last executing test programs: 19.327146686s ago: executing program 1 (id=3576): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0x1c6, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, "922ff5", 0x190, 0x21, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, {[@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, @hopopts={0x11, 0x23, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @generic={0x0, 0xe3, "9a406896431cf8cebb1379b1cfca3ce3334fb0cd81c12766ff8351be2d961c40ce922dd8423e2de93ba96a5c90f772216e5e60c7d2a67cbcbc1d3b195d538eb920fc058775cc06baf8a87b4736fa0cf5161d47d4416aa6a1099c3aa4a927c4d93bcf1f4a781cbde0ee829f1276818415e192376437a6d4854c3c3ad346c7df7dfea9cd0463aa441a1b9cd514fedb8172d54cbf1353cf5f63fe58465c2d0e165df05ada44174919aaffc29df43606f9d49bcc571525c7aecc77ad523da96156400a63d03f15e4254c95ecb66cda9310041006d9d10e6b8a38bbdcac75348fe624c73bd8"}]}, @hopopts={0x0, 0x0, '\x00', [@enc_lim]}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "114f84", 0x0, "8e269c"}, "c52104e4fbd8be11e86055d5cec119bfa161827fb675e43744d104b96e26ecb84a318c4c1d7b4f70305e74abd64694eddc8e552b811b2a1c63e32b811f4e8296"}}}}}}, 0x0) 18.52273073s ago: executing program 1 (id=3584): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==") r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000100)='.pending_reads\x00', 0x149240, 0x0) pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x80000000000000) 17.81168548s ago: executing program 1 (id=3591): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0) syz_clone(0x20003000, 0x0, 0x0, 0x0, 0x0, 0x0) 17.274834011s ago: executing program 1 (id=3597): io_setup(0x4, &(0x7f0000000000)=0x0) r1 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) io_submit(r0, 0x1, &(0x7f0000000380)=[&(0x7f0000000480)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 16.695419539s ago: executing program 1 (id=3601): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000001240)={'sit0\x00', &(0x7f0000001200)={@empty, @empty, 0x0, 0x1}}) 16.159198708s ago: executing program 1 (id=3605): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x21081e, &(0x7f0000000200), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") flock(0xffffffffffffffff, 0x0) quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0) 11.849690374s ago: executing program 0 (id=3625): timer_create(0x2, 0x0, &(0x7f0000000880)=0x0) timer_settime(r0, 0x1, &(0x7f00000008c0)={{}, {0x0, 0x989680}}, 0x0) timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000040)) 10.276032122s ago: executing program 0 (id=3639): syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000240)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@thread_pool={'thread_pool', 0x3d, 0x4}}, {@max_inline={'max_inline', 0x3d, [0x78, 0x33, 0x39, 0x65, 0x34, 0x2d, 0x38]}}, {@acl}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, 0xfffffffffffffffe, 0x29) 7.787623133s ago: executing program 4 (id=3664): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0585609, &(0x7f00000002c0)=@multiplanar_mmap={0x4000000, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}}) 7.3750519s ago: executing program 4 (id=3669): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000002}, 0xc) getsockname(r0, 0x0, &(0x7f0000000000)) 7.058607571s ago: executing program 4 (id=3672): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) 6.957134017s ago: executing program 0 (id=3674): syz_mount_image$udf(&(0x7f0000000640), &(0x7f0000000680)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="007b59564476625696f49730c45f334737ea148afe6240b55a96f20e787050ed1ce9d2c7b73ea3a3d6c8446ac247d5f432ba9f5c09feebecdeae8c1647e3c9d70d343cef5e3f6839dc77a9142ae6b552d00b67790bd5f0a614628d0a9894007f2d226eee1ac7178ebbdc0fa3a919edfc900205000000f7cb2b848e81dce2f5bf161fccd4317ddf07d8d69034633aee348f677a90e977068ac167640a07cd4a199b84744cffbf88a1496c2c5316e8045671cb1521581cf19170b1b473bd9c539156a9eaad54c3a95d12d89fcd89973a132891c9b40e51181a2992f3dfe84c6a692e6722a081024ec53b95fdece05e6128466dfa81cf753a9ca2ab6d0081faaf75d1dd9f6c73a0cfa931cd1fb25b56f61f36d53a1da58102c1cf5332c38974afa8bc30800dd98c8f180b4c770d0c693207f02f6f3ccd77b8"], 0x1, 0x61c, &(0x7f0000000700)="$eJzs3UtsXFcZAOD/+HrssZvHJG3TgII0EqqIAo1iJylJ0wqFGIuKiEhN3A1IkMaTYOpHGiclDgh1icQOsaA7JBqpAoHECgESAiGxQ6CIBTskFll14bLhsQB0r+887Dh4gh9TO98XJefMuf/MnHsXkf7zmgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj79mbPHRlKvewEAAABsps9ffOXYcfk/AAAA7GiXzP8DAAAAAAAAwHaXIouZSPH0q4tpV/F6SfX81Oyt2xNj46u/bShFir7Iivj8b3Vk9PiJk89/8lSz/N/v32gfigsXL52tn5ubuX6jMT/fmKxPzE5dmZtsdP0J633/SkeKB1Cfef3W5NWr8/XRo8eXXb5duz/4xIHamVMX0rPN2Imx8fGLHTH9lf/72x9ghQcAAMDjbSCyeC5SfO8PP0m7I6Iv1p8LrzF2sNmGopbn38VNTIyNFzcyPXV59mZ+MfWVUbXlOfFAM0feglx8Xb4fsT/v64CMHgAAgO5VIotfR4p79xfTnojImnnwx4uDAdf+gNoWdHIVeT8PRUQ9tkHODgAAAD02GFn8KVK8//Na7M1z5mb+fyzixV53DgAAANgQ/ZHFQqSYS4upVqwHiIgjE2Pj9fOv1l+evTrXEZv6yhn17b4/YCtZmwAAAMAHQDWy2FPM+C+mfb3uDAAAALAphiKLX0SK0++9WZwrF8W59HvPnB4YPdx5wtwza3xOHns0othD0M2e/Ep51mDqy/9s/H0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADweKmmLL4UKd7+abV4XY+I/qL27//0uGsAAADARklZvB0pRt5YTCkibtfuDz5xoHbm1IX0bBZZ5G2pM/7CxUtn6+fmZq7faMzPNybrE7NTV+YmG91+XfX81Oyt2xNj45tyM2sa2uT+D1XPzV1fuDF17Ss3V70+XD372vzNG5evrH45hqIeUelsOVJ0eGJsvOj09NTl2eKtqe8hHaxFPOwSAAAAj69KyuKlSHH/B++288Zayuu7V8be/UZ7LOBwWTZfd44bPKyeVuvAkSKhzhPc8Ysdzf2VB0Or5ff2r+uOAQAAAAAAAGDnSSmLr0WK337nYDGvnmK4OATAGnIAAADYOSopi39Eirl777b3nS+t/39gmf3dF9vjAtVyMX9rTX+xzn9Psc5/qb73zOnK6Mc66xux/j//3sF13TEAAAAAAAAA7DwpZfH1SPHFfx0s5tWb6/9XTr/ncW9Gipf7D5VxfQNRW5qTj6Vj5yOienVqunEsj30/UvxmsBkbRewTZeyT7diRPPaPkWLxZ8tjd5WxT7VjR/PYNyLFO++sHvt0O/Z4Hns3Uvz+R/Vm7HAeWytjD7Rjj16Zm57ctAcMAAAAHwDDKYv3IsVffvzZ1Mzll84BaK7/z1qxnef/v7WibHnI2v9H2hOwmjX2CdQ62t4qxyu+HSl++cODxRhFMa5RW31coxYppu8cKuOWxhSGyuv7in/b4xqvRYrBkeWxw2Xs/nbsSLe3BQAAAFshz/+/FSlOvfLX/mbOW+b/Zaq8ev7/4f7lZUuP8v99HW15n+YX7rx+eXq6cUNFRUWlVXmE/xwBAGCHyfP/v0WKg7/qS8157DL/L5fVt/P/v3+znf+/sKJs6VH+v7+j7YXyXMJKf0T15sz1yoGI6vzCneemZi5fa1xrzI4eO3F89OTzJ05WBppz++1a148OAAAAto08//9npFj47r3W/vxu5v+HV5QtPcr/n+y8p+ic/+/6UQAAAMCONVye//fS5/7cOkdvef7fztDz/L/5+3+HP7q8bI0S9Cj/f6qjrVb2a/cjPgsAAAAAAAAAAAAAAAAAAADoleGUxUyk+MLvPpGav6Hfzfl/kyvKlh7t/z/Q0TYZW/P7f10/ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA3QF1l8NVJ85JnF9Km84csRuzpLAAAAYNv7bwAAAP//GaU/8A==") r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001"], 0xb8}}, 0x0) 6.707701784s ago: executing program 4 (id=3676): syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00f3a8929fc27e9dcd22d51bc8178a85fe247e5d60c9724dd81995e63092466cbd720fb20cc28881"], 0x1, 0x5d17, &(0x7f000000bac0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI1d93wH87M1eGwJuuBMHbHMzsLC7voFDDCYJKSW9UBLSpiU1jr02Tnyrd81NqGwKbYmCVKT2gT40TaI0itRWoCpSU4lGSI3UvjVPjXiJWikPfoDKQUmlVIGtzsz///fM7HrOGnvwzPl/PpH9886cM/OfM2dm97vRdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotf7jM382VBRF+afx15qiuLD896piZ/nl/LbzvUIAAADgbL3T+PvvL04X7FzGTi3b/Ns1//HdhYWFheILb5949y8WFtIV64piZGVRNK6L/v0XP19o3SZ4rhgfGm75erji7kcqrh+tuH6s4voVFdevrLh+vOL6RQdgkVXN38c0buz6xj/XNA9pcWkx1rju+iX2em5o5fBw/F1Ow1Bjn4WxfcWB4mAxU0wt2meo8b+ieG19eV/3F/G+hlvua21RFCd/+syeuIahcIyvL9rurKH1uXvr3mLd2z99Zs+35968aqlZeRgWrbQoNm4o1/l8UZz6dVUxVKxMxySuc7hlnWuXWOdI2zqHGvuV/+5c58llrjM+7vGwzh92WefacNmT1xVFMV+cdptOzxXDxeqOe03He7x5RpS3UT6VHyxGz+g8Wb+M86Tc5yfXtZ8nnedkPP7rwzEZPc0aWp+Ot768YtFxf6/nSfmo++FcLW/7wfJOx8dbf7Xadq6W2zxzw+nPgSWfuyXOgXQut5wDG6rOgeEVI41zYPjUmje0nQPTi/YZLoYa93Xihu7nwOTcoaOTs089fduBQ7v3z+yfOTw9tW3L5q1bNm/dOrnvwMGZqebfZ3ZIB8jqYjidgxvCe008B2/q2Lb1lFz4xrl7HYz3yeugfOyfubFc0IXDxWnO8XKb5zee/esgfd9veR2MtrwOlnxPXeJ1MLqM10G5zcmNy/ueOdryZ6k19Oq9cE3LOXA+vx+W9/nIzad/L1wb1vXCLWf6/XBk0TkQH9ZQeO2Vl6Sf98bvDMdl8XlxdXnFBSuK47Mzx25/cvfc3LHpIoz3xSUtz1Xn+bK65TEVi86X4TM+X3b+3S9vvHqJy9eEYzV+a/fnqtxmy0T356rx7r708Wy7dFMRxjn2fh/Ppb6blcczZYkux7Pc5vnbzv5nwZRLWt7/xqre/0bGRpvvfyPpaIy1vf8tfmpGGisripO3Le/9byz8eb/f/y7tk/e/8lg9cnv3c6Dc5oXJMz0HRru+/10X5lBYz80hMYy35P53G9fPN0/Tluey8rwZHR0L581ovMf282bzon3KWyvve+PUeztvNl7X/ly1/dxSw/OmPFZ/OdX9vCm3eX367N87VsV/trx3rKg6B8ZGVpTrHUsnQfP9bmFVPAduL/YUR4qDxd60T/ksl/c1sWl558CK8Of9fu+4sk/OgfJYvbyp+zlQbvODzef2Z6eN4ZK0TcvPTp2/Xzhd5r969NTtdR62c535y3V+Ykv33w2V27y55UxzRvfjdGu45IIljlPn6+d05/Te4v05TleGdR7c2v13U+U2l25b5vm0syiKN6bfaPy+K/x+9x+P/+d3237vu9TvlN+YfuOByYd+dCbrBwDgvXu38ff8iubPmi3/j/Vy/v9/AAAAYCDE3D8cZiL/AwAAQG3E3D8SZiL/AwAAQG3E3D8aZpJJ/n/szu2vvPNskT4NcCGI18fD8ODdze1ix3s+fL1u4ZTy8o99a+yVrzy7vPseLorilw98aMntH7s7rqvpaFznR9ovX+TKa5d1/48+fGq71s9POLm9efvx8Sz3NIhd5dcmNzVud91T0435+gNFYz40/8Jzzdtvfh23P7G5uf1fhw8t2blvqG3/jWE914e5LnymzIM7Tx2Hcsb9Xll7zb9e8tlT9xf3G9pwUeNhvvxHzduNnxH10iXN7ePjPt36/+Wr33ml3P7JG5Ze/7PDS6//RLjdn4T5ix3N7VuP+Vda1v8nYf3x/uJ+t3/z+0uu/9Urmtu/Gs6Lr4fZuf57//zD7yz1fMX72XlXc794/1P/u6WxX7y9ePud6x9/drrteHTe/utvN29nx+M/G2ndPl4e7yd69K7283soPL9tPfKiKL7zp0XbcS4+2tzvnzvWH2/v6F1Lr//WjnUeHbq2sf+px7Om7XF97W83Lfl443p2/sOatsfz0n3h+L09+YPydk88FM7HcP3//bB5e52fZfrqfe3vN3H7r69pvm7j7U12rP+ljvXPX1seu+r13/92c/2v3rOybf07PxnOp/ubs2r9+//m4rb9v/Ht5vNx7ImJw0dmjx/Y23JUW1/HK8dXrb7gwg9cdHF4L+38eteRucdmjq2bWjdVFOsG8CMDe73+b4b5P80xf+7voelHP2uedy9+qvl966afN79+KVz+aHg+4/fHr/3VWNv52vm8z9/TnGe7/lvCOpbriq/+97XL2vDE5187/k9//GbnzwXx8Ry9bLzx+F5ef3njuqHXm9d3vl9V+a/L2l/XPx6daszvheO6ED6ZecPlzfvrvP342SQvfrr5+o0/ycX9i47PE1kz0v44znb9Pw4/x3z/yvb3v3h+fO/Zjk9zXlMMlUuYD+8PxXzz+rhVPN4vnrx8yfuLn8NTzF91Jss8rdmnZicPHjh8/MnJuZnZucnZp57edejI8cNzuxqfXbrri1X7n3p9r268vvfObNtSNF7tR5qjx873+o8+vGfvHVM37p3Zt/v4vrmHj84c279ndnbPzN7ZG3fv2zfzRNX+B/bumN60ffMdmyb2H9i7487t2zdvnzhw+Ei5jOaiKmyb+tLE4WO7GrvM7tiyfXrr1i1TE4eO7J3ZccfU1MTxqv0b35smyr0fnzg2c3D33IFDMxOzB56e2TG9fdu2TZWf/njo6L7ZdZPHjh+ePD47c2yy+VjWzTUuLr/3Ve1PHmaPhPe7DkPhp/PP3botfT5u6VtfPu1NNTdp//G0eCt8FlT8/lb1dcz9Y2EmmeR/AAAAyEHM/eGD/09dIf8DAABAbcTcvzLMRP4HAACA2oi5fzzMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+1cVRZb5HwAAAHIQc//qMBP5HwAAAGoj5v4LwkzkfwAAAKiNmPsvDDPJJP/r/+v/6//r/+v/6//3kv6//n83+v/6/4O8fv1//X+q9Vv/P+b+D4SZZJL/AQAAIAcx918UZiL/AwAAQG3E3H9xmIn8DwAAALURc/+aMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+7/lTCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918SZiL/AwAAQG3E3H9pmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfFmaSSf4HAACAHMTcf3mYifwPAAAAtRFz/xVhJvI/AAAA1EbM/VeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/9VYSaZ5H8AAADIQcz9V4eZyP8AAABQGzH3fyjMRP4HAACA2oi5f22YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/mjAT+R8AAABqI+b+a8NM5H8AAACojZj714WZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z//owk0zyPwAAAOQg5v4NYSbyPwAAANRGzP3XhZnI/wAAAFAbMfdfH2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z9N4SZZJL/AQAAIAcx998YZiL/AwAAQG3E3H9TmIn8DwAAALURc//GMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Ocwkk/wPAAAAOYi5/5YwE/kfAAAAaiPm/lvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+2MJNM8j8AAADkIOb+28NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9TmIn8DwAAALURc//mMBP5HwAAAGoj5v4tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Ncwkk/wPAAAAOYi5f1uYifwPAAAAtRFz/x1hJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//2MJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xVmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy+d7/7/+Dm6H/3/Jv3/dvr/+v/6//r/dNdv/f+Y+3eEmWSS/wEAACAHMfffHWYi/wMAAEBtxNx/T5iJ/A8AAAC1EXP/zjCTTPK//r/+v/6//r/+v/5/L53v/v+5ov/fpP/fTv9f/1//X/+f7vqt/x9z/71hJpnkfwAAAMhBzP0fCzOR/wEAAKA2Yu7/eJiJ/A8AAAC1EXP/J8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/74wk0zyPwAAAOQg5v5PhpnI/wAAAFAbMff/apiJ/A8AAAC1EXP//WEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/2thJpnkfwAAAMhBzP0PhJnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/18NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/zfCTDLJ/wAAAJCDmPt/M8xE/gcAAIDaiLn/t8JM5H8AAACojZj7HwwzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8OM8kk/wMAAEAOYu5/KMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/ofDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/O2Em8j8AAADURsz9vxtmkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/vTAT+R8AAABqI+b+3w8zkf8BAACgNmLufyTMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/B2Em8j8AAADURsz9u8JM5H8AAACojZj7Hw0zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fE2Yi/wMAAEBtxNy/N8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+/eFmcj/AAAAUBsx9+8PM5H/AQAAoDZi7n8szCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhJlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/QfDTDLJ/2fQ/19R6P+flv7/0uvX/9f/1//X/9f/1//vRv9f/3+Q16//r/9PtX7r/8fcfyjMJJP8DwAAADmIuf9wmIn8DwAAALURc/+RMBP5HwAAAGoj5v6jYSaZ5H///X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/4dhJpnkfwAAAMhBzP3HwkzkfwAAAKiNmPtnw0zkfwAAAKiNmPvnwkwyyf/6//r/+v/Z9P/TG5z+fzv9/97S/9f/70b/X/9/kNev/6//T7V+6//H3H88zCST/A8AAAA5iLn/8TAT+R8AAABqI+b+J8JM5H8AAACojZj7nwwzyST/6//r/+v/Z9P/99//1/8/L/T/9f+70f/X/x/k9ev/6/9Trd/6/zH3PxVmkkn+BwAAgBzE3P90mIn8DwD8P3t3zQPAkcNxtL7PfMzMzMzMzMzMzHdh5iJFbKeItFutMmO/17idaqV/8dMCAG3k7n9i3GL/AwAAQBu5+58UtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufufHLcM2f8AAAAwQe7+p8Qt9j8AAAC0kbv/qXGL/Q8AAABt5O5/WtwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3rcMmT/AwAAwAS5+58Rt9j/AAAA0Ebu/mfGLfY/AAAAtJG7/1lxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//ZccuQ/Q8AAAAT5O5/Ttxi/wMAAEAbufufG7fY/wAAANBG7v7nxS1D9r/+X/+v/9f/6//1/1fS/+v/H/1qP5b+X/+/8/v1//p/zq3W/+fuf37cMmT/AwAAwAS5+18Qt9j/AAAA0Ebu/hfGLfY/AAAAtJG7/0Vxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87vf9z6/yc8cvT/7GC1/j93/4vjliH7HwAAACbI3f+SuMX+BwAAgDZy9780brH/AQAAoI3c/S+LW4bsf/2//l//r//X/+v/r6T/1/8f0f/r/3d+v///6/85t1r/n7v/5XHLkP0PAAAAE+Tuf0XcYv8DAABAG7n7Xxm32P8AAADQRu7+V8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/lfHLUP2PwAAAEyQu/81cYv9DwAAAG3k7n9t3GL/AwAAQBu5+18XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/uftfH7cM2f8AAAAwQe7+N8Qt9j8AAAC0kbv/jXGL/Q8AAABt5O5/U9wyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3PcMmT/AwAAwAS5+98St9j/AAAA0Ebu/rfGLfY/AAAAtJG7/21xy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//tccuQ/Q8AAAAT5O5/R9xi/wMAAEAbufvfGbfY/wAAANBG7v53xS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+d8ctQ/Y/AAAATJC7/z1xi/0PAAAAbeTuf2/cYv8DAABAG7n73xe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+98ftwzZ/wAAADBB7v4PxC32PwAAALSRu/+DcYv9DwAAAG3k7v9Q3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/cNwyZP8DAADABLn7PxK32P8AAADQRu7+j8Yt9j8AAAC0kbv/Y3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+Nxy5D9DwAAABPk7v9E3GL/AwAAQBu5+z8Zt9j/AAAA0Ebu/k/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5Pxy1D9j8AAABMkLv/M3GL/Q8AAABt5O7/bNxi/wMAAEAbufs/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7Px+3DNn/AAAAMEHu/i/ELfY/AAAAtJG7/4txi/0PAAAAbeTu/1LcMmT/6//1//p//b/+X/9/Jf2//v+I/l//v/P79f/6f86t1v/n7v9y3DJk/wMAAMAEufu/ErfY/wAAANBG7v6vxi32PwAAALSRu/9rccuQ/a//1//r//X/+n/9/5X0//r/I/p//f/O79f/6/85t1r/n7v/63HLkP0PAAAAE+Tu/0bcYv8DAABAG7n7vxm32P8AAADQRu7+b8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/m/HLUP2PwAAAEyQu/87cYv9DwAAAG3k7v9u3GL/AwAAQBu5+78XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufu/H7cM2f8AAAAwQe7+H8Qt9j8AAAC0kbv/h3GL/Q8AAABt5O7/UdwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fu/3HcMmT/AwAAwAS5+38St9j/AAAA0Ebu/p/GLfY/AAAAtJG7/2dxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//nccuQ/Q8AAAAT5O7/Rdxi/wMAAEAbuft/GbfY/wAAANBG7v5fxS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+X8ctQ/Y/AAAATJC7/zdxi/0PAAAAbeTu/23cYv8DAABAG7n7fxe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+38ftwzZ/wAAADBB7v4/xC32PwAAALSRu/+PcYv9DwAAAG3k7v9T3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/c9wyZP8DAADABLn7/xK32P8AAADQRu7+v8Yt9j8AAAC0kbv/b3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+9xy5D9DwAAABPk7v9H3GL/AwAAQBu5+/8Zt9j/AAAA0Ebu/n/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5/xy1D9j8AAABMkLv/P3GL/Q8AAABt5O7/b9xi/wMAAEAbufv/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7/x+3DNn/AAAAMEHu/hviFvsfAAAA2sjdf2PcYv8DAABAG7n7b4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/TfHLUP2PwAAAEyQu/+WuMX+BwAAgDZy998at9j/AAAA0Ebu/tviliH7X/+v/9f/6//1//r/K+n/9f9H9P/6/53fr//X/3Nutf4/d//tccuQ/Q8AAAAT5O6/I26x/wEAAKCN3P13xi32PwAAALSRu/+uuGXI/tf/6//1//p//b/+/0r6f/3/Ef2//n/n9+v/9f+cW63/z91/d9wyZP8DAADABLn774lb7H8AAABoI3f/vXGL/Q8AAABt5O6/L24Zsv/1//p//b/+X/+v/7+S/l//f0T/r//f+f36f/0/51br/3P33x+3DNn/AAAAMEHu/gfiFvsfAAAA2sjd/2DcYv8DAABAG7n7H4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/Q8HAAD//1hEP40=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x58) 4.364371955s ago: executing program 0 (id=3688): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000180), r0) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}}, 0x4) 3.711667344s ago: executing program 0 (id=3691): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002080)={0xc, {"a2e3ad204fc752f91b5d36f70b06d038e7ff7fc6e5539b325d098b089b3b08381a090890e0878f0e1ac6e7049b3344959b5d9a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31330d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08c4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e800ba9abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40d4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889632b3570243f989cce3803f465e41e610c2021d653a5520094ec79553299388b0000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c2d88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b19bb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0545359bafffa45237f104b98110403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae2d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e709000000000000004fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83000000000000010058b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff7544130700000000000000f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc6c71737b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f9354b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c558069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e0090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c73144f8e4a737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c10613d17ca51075f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb401000000608d6f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655bff4801784c416b22f73d32d678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d7000bdbfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f4820000000000000900a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2e0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15f2dbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af500ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 3.335612416s ago: executing program 4 (id=3694): r0 = socket(0x10, 0x803, 0x0) unshare(0x2000400) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) 2.487969857s ago: executing program 2 (id=3698): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 2.316312494s ago: executing program 0 (id=3699): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000080)) ioctl$PPPIOCGNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x2b}) 2.176741687s ago: executing program 3 (id=3700): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, 0x0) 1.934874948s ago: executing program 5 (id=3701): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0x60, &(0x7f0000001ec0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cedd00", 0x2a, 0x3a, 0xff, @remote={0xfe, 0xe0}, @private1={0xfc, 0x1, '\x00', 0x1}, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev={0xfe, 0x80, '\x00', 0x34}, @mcast2, [{0x2}]}}}}}}, 0x0) 1.826853588s ago: executing program 4 (id=3702): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000080)={'vcan0\x00'}) 1.816858118s ago: executing program 3 (id=3703): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/PaZZ2a866wmwP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3kLHDO9u1PRvW9uMZWcSDJZ/x6Q+urQGF2Eh2NfVzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/fz/uW6yer5/uc50it7z/yd62+r0MTS355oPDzUOAAAAAAAAABiNrz/JkyznZC/fKaq/+Z+rMqfzRSf5Ut7Pgyzkfi5mOfNZylLu53KSqb6OJpbnl5buX15vWRre8srQlldG9YoBAAAAAAAA4H/SL9Pa+Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcB0Uy1l1Vy+l6nak0mtkoy0ryzyQTRx3vPhTDNj4cfRwAAADwTCafos2Xn+RJlnOyl+8U1Xv+r1Tvlyfzfu5mKYtZSjsLuVm/hy7f9TfWVmfba6uzd8qlzA/2+/1/7yuMibqHsSo3bM9nqxqt3MpiteViblTB3Eyju+/zydlePH1x9fmojKn4Xm2PkTXrYS139vvtPkU4EIMfRTR2qNnaCC5ZH5GZOray5anuCBTVBzXJ5pHY9eg0B3JTVa/j63u6nMb6Jz+nD2HMT9Tr8vX85lDHfL/WR6KRaiSu9GZfec7sPBLJN/76p7dvt+++e/vWgwvH5yXtYmyb7ZvnxGzfSLzyXI9Ec5/1Z6qROLOev54f5Se5kOm8mftZzE8zn6UspFOXz9fzufw5tfNIzQ3k3twtkon6uHSP2V5ims4Pq9R8zlVtT2YxRe7lZhbyevXvSi7n27maq7nWd4TPbBt39dqqs76x+azvHem/DQ3+/DfrRHl1++3GVW5up1e83ew8KN1rfzmup/rGtTvrH6/XOtV3Hsz0jdJLvdEZH9r501wbm1+tE+U+frXLfWK0puqRKE+g3l2iF93L3ZFoVveirfP8D52yXdp3O53b8+9t0//Kpvxr9bqcVqtf2612z/BDcbDK+fJSJusryeDsKMteXr/K9JV1NuZyt2zwjlu2O1OVFUXvTP1x7lUTYOuZOlH/Dre1pytV2StDy2arsrN9ZQO/b+Ve2rk5gvED4Gn84+315FROTLT+1fq09Unr163brTcmf/DCd154dSLjfx//bnNm7LXGq8Vf8kl+vvH+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHoPPvjw3fl2e+H+8ERj+6KBRCubt+zW86ZEUT/QZ3+tjm9iMsnAluo5RyMPo7U5jC2Jzi+SkY9P7yGCw+v8rkw0t8yoYYm5gS1/3trhR/uMsNjbeXGIiUZGu9OxDJ8AR3hRAkbi0tKd9y49+ODDby3emX9n4Z2Fu+NXr16buXb19dlLtxbbCzPdn0cdJXAYNm76Rx0JAAAAAAAAAAAAsFfDvhhw7sXdvjSyp+94+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIG4fiHNhylyeebiTJlfW51tl0svvVGzmaTRSIqfJcWjZC7dJVN93RX546N0huzn48Vrb332eO3zjb6a3fpJo15vb+fSJCv1kukkY/X6GQz0d+OZ+yv+03sN5YB90el05p4tPjgY/w0AAP//Pp71UA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fstatfs(r0, 0x0) 1.764422221s ago: executing program 2 (id=3704): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000200)={[{@nouid32}]}, 0x7, 0x530, &(0x7f0000000240)="$eJzs3U9vI2cZAPBnJnbS3U2xq3IolWgjCspWsE7S0Dbi0nLiVASUI1KIEieK4sSrxNluogqy4huglUDixB2JD4CE9iMgpJXgjhYJhNhd9sAFjMYe7ybBXies/9Dk95PGfmfe8TzPm0lez+uZeAK4tGYi4sOI+CAi3o6IUr48zac4ak/Zeo8ffbqaTUk0mx//PYkkX9bZVpI/X8tf9lJEfO9bEfGw2Twdd+/gcGulVqvu5vNzje2bc3sHhzc2t1c2qhvVncXFhfeW3l96d2n+f27brWPlckRM5OXffu2TPy3/9fqPkrz9caodeeoD0f6ZFE9ssHAsl8+6iQet35IoZg93x50NAAD9pPmx6Jdax/+lmGgdnQIAAAAXSfOD6da5myYAAABwYaURMR1JWsmvBZiONK1U2tfwfj6uprX6XuOr6/X9nbWsLqIcxXR9s1adz68VLkcxyeYX8mtsO/PvnJpfjIhXIuJu6UprvrJar62N+8MPAAAAuCSunRr/Pym1x/9nkg45OQAAAGBwyuNOAAAAABg6438AAAC4+Iz/AQAA4EL7zkcfZVOzc//rtVsH+1v1WzfWqntble391cpqffdmZaNe32h9Z992v+3V6vWbX4+d/dtzjepeY27v4HB5u76/01jeHNw9tQEAAIDzeeXNe39MIuLoG1daUyQRk3ldccy5AcN1rq/w/PPT0uQwcgFGa2LcCQBjU+i7xssjyQMYPWN8IOlT3/Pind8NPhcAAGA4Zr9w6vx/REyW2nU+G4CL7dy38PxB1ltMDScZYKSc/4fLq8v5//6XBAAXQtERAFx6wz//32yeKyEAAGDgpltTklbyc4HTkaaVSvu/fspRTNY3a9X5iPhcRPyhVJzK5hdar0z6jhkAAAAAAAAAAAAAAAAAAAAAAAAAgLZmM4lmd1O9KjJPnlMHAAAA/H+JSP+S5Pf/mi19efr05wOTyT9LreeI+OQXH//s9kqjsbuQLX/4dHnj5/nyd/p82HDum40DAAAAZ1Z4VuyM0zvjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpMePPl3tTF2qJ4cV92/fjIhyt/iFeKn13H68+o8kCsdel0TExADiH92JiNe6xU+ytKLcI34aEVfGHP/aAOLDZXYv638+7Pb3l8ZM67n7318hn17U8f4v6w6Ox+/0fxM9+r+Xzxjj9fu/nusZ/07E64Xu/U8nftIj/ls9I06d+OH88PuHh73WbP4yYrbL+0/zWeeeZLHmGtneODi8sbm9slHdqO4sLi68t/T+0rtL83Prm7Vq/tg1xk+/+Jt/twpp9/Zf7fr+l0T51ee0/xw7/1/3bz96tV0s/nf8N+P6Wyfjz+R1r0UnfqGVTydkmr/3fSUvZ/nNdspH7fJxb/zq92/kxW+XurR/7UT70zPv/+tnbP/b3/3JgzOuCgCMwN7B4dZKrVbdHXLhxzHTvapzRDSSNDoj9pE0+cIUipEXkgFvebnU3u8TcbIqeeHdlA2lsi2crMoOW/u93O9GXhhPfwQAAAzPs4P+M6x84oT71PCSAgAAAAAAAAAAAAAAAAAAgEtmFF8ndjrm0XiaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwXP8JAAD//zPuvHs=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) 1.368698483s ago: executing program 3 (id=3705): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f000001aa80)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000340000000e0001006e657464657673696d0000000f0002"], 0x44}}, 0x0) 1.165195381s ago: executing program 5 (id=3706): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12) ioctl$SNDCTL_DSP_SYNC(r0, 0x5008, 0x0) 1.04525052s ago: executing program 2 (id=3707): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x17}]}}}, {0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0) 1.032409982s ago: executing program 3 (id=3708): sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007180)=[{{&(0x7f0000000500)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001a80)}}], 0x1, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x40186f40, 0x20000502) 832.418694ms ago: executing program 5 (id=3709): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj") r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'}) 777.333712ms ago: executing program 3 (id=3710): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x1c}}, 0x0) 603.367035ms ago: executing program 2 (id=3711): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x74, 0x3, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TUPLE_ORIG={0x14, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x300}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}]}, @CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0xc, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x3}]}}, @CTA_PROTOINFO={0x20, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xd3}]}}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000804) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c0014"], 0x34}}, 0xc000) 567.448617ms ago: executing program 3 (id=3712): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x50, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "61cce2444181321f0e8c4ae529500443"}, @NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8}, 0x20000810) 425.580442ms ago: executing program 5 (id=3713): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010026000000000000000c0017f73b78cc7907490000000000"], &(0x7f0000001f80)=""/226, 0x26, 0x81, 0x2, 0x0, 0x0, @void, @value}, 0x20) 389.031419ms ago: executing program 2 (id=3714): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) 214.180432ms ago: executing program 2 (id=3715): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000200)=[{{0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}], 0x8) 134.211665ms ago: executing program 5 (id=3716): r0 = socket$kcm(0x29, 0x2, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x2c, &(0x7f00000001c0), 0x4) setsockopt$sock_attach_bpf(r0, 0x1, 0x1b, &(0x7f00000000c0), 0x4) 0s ago: executing program 5 (id=3717): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="070000000000000000001b22004018000180140002"], 0x2c}}, 0x0) kernel console output (not intermixed with test programs): 121: inode #15: comm syz.4.2493: corrupted inode contents [ 284.112218][T11864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2500'. [ 284.151473][ T5231] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 284.193022][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.718788][ T33] team0 (unregistering): Port device team_slave_1 removed [ 284.832389][ T33] team0 (unregistering): Port device team_slave_0 removed [ 284.842347][T11863] loop0: detected capacity change from 0 to 32768 [ 284.913480][T11863] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 284.940821][T11866] loop5: detected capacity change from 0 to 32768 [ 284.980211][T11863] XFS (loop0): Ending clean mount [ 284.999223][T11863] XFS (loop0): Quotacheck needed: Please wait. [ 285.017303][T11866] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum" [ 285.028326][T11866] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)... [ 285.068769][T11866] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 0ms [ 285.112890][T11863] XFS (loop0): Quotacheck: Done. [ 285.184829][T11866] gfs2: fsid=statfs_quantum.s: first mount done, others may mount [ 285.288050][ T7084] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 285.972996][T11887] loop5: detected capacity change from 0 to 4096 [ 285.980706][T11887] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 286.035795][T11883] loop0: detected capacity change from 0 to 32768 [ 286.042831][T11887] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 286.058878][T11883] bcachefs: bch2_parse_one_mount_opt() Invalid mount option str_hash: invalid selection [ 286.199571][T11851] tipc: Started in network mode [ 286.221313][T11851] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 286.241345][T11851] tipc: Enabled bearer , priority 25 [ 286.721578][T11911] netlink: 'syz.3.2518': attribute type 29 has an invalid length. [ 286.744640][T11911] netlink: 'syz.3.2518': attribute type 29 has an invalid length. [ 287.003619][ T5287] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 287.231300][ T5287] usb 5-1: Using ep0 maxpacket: 8 [ 287.255559][ T5385] tipc: Node number set to 11578026 [ 287.256038][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 287.284852][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024 [ 287.306448][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 287.331365][ T5287] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 287.353847][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 287.383633][ T5287] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 287.413062][ T5287] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58 [ 287.441204][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.482949][ T5287] usb 5-1: config 0 descriptor?? [ 287.489346][T11906] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 287.535771][ T5233] Bluetooth: hci6: urb ffff8880251b6100 submission failed (90) [ 287.543481][T11909] loop1: detected capacity change from 0 to 40427 [ 287.560288][T11909] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 287.587791][T11909] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 287.628971][T11909] F2FS-fs (loop1): invalid crc value [ 287.653084][T11909] F2FS-fs (loop1): Found nat_bits in checkpoint [ 287.738970][ T5287] usb 5-1: USB disconnect, device number 20 [ 287.832495][T11909] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 287.839679][T11909] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 287.866136][T11908] loop2: detected capacity change from 0 to 40427 [ 287.874391][T11908] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 287.882209][T11908] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 287.893632][T11908] F2FS-fs (loop2): invalid crc value [ 287.918753][T11941] loop3: detected capacity change from 0 to 256 [ 287.927928][T11908] F2FS-fs (loop2): Found nat_bits in checkpoint [ 287.945712][T11909] syz.1.2515: attempt to access beyond end of device [ 287.945712][T11909] loop1: rw=2051, sector=36912, nr_sectors = 8144 limit=40427 [ 287.981375][T11909] syz.1.2515: attempt to access beyond end of device [ 287.981375][T11909] loop1: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 287.989374][T11941] FAT-fs (loop3): Directory bread(block 64) failed [ 288.016320][T11941] FAT-fs (loop3): Directory bread(block 65) failed [ 288.023676][T11941] FAT-fs (loop3): Directory bread(block 66) failed [ 288.030230][T11941] FAT-fs (loop3): Directory bread(block 67) failed [ 288.036922][T11941] FAT-fs (loop3): Directory bread(block 68) failed [ 288.044200][T11941] FAT-fs (loop3): Directory bread(block 69) failed [ 288.046116][T11908] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 288.050779][T11941] FAT-fs (loop3): Directory bread(block 70) failed [ 288.050820][T11941] FAT-fs (loop3): Directory bread(block 71) failed [ 288.072117][T11941] FAT-fs (loop3): Directory bread(block 72) failed [ 288.078788][T11941] FAT-fs (loop3): Directory bread(block 73) failed [ 288.085733][T11909] F2FS-fs (loop1): Issue discard(4614, 4614, 1018) failed, ret: -5 [ 288.087780][T11908] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 288.105899][T11909] F2FS-fs (loop1): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 288.275522][T11945] loop5: detected capacity change from 0 to 4096 [ 288.334995][T11947] loop3: detected capacity change from 0 to 1024 [ 288.499424][T11945] ntfs3(loop5): Failed to load $Extend (-22). [ 288.513839][T11952] loop2: detected capacity change from 0 to 128 [ 288.538221][T11953] loop4: detected capacity change from 0 to 512 [ 288.545331][T11952] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 288.583937][T11945] ntfs3(loop5): Failed to initialize $Extend. [ 288.584563][T11952] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 288.592237][T11953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.651277][T11953] ext4 filesystem being mounted at /483/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.756684][T11960] loop2: detected capacity change from 0 to 256 [ 288.801238][ T5287] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 288.909334][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.962666][ T5287] usb 4-1: Using ep0 maxpacket: 16 [ 288.989739][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 289.014592][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 289.035094][ T5287] usb 4-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 289.052232][T11967] loop2: detected capacity change from 0 to 4096 [ 289.058683][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.074026][ T5287] usb 4-1: config 0 descriptor?? [ 289.125098][T11973] loop4: detected capacity change from 0 to 512 [ 289.175878][T11975] sp0: Synchronizing with TNC [ 289.197246][T11973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.222296][T11973] ext4 filesystem being mounted at /484/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.440867][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.493551][T11985] loop2: detected capacity change from 0 to 4096 [ 289.506658][ T5287] hid-led 0003:1294:1320.0040: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.3-1/input0 [ 289.540972][ T5287] hid-led 0003:1294:1320.0040: Riso Kagaku Webmail Notifier initialized [ 289.609056][T11992] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 289.716051][T11996] loop1: detected capacity change from 0 to 512 [ 289.739398][ T931] usb 4-1: USB disconnect, device number 26 [ 289.749748][ T5290] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38) [ 289.752324][T12000] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2553'. [ 289.769833][ T5385] leds riso_kagaku0:green: Setting an LED's brightness failed (-38) [ 289.783297][ T5290] leds riso_kagaku0:red: Setting an LED's brightness failed (-38) [ 289.786247][T11996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.818818][T11995] loop5: detected capacity change from 0 to 4096 [ 289.835935][T12000] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 289.850541][T11996] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.903363][T12005] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2556'. [ 290.053965][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.072784][T12011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2561'. [ 290.346817][T12025] loop1: detected capacity change from 0 to 1024 [ 290.422000][T12025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 290.812969][T12038] loop2: detected capacity change from 0 to 32768 [ 290.831430][T12038] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2571 (12038) [ 290.881303][T12038] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 290.924986][T12038] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 290.944809][T12038] BTRFS info (device loop2): using free-space-tree [ 291.117138][T12073] loop3: detected capacity change from 0 to 2048 [ 291.148236][T10285] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 291.164878][T12073] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 291.188416][T12073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 291.216008][T12073] ./file0: Can't lookup blockdev [ 291.429088][ T29] audit: type=1326 audit(1728797391.764:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.451888][ T29] audit: type=1326 audit(1728797391.764:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.457464][T12087] loop3: detected capacity change from 0 to 128 [ 291.474617][ T29] audit: type=1326 audit(1728797391.764:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.503599][ T29] audit: type=1326 audit(1728797391.764:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.526600][ T29] audit: type=1326 audit(1728797391.774:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.549213][ T29] audit: type=1326 audit(1728797391.774:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.571782][ T29] audit: type=1326 audit(1728797391.774:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.594648][ T29] audit: type=1326 audit(1728797391.774:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000 [ 291.772339][T12095] netlink: 164 bytes leftover after parsing attributes in process `syz.4.2593'. [ 291.806723][T12097] loop2: detected capacity change from 0 to 256 [ 291.840138][T12097] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xadbf5ead, utbl_chksum : 0xe619d30d) [ 292.438079][T12106] loop2: detected capacity change from 0 to 32768 [ 292.855697][T12128] loop1: detected capacity change from 0 to 32768 [ 292.863009][T12128] XFS: ikeep mount option is deprecated. [ 292.868693][T12128] XFS: ikeep mount option is deprecated. [ 292.926316][T12128] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 293.069974][T12128] XFS (loop1): Ending clean mount [ 293.093046][T12128] XFS (loop1): Quotacheck needed: Please wait. [ 293.136215][T12128] XFS (loop1): Quotacheck: Done. [ 293.207810][ T7063] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 293.706934][T12181] loop2: detected capacity change from 0 to 128 [ 293.745472][T12181] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (16076!