change from 0 to 16 [ 958.978480][T14239] erofs (device loop0): mounted with root inode @ nid 36. [ 959.104813][T14239] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 959.173361][T14237] loop5: detected capacity change from 0 to 32768 [ 959.182794][T14237] XFS: noikeep mount option is deprecated. [ 959.192418][T14239] erofs (device loop0): failed to decompress -29 in[58, 4038] out[1851] [ 959.201473][T14239] erofs (device loop0): read error -117 @ 43 of nid 36 [ 959.239021][T14237] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 959.261191][T14239] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 959.270386][T14239] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 959.279340][T14239] erofs (device loop0): readahead error at folio 42 @ nid 36 [ 959.282034][T14243] loop2: detected capacity change from 0 to 512 [ 959.287162][T14239] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36 [ 959.302075][T14239] erofs (device loop0): readahead error at folio 41 @ nid 36 [ 959.309854][T14239] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36 [ 959.318705][T14239] erofs (device loop0): readahead error at folio 40 @ nid 36 [ 959.326526][T14239] erofs (device loop0): readahead error at folio 39 @ nid 36 [ 959.334379][T14239] erofs (device loop0): readahead error at folio 38 @ nid 36 [ 959.342308][T14239] erofs (device loop0): readahead error at folio 36 @ nid 36 [ 959.355918][T14239] erofs (device loop0): bogus lookback distance 1468 @ lcn 31 of nid 36 [ 959.366040][T14239] erofs (device loop0): readahead error at folio 31 @ nid 36 [ 959.374481][T14239] erofs (device loop0): readahead error at folio 25 @ nid 36 [ 959.382188][T14239] erofs (device loop0): readahead error at folio 24 @ nid 36 [ 959.390408][T14239] erofs (device loop0): readahead error at folio 19 @ nid 36 [ 959.399325][T14239] syz.0.3302: attempt to access beyond end of device [ 959.399325][T14239] loop0: rw=524288, sector=784, nr_sectors = 64 limit=16 [ 959.413980][T14239] syz.0.3302: attempt to access beyond end of device [ 959.413980][T14239] loop0: rw=524288, sector=13478624080, nr_sectors = 24 limit=16 [ 959.429278][T14239] syz.0.3302: attempt to access beyond end of device [ 959.429278][T14239] loop0: rw=524288, sector=13478624032, nr_sectors = 48 limit=16 [ 959.447125][T14239] erofs (device loop0): failed to decompress -29 in[58, 4038] out[2639] [ 959.460998][T14239] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 959.471256][T14239] erofs (device loop0): readahead error at folio 47 @ nid 36 [ 959.479741][T14239] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 959.488475][T14239] erofs (device loop0): readahead error at folio 46 @ nid 36 [ 959.496435][T14239] erofs (device loop0): readahead error at folio 45 @ nid 36 [ 959.504596][T14239] syz.0.3302: attempt to access beyond end of device [ 959.504596][T14239] loop0: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 959.519469][T14239] erofs (device loop0): failed to decompress -29 in[58, 4038] out[3537] [ 959.657039][T14243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 959.676010][T14243] ext4 filesystem being mounted at /681/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 959.923301][T14237] XFS (loop5): Ending clean mount [ 959.949457][T14237] XFS (loop5): Quotacheck needed: Please wait. [ 960.072201][T14237] XFS (loop5): Quotacheck: Done. [ 960.245759][ T8518] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 960.281506][ T5801] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 962.161140][T14275] loop0: detected capacity change from 0 to 32768 [ 962.171152][T14275] XFS: noikeep mount option is deprecated. [ 962.248328][T14276] loop7: detected capacity change from 0 to 32768 [ 962.298238][T14275] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 963.081780][T14275] XFS (loop0): Ending clean mount [ 963.135539][T14275] XFS (loop0): Quotacheck needed: Please wait. [ 963.187323][T14275] XFS (loop0): Quotacheck: Done. [ 963.392239][ T5800] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 964.161885][T14307] loop2: detected capacity change from 0 to 256 [ 964.747703][T14302] loop5: detected capacity change from 0 to 32768 [ 964.757427][T14302] XFS: attr2 mount option is deprecated. [ 964.806100][T14302] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 965.299304][T14302] XFS (loop5): Ending clean mount [ 965.311287][T14302] XFS (loop5): Quotacheck needed: Please wait. [ 965.376503][T14302] XFS (loop5): Quotacheck: Done. [ 965.518118][ T8518] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 966.599346][ T5858] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 966.820237][ T5858] usb 5-1: Using ep0 maxpacket: 32 [ 966.864465][ T5858] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 966.874148][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 966.886561][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 966.893259][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 966.939100][ T5858] usb 5-1: config 0 descriptor?? [ 967.131806][T14344] nbd: socks must be embedded in a SOCK_ITEM attr [ 967.145942][T14344] block nbd1: shutting down sockets [ 967.208121][ T5858] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 967.248560][ T5858] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 967.308041][ T5858] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 967.315927][ T5858] usb 5-1: media controller created [ 967.426680][ T5858] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 967.604322][ T5858] az6027: usb out operation failed. (-71) [ 967.611450][ T5858] az6027: usb out operation failed. (-71) [ 967.617639][ T5858] stb0899_attach: Driver disabled by Kconfig [ 967.624389][ T5858] az6027: no front-end attached [ 967.624389][ T5858] [ 967.651170][ T5858] az6027: usb out operation failed. (-71) [ 967.657611][ T5858] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 967.667593][ T5858] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14 [ 967.762429][ T5858] dvb-usb: schedule remote query interval to 400 msecs. [ 967.769966][ T5858] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 967.818568][ T5858] usb 5-1: USB disconnect, device number 20 [ 968.156770][ T5858] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 968.625027][T14355] loop0: detected capacity change from 0 to 32768 [ 968.741331][T14359] loop7: detected capacity change from 0 to 512 [ 968.762203][T14359] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 968.885872][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names,read_only [ 968.886032][T14355] allowing incompatible features above 0.0: (unknown version) [ 968.886106][T14355] features: lz4 [ 968.886164][T14355] with devices loop0 [ 968.928285][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 968.939840][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 968.957596][T14359] EXT4-fs (loop7): 1 truncate cleaned up [ 968.964832][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 968.966796][T14359] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 969.053036][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 969.122109][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 969.153568][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 969.177242][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 969.192266][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 969.350130][ T30] audit: type=1800 