=39978) [ 293.770054][T12181] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 293.804889][T12188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2633'. [ 293.821287][T10285] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 294.012948][T12200] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2640'. [ 294.061230][ T5286] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 294.087164][T12204] loop5: detected capacity change from 0 to 1024 [ 294.106285][T12204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.106353][T12208] loop0: detected capacity change from 0 to 64 [ 294.215341][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.233205][ T5385] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 294.282732][ T5286] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 294.293270][ T5286] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 294.302478][ T5288] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 294.310197][ T5286] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.324565][ T5286] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 294.349076][T12215] loop5: detected capacity change from 0 to 1024 [ 294.422763][ T5385] usb 4-1: Using ep0 maxpacket: 32 [ 294.432533][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.443665][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.481227][ T5288] usb 3-1: Using ep0 maxpacket: 32 [ 294.486421][ T5385] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 294.486454][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.523466][ T5288] usb 3-1: unable to get BOS descriptor or descriptor too short [ 294.530585][ T71] hfsplus: b-tree write err: -5, ino 4 [ 294.550415][ T5288] usb 3-1: config 127 has an invalid interface number: 25 but max is 0 [ 294.558011][ T5385] usb 4-1: config 0 descriptor?? [ 294.559706][ T5288] usb 3-1: config 127 has no interface number 0 [ 294.580388][ T5288] usb 3-1: config 127 interface 25 has no altsetting 0 [ 294.605854][ T5288] usb 3-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11 [ 294.624800][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.636048][ T5288] usb 3-1: Product: syz [ 294.640244][ T5288] usb 3-1: Manufacturer: syz [ 294.651227][ T5288] usb 3-1: SerialNumber: syz [ 294.881298][ T5288] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930 [ 295.010718][ T5385] savu 0003:1E7D:2D5A.0041: unbalanced collection at end of report description [ 295.022058][ T5385] savu 0003:1E7D:2D5A.0041: parse failed [ 295.027948][ T5385] savu 0003:1E7D:2D5A.0041: probe with driver savu failed with error -22 [ 295.075501][T12233] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2653'. [ 295.219997][ T5290] usb 4-1: USB disconnect, device number 27 [ 295.352926][ T5286] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 295.522485][ T5288] usb 3-1: reset high-speed USB device number 20 using dummy_hcd [ 295.556139][ T5286] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 295.564906][ T5286] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 295.572874][ T5286] usb 5-1: USB disconnect, device number 21 [ 295.651260][ T5385] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 295.684491][ T5288] usb 3-1: unable to get BOS descriptor or descriptor too short [ 295.695526][ T5288] usb 3-1: device firmware changed [ 295.705666][ T5288] ueagle-atm 3-1:127.25: usbatm_usb_probe: bind failed: -19! [ 295.715349][ T5288] usb 3-1: USB disconnect, device number 20 [ 295.776969][T12245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2659'. [ 295.814713][ T5385] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 295.832194][ T5385] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 295.843892][ T5286] IPVS: starting estimator thread 0... [ 295.849378][ T5385] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 295.849415][ T5385] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.851509][ T5385] usb 2-1: config 0 descriptor?? [ 295.971273][T12248] IPVS: using max 16 ests per chain, 38400 per kthread [ 296.110178][T12256] loop3: detected capacity change from 0 to 256 [ 296.143209][T12256] FAT-fs (loop3): Directory bread(block 64) failed [ 296.162390][T12256] FAT-fs (loop3): Directory bread(block 65) failed [ 296.169442][T12256] FAT-fs (loop3): Directory bread(block 66) failed [ 296.176481][T12256] FAT-fs (loop3): Directory bread(block 67) failed [ 296.183757][T12256] FAT-fs (loop3): Directory bread(block 68) failed [ 296.190963][T12256] FAT-fs (loop3): Directory bread(block 69) failed [ 296.200507][T12256] FAT-fs (loop3): Directory bread(block 70) failed [ 296.207304][T12256] FAT-fs (loop3): Directory bread(block 71) failed [ 296.214261][T12256] FAT-fs (loop3): Directory bread(block 72) failed [ 296.220948][T12256] FAT-fs (loop3): Directory bread(block 73) failed [ 296.293894][ T5385] kone 0003:1E7D:2CED.0042: item fetching failed at offset 2/5 [ 296.314363][ T5385] kone 0003:1E7D:2CED.0042: parse failed [ 296.320475][ T5385] kone 0003:1E7D:2CED.0042: probe with driver kone failed with error -22 [ 296.340409][ T5286] kernel write not supported for file /snd/pcmC0D0p (pid: 5286 comm: kworker/1:3) [ 296.356319][T12262] loop2: detected capacity change from 0 to 1024 [ 296.382684][T12262] EXT4-fs: Ignoring removed bh option [ 296.394576][T12262] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 296.436226][T12262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.528823][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.540332][ T5286] usb 2-1: USB disconnect, device number 15 [ 296.600367][T12269] loop3: detected capacity change from 0 to 1024 [ 296.646531][T12271] netlink: 'syz.2.2670': attribute type 2 has an invalid length. [ 296.664302][T12273] [U] #! ./file1 GMÝu [ 296.707016][ T33] hfsplus: b-tree write err: -5, ino 4 [ 296.735706][ T5288] IPVS: starting estimator thread 0... [ 296.841217][T12276] IPVS: using max 16 ests per chain, 38400 per kthread [ 296.891214][T12284] binder: 12283:12284 ioctl c0306201 20000580 returned -22 [ 296.940621][T12288] ebtables: ebtables: counters copy to user failed while replacing table [ 297.004139][T12291] netlink: 134732 bytes leftover after parsing attributes in process `syz.4.2680'. [ 297.300560][T12305] loop4: detected capacity change from 0 to 2048 [ 297.471618][ T5231] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1347 (mode 100755) has inode size 9000 different from extent length 9216. Filesystem need not be standards compliant. [ 297.572079][ T5286] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 297.724193][ T5286] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 297.759310][ T5286] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 297.794230][ T5286] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 297.817157][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.861728][T12309] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 297.874046][ T5286] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 297.954727][T12332] loop0: detected capacity change from 0 to 256 [ 297.975245][T12333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2701'. [ 298.146552][ T5385] usb 2-1: USB disconnect, device number 16 [ 298.292819][T12348] loop3: detected capacity change from 0 to 64 [ 298.605843][T12369] loop4: detected capacity change from 0 to 256 [ 298.668002][T12369] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 299.012309][T12382] loop3: detected capacity change from 0 to 1024 [ 299.048564][T12382] EXT4-fs: Ignoring removed nomblk_io_submit option [ 299.349919][T12366] loop5: detected capacity change from 0 to 32768 [ 299.421356][ T931] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 299.459477][T12366] XFS (loop5): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 299.527351][T12416] loop2: detected capacity change from 0 to 256 [ 299.535513][T12416] exfat: Deprecated parameter 'utf8' [ 299.540863][T12416] exfat: Deprecated parameter 'namecase' [ 299.548178][T12416] exfat: Deprecated parameter 'utf8' [ 299.560404][T12416] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 299.591603][ T931] usb 2-1: Using ep0 maxpacket: 16 [ 299.598497][ T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.602111][T12419] netlink: 'syz.4.2740': attribute type 3 has an invalid length. [ 299.610105][ T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.627897][ T931] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 299.641034][ T931] usb 2-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 299.650178][ T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.662886][ T931] usb 2-1: config 0 descriptor?? [ 299.670407][T12420] loop3: detected capacity change from 0 to 2048 [ 299.691326][T12366] XFS (loop5): Ending clean mount [ 299.738674][T12421] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 299.808088][T11106] XFS (loop5): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 300.022278][T12431] nbd: couldn't find device at index 50432 [ 300.174993][ T931] wacom 0003:056A:0022.0043: Unknown device_type for 'HID 056a:0022'. Assuming pen. [ 300.272181][ T931] wacom 0003:056A:0022.0043: hidraw0: USB HID v0.00 Device [HID 056a:0022] on usb-dummy_hcd.1-1/input0 [ 300.300181][ T931] input: Wacom Intuos 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0022.0043/input/input23 [ 300.401655][ T931] usb 2-1: USB disconnect, device number 17 [ 300.540207][T12452] loop2: detected capacity change from 0 to 256 [ 300.580318][T12452] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 300.935128][T12472] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 301.168203][T12484] netlink: 766 bytes leftover after parsing attributes in process `syz.2.2769'. [ 301.214753][T12482] loop3: detected capacity change from 0 to 1024 [ 301.231946][T12482] EXT4-fs: Ignoring removed nomblk_io_submit option [ 301.265883][T12482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 301.412506][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.663504][T12509] loop3: detected capacity change from 0 to 2048 [ 301.731031][T12515] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 301.767666][T12505] loop2: detected capacity change from 0 to 4096 [ 301.788401][T12505] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 301.940868][T12505] ntfs3(loop2): ino=1b, "file0" failed to parse mft record [ 301.960796][T12505] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 301.989629][T12521] mkiss: ax0: crc mode is auto. [ 302.012322][T12505] ntfs3(loop2): ino=1b, "file0" attr_set_size [ 302.018382][T12523] loop1: detected capacity change from 0 to 256 [ 302.026260][T12523] exfat: Deprecated parameter 'namecase' [ 302.037274][T12523] exfat: Deprecated parameter 'utf8' [ 302.058561][T12523] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 302.276507][T12514] loop5: detected capacity change from 0 to 40427 [ 302.301205][T12514] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 302.310377][T12514] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 302.321758][T12514] F2FS-fs (loop5): invalid crc value [ 302.332588][T12514] F2FS-fs (loop5): Found nat_bits in checkpoint [ 302.412244][T12536] loop2: detected capacity change from 0 to 64 [ 302.459791][T12514] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 302.470254][T12514] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 302.505702][T12514] syz.5.2781: attempt to access beyond end of device [ 302.505702][T12514] loop5: rw=2051, sector=36912, nr_sectors = 8144 limit=40427 [ 302.520710][T12514] syz.5.2781: attempt to access beyond end of device [ 302.520710][T12514] loop5: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 302.540317][T12534] loop3: detected capacity change from 0 to 4096 [ 302.561380][T12514] F2FS-fs (loop5): Issue discard(4614, 4614, 1018) failed, ret: -5 [ 302.569341][T12514] F2FS-fs (loop5): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 302.581524][T12534] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 302.655242][ T29] audit: type=1326 audit(1728797403.034:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12539 comm="syz.2.2793" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f60eb17dff9 code=0x0 [ 302.662352][T12541] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 302.701518][T12541] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 302.710548][T12541] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 302.720885][T12541] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 302.738092][T12541] geneve2: entered promiscuous mode [ 302.760260][T12541] geneve2: entered allmulticast mode [ 302.806334][T12541] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 302.817994][T12541] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 302.828307][T12541] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 302.838715][T12541] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 303.350385][ T29] audit: type=1326 audit(1728797403.724:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000 [ 303.391252][ T29] audit: type=1326 audit(1728797403.724:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000 [ 303.418255][T12566] loop5: detected capacity change from 0 to 256 [ 303.448617][ T29] audit: type=1326 audit(1728797403.794:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000 [ 303.525740][ T29] audit: type=1326 audit(1728797403.794:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb7f37e033 code=0x7ffc0000 [ 303.578790][ T29] audit: type=1326 audit(1728797403.794:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb7f37cadf code=0x7ffc0000 [ 303.607472][T12566] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xff532d92, utbl_chksum : 0xe619d30d) [ 303.641283][ T29] audit: type=1326 audit(1728797403.794:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbb7f37e087 code=0x7ffc0000 [ 303.725919][ T29] audit: type=1326 audit(1728797403.794:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb7f37c990 code=0x7ffc0000 [ 303.783141][ T29] audit: type=1326 audit(1728797403.794:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbb7f37dbfb code=0x7ffc0000 [ 303.921999][ T29] audit: type=1326 audit(1728797403.824:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbb7f37cc8a code=0x7ffc0000 [ 304.058554][T12580] loop3: detected capacity change from 0 to 32768 [ 304.107799][T12580] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 304.142164][T12605] loop0: detected capacity change from 0 to 256 [ 304.249995][T12580] XFS (loop3): Ending clean mount [ 304.389250][ T5224] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 304.406216][T12612] loop0: detected capacity change from 0 to 1024 [ 304.419269][T12612] EXT4-fs: Ignoring removed nomblk_io_submit option [ 304.504370][T12612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.761891][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.820989][T12629] CIFS: Unable to determine destination address [ 305.521475][T12671] loop4: detected capacity change from 0 to 1024 [ 305.619505][T12675] loop5: detected capacity change from 0 to 256 [ 305.947136][T12694] loop2: detected capacity change from 0 to 256 [ 306.010906][T12694] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 306.023840][T12703] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2867'. [ 306.079604][T12703] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2867'. [ 306.139042][T12706] loop0: detected capacity change from 0 to 64 [ 306.141769][T12707] dlm: non-version read from control device 2147479540 [ 306.235697][T12709] loop4: detected capacity change from 0 to 512 [ 306.310802][T12709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.382533][T12709] ext4 filesystem being mounted at /546/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.704153][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.882274][T12737] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 307.004698][T12702] loop3: detected capacity change from 0 to 32768 [ 307.077143][T12702] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 307.122459][T12755] loop4: detected capacity change from 0 to 512 [ 307.257916][T12755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 307.270843][T12755] ext4 filesystem being mounted at /549/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 307.341453][T12732] loop0: detected capacity change from 0 to 32768 [ 307.571166][T12761] loop1: detected capacity change from 0 to 32768 [ 307.619145][T12755] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #12: block 31: comm syz.4.2887: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=1, rec_len=6, size=1024 fake=1 [ 307.654282][T12755] EXT4-fs (loop4): Remounting filesystem read-only [ 307.660943][T12755] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #12: comm syz.4.2887: directory missing '..' [ 307.723650][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.744761][T12732] JBD2: Ignoring recovery information on journal [ 307.847034][T12761] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 307.913321][T12702] XFS (loop3): Ending clean mount [ 307.919694][T12732] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 307.979630][T12702] XFS (loop3): Quotacheck needed: Please wait. [ 308.005515][ T7084] ocfs2: Unmounting device (7,0) on (node local) [ 308.054163][T12761] XFS (loop1): Ending clean mount [ 308.176133][T12702] XFS (loop3): Quotacheck: Done. [ 308.197517][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 308.197540][ T29] audit: type=1800 audit(1728797408.574:164): pid=12702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2865" name="file1" dev="loop3" ino=9286 res=0 errno=0 [ 308.240119][ T7063] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 308.420115][T12806] loop0: detected capacity change from 0 to 1024 [ 308.433511][ T5224] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 308.554197][ T969] hfsplus: b-tree write err: -5, ino 4 [ 309.189386][T12829] netlink: 'syz.3.2917': attribute type 4 has an invalid length. [ 309.369111][T12833] loop3: detected capacity change from 0 to 512 [ 309.432111][T12833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 309.484545][T12833] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 309.526313][T12833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2919: Corrupt directory, running e2fsck is recommended [ 309.548260][T12833] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 309.558973][T12833] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2919: corrupted in-inode xattr: invalid ea_ino [ 309.562246][T12841] binder: BINDER_SET_CONTEXT_MGR already set [ 309.581967][T12833] EXT4-fs (loop3): Remounting filesystem read-only [ 309.593847][T12833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.621284][T12841] binder: 12840:12841 ioctl 40046207 0 returned -16 [ 309.629295][T12833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 309.647165][T12833] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 309.658681][T12833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2919: Corrupt directory, running e2fsck is recommended [ 309.712141][T12814] loop4: detected capacity change from 0 to 40427 [ 309.729079][T12814] F2FS-fs (loop4): invalid crc value [ 309.742556][T12814] F2FS-fs (loop4): Found nat_bits in checkpoint [ 309.836867][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.921838][T12814] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 310.056887][T12854] loop3: detected capacity change from 0 to 4096 [ 310.080633][T12858] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.170322][T12863] NILFS error (device loop3): nilfs_dotdot: directory #12 missing '.' [ 310.353646][T12863] Remounting filesystem read-only [ 310.431418][T12867] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2929'. [ 310.511792][ T5224] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 310.586003][T12835] loop1: detected capacity change from 0 to 32768 [ 310.699075][T12835] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 310.858946][T12887] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2939'. [ 310.858976][T12887] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2939'. [ 310.858999][T12887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2939'. [ 310.859018][T12887] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2939'. [ 310.902749][T12835] XFS (loop1): Ending clean mount [ 310.918704][T12835] syz.1.2920: attempt to access beyond end of device [ 310.918704][T12835] loop1: rw=4096, sector=5772848362684415, nr_sectors = 1 limit=32768 [ 310.975877][T12865] loop0: detected capacity change from 0 to 32768 [ 311.044585][ T7063] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 311.128050][T12897] openvswitch: netlink: Actions may not be safe on all matching packets [ 311.150836][T12865] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 311.240458][T12865] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 311.323669][T12865] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 311.476001][T12865] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 311.818060][T12922] loop3: detected capacity change from 0 to 4096 [ 311.942502][T12929] netlink: 'syz.4.2955': attribute type 29 has an invalid length. [ 311.950880][T12926] netlink: 'syz.4.2955': attribute type 29 has an invalid length. [ 312.061504][T12935] can0: slcan on ttyS3. [ 312.127147][T12918] loop5: detected capacity change from 0 to 32768 [ 312.218112][T12918] [ 312.218112][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.218112][T12918] [ 312.239103][T12936] can0 (unregistered): slcan off ttyS3. [ 312.276273][T12918] [ 312.276273][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.276273][T12918] [ 312.287257][T12918] [ 312.287257][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.287257][T12918] [ 312.311450][T12918] [ 312.311450][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.311450][T12918] [ 312.335108][T12918] [ 312.335108][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.335108][T12918] [ 312.350707][T12945] [ 312.350707][T12945] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.350707][T12945] [ 312.380235][T12918] [ 312.380235][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.380235][T12918] [ 312.420423][T12945] [ 312.420423][T12945] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.420423][T12945] [ 312.440055][T12918] [ 312.440055][T12918] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.440055][T12918] [ 312.441257][ T5288] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 312.497632][ T111] [ 312.497632][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.497632][ T111] [ 312.561980][T11106] [ 312.561980][T11106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.561980][T11106] [ 312.582536][T11106] [ 312.582536][T11106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 312.582536][T11106] [ 312.648978][ T5288] usb 3-1: Using ep0 maxpacket: 8 [ 312.675452][ T5288] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 312.691209][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.710517][ T5288] usb 3-1: Product: syz [ 312.719997][ T5288] usb 3-1: Manufacturer: syz [ 312.727880][ T5288] usb 3-1: SerialNumber: syz [ 312.752333][ T5288] usb 3-1: config 0 descriptor?? [ 312.966722][ T5288] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 313.265896][T12947] loop1: detected capacity change from 0 to 32768 [ 313.334956][T12947] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 313.370668][ T5288] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 313.389105][ T5288] usb 3-1: USB disconnect, device number 21 [ 313.468661][ T7063] ocfs2: Unmounting device (7,1) on (node local) [ 313.926741][T12986] loop0: detected capacity change from 0 to 1024 [ 313.926752][T12968] loop5: detected capacity change from 0 to 40427 [ 313.929548][T12968] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x1fffff [ 313.948438][T12968] F2FS-fs (loop5): Image doesn't support compression [ 313.955453][T12968] F2FS-fs (loop5): Image doesn't support compression [ 313.962225][T12968] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x4 [ 313.972417][T12968] F2FS-fs (loop5): invalid crc value [ 313.986742][T12968] F2FS-fs (loop5): Found nat_bits in checkpoint [ 314.001554][T12986] hfsplus: xattr searching failed [ 314.051193][ T931] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 314.089542][T12968] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 314.136945][T12994] loop0: detected capacity change from 0 to 128 [ 314.206910][T11106] syz-executor: attempt to access beyond end of device [ 314.206910][T11106] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 314.252074][T11106] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 314.261834][ T931] usb 2-1: Using ep0 maxpacket: 8 [ 314.333521][ T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.353512][ T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.401276][ T931] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 314.410386][ T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.503538][ T931] usb 2-1: config 0 descriptor?? [ 314.671608][ T5290] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 314.791715][ T5385] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 314.808968][T13018] loop0: detected capacity change from 0 to 512 [ 314.824571][ T5290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 314.836516][ T5290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 314.849419][ T5290] usb 3-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00 [ 314.871133][ T5290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.889275][T13018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 314.899281][ T5290] usb 3-1: config 0 descriptor?? [ 314.902502][T13018] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.928372][ T931] greenasia 0003:0E8F:0012.0044: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.1-1/input0 [ 314.928414][ T931] greenasia 0003:0E8F:0012.0044: no inputs found [ 314.974676][ T5385] usb 4-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00 [ 314.974714][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.977319][ T5385] usb 4-1: config 0 descriptor?? [ 315.002465][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 315.163289][ T5287] usb 2-1: USB disconnect, device number 18 [ 315.369030][ T5290] wacom 0003:056A:0027.0045: Unknown device_type for 'HID 056a:0027'. Assuming pen. [ 315.390681][ T5290] wacom 0003:056A:0027.0045: hidraw0: USB HID v0.00 Device [HID 056a:0027] on usb-dummy_hcd.2-1/input0 [ 315.394623][T13033] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3002'. [ 315.414463][ T5385] kye 0003:0458:5005.0046: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 315.433145][ T5290] input: Wacom Intuos5 touch M Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0027.0045/input/input26 [ 315.452597][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.461264][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.469736][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.476581][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.488513][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.498860][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.500201][T13035] usb usb8: usbfs: process 13035 (syz.4.3003) did not claim interface 0 before use [ 315.511141][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0 [ 315.541488][ T5385] kye 0003:0458:5005.0046: hidraw1: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.3-1/input0 [ 315.561155][ T5385] kye 0003:0458:5005.0046: tablet-enabling feature report not found [ 315.601134][ T5385] kye 0003:0458:5005.0046: tablet enabling failed [ 315.619214][ T5290] usb 3-1: USB disconnect, device number 22 [ 315.631251][ T5385] usb 4-1: USB disconnect, device number 28 [ 315.746512][T13043] loop4: detected capacity change from 0 to 2048 [ 315.775109][T13043] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 315.820021][T13049] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3010'. [ 315.830824][T13049] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3010'. [ 316.054947][T13057] loop5: detected capacity change from 0 to 256 [ 316.110871][T13057] FAT-fs (loop5): Directory bread(block 64) failed [ 316.126615][T13057] FAT-fs (loop5): Directory bread(block 65) failed [ 316.154126][T13057] FAT-fs (loop5): Directory bread(block 66) failed [ 316.162409][T13057] FAT-fs (loop5): Directory bread(block 67) failed [ 316.177319][T13057] FAT-fs (loop5): Directory bread(block 68) failed [ 316.189947][T13057] FAT-fs (loop5): Directory bread(block 69) failed [ 316.223689][T13057] FAT-fs (loop5): Directory bread(block 70) failed [ 316.272125][T13057] FAT-fs (loop5): Directory bread(block 71) failed [ 316.300099][T13057] FAT-fs (loop5): Directory bread(block 72) failed [ 316.331334][T13057] FAT-fs (loop5): Directory bread(block 73) failed [ 316.462885][T13071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3020'. [ 316.636437][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.643849][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.328547][T13067] loop1: detected capacity change from 0 to 32768 [ 317.449959][T13097] loop2: detected capacity change from 0 to 256 [ 317.564032][T13097] FAT-fs (loop2): Directory bread(block 64) failed [ 317.570617][T13097] FAT-fs (loop2): Directory bread(block 65) failed [ 317.593824][T13097] FAT-fs (loop2): Directory bread(block 66) failed [ 317.608999][T13097] FAT-fs (loop2): Directory bread(block 67) failed [ 317.621350][T13097] FAT-fs (loop2): Directory bread(block 68) failed [ 317.638314][T13097] FAT-fs (loop2): Directory bread(block 69) failed [ 317.648537][T13097] FAT-fs (loop2): Directory bread(block 70) failed [ 317.665435][T13097] FAT-fs (loop2): Directory bread(block 71) failed [ 317.681317][T13097] FAT-fs (loop2): Directory bread(block 72) failed [ 317.691200][T13097] FAT-fs (loop2): Directory bread(block 73) failed [ 317.775948][T13089] loop4: detected capacity change from 0 to 32768 [ 317.808939][T13089] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3028 (13089) [ 317.854235][T13089] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 317.885219][T13089] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 317.914161][T13089] BTRFS info (device loop4): using free-space-tree [ 318.315824][T13099] loop3: detected capacity change from 0 to 40427 [ 318.326520][T13099] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 318.334617][T13099] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 318.349113][T13099] F2FS-fs (loop3): Found nat_bits in checkpoint [ 318.410918][T13099] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 318.427674][T13099] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 318.484420][ T5231] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 319.009379][T13101] loop2: detected capacity change from 0 to 40427 [ 319.033775][T13101] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 319.042255][T13101] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 319.075140][T13101] F2FS-fs (loop2): invalid crc value [ 319.093056][T13101] F2FS-fs (loop2): Found nat_bits in checkpoint [ 319.317358][T13101] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 319.331162][T13101] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 319.454956][T13101] syz.2.3034: attempt to access beyond end of device [ 319.454956][T13101] loop2: rw=2051, sector=36912, nr_sectors = 8144 limit=40427 [ 319.479593][T13101] syz.2.3034: attempt to access beyond end of device [ 319.479593][T13101] loop2: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 319.561589][T13101] F2FS-fs (loop2): Issue discard(4614, 4614, 1018) failed, ret: -5 [ 319.590102][T13101] F2FS-fs (loop2): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 319.966937][T13111] syz.1.3045: vmalloc error: size 3584000, failed to allocated page array size 7000, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 320.021602][T13148] netlink: 216 bytes leftover after parsing attributes in process `syz.5.3046'. [ 320.052848][T13150] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3048'. [ 320.081320][T13111] CPU: 1 UID: 0 PID: 13111 Comm: syz.1.3045 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 320.092138][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 320.102206][T13111] Call Trace: [ 320.105520][T13111] [ 320.108461][T13111] dump_stack_lvl+0x241/0x360 [ 320.113161][T13111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 320.118374][T13111] ? __pfx__printk+0x10/0x10 [ 320.123002][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.128647][T13111] ? __rcu_read_unlock+0xa1/0x110 [ 320.133699][T13111] warn_alloc+0x278/0x410 [ 320.138048][T13111] ? __pfx_warn_alloc+0x10/0x10 [ 320.142962][T13111] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 320.149305][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.154957][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.160607][T13111] ? __get_vm_area_node+0x23d/0x270 [ 320.166105][T13111] __vmalloc_node_range_noprof+0x691/0x13f0 [ 320.172060][T13111] ? __kmalloc_cache_node_noprof+0x1d3/0x300 [ 320.178061][T13111] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 320.184401][T13111] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 320.190578][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.196324][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.201967][T13111] ? __get_vm_area_node+0x23d/0x270 [ 320.207313][T13111] __vmalloc_node_range_noprof+0x59c/0x13f0 [ 320.213219][T13111] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 320.219472][T13111] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 320.225227][T13111] ? rcu_is_watching+0x15/0xb0 [ 320.230005][T13111] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 320.236352][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.241999][T13111] ? rcu_is_watching+0x15/0xb0 [ 320.246888][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.252538][T13111] ? __kmalloc_node_noprof+0x247/0x440 [ 320.258027][T13111] ? __kvmalloc_node_noprof+0x72/0x190 [ 320.263592][T13111] __kvmalloc_node_noprof+0x142/0x190 [ 320.268979][T13111] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 320.275152][T13111] __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 320.281156][T13111] ? tpg_update_mv_step+0x361/0x4f0 [ 320.286430][T13111] vivid_update_format_cap+0x133c/0x2090 [ 320.292188][T13111] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 320.298183][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.303857][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.309528][T13111] vivid_vid_cap_s_dv_timings+0x535/0x1230 [ 320.315414][T13111] __video_do_ioctl+0xc25/0xdd0 [ 320.320394][T13111] ? __pfx___video_do_ioctl+0x10/0x10 [ 320.325793][T13111] ? srso_alias_return_thunk+0x5/0xfbef5 [ 320.331443][T13111] ? __might_fault+0xc6/0x120 [ 320.336138][T13111] video_usercopy+0x89d/0x1180 [ 320.340931][T13111] ? __pfx___video_do_ioctl+0x10/0x10 [ 320.346411][T13111] ? __pfx_video_usercopy+0x10/0x10 [ 320.351731][T13111] ? __fget_files+0x29/0x470 [ 320.356337][T13111] ? __fget_files+0x3f3/0x470 [ 320.361041][T13111] v4l2_ioctl+0x18b/0x1e0 [ 320.365435][T13111] ? __pfx_v4l2_ioctl+0x10/0x10 [ 320.370311][T13111] __se_sys_ioctl+0xfb/0x170 [ 320.374926][T13111] do_syscall_64+0xf3/0x230 [ 320.379443][T13111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.385358][T13111] RIP: 0033:0x7f49d517dff9 [ 320.389803][T13111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.409616][T13111] RSP: 002b:00007f49d5ff3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 320.418130][T13111] RAX: ffffffffffffffda RBX: 00007f49d5335f80 RCX: 00007f49d517dff9 [ 320.426312][T13111] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 320.434294][T13111] RBP: 00007f49d51f0296 R08: 0000000000000000 R09: 0000000000000000 [ 320.442274][T13111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.450338][T13111] R13: 0000000000000000 R14: 00007f49d5335f80 R15: 00007ffd05a46578 [ 320.458334][T13111] [ 320.475015][T13111] Mem-Info: [ 320.481236][T13111] active_anon:9068 inactive_anon:1 isolated_anon:0 [ 320.481236][T13111] active_file:1524 inactive_file:38691 isolated_file:0 [ 320.481236][T13111] unevictable:768 dirty:568 writeback:0 [ 320.481236][T13111] slab_reclaimable:6147 slab_unreclaimable:100302 [ 320.481236][T13111] mapped:24590 shmem:6750 pagetables:847 [ 320.481236][T13111] sec_pagetables:0 bounce:0 [ 320.481236][T13111] kernel_misc_reclaimable:0 [ 320.481236][T13111] free:1266314 free_pcp:1786 free_cma:0 [ 320.556814][T13111] Node 0 active_anon:34372kB inactive_anon:4kB active_file:6096kB inactive_file:154692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98360kB dirty:2272kB writeback:0kB shmem:23764kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10520kB pagetables:3188kB sec_pagetables:0kB all_unreclaimable? no [ 320.623294][T13111] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 320.780170][T13161] loop5: detected capacity change from 0 to 1024 [ 320.787411][T13161] EXT4-fs: Ignoring removed bh option [ 320.804486][T13111] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 320.843584][T13111] lowmem_reserve[]: 0 2465 2466 0 0 [ 320.849073][T13111] Node 0 DMA32 free:1128636kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:28436kB inactive_anon:4kB active_file:6096kB inactive_file:153868kB unevictable:1536kB writepending:2272kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:5556kB local_pcp:4480kB free_cma:0kB [ 320.925103][T13139] loop3: detected capacity change from 0 to 32768 [ 320.936967][T13161] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 320.963292][T13139] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 320.981302][T13111] lowmem_reserve[]: 0 0 0 0 0 [ 320.986325][T13139] JBD2: Ignoring recovery information on journal [ 321.026531][T13111] [ 321.028934][T13111] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 321.056440][T13111] lowmem_reserve[]: 0 0 0 0 0 [ 321.061333][T13111] Node 1 Normal free:3930944kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:252kB free_cma:0kB [ 321.091463][T13111] lowmem_reserve[]: 0 0 0 0 0 [ 321.096279][T13111] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 321.125407][T13111] Node 0 DMA32: 2*4kB (UM) 28*8kB (E) 124*16kB (E) 222*32kB (UME) 135*64kB (UME) 91*128kB (UME) 53*256kB (ME) 26*512kB (UME) 12*1024kB (ME) 8*2048kB (UME) 254*4096kB (M) = 1125544kB [ 321.145304][T13111] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 321.157289][T13111] Node 1 Normal: 162*4kB (U) 41*8kB (UE) 19*16kB (UME) 168*32kB (UME) 93*64kB (UME) 32*128kB (UME) 20*256kB (UME) 9*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 951*4096kB (M) = 3930944kB [ 321.166919][T13139] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 321.176148][T13111] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 321.231214][T13111] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 321.240546][T13111] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 321.257614][T13171] loop0: detected capacity change from 0 to 4096 [ 321.264052][T13111] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 321.275903][T13111] 46145 total pagecache pages [ 321.281358][T13111] 1 pages in swap cache [ 321.285532][T13111] Free swap = 124472kB [ 321.289797][T13111] Total swap = 124996kB [ 321.299923][T13171] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 321.309187][T13111] 2097051 pages RAM [ 321.321500][T13111] 0 pages HighMem/MovableOnly [ 321.326528][ T29] audit: type=1800 audit(1728797421.674:165): pid=13139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3041" name="file1" dev="loop3" ino=16946 res=0 errno=0 [ 321.351381][T13111] 427076 pages reserved [ 321.355729][T13111] 0 pages cma reserved [ 321.423159][ T5224] ocfs2: Unmounting device (7,3) on (node local) [ 321.702509][T13171] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 321.759000][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 321.786941][T13171] ntfs3(loop0): ino=1e, "file1" failed to parse mft record [ 321.841309][T13171] ntfs3(loop0): ino=1e, "file1" attr_set_size [ 322.204640][T13168] loop4: detected capacity change from 0 to 40427 [ 322.257131][T13168] F2FS-fs (loop4): heap/no_heap options were deprecated [ 322.258731][T13181] loop2: detected capacity change from 0 to 32768 [ 322.306258][T13168] F2FS-fs (loop4): invalid crc value [ 322.322673][T13181] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 322.336829][T13168] F2FS-fs (loop4): Found nat_bits in checkpoint [ 322.527263][T10285] ocfs2: Unmounting device (7,2) on (node local) [ 322.684620][T13206] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3068'. [ 323.111240][T13168] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 323.223249][ T5231] syz-executor: attempt to access beyond end of device [ 323.223249][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 323.239365][ T5385] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 323.260812][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 323.407738][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 323.419051][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 323.441405][ T5385] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 323.471398][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.502790][ T5385] usb 4-1: config 0 descriptor?? [ 323.939021][ T5385] logitech 0003:046D:C294.0047: hidraw0: USB HID v0.00 Device [HID 046d:c294] on usb-dummy_hcd.3-1/input0 [ 323.991137][ T5385] logitech 0003:046D:C294.0047: no inputs found [ 324.090070][T13226] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3077'. [ 324.146954][ T5385] usb 4-1: USB disconnect, device number 29 [ 325.348218][T13233] loop1: detected capacity change from 0 to 32768 [ 325.364939][T13233] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3079 (13233) [ 325.477539][T13233] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 325.698478][T13233] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 325.720988][T13233] BTRFS info (device loop1): using free-space-tree [ 326.046255][T13273] loop0: detected capacity change from 0 to 1024 [ 326.083646][T13273] hfsplus: Filesystem is marked locked, mounting read-only. [ 326.288142][T13241] loop4: detected capacity change from 0 to 40427 [ 326.337584][T13241] F2FS-fs (loop4): Found nat_bits in checkpoint [ 326.338249][ T7063] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 326.466692][T13241] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 326.658939][T13286] loop2: detected capacity change from 0 to 32768 [ 326.690342][ T5231] syz-executor: attempt to access beyond end of device [ 326.690342][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 326.736004][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 327.063377][T13304] ptrace attach of "./syz-executor exec"[7063] was attempted by "./syz-executor exec"[13304] [ 327.068609][T13305] loop0: detected capacity change from 0 to 1024 [ 327.473124][T13314] loop2: detected capacity change from 0 to 16 [ 327.513589][T13314] erofs: (device loop2): mounted with root inode @ nid 36. [ 327.530187][T13293] loop3: detected capacity change from 0 to 32768 [ 327.548435][T13293] XFS: noikeep mount option is deprecated. [ 327.577642][T13293] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 327.766586][T13333] random: crng reseeded on system resumption [ 327.770857][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3116'. [ 327.783877][T13334] openvswitch: netlink: Actions may not be safe on all matching packets [ 327.794275][T13293] XFS (loop3): Ending clean mount [ 327.816258][T13293] XFS (loop3): Quotacheck needed: Please wait. [ 327.880125][T13293] XFS (loop3): Quotacheck: Done. [ 327.968742][ T5224] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 328.139973][T13342] loop1: detected capacity change from 0 to 512 [ 328.183283][T13342] EXT4-fs: Ignoring removed orlov option [ 328.244150][T13342] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.3120: casefold flag without casefold feature [ 328.291200][T13342] EXT4-fs (loop1): Remounting filesystem read-only [ 328.357975][T13342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.464440][T13356] loop3: detected capacity change from 0 to 128 [ 328.481276][T13356] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 328.510209][T13333] Unrecognized hibernate image header format! [ 328.529355][T13333] PM: hibernation: Image mismatch: architecture specific data [ 328.542971][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.830033][T13365] loop5: detected capacity change from 0 to 64 [ 328.875650][T13354] loop2: detected capacity change from 0 to 32768 [ 328.892858][T13354] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3123 (13354) [ 328.911754][T13369] loop1: detected capacity change from 0 to 1024 [ 328.937846][T13354] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 328.948650][T13354] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 328.959412][T13354] BTRFS info (device loop2): using free-space-tree [ 328.992323][T13369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 329.153625][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.171461][T10285] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 330.130892][T13432] loop3: detected capacity change from 0 to 1024 [ 330.207078][T13432] hfsplus: bad catalog entry type [ 330.294937][ T4323] hfsplus: b-tree write err: -5, ino 4 [ 330.334330][T13442] loop0: detected capacity change from 0 to 1024 [ 330.370213][T13442] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.408953][T13408] loop5: detected capacity change from 0 to 32768 [ 330.417138][T13442] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 330.509291][T13408] JBD2: Ignoring recovery information on journal [ 330.562513][T13408] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 330.630415][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.731187][ T5286] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 330.866803][T11106] ocfs2: Unmounting device (7,5) on (node local) [ 330.884100][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 330.884141][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 330.884181][ T5286] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 330.884248][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.886310][ T5286] usb 2-1: config 0 descriptor?? [ 331.324728][ T5286] konepure 0003:1E7D:2DB4.0048: unknown main item tag 0x0 [ 331.355989][ T5286] konepure 0003:1E7D:2DB4.0048: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.1-1/input0 [ 331.391260][ T5288] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 331.554377][ T5287] usb 2-1: USB disconnect, device number 19 [ 331.569006][ T5288] usb 4-1: config 0 has an invalid interface number: 27 but max is 0 [ 331.597678][ T5288] usb 4-1: config 0 has no interface number 0 [ 331.618104][ T5288] usb 4-1: config 0 interface 27 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 331.639901][ T5288] usb 4-1: config 0 interface 27 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 331.671016][ T5288] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 331.697307][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.702136][T13486] loop4: detected capacity change from 0 to 32768 [ 331.716721][T13486] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3178 (13486) [ 331.742199][ T5288] usb 4-1: config 0 descriptor?? [ 331.760341][T13486] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 331.784327][T13486] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 331.804134][T13486] BTRFS info (device loop4): using free-space-tree [ 331.991025][ T5231] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 332.030481][T13511] loop5: detected capacity change from 0 to 1024 [ 332.047925][T13511] EXT4-fs: Ignoring removed orlov option [ 332.056128][T13511] EXT4-fs (loop5): Test dummy encryption mode enabled [ 332.063278][T13511] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 332.109646][T13488] loop2: detected capacity change from 0 to 32768 [ 332.138520][T13488] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3180 (13488) [ 332.172440][T13511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.177060][T13488] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 332.195554][T13488] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 332.204281][T13488] BTRFS info (device loop2): using free-space-tree [ 332.252589][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.349181][ T5288] uclogic 0003:256C:006D.0049: interface is invalid, ignoring [ 332.472180][ T9] usb 4-1: USB disconnect, device number 30 [ 332.571389][T13540] loop1: detected capacity change from 0 to 2048 [ 332.621204][T13544] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 332.772570][T13549] loop5: detected capacity change from 0 to 1024 [ 332.782662][ T12] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared) [ 332.837688][ T12] hfsplus: b-tree write err: -5, ino 4 [ 332.975762][T10285] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 333.214877][T13563] loop5: detected capacity change from 0 to 2048 [ 333.221559][ T9] usb 2-1: new low-speed USB device number 20 using dummy_hcd [ 333.405185][ T9] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 