audit(1751194001.247:87): pid=14359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3343" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 969.370982][ C0] vkms_vblank_simulate: vblank timer overrun [ 969.382764][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): loop0: Superblock write was silently dropped! (seq 0 expected 42) [ 969.414494][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 969.422903][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 969.455179][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 2 [ 969.683690][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 2 [ 969.718062][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 3 [ 969.730985][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 969.784188][T14355] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 969.956284][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 969.962947][T14355] syz.0.3342 (14355) used greatest stack depth: 1168 bytes left [ 969.978017][ T5800] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 970.095097][ T5800] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 970.200051][T14387] macvlan2: entered allmulticast mode [ 970.211022][T14387] veth1_vlan: entered allmulticast mode [ 970.228110][T14387] veth1_vlan: left allmulticast mode [ 971.543617][ T5858] kernel write not supported for file /uinput (pid: 5858 comm: kworker/1:4) [ 971.682798][T14411] loop4: detected capacity change from 0 to 1024 [ 971.719157][T14411] EXT4-fs: Ignoring removed bh option [ 971.875059][T14411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 972.025419][T14418] loop7: detected capacity change from 0 to 1024 [ 972.041069][T14411] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #19: comm syz.4.3363: missing EA_INODE flag [ 972.162612][T14411] EXT4-fs (loop4): Remounting filesystem read-only [ 972.169788][T14411] EXT4-fs warning (device loop4): ext4_xattr_block_set:2190: inode #20: comm syz.4.3363: dec ref error=-30 [ 972.609167][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 972.809969][T14423] loop5: detected capacity change from 0 to 2048 [ 972.905490][T14425] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 973.912416][T14428] loop4: detected capacity change from 0 to 32768 [ 974.074295][ T5858] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 974.255672][ T5858] usb 6-1: Using ep0 maxpacket: 32 [ 974.323060][ T5858] usb 6-1: config index 0 descriptor too short (expected 35577, got 27) [ 974.332342][ T5858] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 974.341499][ T5858] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 974.350910][ T5858] usb 6-1: config 1 has no interface number 0 [ 974.357706][ T5858] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 974.369136][ T5858] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 974.382517][ T5858] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 974.392096][ T5858] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 974.651236][ T5858] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found [ 974.867234][ T5858] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached [ 974.908467][T14440] loop2: detected capacity change from 0 to 2048 [ 974.946792][T14440] EXT4-fs: Ignoring removed bh option [ 975.044226][T14440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 975.363553][T14438] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 975.399057][ T5855] usb 6-1: USB disconnect, device number 13 [ 975.407636][ T5855] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected [ 975.675904][ T5801] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 976.596848][T14461] netlink: 596 bytes leftover after parsing attributes in process `syz.5.3383'. [ 977.167984][T14475] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3388'. [ 978.130328][T14487] loop0: detected capacity change from 0 to 1024 [ 978.139673][T14487] EXT4-fs: Ignoring removed i_version option [ 978.160252][T14487] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 978.171012][T14487] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869) [ 978.181334][T14487] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 978.206163][T14487] EXT4-fs error (device loop0): ext4_get_journal_inode:5796: inode #5: comm syz.0.3395: unexpected bad inode w/o EXT4_IGET_BAD [ 978.225142][T14487] EXT4-fs (loop0): no journal found [ 978.303470][T14489] loop2: detected capacity change from 0 to 1024 [ 979.170113][T14489] netlink: zone id is out of range [ 979.179980][T14489] netlink: zone id is out of range [ 979.185679][T14489] netlink: zone id is out of range [ 979.191005][T14489] netlink: zone id is out of range [ 979.196691][T14489] netlink: zone id is out of range [ 979.202034][T14489] netlink: zone id is out of range [ 979.207663][T14489] netlink: zone id is out of range [ 979.212989][T14489] netlink: zone id is out of range [ 979.223352][T14489] netlink: zone id is out of range [ 979.230313][T14489] netlink: zone id is out of range [ 979.631843][ T3621] hfsplus: b-tree write err: -5, ino 4 [ 980.437566][T14514] loop5: detected capacity change from 0 to 512 [ 980.564074][T14514] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 980.577362][T14514] ext4 filesystem being mounted at /458/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 980.632562][T14519] loop2: detected capacity change from 0 to 16 [ 980.698718][T14525] loop7: detected capacity change from 0 to 1024 [ 980.714466][T14519] erofs (device loop2): mounted with root inode @ nid 36. [ 980.736997][T14519] syz.2.3409: attempt to access beyond end of device [ 980.736997][T14519] loop2: rw=0, sector=137438494784, nr_sectors = 8 limit=16 [ 980.813534][ T30] audit: type=1800 audit(1751194012.717:88): pid=14514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3407" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 981.090270][ T8518] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 981.505484][T14536] netlink: 'syz.5.3414': attribute type 3 has an invalid length. [ 982.435910][T14551] loop4: detected capacity change from 0 to 1024 [ 983.866341][T14568] loop2: detected capacity change from 0 to 4096 [ 983.916265][T14568] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 984.183230][T14581] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3434'. [ 984.287847][T14568] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 985.408167][T14601] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3444'. [ 985.961111][T14611] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3448'. [ 985.980606][T14608] loop7: detected capacity change from 0 to 1024 [ 986.045005][T14608] EXT4-fs: Ignoring removed nobh option [ 986.050935][T14608] EXT4-fs: Ignoring removed bh option [ 986.184305][T14608] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 987.105095][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 987.207255][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 987.235032][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 987.347471][T14614] loop5: detected capacity change from 0 to 65536 [ 987.449386][T14614] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 987.525470][ T5858] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 987.595837][T14631] netlink: 'syz.2.3453': attribute type 12 has an invalid length. [ 987.604269][T14631] netlink: 'syz.2.3453': attribute type 29 has an invalid length. [ 987.612353][T14631] netlink: 'syz.2.3453': attribute type 2 has an invalid length. [ 987.616861][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 987.625751][T14631] netlink: 260 bytes leftover after parsing attributes in process `syz.2.3453'. [ 987.744419][ T5858] usb 5-1: Using ep0 maxpacket: 16 [ 987.759447][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 987.797602][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 987.812513][ T5858] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 987.827526][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.884131][ T5858] usb 5-1: config 0 descriptor?? [ 987.935074][T14614] XFS (loop5): Ending clean mount [ 988.055788][ T8518] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 988.401736][ T5858] mcp2221 0003:04D8:00DD.0020: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0 [ 988.584253][ T5855] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 988.770141][ T5855] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 988.779887][ T5855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 988.781832][ T5858] usb 5-1: USB disconnect, device number 21 [ 988.806088][ T5855] usb 3-1: config 0 descriptor?? [ 988.840257][ T5855] cp210x 3-1:0.0: cp210x converter detected [ 988.943409][T14641] loop7: detected capacity change from 0 to 512 [ 989.004108][T14641] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 989.026630][T14641] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0102] [ 989.037017][T14641] EXT4-fs (loop7): orphan cleanup on readonly fs [ 989.057514][T14641] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3459: bg 0: block 361: padding at end of block bitmap is not set [ 989.102274][T14641] EXT4-fs (loop7): Remounting filesystem read-only [ 989.135938][T14641] EXT4-fs (loop7): 1 truncate cleaned up [ 989.145994][T14641] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 989.412054][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 989.592799][ T5855] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 989.601056][ T5855] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 989.654728][ T5855] usb 3-1: cp210x converter now attached to ttyUSB0 [ 989.695270][ T5855] usb 3-1: USB disconnect, device number 19 [ 989.749173][ T5855] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 989.758904][ T5855] cp210x 3-1:0.0: device disconnected [ 989.795889][T14644] program syz.7.3460 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 990.036544][T14648] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3462'. [ 990.284717][T14653] loop7: detected capacity change from 0 to 8 [ 991.374239][ T5858] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 991.395203][T14672] loop7: detected capacity change from 0 to 256 [ 991.569189][ T5858] usb 3-1: Using ep0 maxpacket: 8 [ 991.600075][ T5858] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 991.617528][ T5858] usb 3-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 991.619380][T14672] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 991.629244][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 991.746291][ T5858] usb 3-1: config 0 descriptor?? [ 992.211058][ T5858] kye 0003:0458:4018.0021: unbalanced collection at end of report description [ 992.268575][ T5858] kye 0003:0458:4018.0021: parse failed [ 992.281712][ T5858] kye 0003:0458:4018.0021: probe with driver kye failed with error -22 [ 992.421938][ T5858] usb 3-1: USB disconnect, device number 20 [ 992.557539][T14687] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3480'. [ 992.567574][T14687] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 993.044763][T14695] loop4: detected capacity change from 0 to 128 [ 993.128686][T14695] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 993.261079][T14695] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 993.694268][T14704] loop0: detected capacity change from 0 to 512 [ 994.009294][T14704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 994.022625][T14704] ext4 filesystem being mounted at /695/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 994.276338][ T5800] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 994.632669][T14721] loop5: detected capacity change from 0 to 1024 [ 994.851251][T14721] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 994.864313][T14721] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 995.319322][ T8518] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 995.692743][T14746] netlink: 'syz.5.3503': attribute type 4 has an invalid length. [ 995.755953][T14745] netlink: 'syz.0.3505': attribute type 1 has an invalid length. [ 995.764667][T14745] nbd: error processing sock list [ 995.770222][T14745] block nbd1: shutting down sockets [ 995.985045][T14751] loop2: detected capacity change from 0 to 128 [ 996.681334][T14762] loop2: detected capacity change from 0 to 256 [ 996.929206][T14760] loop4: detected capacity change from 0 to 4096 [ 997.026836][T14768] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 997.587860][T14773] loop7: detected capacity change from 0 to 512 [ 997.720951][T14773] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 997.721343][T14773] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 997.825737][T14779] tap0: tun_chr_ioctl cmd 1074025677 [ 997.826207][T14779] tap0: linktype set to 804 [ 998.158825][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 998.202275][T14785] loop2: detected capacity change from 0 to 128 [ 998.236190][T14785] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 998.284973][T14785] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 998.305092][T14785] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (30846!=65535) [ 998.382090][ T5801] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 998.700109][ T5809] Bluetooth: hci4: link tx timeout [ 998.700194][ T5809] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.700701][T12814] Bluetooth: hci4: link tx timeout [ 998.700775][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.701551][T12814] Bluetooth: hci4: link tx timeout [ 998.701624][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.701746][T12814] Bluetooth: hci4: link tx timeout [ 998.701823][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.701946][T12814] Bluetooth: hci4: link tx timeout [ 998.702014][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.702136][T12814] Bluetooth: hci4: link tx timeout [ 998.702215][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.702520][T12814] Bluetooth: hci4: link tx timeout [ 998.702584][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 998.800497][T12814] Bluetooth: hci4: link tx timeout [ 998.800571][T12814] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 999.094415][T14794] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3525'. [ 999.232797][T14799] netlink: 'syz.7.3527': attribute type 6 has an invalid length. [ 999.770561][T14808] loop7: detected capacity change from 0 to 22 [ 999.814123][T14808] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1000.444178][T14804] loop0: detected capacity change from 0 to 32768 [ 1000.454708][T14804] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3530 (14804) [ 1000.492260][T14804] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1000.492525][T14804] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 1000.492763][T14804] BTRFS info (device loop0): using free-space-tree [ 1000.544056][T14814] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3534'. [ 1000.682587][T14804] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1000.754860][T12814] Bluetooth: hci4: command 0x0406 tx timeout [ 1001.993558][T14843] loop7: detected capacity change from 0 to 128 [ 1002.227692][T14843] syz.7.3541: attempt to access beyond end of device [ 1002.227692][T14843] loop7: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 1002.228391][T14843] syz.7.3541: attempt to access beyond end of device [ 1002.228391][T14843] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 1002.348204][T14847] loop4: detected capacity change from 0 to 128 [ 1002.409784][T14847] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1002.444137][T14847] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1002.934593][T14854] tap0: tun_chr_ioctl cmd 1074025677 [ 1002.935031][T14854] tap0: linktype set to 65534 [ 1003.697148][T14853] loop2: detected capacity change from 0 to 32768 [ 1003.709265][T14853] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3546 (14853) [ 1003.729574][T14853] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1003.740200][T14853] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 1003.750752][T14853] BTRFS info (device loop2): using free-space-tree [ 1004.125351][T14878] loop5: detected capacity change from 0 to 256 [ 1004.149017][T14878] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1004.160739][T14878] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 1004.195633][ T5801] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1004.323042][T14878] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1004.396263][T14882] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1004.476646][T14881] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3553'. [ 1005.251506][T14889] loop4: detected capacity change from 0 to 512 [ 1005.285652][T14889] EXT4-fs: inline encryption not supported [ 1005.491501][T14889] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1005.505904][T14889] ext4 filesystem being mounted at /729/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1005.620425][T14889] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3556: corrupted inode contents [ 1005.686228][T14889] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3556: mark_inode_dirty error [ 1005.755989][T14889] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3556: corrupted inode contents [ 1005.814222][T14889] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.3556: mark_inode_dirty error [ 1005.882927][T14889] EXT4-fs error (device loop4): ext4_lookup:1784: inode #18: comm syz.4.3556: 'file0' linked to parent dir [ 1006.122457][T14903] loop5: detected capacity change from 0 to 64 [ 1006.223263][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.685143][T14910] loop2: detected capacity change from 0 to 256 [ 1007.084367][T14915] loop4: detected capacity change from 0 to 2048 [ 1007.151950][T14910] FAT-fs (loop2): Directory bread(block 64) failed [ 1007.159348][T14910] FAT-fs (loop2): Directory bread(block 65) failed [ 1007.167231][T14910] FAT-fs (loop2): Directory bread(block 66) failed [ 1007.178290][T14910] FAT-fs (loop2): Directory bread(block 67) failed [ 1007.186634][T14910] FAT-fs (loop2): Directory bread(block 68) failed [ 1007.193448][T14910] FAT-fs (loop2): Directory bread(block 69) failed [ 1007.200602][T14910] FAT-fs (loop2): Directory bread(block 70) failed [ 1007.207487][T14910] FAT-fs (loop2): Directory bread(block 71) failed [ 1007.214823][T14910] FAT-fs (loop2): Directory bread(block 72) failed [ 1007.221626][T14910] FAT-fs (loop2): Directory bread(block 73) failed [ 1007.616202][T14926] loop7: detected capacity change from 0 to 512 [ 1007.799358][T14926] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.3570: iget: bad extended attribute block 1 [ 1007.850839][T14932] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 1007.932184][T14926] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.3570: couldn't read orphan inode 15 (err -117) [ 1007.981031][T14926] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1008.125461][T14935] loop4: detected capacity change from 0 to 128 [ 1008.190212][T14926] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #2: block 13: comm syz.7.3570: lblock 0 mapped to illegal pblock 13 (length 1) [ 1008.274232][T14926] EXT4-fs warning (device loop7): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz.7.3570: error -117 reading directory block [ 1008.375502][T14933] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 1008.775945][T13533] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1008.878711][T14946] loop2: detected capacity change from 0 to 128 [ 1009.013946][T14946] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1009.065146][T14946] ext4 filesystem being mounted at /738/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1009.216175][T14946] fscrypt (loop2, inode 12): Unsupported log2_data_unit_size in encryption policy: 227 [ 1009.330207][T14953] could not allocate digest TFM handle _!5Á’›ã(ìÛiÀ£ïÕHP,ƒomñ«xúÄ™í©*Ô71U"~Âß ‘2.Ë>£~e’…ñŠ>/yµ™ [ 1009.483337][T14951] loop0: detected capacity change from 0 to 4096 [ 1009.555360][T14951] NILFS (loop0): invalid segment: Checksum error in segment payload [ 1009.563696][T14951] NILFS (loop0): trying rollback from an earlier position [ 1009.596838][ T5801] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1009.698284][T14951] NILFS (loop0): recovery complete [ 1009.726180][T14958] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1009.894634][T14962] loop4: detected capacity change from 0 to 64 [ 1010.058902][ T30] audit: type=1800 audit(1751194041.957:89): pid=14962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3586" name="file2" dev="loop4" ino=21 res=0 errno=0 [ 1010.477118][T14972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3589'. [ 1010.506566][T14972] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 1010.514116][T14972] macsec1: entered allmulticast mode [ 1010.519703][T14972] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 1010.598226][T14972] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 1010.605724][T14972] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 1011.422329][T14987] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3596'. [ 1012.061010][T14996] loop2: detected capacity change from 0 to 16 [ 1012.143312][T14996] erofs (device loop2): rootino(nid 36) is not a directory(i_mode 66300) [ 1013.025618][T15011] netlink: 'syz.0.3607': attribute type 10 has an invalid length. [ 1013.072698][T15011] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1013.088869][T15011] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1013.286100][T15019] netlink: 'syz.0.3607': attribute type 10 has an invalid length. [ 1013.294522][T15019] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3607'. [ 1013.304006][T15019] batadv0: entered promiscuous mode [ 1013.309462][T15019] batadv0: entered allmulticast mode [ 1013.338237][T15019] bond0: (slave batadv0): Releasing backup interface [ 1013.396763][T15019] bridge0: port 3(batadv0) entered blocking state [ 1013.403945][T15019] bridge0: port 3(batadv0) entered disabled state [ 1013.454454][T15020] netem: incorrect gi model size [ 1013.459674][T15020] netem: change failed [ 1013.663465][T15022] loop4: detected capacity change from 0 to 256 [ 1013.771581][ T2986] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 1013.784605][ T2986] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 1013.856693][T15022] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1013.992286][T15022] exFAT-fs (loop4): valid_size(150994954) is greater than size(10) [ 1014.006498][T15028] loop2: detected capacity change from 0 to 128 [ 1014.054860][T15028] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1014.078967][T15028] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1014.466518][ T9928] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1015.641050][ T4006] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1015.858981][ T4006] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1016.024105][T15061] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1016.058788][ T4006] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1016.229245][ T4006] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1016.561496][ T4006] bridge0: port 3(batadv0) entered disabled state [ 1016.583756][ T4006] bridge_slave_1: left allmulticast mode [ 1016.591980][ T4006] bridge_slave_1: left promiscuous mode [ 1016.605697][ T4006] bridge0: port 2(bridge_slave_1) entered disabled state [ 1016.651662][ T4006] bridge_slave_0: left allmulticast mode [ 1016.657927][ T4006] bridge_slave_0: left promiscuous mode [ 1016.664798][ T4006] bridge0: port 1(bridge_slave_0) entered disabled state [ 1017.186268][ T4006] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1017.205038][ T4006] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1017.250955][ T4006] bond0 (unregistering): (slave veth1_to_bond): Releasing backup interface [ 1017.266980][ T4006] bond0 (unregistering): Released all slaves [ 1017.378537][ T4006] tipc: Disabling bearer [ 1017.385707][ T4006] tipc: Disabling bearer [ 1017.391627][ T4006] tipc: Left network mode [ 1017.862632][ T4006] hsr_slave_0: left promiscuous mode [ 1017.887609][ T4006] hsr_slave_1: left promiscuous mode [ 1017.896359][ T4006] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1017.904563][ T4006] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1017.975389][ T4006] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1017.983129][ T4006] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1018.108152][ T4006] veth1_macvtap: left promiscuous mode [ 1018.115866][ T4006] veth0_macvtap: left promiscuous mode [ 1018.121859][ T4006] veth1_vlan: left promiscuous mode [ 1018.127603][ T4006] veth0_vlan: left promiscuous mode [ 1018.514646][T12814] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1018.525102][T12814] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1018.535442][T12814] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1018.553036][T12814] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1018.565932][T12814] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1019.336327][ T4006] team0 (unregistering): Port device team_slave_1 removed [ 1019.396431][ T4006] team0 (unregistering): Port device team_slave_0 removed [ 1020.604248][ T4006] IPVS: stop unused estimator thread 0... [ 1020.621031][T12814] Bluetooth: hci1: command tx timeout [ 1021.104571][T15081] chnl_net:caif_netlink_parms(): no params data found [ 1022.391260][T15081] bridge0: port 1(bridge_slave_0) entered blocking state [ 1022.399436][T15081] bridge0: port 1(bridge_slave_0) entered disabled state [ 1022.407283][T15081] bridge_slave_0: entered allmulticast mode [ 1022.416988][T15081] bridge_slave_0: entered promiscuous mode [ 1022.538487][T15081] bridge0: port 2(bridge_slave_1) entered blocking state [ 1022.546256][T15081] bridge0: port 2(bridge_slave_1) entered disabled state [ 1022.554169][T15081] bridge_slave_1: entered allmulticast mode [ 1022.564020][T15081] bridge_slave_1: entered promiscuous mode [ 1022.677218][T12814] Bluetooth: hci1: command tx timeout [ 1022.757750][T15131] loop5: detected capacity change from 0 to 2048 [ 1022.855229][T15131] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1023.005407][T15081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1023.035227][T15137] loop4: detected capacity change from 0 to 256 [ 1023.086472][T15081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1023.174002][T15137] exFAT-fs (loop4): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 1023.257820][T15137] exFAT-fs (loop4): valid_size(10) is greater than size(0) [ 1023.266606][T15137] overlayfs: missing 'lowerdir' [ 1023.444835][T15081] team0: Port device team_slave_0 added [ 1023.491391][T15081] team0: Port device team_slave_1 added [ 1023.801759][T15081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1023.809191][T15081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1023.835876][T15081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1024.714826][T15147] loop7: detected capacity change from 0 to 32768 [ 1024.730143][T15081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1024.737554][T15081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1024.765909][T15081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1024.778678][T15147] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3666 (15147) [ 1024.804536][T12814] Bluetooth: hci1: command tx timeout [ 1024.817309][T15147] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1024.827958][T15147] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm [ 1024.837388][T15147] BTRFS info (device loop7): using free-space-tree [ 1025.186679][T15081] hsr_slave_0: entered promiscuous mode [ 1025.201602][T15081] hsr_slave_1: entered promiscuous mode [ 1025.210524][T15081] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1025.218584][T15081] Cannot create hsr debugfs directory [ 1025.315340][T13533] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1025.348626][ T30] audit: type=1800 audit(1751194057.247:90): pid=15176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3671" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 1026.591828][T15081] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1026.685058][T15081] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1026.780828][T15081] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1026.836689][T12814] Bluetooth: hci1: command tx timeout [ 1026.856777][T15081] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1027.605580][T15204] input: syz0 as /devices/virtual/input/input15 [ 1027.802721][T15081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1027.975700][T15081] 8021q: adding VLAN 0 to HW filter on device team0 [ 1028.111942][ T4006] bridge0: port 1(bridge_slave_0) entered blocking state [ 1028.119673][ T4006] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1028.226371][ T4006] bridge0: port 2(bridge_slave_1) entered blocking state [ 1028.234034][ T4006] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1028.340910][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 1028.347897][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 1029.656482][T15216] loop2: detected capacity change from 0 to 32768 [ 1029.861260][T15216] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 1029.861389][T15216] allowing incompatible features above 0.0: (unknown version) [ 1029.861491][T15216] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 1029.899886][T15216] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 1029.912560][T15216] bcachefs (loop2): initializing new filesystem [ 1029.929687][T15216] bcachefs (loop2): going read-write [ 1029.942910][T15216] bcachefs (loop2): marking superblocks [ 1029.994950][T15216] bcachefs (loop2): initializing freespace [ 1030.028314][T15216] bcachefs (loop2): done initializing freespace [ 1030.053562][T15216] bcachefs (loop2): reading