333.414218][ T9] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 333.422600][ T9] usb 2-1: config 0 has no interface number 0 [ 333.428741][ T9] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 333.438953][ T9] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 333.448989][ T9] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 333.458100][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.469601][T13567] netlink: 'syz.5.3203': attribute type 1 has an invalid length. [ 333.479118][ T9] usb 2-1: config 0 descriptor?? [ 333.493941][T13567] netlink: 9364 bytes leftover after parsing attributes in process `syz.5.3203'. [ 333.503302][T13567] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3203'. [ 333.890220][T13589] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3212'. [ 334.059855][T13598] loop5: detected capacity change from 0 to 128 [ 334.064990][T13599] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3217'. [ 334.108002][T13598] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 334.113269][ T9] usb 2-1: USB disconnect, device number 20 [ 334.131041][T13598] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 334.416669][ T5385] usb 3-1: new full-speed USB device number 23 using dummy_hcd [ 334.512907][T13621] loop0: detected capacity change from 0 to 256 [ 334.533664][T13621] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2fab2b20, utbl_chksum : 0xe619d30d) [ 334.596994][ T5385] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 334.611101][ T5385] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 334.626959][ T5385] usb 3-1: New USB device found, idVendor=056a, idProduct=00cc, bcdDevice= 0.00 [ 334.636567][ T5385] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.692570][ T5385] usb 3-1: config 0 descriptor?? [ 335.152304][ T5385] wacom 0003:056A:00CC.004A: hidraw0: USB HID v0.00 Device [HID 056a:00cc] on usb-dummy_hcd.2-1/input0 [ 335.152882][T13615] loop5: detected capacity change from 0 to 32768 [ 335.273178][T13615] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 335.382357][ T5385] usb 3-1: USB disconnect, device number 23 [ 335.405618][T13615] XFS (loop5): Starting recovery (logdev: internal) [ 335.454756][T13615] XFS (loop5): Ending recovery (logdev: internal) [ 335.574452][T11106] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 335.873671][T13679] netlink: 'syz.3.3255': attribute type 12 has an invalid length. [ 335.926972][T13679] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3255'. [ 335.937007][T13681] netlink: 'syz.0.3252': attribute type 10 has an invalid length. [ 335.988377][T13675] loop1: detected capacity change from 0 to 4096 [ 335.991374][T13681] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3252'. [ 336.065618][T13681] tipc: Resetting bearer [ 336.089925][T13685] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 336.317291][T13696] loop3: detected capacity change from 0 to 164 [ 336.361734][T13700] loop5: detected capacity change from 0 to 128 [ 336.495675][T13681] tipc: Disabling bearer [ 336.543557][T13708] loop3: detected capacity change from 0 to 512 [ 336.572185][T13708] EXT4-fs: Ignoring removed nobh option [ 336.618367][T13708] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 336.637955][T13708] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 336.657121][T13708] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #13: comm syz.3.3265: casefold flag without casefold feature [ 336.678696][T13708] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.3265: couldn't read orphan inode 13 (err -117) [ 336.702728][T13708] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.838431][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.060674][T13706] loop2: detected capacity change from 0 to 32768 [ 337.090085][T13706] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3266 (13706) [ 337.166571][T13706] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 337.185064][T13706] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 337.220778][T13706] BTRFS info (device loop2): using free-space-tree [ 337.248201][T13724] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3273'. [ 337.259059][T13729] @ÿÿÿ: renamed from veth0_vlan (while UP) [ 337.319706][T13737] xt_CT: You must specify a L4 protocol and not use inversions on it [ 337.410707][T13750] loop0: detected capacity change from 0 to 256 [ 337.425774][T13750] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 337.448004][T13751] loop1: detected capacity change from 0 to 1024 [ 337.720125][T10285] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 337.785886][T13774] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3289'. [ 338.021759][T13772] loop5: detected capacity change from 0 to 32768 [ 338.031333][T13772] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3288 (13772) [ 338.050037][T13772] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 338.062133][T13772] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 338.093693][T13781] loop4: detected capacity change from 0 to 256 [ 338.094174][T13772] BTRFS info (device loop5): using free-space-tree [ 338.254713][T13791] loop4: detected capacity change from 0 to 256 [ 338.303663][T13791] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 338.499975][T13810] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3301'. [ 338.597501][T13814] tmpfs: Cannot change global quota limit on remount [ 338.779303][T11106] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 338.844207][T13831] loop2: detected capacity change from 0 to 256 [ 338.852109][T13831] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 338.961699][T13834] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3313'. [ 339.041213][ T5287] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 339.107804][T13838] loop5: detected capacity change from 0 to 1024 [ 339.201652][ T5287] usb 4-1: Using ep0 maxpacket: 16 [ 339.225603][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.249203][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.261307][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 339.272518][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 339.282643][ T5287] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 339.292051][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.324445][ T5287] usb 4-1: config 0 descriptor?? [ 339.376466][T13832] loop4: detected capacity change from 0 to 32768 [ 339.438172][T13832] JBD2: Ignoring recovery information on journal [ 339.534664][T13832] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 339.727297][ T5231] ocfs2: Unmounting device (7,4) on (node local) [ 339.760936][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0 [ 339.770425][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0 [ 339.778311][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0 [ 339.797932][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0 [ 339.808058][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0 [ 339.836103][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.3-1/input0 [ 339.849039][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: U2F Zero LED initialised [ 339.856704][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: U2F Zero RNG initialised [ 339.871346][ T5288] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 339.921224][ T5286] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 339.959249][T13865] netlink: 'syz.4.3323': attribute type 1 has an invalid length. [ 339.968011][T13865] netlink: 191384 bytes leftover after parsing attributes in process `syz.4.3323'. [ 339.984263][ T5287] usb 4-1: USB disconnect, device number 31 [ 340.021269][ T5288] usb 3-1: Using ep0 maxpacket: 16 [ 340.028065][ T5288] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 340.047270][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 340.071366][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 340.089873][ T5288] usb 3-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00 [ 340.099236][ T5288] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 340.111583][ T5288] usb 3-1: config 0 descriptor?? [ 340.122809][ T5286] usb 2-1: Using ep0 maxpacket: 16 [ 340.130593][ T5286] usb 2-1: unable to get BOS descriptor or descriptor too short [ 340.140028][ T5286] usb 2-1: config 0 has an invalid interface number: 193 but max is 0 [ 340.148558][ T5286] usb 2-1: config 0 has no interface number 0 [ 340.155281][ T5286] usb 2-1: config 0 interface 193 altsetting 4 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 340.166500][ T5286] usb 2-1: config 0 interface 193 has no altsetting 0 [ 340.178100][ T5286] usb 2-1: New USB device found, idVendor=0499, idProduct=1034, bcdDevice=50.3a [ 340.201148][ T5286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.209294][ T5286] usb 2-1: Product: syz [ 340.219518][ T5286] usb 2-1: Manufacturer: syz [ 340.231756][ T5286] usb 2-1: SerialNumber: syz [ 340.238930][ T5286] usb 2-1: config 0 descriptor?? [ 340.347350][T13877] loop4: detected capacity change from 0 to 1024 [ 340.394483][T13877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 340.453519][T13877] EXT4-fs: Ignoring removed nobh option [ 340.460767][T13877] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 340.476331][ T5286] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 340.520775][ T5286] snd-usb-audio 2-1:0.193: probe with driver snd-usb-audio failed with error -2 [ 340.540341][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.581194][ T5286] usb 2-1: USB disconnect, device number 21 [ 340.603067][ T5288] lenovo 0003:17EF:60EE.004C: hidraw0: USB HID v0.04 Device [HID 17ef:60ee] on usb-dummy_hcd.2-1/input0 [ 340.785426][ T5288] lenovo 0003:17EF:60EE.004C: Failed to switch F7/9/11 mode: -71 [ 340.794306][ T5288] lenovo 0003:17EF:60EE.004C: Failed to switch middle button: -71 [ 340.805593][ T5288] lenovo 0003:17EF:60EE.004C: Fn-lock setting failed: -71 [ 340.821583][ T5288] lenovo 0003:17EF:60EE.004C: Sensitivity setting failed: -71 [ 340.838040][ T5288] usb 3-1: USB disconnect, device number 24 [ 341.330926][T13916] loop5: detected capacity change from 0 to 256 [ 341.371905][T13916] exfat: Deprecated parameter 'utf8' [ 341.398507][T13916] exfat: Deprecated parameter 'namecase' [ 341.428997][T13916] exfat: Deprecated parameter 'namecase' [ 341.436712][T13920] loop1: detected capacity change from 0 to 64 [ 341.462800][T13916] exfat: Deprecated parameter 'utf8' [ 341.538546][T13916] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 342.163287][T13934] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.263631][T13934] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.325413][T13940] program syz.2.3360 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 342.378851][T13892] loop4: detected capacity change from 0 to 131072 [ 342.391405][T13892] F2FS-fs (loop4): Test dummy encryption mode enabled [ 342.452499][T13938] loop5: detected capacity change from 0 to 4096 [ 342.463833][T13892] F2FS-fs (loop4): invalid crc value [ 342.500189][T13944] loop3: detected capacity change from 0 to 64 [ 342.615845][T13936] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.624115][T13936] bridge0: port 1(bridge_slave_0) entered forwarding state [ 342.627439][T13922] loop0: detected capacity change from 0 to 32768 [ 342.674195][T13922] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section replicas_v0: invalid device 1 in entry btree: 1/84 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 2 2 4 5 5 5 6 8 10 108] [ 342.674195][T13922] replicas_v0 (size 24): [ 342.674195][T13922] btree: 84 [0 2 1 0 4 1 0 0 0 0 0 0 0 0 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 0 5 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 0 0] [ 342.674195][T13922] [ 342.716041][T13936] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.728781][T13892] F2FS-fs (loop4): Found nat_bits in checkpoint [ 342.734211][T13936] bridge0: port 2(bridge_slave_1) entered forwarding state [ 342.778398][T13922] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 342.859335][T13938] ntfs3: Cannot use different iocharset when remounting! [ 342.879329][T13892] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 342.880931][T13949] loop3: detected capacity change from 0 to 4096 [ 342.964300][T13949] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 343.146614][T13949] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 343.386097][T13968] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3371'. [ 343.632681][T13979] sp0: Synchronizing with TNC [ 343.692239][T13983] loop1: detected capacity change from 0 to 512 [ 343.699287][T13983] EXT4-fs: Ignoring removed mblk_io_submit option [ 343.713177][T13983] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 343.758420][T13983] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 343.767373][T13983] System zones: 1-12 [ 343.923619][T13983] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.3380: corrupted in-inode xattr: e_value size too large [ 343.979661][T13983] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.3380: couldn't read orphan inode 15 (err -117) [ 344.059962][T13983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.261356][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.401927][T14014] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3392'. [ 344.485841][T14018] loop0: detected capacity change from 0 to 256 [ 344.523195][T14021] loop5: detected capacity change from 0 to 512 [ 344.543654][T14018] FAT-fs (loop0): Directory bread(block 64) failed [ 344.559410][T14018] FAT-fs (loop0): Directory bread(block 65) failed [ 344.598745][T14021] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.621355][T14018] FAT-fs (loop0): Directory bread(block 66) failed [ 344.630629][T14021] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.677993][T14018] FAT-fs (loop0): Directory bread(block 67) failed [ 344.730591][T14018] FAT-fs (loop0): Directory bread(block 68) failed [ 344.790281][T14018] FAT-fs (loop0): Directory bread(block 69) failed [ 344.811647][T14018] FAT-fs (loop0): Directory bread(block 70) failed [ 344.841194][T14018] FAT-fs (loop0): Directory bread(block 71) failed [ 344.855323][T14018] FAT-fs (loop0): Directory bread(block 72) failed [ 344.856706][T14021] EXT4-fs: Cannot change quota options when quota turned on [ 344.881128][T14018] FAT-fs (loop0): Directory bread(block 73) failed [ 345.041967][T14001] loop4: detected capacity change from 0 to 40427 [ 345.058523][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.068657][T14035] loop1: detected capacity change from 0 to 24 [ 345.110750][T14035] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 345.126239][T14001] F2FS-fs (loop4): Found nat_bits in checkpoint [ 345.162858][T14035] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 345.208918][T14041] loop5: detected capacity change from 0 to 256 [ 345.259646][T14044] loop2: detected capacity change from 0 to 22 [ 345.285882][T14044] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 345.307715][T14001] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 345.351799][T14044] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 345.451896][ T5231] syz-executor: attempt to access beyond end of device [ 345.451896][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 345.499195][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 345.749719][T14048] loop1: detected capacity change from 0 to 40427 [ 345.762014][T14048] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 345.769879][T14048] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 345.898232][T14048] F2FS-fs (loop1): Found nat_bits in checkpoint [ 346.055303][T14048] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 346.064007][T14048] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 346.199028][T14069] loop5: detected capacity change from 0 to 8 [ 346.298361][T14031] loop3: detected capacity change from 0 to 32768 [ 346.531407][T14079] netlink: 'syz.4.3419': attribute type 30 has an invalid length. [ 346.971182][ T5286] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 347.010102][T14067] loop0: detected capacity change from 0 to 32768 [ 347.060070][T14067] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 347.081621][T14067] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 347.122245][ T5286] usb 4-1: Using ep0 maxpacket: 8 [ 347.148227][T14067] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 347.202168][ T5286] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 347.209575][ T931] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 347.211021][ T5286] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 347.218009][ T931] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 347.228076][ T5286] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 347.250670][T14090] loop2: detected capacity change from 0 to 4096 [ 347.280619][T14082] loop1: detected capacity change from 0 to 32768 [ 347.314879][ T5286] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 347.324779][ T5286] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.337713][ T931] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms [ 347.344478][T14082] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 347.345819][ T931] gfs2: fsid=syz:syz.0: jid=0: Done [ 347.360585][ T5286] usb 4-1: Product: syz [ 347.364044][T14067] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 347.364947][ T5286] usb 4-1: Manufacturer: syz [ 347.376947][ T5286] usb 4-1: SerialNumber: syz [ 347.428208][T14099] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 347.487252][T14082] XFS (loop1): Ending clean mount [ 347.504581][T14082] XFS (loop1): Quotacheck needed: Please wait. [ 347.609219][T14082] XFS (loop1): Quotacheck: Done. [ 347.795734][ T7063] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 347.805915][T14109] loop0: detected capacity change from 0 to 512 [ 347.841571][T14109] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #17: comm syz.0.3426: iget: bogus i_mode (0) [ 347.856958][ T5286] usb 4-1: 0:2 : does not exist [ 347.861905][T14109] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3426: couldn't read orphan inode 17 (err -117) [ 347.863073][T14109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.898062][T14113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3427'. [ 347.963863][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.091254][ T5288] usb 4-1: USB disconnect, device number 32 [ 348.595417][T14119] loop4: detected capacity change from 0 to 32768 [ 348.612588][T14119] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3431 (14119) [ 348.643934][T14119] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 348.662101][T14119] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 348.670869][T14119] BTRFS info (device loop4): using free-space-tree [ 348.917809][ T5231] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 349.020102][T14118] loop2: detected capacity change from 0 to 65536 [ 349.100234][T14118] XFS (loop2): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 349.430983][T14118] XFS (loop2): Ending clean mount [ 349.530697][T14180] loop0: detected capacity change from 0 to 256 [ 349.699852][T10285] XFS (loop2): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 349.772549][T14190] loop1: detected capacity change from 0 to 64 [ 349.988834][T14201] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3459'. [ 350.647831][T14218] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 350.724977][T14220] loop3: detected capacity change from 0 to 16 [ 350.732906][T14220] erofs: (device loop3): mounted with root inode @ nid 36. [ 351.395637][T14230] loop1: detected capacity change from 0 to 32768 [ 351.423820][T14230] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 351.461482][ T5346] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 351.474551][T14230] XFS (loop1): Ending clean mount [ 351.483484][T14230] XFS (loop1): Quotacheck needed: Please wait. [ 351.540395][T14263] loop0: detected capacity change from 0 to 2048 [ 351.620332][T14230] XFS (loop1): Quotacheck: Done. [ 351.627514][T14267] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 351.650502][T14263] NILFS (loop0): unable to set label with more than 80 bytes [ 351.661178][ T5346] usb 4-1: Using ep0 maxpacket: 16 [ 351.694049][ T5346] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.711244][ T5346] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.728982][ T5346] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 351.767265][ T5346] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00 [ 351.767303][ T5346] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.770082][ T5346] usb 4-1: config 0 descriptor?? [ 351.845811][ T7063] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 352.188170][T14283] loop1: detected capacity change from 0 to 512 [ 352.197154][ T5346] shield 0003:0955:7214.004D: item fetching failed at offset 4/5 [ 352.210885][ T5346] shield 0003:0955:7214.004D: Parse failed [ 352.212614][T14283] EXT4-fs: Ignoring removed nomblk_io_submit option [ 352.227890][ T5346] shield 0003:0955:7214.004D: probe with driver shield failed with error -22 [ 352.237294][T14286] loop5: detected capacity change from 0 to 64 [ 352.245655][ T5235] Bluetooth: hci2: command 0x0405 tx timeout [ 352.272987][T14283] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 352.294834][T14286] hfs: request for non-existent node 293 in B*Tree [ 352.326478][T14283] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 352.340039][T14286] hfs: request for non-existent node 293 in B*Tree [ 352.349568][T14286] hfs: get root inode failed [ 352.358344][T14283] EXT4-fs (loop1): 1 truncate cleaned up [ 352.365365][T14283] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.448451][ T5346] usb 4-1: USB disconnect, device number 33 [ 352.489229][T14283] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #2: block 4: comm syz.1.3489: lblock 0 mapped to illegal pblock 4 (length 1) [ 352.507500][T14283] EXT4-fs (loop1): Remounting filesystem read-only [ 352.572519][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.445444][T14306] loop2: detected capacity change from 0 to 4096 [ 353.763506][T14312] loop3: detected capacity change from 0 to 512 [ 353.894843][T14312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.944627][T14306] ntfs3(loop2): Failed to load $MFT (-22). [ 354.013754][T14312] ext4 filesystem being mounted at /584/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 354.316091][ T5233] Bluetooth: hci2: command 0x0405 tx timeout [ 354.372067][T14298] loop0: detected capacity change from 0 to 40427 [ 354.424256][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.460464][T14295] loop5: detected capacity change from 0 to 32768 [ 354.473145][T14298] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 354.501633][T14298] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 354.542036][T14295] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3497 (14295) [ 354.615588][T14321] loop2: detected capacity change from 0 to 512 [ 354.660047][T14298] F2FS-fs (loop0): Found nat_bits in checkpoint [ 354.690429][T14295] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 354.731460][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 354.738877][T14321] UDF-fs: Scanning with blocksize 512 failed [ 354.771628][T14295] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 354.830075][T14295] BTRFS info (device loop5): using free-space-tree [ 354.839587][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 354.871459][T14321] UDF-fs: Scanning with blocksize 1024 failed [ 354.959128][T14325] loop3: detected capacity change from 0 to 2048 [ 354.967895][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 355.002103][T14321] UDF-fs: Scanning with blocksize 2048 failed [ 355.045863][T14321] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 355.056741][T14298] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 355.093089][T14295] BTRFS info (device loop5): rebuilding free space tree [ 355.100151][T14298] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 355.124621][T14321] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 355.138313][T14325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.256928][T14325] ext4 filesystem being mounted at /585/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.306080][T14321] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 21) has entry at pos 172 with incorrect tag 0 [ 355.370552][T14308] loop1: detected capacity change from 0 to 32768 [ 355.410531][T14325] fscrypt (loop3, inode 13): Error -61 getting encryption context [ 355.449830][ T7084] syz-executor: attempt to access beyond end of device [ 355.449830][ T7084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 355.471445][T14308] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3502 (14308) [ 355.494130][T14304] loop4: detected capacity change from 0 to 40427 [ 355.553320][ T7084] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 355.590815][T14308] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 355.603860][T14304] F2FS-fs (loop4): invalid crc value [ 355.664354][T11106] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 355.683354][T14308] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 355.703371][T14304] F2FS-fs (loop4): Found nat_bits in checkpoint [ 355.723577][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.770402][T14308] BTRFS info (device loop1): using free-space-tree [ 355.962377][T14304] F2FS-fs (loop4): Start checkpoint disabled! [ 356.415770][T14369] loop3: detected capacity change from 0 to 256 [ 356.438808][T14369] exfat: Deprecated parameter 'namecase' [ 356.491463][T14369] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 356.553851][T14308] BTRFS error (device loop1): open_ctree failed [ 357.661456][T14384] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.3519'. [ 358.954724][T14400] netlink: 'syz.3.3527': attribute type 31 has an invalid length. [ 359.194547][T14377] loop5: detected capacity change from 0 to 32768 [ 359.313477][T14377] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3509 (14377) [ 359.397101][T14377] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 359.433342][T14406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3530'. [ 359.450482][T14402] loop1: detected capacity change from 0 to 4096 [ 359.466473][T14377] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 359.525969][T14377] BTRFS info (device loop5): using free-space-tree [ 359.541156][T14402] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 360.211867][T14388] loop2: detected capacity change from 0 to 32768 [ 360.242231][T11106] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 360.288031][T14388] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 360.385221][T14440] loop3: detected capacity change from 0 to 8 [ 360.386434][T14440] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 360.476065][T14388] XFS (loop2): Ending clean mount [ 360.486371][T14388] XFS (loop2): Quotacheck needed: Please wait. [ 360.637486][T14388] XFS (loop2): Quotacheck: Done. [ 360.926966][T10285] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 361.081186][ T931] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 361.276147][ T931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 361.328310][ T931] usb 4-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00 [ 361.400001][ T931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 361.539979][ T931] usb 4-1: config 0 descriptor?? [ 361.557768][T14455] loop1: detected capacity change from 0 to 256 [ 361.656268][T14455] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d) [ 361.954174][T14460] omfs: Invalid superblock (0) [ 362.023325][ T931] hid-steam 0003:28DE:1205.004E: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.3-1/input0 [ 362.098936][T14462] loop5: detected capacity change from 0 to 256 [ 362.144077][ T931] hid-steam 0003:28DE:1205.004E: Steam Controller 'XXXXXXXXXX' connected [ 362.214682][ T931] input: Steam Deck as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1205.004E/input/input33 [ 362.370872][ T931] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1205.004E/input/input34 [ 362.574499][ T931] hid-steam 0003:28DE:1205.004F: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.3-1/input0 [ 362.734605][ T931] usb 4-1: USB disconnect, device number 34 [ 363.173811][T14476] loop1: detected capacity change from 0 to 64 [ 363.395637][T14472] loop5: detected capacity change from 0 to 8192 [ 363.541447][ T29] audit: type=1800 audit(1728797463.914:166): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3549" name="file0" dev="loop5" ino=1048905 res=0 errno=0 [ 363.565125][ T931] hid-steam 0003:28DE:1205.004E: Steam Controller 'XXXXXXXXXX' disconnected [ 363.990870][T14494] loop0: detected capacity change from 0 to 2048 [ 364.167983][T14494] Alternate GPT is invalid, using primary GPT. [ 364.204907][T14494] loop0: p1 p2 p3 [ 365.220200][T14524] loop4: detected capacity change from 0 to 4096 [ 365.261284][T14524] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 365.338633][T14524] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 365.378112][T14524] ntfs3(loop4): Failed to load $Extend (-22). [ 365.410274][T14524] ntfs3(loop4): Failed to initialize $Extend. [ 366.556025][T14554] loop1: detected capacity change from 0 to 128 [ 366.649013][T14554] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 366.714003][T14563] loop4: detected capacity change from 0 to 64 [ 366.736418][T14564] loop2: detected capacity change from 0 to 512 [ 366.765145][T14554] ext4 filesystem being mounted at /469/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.818989][T14564] EXT4-fs: Ignoring removed mblk_io_submit option [ 366.836808][T14563] Trying to free block not in datazone [ 366.866611][T14564] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 366.881215][T14563] Trying to free block not in datazone [ 366.912365][T14563] Trying to free block not in datazone [ 366.949597][T14563] Trying to free block not in datazone [ 366.971570][T14564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 366.993050][T14563] minix_free_block (loop4:6): bit already cleared [ 367.021413][T14564] System zones: 1-12 [ 367.036243][T14564] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.3587: corrupted in-inode xattr: e_value size too large [ 367.055276][T14563] Trying to free block not in datazone [ 367.084017][ T7063] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 367.101583][T14563] Trying to free block not in datazone [ 367.136444][T14564] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.3587: couldn't read orphan inode 15 (err -117) [ 367.228818][T14564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.563025][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.967390][T14585] tipc: Enabling of bearer rejected, failed to enable media [ 369.108686][T14599] loop1: detected capacity change from 0 to 512 [ 369.276887][T14599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.463028][T14599] ext4 filesystem being mounted at /473/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 370.491456][T14620] tipc: Started in network mode [ 370.506861][T14620] tipc: Node identity ac1414aa, cluster identity 4711 [ 370.527267][T14620] tipc: New replicast peer: 100.1.1.1 [ 370.548791][T14618] loop2: detected capacity change from 0 to 4096 [ 370.566090][T14620] tipc: Enabled bearer , priority 10 [ 370.628039][T14618] NILFS (loop2): invalid segment: Checksum error in segment payload [ 370.699189][T14618] NILFS (loop2): trying rollback from an earlier position [ 370.813641][T14618] NILFS (loop2): recovery complete [ 370.860408][T14622] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 371.349501][T14604] loop4: detected capacity change from 0 to 32768 [ 371.463574][T14604] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 371.596701][T14627] loop5: detected capacity change from 0 to 4096 [ 371.656178][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3616'. [ 371.677167][T14627] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 371.699091][ T9] tipc: Node number set to 2886997162 [ 371.774055][T14604] XFS (loop4): Ending clean mount [ 371.915232][T14627] ntfs3(loop5): ino=1e, "file1" attr_set_size [ 371.964475][T14627] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 372.044727][T14627] ntfs3(loop5): ino=3, ntfs_set_state failed, -22. [ 372.078392][T14611] loop0: detected capacity change from 0 to 40427 [ 372.112587][ T5231] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 372.171464][T14611] F2FS-fs (loop0): Image doesn't support compression [ 372.240384][T14611] F2FS-fs (loop0): invalid crc value [ 372.273928][T14611] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 372.302320][T14646] loop2: detected capacity change from 0 to 256 [ 372.326193][ T33] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22. [ 372.380749][T14646] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d) [ 372.718037][T14611] F2FS-fs (loop0): Start checkpoint disabled! [ 372.789802][T14611] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 373.338449][T14661] xt_CT: No such helper "syz1" [ 373.930464][T14678] loop2: detected capacity change from 0 to 128 [ 373.997158][T14678] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 374.093186][T14678] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 375.035394][ T5235] Bluetooth: hci4: command 0x0406 tx timeout [ 375.396679][T14708] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3645'. [ 376.423482][T14728] loop5: detected capacity change from 0 to 1024 [ 376.606571][T14696] loop0: detected capacity change from 0 to 32768 [ 376.694472][T14696] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3639 (14696) [ 376.758692][ T33] hfsplus: b-tree write err: -5, ino 4 [ 376.978423][T14739] loop5: detected capacity change from 0 to 64 [ 377.048342][T14741] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3662'. [ 377.114376][T14741] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3662'. [ 377.379895][T14696] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 377.436283][T14696] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 377.457107][T14751] loop5: detected capacity change from 0 to 24 [ 377.484296][T14696] BTRFS info (device loop0): using free-space-tree [ 377.511615][T14751] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 377.552714][T14751] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 