snapshots table [ 1030.060097][T15216] bcachefs (loop2): reading snapshots done [ 1030.241421][T15216] bcachefs (loop2): done starting filesystem [ 1030.560752][ T5801] bcachefs (loop2): shutting down [ 1030.566465][ T5801] bcachefs (loop2): going read-only [ 1030.571934][ T5801] bcachefs (loop2): finished waiting for writes to stop [ 1030.651424][ T5801] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3 [ 1030.884610][ T5801] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3 [ 1030.936835][ T5801] bcachefs (loop2): clean shutdown complete, journal seq 4 [ 1030.955907][ T5801] bcachefs (loop2): marking filesystem clean [ 1031.184738][ T5801] bcachefs (loop2): shutdown complete [ 1031.249987][T15081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1031.424651][T15253] loop4: detected capacity change from 0 to 1024 [ 1032.440440][T15268] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3708'. [ 1032.500651][T15268] hsr_slave_0: left promiscuous mode [ 1032.515439][T15268] hsr_slave_1: left promiscuous mode [ 1033.197176][T15277] loop4: detected capacity change from 0 to 1024 [ 1033.238644][T15277] EXT4-fs: Ignoring removed nobh option [ 1033.245155][T15277] EXT4-fs: Ignoring removed bh option [ 1033.467478][T15277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1033.570945][T15081] veth0_vlan: entered promiscuous mode [ 1033.619678][T15277] EXT4-fs (loop4): changing journal_checksum during remount not supported; ignoring [ 1033.664750][T15277] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 1033.671399][T15081] veth1_vlan: entered promiscuous mode [ 1033.941118][T15081] veth0_macvtap: entered promiscuous mode [ 1034.011738][T15081] veth1_macvtap: entered promiscuous mode [ 1034.187966][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1034.215540][T15081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1034.280353][T15081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1034.383617][T15081] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1034.393095][T15081] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1034.402328][T15081] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1034.415099][T15081] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1035.369335][T15305] loop5: detected capacity change from 0 to 64 [ 1036.279625][ T5809] Bluetooth: hci0: unexpected event for opcode 0x0c47 [ 1037.550552][T15337] loop2: detected capacity change from 0 to 1764 [ 1038.753048][ T30] audit: type=1326 audit(1751194070.647:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.777681][ T30] audit: type=1326 audit(1751194070.647:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.802751][ T30] audit: type=1326 audit(1751194070.687:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.828911][ T30] audit: type=1326 audit(1751194070.687:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.852604][ T30] audit: type=1326 audit(1751194070.687:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.876195][ T30] audit: type=1326 audit(1751194070.717:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.899048][ T30] audit: type=1326 audit(1751194070.717:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25c7f8e929 code=0x7ffc0000 [ 1038.924642][ T30] audit: type=1326 audit(1751194070.737:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25c7f8d290 code=0x7ffc0000 [ 1038.948418][ T30] audit: type=1326 audit(1751194070.737:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f25c7f8e52b code=0x7ffc0000 [ 1038.971192][ T30] audit: type=1326 audit(1751194070.737:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15356 comm="syz.4.3741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f25c7f8e52b code=0x7ffc0000 [ 1039.094858][ T5856] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1039.138241][T15361] loop2: detected capacity change from 0 to 512 [ 1039.197443][T15361] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 1039.215795][T15361] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.3742: invalid indirect mapped block 2683928664 (level 1) [ 1039.281662][T15361] EXT4-fs (loop2): Remounting filesystem read-only [ 1039.294418][ T5856] usb 5-1: Using ep0 maxpacket: 8 [ 1039.339250][ T5856] usb 5-1: config 0 has an invalid interface number: 31 but max is 0 [ 1039.345568][T15361] EXT4-fs (loop2): 1 truncate cleaned up [ 1039.347884][ T5856] usb 5-1: config 0 has no interface number 0 [ 1039.356175][T15361] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1039.417731][ T5856] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1039.427436][ T5856] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1039.441098][ T5856] usb 5-1: Product: syz [ 1039.445618][ T5856] usb 5-1: Manufacturer: syz [ 1039.450481][ T5856] usb 5-1: SerialNumber: syz [ 1039.469412][ T5856] usb 5-1: config 0 descriptor?? [ 1039.710237][ T5856] usb 5-1: Found UVC 0.04 device syz (046d:08c3) [ 1039.717304][ T5856] uvcvideo 5-1:0.31: Entity type for entity Output 6 was not initialized! [ 1039.726434][ T5856] usb 5-1: Failed to create links for entity 5 [ 1039.733425][ T5856] usb 5-1: Failed to register entities (-22). [ 1039.807540][ T5856] usb 5-1: USB disconnect, device number 22 [ 1039.901557][ T5801] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1040.301602][T15377] loop7: detected capacity change from 0 to 128 [ 1040.347717][T15377] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1040.364729][ T5809] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 1040.373342][ T5809] Bluetooth: hci0: Injecting HCI hardware error event [ 1040.382413][ T5809] Bluetooth: hci0: hardware error 0x00 [ 1040.391585][T15377] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1040.715827][ T35] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1040.800199][ T2986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.808594][ T2986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.017944][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1041.026373][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.181680][T15386] loop4: detected capacity change from 0 to 2048 [ 1041.226669][T15386] EXT4-fs: Ignoring removed mblk_io_submit option [ 1041.458099][T15386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1041.984564][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1042.024251][ T5856] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 1042.204626][ T5856] usb 3-1: Using ep0 maxpacket: 16 [ 1042.255923][ T5856] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1042.267493][ T5856] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1042.278389][ T5856] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 1042.291810][ T5856] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1042.302092][ T5856] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 1042.312602][ T5856] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1042.431390][ T5856] usb 3-1: config 0 descriptor?? [ 1042.447442][ T5809] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 1043.494424][T15410] loop4: detected capacity change from 0 to 32768 [ 1043.521309][ T5856] hid (null): invalid report_size 27418 [ 1043.532965][ T5856] hid (null): report_id 1505116794 is invalid [ 1043.541225][ T5856] hid (null): unknown global tag 0xe [ 1043.606984][T15410] XFS: noikeep mount option is deprecated. [ 1043.720180][T15410] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1043.755386][ T5855] usb 3-1: USB disconnect, device number 21 [ 1044.322049][ T5855] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 1044.351768][T15410] XFS (loop4): Ending clean mount [ 1044.367929][T15410] XFS (loop4): Quotacheck needed: Please wait. [ 1044.439401][T15410] XFS (loop4): Quotacheck: Done. [ 1044.566383][ T5855] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1044.577013][ T5855] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1044.636423][ T5808] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1044.735713][ T5855] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1044.745283][ T5855] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1044.758045][ T5855] usb 6-1: Product: syz [ 1044.762490][ T5855] usb 6-1: Manufacturer: syz [ 1044.769356][ T5855] usb 6-1: SerialNumber: syz [ 1045.304549][ T5855] usb 6-1: 0:2 : does not exist [ 1045.641262][T15444] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3771'. [ 1045.651092][T15444] netlink: 'syz.2.3771': attribute type 9 has an invalid length. [ 1045.659175][T15444] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3771'. [ 1045.668994][T15444] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3771'. [ 1045.744939][ T5855] usb 6-1: USB disconnect, device number 14 [ 1046.524187][T14032] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1046.756765][T14032] usb 5-1: Using ep0 maxpacket: 16 [ 1046.780677][T14032] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1046.792965][T14032] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1046.858952][T14032] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1046.868538][T14032] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1046.877715][T14032] usb 5-1: Product: syz [ 1046.882135][T14032] usb 5-1: Manufacturer: syz [ 1046.883347][T15465] bridge0: entered promiscuous mode [ 1046.887121][T14032] usb 5-1: SerialNumber: syz [ 1046.967084][T14032] usb 5-1: config 0 descriptor?? [ 1046.984736][T14032] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1046.994503][T14032] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 1047.640004][T14032] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 1047.850426][T14032] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 1047.878354][T14032] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 1047.885933][T14032] em28xx 5-1:0.0: No AC97 audio processor [ 1047.994856][T14032] usb 5-1: USB disconnect, device number 23 [ 1048.002784][T14032] em28xx 5-1:0.0: Disconnecting em28xx [ 1048.045016][T14032] em28xx 5-1:0.0: Freeing device [ 1048.415261][T15475] loop2: detected capacity change from 0 to 4096 [ 1048.464906][T15475] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 1048.693355][ T30] kauditd_printk_skb: 34 callbacks suppressed [ 1048.693442][ T30] audit: type=1326 audit(1751194080.597:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15482 comm="syz.7.3789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8e7f8e929 code=0x7ffc0000 [ 1048.812105][ T30] audit: type=1326 audit(1751194080.697:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15482 comm="syz.7.3789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd8e7f8e929 code=0x7ffc0000 [ 1048.836195][ T30] audit: type=1326 audit(1751194080.737:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15482 comm="syz.7.3789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd8e7f8e929 code=0x0 [ 1048.933669][T15475] ntfs3(loop2): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 1049.982086][T15500] loop8: detected capacity change from 0 to 1024 [ 1050.060081][T15503] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3797'. [ 1050.069970][T15503] netlink: 68 bytes leftover after parsing attributes in process `syz.7.3797'. [ 1050.307083][T15508] loop2: detected capacity change from 0 to 1024 [ 1050.398175][T15508] hfsplus: invalid btree extent records (0 size) [ 1050.405151][T15508] hfsplus: failed to load extents file [ 1050.755203][T15514] loop5: detected capacity change from 0 to 1024 [ 1050.864823][T15514] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1050.877695][T15514] ext4 filesystem being mounted at /541/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1051.005544][ T5855] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 1051.089813][T15514] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 1051.135019][T15514] EXT4-fs (loop5): Remounting filesystem read-only [ 1051.175485][ T5855] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1051.188053][ T5855] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1051.197258][T15525] batadv_slave_0: entered promiscuous mode [ 1051.199227][ T5855] usb 9-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 1051.215411][T15524] batadv_slave_0: left promiscuous mode [ 1051.218148][ T5855] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1051.395606][ T5855] usb 9-1: config 0 descriptor?? [ 1051.448089][ T8518] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1051.861117][ T5855] sony 0003:054C:024B.0023: unknown main item tag 0x0 [ 1051.875237][ T5855] sony 0003:054C:024B.0023: unknown main item tag 0x0 [ 1051.882397][ T5855] sony 0003:054C:024B.0023: unexpected long global item [ 1051.936545][ T5855] sony 0003:054C:024B.0023: parse failed [ 1051.942969][ T5855] sony 0003:054C:024B.0023: probe with driver sony failed with error -22 [ 1052.100852][ T5855] usb 9-1: USB disconnect, device number 2 [ 1053.160643][T15546] loop4: detected capacity change from 0 to 2048 [ 1053.162877][T15550] loop5: detected capacity change from 0 to 16 [ 1053.218582][T15546] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 96: 0x25 != 0x13 [ 1053.220896][T15550] erofs (device loop5): mounted with root inode @ nid 36. [ 1053.229432][T15546] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1053.342354][T15546] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1053.779118][T15551] loop8: detected capacity change from 0 to 4096 [ 1055.535023][T15568] loop4: detected capacity change from 0 to 32768 [ 1055.585316][T15568] o2cb: This node has not been configured. [ 1055.591483][T15568] o2cb: Cluster check failed. Fix errors before retrying. [ 1055.599145][T15568] (syz.4.3826,15568,0):ocfs2_dlm_init:3354 ERROR: status = -22 [ 1055.627735][T15568] (syz.4.3826,15568,0):ocfs2_mount_volume:1735 ERROR: status = -22 [ 1055.652992][T15568] (syz.4.3826,15568,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 1056.357934][T15585] serio: Serial port ttyS3 [ 1056.760514][T15591] loop2: detected capacity change from 0 to 2048 [ 1056.823974][T15591] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1057.608688][T15611] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3843'. [ 1057.645865][T15611] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3843'. [ 1058.072080][T15618] dvmrp8: entered allmulticast mode [ 1058.150276][T15618] dvmrp8: left allmulticast mode [ 1059.074002][T15622] loop2: detected capacity change from 0 to 32768 [ 1059.095647][T15622] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section members_v2: device 0: invalid btree_bitmap_shift 255 [ 1059.095647][T15622] members_v2 (size 152): [ 1059.095647][T15622] Device: 0 [ 1059.095647][T15622] Label: (none) [ 1059.095647][T15622] UUID: 7af6772b-00de-4159-84cd-1faead05aceb [ 1059.095647][T15622] Size: 16777216 [ 1059.095647][T15622] read errors: 0 [ 1059.095647][T15622] write errors: 0 [ 1059.095647][T15622] checksum errors: 0 [ 1059.095647][T15622] seqread iops: 0 [ 1059.095647][T15622] seqwrite iops: 0 [ 1059.095647][T15622] randread iops: 0 [ 1059.095647][T15622] randwrite iops: 0 [ 1059.095647][T15622] Bucket size: 131072 [ 1059.095647][T15622] First bucket: 0 [ 1059.095647][T15622] Buckets: 128 [ 1059.095647][T15622] Last mount: 1714681267 [ 1059.095647][T15622] Last superblock write: 42 [ 1059.095647][T15622] State: rw [ 1059.095647][T15622] Data allowed: journal,btree,user [ 1059.095647][T15622] Has data: (none) [ 1059.095647][T15622] Btree allocated bitmap blocksize:(invalid shift 255) [ 1059.095647][T15622] Btree allocated bitmap: 0000000000000000000001000010000010011000000000000000000000000000 [ 1059.095647][T15622] [ 1059.096614][T15622] bcachefs: bch2_fs_get_tree() error: invalid_sb_members [ 1059.897606][T14032] kernel write not supported for file /input/event2 (pid: 14032 comm: kworker/1:1) [ 1059.960435][T15633] sctp: [Deprecated]: syz.4.3855 (pid 15633) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1059.960435][T15633] Use struct sctp_sack_info instead [ 1060.089360][T15640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3857'. [ 1060.126971][ T5855] usb 6-1: new full-speed USB device number 15 using dummy_hcd [ 1060.128413][T15640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3857'. [ 1060.332185][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1060.344052][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1060.354972][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1060.368399][ T5855] usb 6-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00 [ 1060.377918][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1060.486902][ T5855] usb 6-1: config 0 descriptor?? [ 1060.861200][T15648] ===================================================== [ 1060.868830][T15648] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xf0e/0x33f0 [ 1060.876622][T15648] _copy_to_iter+0xf0e/0x33f0 [ 1060.881515][T15648] __skb_datagram_iter+0x196/0x12c0 [ 1060.887077][T15648] skb_copy_datagram_iter+0x5b/0x1e0 [ 1060.892585][T15648] tun_do_read+0x26d8/0x30f0 [ 1060.897531][T15648] tun_chr_read_iter+0x393/0x6b0 [ 1060.902797][T15648] vfs_read+0x85a/0xf00 [ 1060.907365][T15648] __x64_sys_read+0x1fb/0x4d0 [ 1060.912281][T15648] x64_sys_call+0x39db/0x3db0 [ 1060.918066][T15648] do_syscall_64+0xd9/0x210 [ 1060.922773][T15648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.932233][T15648] [ 1060.938040][T15648] Uninit was created at: [ 1060.942542][T15648] __kmalloc_node_track_caller_noprof+0x96d/0x12f0 [ 1060.950459][T15648] kmalloc_reserve+0x22f/0x4b0 [ 1060.955768][T15648] __alloc_skb+0x347/0x7d0 [ 1060.960429][T15648] igmpv3_newpack+0x142/0x1540 [ 1060.965576][T15648] add_grec+0xed2/0x1fe0 [ 1060.970047][T15648] igmp_ifc_timer_expire+0x1d8/0x1cc0 [ 1060.975788][T15648] call_timer_fn+0x49/0x520 [ 1060.980519][T15648] __run_timer_base+0x80f/0xd90 [ 1060.985722][T15648] run_timer_softirq+0x3a/0x80 [ 1060.990688][T15648] handle_softirqs+0x166/0x6e0 [ 1060.996379][T15648] __irq_exit_rcu+0x66/0x180 [ 1061.001171][T15648] irq_exit_rcu+0x12/0x20 [ 1061.005814][T15648] sysvec_apic_timer_interrupt+0x84/0x90 [ 1061.011674][T15648] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 1061.018312][T15648] [ 1061.020771][T15648] Bytes 38-41 of 108 are uninitialized [ 1061.026564][T15648] Memory access of size 108 starts at ffff88804dcfb080 [ 1061.033578][T15648] Data copied to user address 00007ffeb5a0ace0 [ 1061.043640][T15648] [ 1061.047493][T15648] CPU: 1 UID: 0 PID: 15648 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 1061.060176][T15648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1061.070638][T15648] ===================================================== [ 1061.077873][T15648] Disabling lock debugging due to kernel taint [ 1061.084313][T15648] Kernel panic - not syncing: kmsan.panic set ... [ 1061.090929][T15648] CPU: 1 UID: 0 PID: 15648 Comm: syz-executor Tainted: G B 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 1061.105097][T15648] Tainted: [B]=BAD_PAGE [ 1061.109378][T15648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1061.119618][T15648] Call Trace: [ 1061.123047][T15648] [ 1061.126122][T15648] __dump_stack+0x26/0x30 [ 1061.130716][T15648] dump_stack_lvl+0x53/0x270 [ 1061.135563][T15648] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1061.141650][T15648] dump_stack+0x1e/0x25 [ 1061.146058][T15648] panic+0x4bd/0xd50 [ 1061.150300][T15648] kmsan_report+0x31c/0x320 [ 1061.155087][T15648] ? kmsan_internal_check_memory+0x16c/0x230 [ 1061.161360][T15648] ? kmsan_copy_to_user+0xf1/0x190 [ 1061.166756][T15648] ? _copy_to_iter+0xf0e/0x33f0 [ 1061.171817][T15648] ? __skb_datagram_iter+0x196/0x12c0 [ 1061.177434][T15648] ? skb_copy_datagram_iter+0x5b/0x1e0 [ 1061.183129][T15648] ? tun_do_read+0x26d8/0x30f0 [ 1061.188129][T15648] ? tun_chr_read_iter+0x393/0x6b0 [ 1061.193459][T15648] ? vfs_read+0x85a/0xf00 [ 1061.198051][T15648] ? __x64_sys_read+0x1fb/0x4d0 [ 1061.203191][T15648] ? x64_sys_call+0x39db/0x3db0 [ 1061.208311][T15648] ? do_syscall_64+0xd9/0x210 [ 1061.213204][T15648] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1061.219530][T15648] ? __free_frozen_pages+0xab3/0x1560 [ 1061.225214][T15648] ? free_frozen_pages+0x21/0x30 [ 1061.230443][T15648] ? __free_slab+0x2a1/0x3e0 [ 1061.235305][T15648] ? free_slab+0x51/0x480 [ 1061.239884][T15648] ? kmsan_get_metadata+0xfb/0x160 [ 1061.245288][T15648] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1061.251404][T15648] kmsan_internal_check_memory+0x16c/0x230 [ 1061.257507][T15648] kmsan_copy_to_user+0xf1/0x190 [ 1061.262708][T15648] _copy_to_iter+0xf0e/0x33f0 [ 1061.267607][T15648] ? put_cpu_partial+0x1bc/0x230 [ 1061.272802][T15648] ? __slab_free+0x6fb/0x9e0 [ 1061.277712][T15648] ? kmsan_get_metadata+0xfb/0x160 [ 1061.283094][T15648] __skb_datagram_iter+0x196/0x12c0 [ 1061.288514][T15648] ? filter_irq_stacks+0x49/0x190 [ 1061.293756][T15648] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 1061.299627][T15648] ? stack_depot_save_flags+0x35/0x7b0 [ 1061.305325][T15648] skb_copy_datagram_iter+0x5b/0x1e0 [ 1061.310842][T15648] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1061.316958][T15648] tun_do_read+0x26d8/0x30f0 [ 1061.321768][T15648] ? __pfx_default_wake_function+0x10/0x10 [ 1061.327910][T15648] tun_chr_read_iter+0x393/0x6b0 [ 1061.333112][T15648] vfs_read+0x85a/0xf00 [ 1061.337624][T15648] ? __pfx_tun_chr_read_iter+0x10/0x10 [ 1061.343341][T15648] __x64_sys_read+0x1fb/0x4d0 [ 1061.348393][T15648] x64_sys_call+0x39db/0x3db0 [ 1061.353370][T15648] do_syscall_64+0xd9/0x210 [ 1061.358092][T15648] ? irqentry_exit+0x16/0x60 [ 1061.362928][T15648] ? clear_bhb_loop+0x40/0x90 [ 1061.367827][T15648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1061.373931][T15648] RIP: 0033:0x7f25c7f8d33c [ 1061.378547][T15648] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1061.398478][T15648] RSP: 002b:00007ffeb5a0acb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1061.407124][T15648] RAX: ffffffffffffffda RBX: 00007ffeb5a0ace0 RCX: 00007f25c7f8d33c [ 1061.415326][T15648] RDX: 00000000000003e8 RSI: 00007ffeb5a0ace0 RDI: 00000000000000c8 [ 1061.423506][T15648] RBP: 00007ffeb5a0b11c R08: 0000000000000000 R09: 0000000000000000 [ 1061.431668][T15648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000316 [ 1061.439829][T15648] R13: 00000000000927c0 R14: 0000000000102e3e R15: 00007ffeb5a0b170 [ 1061.448010][T15648] [ 1061.451513][T15648] Kernel Offset: disabled [ 1061.455932][T15648] Rebooting in 86400 seconds..