377.969387][ T7084] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 378.091600][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.098306][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.318485][T14795] loop0: detected capacity change from 0 to 512 [ 379.462661][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 379.541267][T14795] UDF-fs: Scanning with blocksize 512 failed [ 379.618346][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 379.663962][T14795] UDF-fs: Scanning with blocksize 1024 failed [ 379.736303][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 379.820203][T14795] UDF-fs: Scanning with blocksize 2048 failed [ 379.910306][T14795] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 380.076998][T14795] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 380.662226][ T5235] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 380.692065][ T5235] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 380.702186][ T5235] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 380.710581][ T5235] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 380.718936][ T5235] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 380.726328][ T5235] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 381.176903][T14783] loop4: detected capacity change from 0 to 32768 [ 381.306357][T14786] loop5: detected capacity change from 0 to 32768 [ 381.569487][T14821] loop3: detected capacity change from 0 to 512 [ 381.611872][T14821] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 381.673098][T14821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 381.673204][T14821] ext4 filesystem being mounted at /638/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 381.989290][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.029957][T14805] chnl_net:caif_netlink_parms(): no params data found [ 382.791477][ T5235] Bluetooth: hci6: command tx timeout [ 383.299786][T14855] loop3: detected capacity change from 0 to 1024 [ 383.307693][T14856] loop2: detected capacity change from 0 to 512 [ 383.364281][T14856] EXT4-fs (loop2): filesystem is read-only [ 383.406795][T14856] EXT4-fs (loop2): filesystem is read-only [ 383.444048][T14856] EXT4-fs (loop2): orphan cleanup on readonly fs [ 383.484939][T14856] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.3704: bad orphan inode 16 [ 383.532055][T14856] ext4_test_bit(bit=15, block=3) = 0 [ 383.558219][T14856] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 383.661817][T14856] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 3: comm syz.2.3704: lblock 0 mapped to illegal pblock 3 (length 1) [ 383.707002][T14860] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3705'. [ 383.855870][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.220238][T14869] loop5: detected capacity change from 0 to 2048 [ 384.283159][T14869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 384.493431][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.872548][ T5235] Bluetooth: hci6: command tx timeout [ 386.951532][ T5235] Bluetooth: hci6: command tx timeout [ 389.031397][ T5235] Bluetooth: hci6: command tx timeout [ 393.776570][ T5233] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 393.789642][ T5233] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 393.797919][ T5233] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 393.806650][ T5233] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 393.816841][ T5233] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 393.824329][ T5233] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 394.079762][ T5235] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 394.092288][ T5235] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 394.103403][ T5235] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 394.126695][ T5235] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 394.135949][ T5235] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 394.143437][ T5235] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 394.858520][ T5233] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 394.871391][ T5233] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 394.879263][ T5233] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 394.887197][ T5233] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 394.894930][ T5233] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 394.902354][ T5233] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 395.701874][ T5235] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 395.712007][ T5235] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 395.720319][ T5235] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 395.730381][ T5235] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 395.738918][ T5235] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 395.749521][ T5235] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 395.797520][ T5233] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 395.809382][ T5233] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 395.818606][ T5233] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 395.826865][ T5233] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 395.837218][ T5233] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 395.844675][ T5233] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 395.911410][ T5233] Bluetooth: hci7: command tx timeout [ 396.231455][ T5233] Bluetooth: hci8: command tx timeout [ 396.951688][ T5233] Bluetooth: hci9: command tx timeout [ 397.832482][ T5233] Bluetooth: hci10: command tx timeout [ 397.911657][ T5233] Bluetooth: hci11: command tx timeout [ 397.991319][ T5233] Bluetooth: hci7: command tx timeout [ 398.311475][ T5233] Bluetooth: hci8: command tx timeout [ 399.036079][ T5233] Bluetooth: hci9: command tx timeout [ 399.915860][ T5233] Bluetooth: hci10: command tx timeout [ 399.991579][ T5233] Bluetooth: hci11: command tx timeout [ 400.071374][ T5233] Bluetooth: hci7: command tx timeout [ 400.391547][ T5233] Bluetooth: hci8: command tx timeout [ 401.111304][ T5233] Bluetooth: hci9: command tx timeout [ 401.991299][ T5233] Bluetooth: hci10: command tx timeout [ 402.071578][ T5233] Bluetooth: hci11: command tx timeout [ 402.151272][ T5233] Bluetooth: hci7: command tx timeout [ 402.471483][ T5233] Bluetooth: hci8: command tx timeout [ 403.191384][ T5233] Bluetooth: hci9: command tx timeout [ 404.071439][ T5233] Bluetooth: hci10: command tx timeout [ 404.151561][ T5233] Bluetooth: hci11: command tx timeout [ 417.037383][T14805] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.073012][T14805] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.080306][T14805] bridge_slave_0: entered allmulticast mode [ 417.412770][T14805] bridge_slave_0: entered promiscuous mode [ 439.538987][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.545623][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.134067][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 441.151419][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 441.161850][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 441.169964][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 441.177616][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 441.185188][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 443.271821][ T5235] Bluetooth: hci1: command tx timeout [ 445.351862][ T5235] Bluetooth: hci1: command tx timeout [ 447.431681][ T5235] Bluetooth: hci1: command tx timeout [ 449.001044][ C1] sched: DL replenish lagged too much [ 449.511655][ T5235] Bluetooth: hci1: command tx timeout [ 454.892406][ T5233] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 454.911624][ T5233] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 454.923051][ T5233] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 454.935685][ T5233] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 454.946138][ T5233] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 454.954263][ T5233] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 454.988152][ T5235] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 455.003614][ T5235] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 455.013107][ T5235] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 455.032313][ T5235] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 455.041364][ T5235] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 455.049255][ T5235] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 455.499650][ T5233] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 455.510834][ T5233] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 455.529386][ T5233] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 455.539152][ T5233] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 455.551238][ T5233] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 455.560901][ T5233] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 455.862130][ T5235] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 455.873585][ T5235] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 455.882080][ T5235] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 455.890147][ T5235] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 455.898071][ T5235] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 455.910674][ T5235] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 456.191883][ T5233] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 456.206639][ T5233] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 456.215634][ T5233] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 456.223881][ T5233] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 456.231846][ T5233] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 456.239391][ T5233] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 457.031489][ T5233] Bluetooth: hci12: command tx timeout [ 457.111380][ T5233] Bluetooth: hci13: command tx timeout [ 457.591369][ T5233] Bluetooth: hci14: command tx timeout [ 457.991354][ T5233] Bluetooth: hci15: command tx timeout [ 458.311357][ T5233] Bluetooth: hci16: command tx timeout [ 459.121657][ T5233] Bluetooth: hci12: command tx timeout [ 459.192347][ T5233] Bluetooth: hci13: command tx timeout [ 459.671626][ T5233] Bluetooth: hci14: command tx timeout [ 460.071294][ T5233] Bluetooth: hci15: command tx timeout [ 460.399136][ T5233] Bluetooth: hci16: command tx timeout [ 461.191522][ T5233] Bluetooth: hci12: command tx timeout [ 461.271565][ T5235] Bluetooth: hci13: command tx timeout [ 461.751457][ T5233] Bluetooth: hci14: command tx timeout [ 462.151491][ T5233] Bluetooth: hci15: command tx timeout [ 462.474193][ T5233] Bluetooth: hci16: command tx timeout [ 463.271451][ T5233] Bluetooth: hci12: command tx timeout [ 463.351417][ T5233] Bluetooth: hci13: command tx timeout [ 463.831803][ T5233] Bluetooth: hci14: command tx timeout [ 464.232500][ T5233] Bluetooth: hci15: command tx timeout [ 464.551350][ T5233] Bluetooth: hci16: command tx timeout [ 477.511496][T14922] Bluetooth: hci2: command 0x0405 tx timeout [ 500.662636][T14922] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 500.675114][T14922] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 500.683996][T14922] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 500.694947][T14922] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 500.711516][T14922] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 500.719565][T14922] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 500.958365][ T1263] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.964970][ T1263] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.791396][T14922] Bluetooth: hci17: command tx timeout [ 503.042154][T14922] Bluetooth: hci6: command 0x0406 tx timeout [ 504.871379][ T5233] Bluetooth: hci17: command tx timeout [ 506.951426][ T5233] Bluetooth: hci17: command tx timeout [ 509.031481][ T5233] Bluetooth: hci17: command tx timeout [ 515.520837][T14922] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 515.534608][T14922] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 515.543204][T14922] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 515.551900][T14922] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 515.570872][T14922] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 515.602986][T14922] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 515.788627][T14922] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 515.800264][T14922] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 515.809396][T14922] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 515.817513][T14922] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 515.831484][T14922] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 515.842945][T14922] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 516.226122][T14922] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 516.238139][T14922] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 516.252110][T14922] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 516.271707][T14922] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 516.279463][T14922] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 516.286976][T14922] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 516.649082][T14948] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1 [ 516.670426][T14948] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9 [ 516.688841][T14948] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9 [ 516.702287][T14948] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4 [ 516.714343][T14948] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3 [ 516.723274][T14948] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2 [ 516.941508][T14946] Bluetooth: hci22: unexpected cc 0x0c03 length: 249 > 1 [ 516.952420][T14946] Bluetooth: hci22: unexpected cc 0x1003 length: 249 > 9 [ 516.961299][T14946] Bluetooth: hci22: unexpected cc 0x1001 length: 249 > 9 [ 516.970822][T14946] Bluetooth: hci22: unexpected cc 0x0c23 length: 249 > 4 [ 516.978587][T14946] Bluetooth: hci22: unexpected cc 0x0c25 length: 249 > 3 [ 516.987485][T14946] Bluetooth: hci22: unexpected cc 0x0c38 length: 249 > 2 [ 517.671847][T14946] Bluetooth: hci18: command tx timeout [ 517.911310][T14946] Bluetooth: hci19: command tx timeout [ 518.424047][T14948] Bluetooth: hci8: command 0x0406 tx timeout [ 518.430123][T14948] Bluetooth: hci9: command 0x0406 tx timeout [ 518.451149][T14946] Bluetooth: hci7: command 0x0406 tx timeout [ 518.457202][T14946] Bluetooth: hci10: command 0x0406 tx timeout [ 518.463437][T14948] Bluetooth: hci20: command tx timeout [ 518.470540][T14948] Bluetooth: hci11: command 0x0406 tx timeout [ 518.791343][T14944] Bluetooth: hci21: command tx timeout [ 519.031723][T14944] Bluetooth: hci22: command tx timeout [ 519.751282][T14944] Bluetooth: hci18: command tx timeout [ 519.991359][T14944] Bluetooth: hci19: command tx timeout [ 520.561750][T14944] Bluetooth: hci20: command tx timeout [ 520.871455][T14944] Bluetooth: hci21: command tx timeout [ 521.111529][T14944] Bluetooth: hci22: command tx timeout [ 521.831435][T14944] Bluetooth: hci18: command tx timeout [ 522.073534][ T5233] Bluetooth: hci19: command tx timeout [ 522.631348][ T5233] Bluetooth: hci20: command tx timeout [ 522.951352][ T5233] Bluetooth: hci21: command tx timeout [ 523.191431][ T5233] Bluetooth: hci22: command tx timeout [ 523.911343][ T5233] Bluetooth: hci18: command tx timeout [ 524.151327][ T5233] Bluetooth: hci19: command tx timeout [ 524.711350][ T5233] Bluetooth: hci20: command tx timeout [ 525.031301][ T5233] Bluetooth: hci21: command tx timeout [ 525.272718][ T5233] Bluetooth: hci22: command tx timeout [ 531.032066][ T30] INFO: task syz.2.3715:14881 blocked for more than 143 seconds. [ 531.039932][ T30] Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 531.058326][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 531.067059][ T30] task:syz.2.3715 state:D stack:23808 pid:14881 tgid:14881 ppid:10285 flags:0x00000004 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 531.085207][ T30] Call Trace: [ 531.088513][ T30] [ 531.111289][ T30] __schedule+0x1895/0x4b30 [ 531.115914][ T30] ? __pfx___schedule+0x10/0x10 [ 531.120859][ T30] ? __pfx_lock_release+0x10/0x10 [ 531.212314][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 531.217911][ T30] ? schedule+0x90/0x320 [ 531.301033][ T30] schedule+0x14b/0x320 [ 531.332837][ T30] schedule_preempt_disabled+0x13/0x30 [ 531.338381][ T30] __mutex_lock+0x6a7/0xd70 [ 531.381050][ T30] ? __mutex_lock+0x52a/0xd70 [ 531.385830][ T30] ? raw_release+0x1b8/0x8b0 [ 531.390461][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 531.431258][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 531.437235][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 531.471254][ T30] raw_release+0x1b8/0x8b0 [ 531.475749][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 531.511265][ T30] sock_close+0xbe/0x240 [ 531.515609][ T30] ? __pfx_sock_close+0x10/0x10 [ 531.520515][ T30] __fput+0x241/0x880 [ 531.568950][ T30] task_work_run+0x251/0x310 [ 531.581215][ T30] ? __pfx_task_work_run+0x10/0x10 [ 531.586487][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 531.621045][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 531.626863][ T30] do_syscall_64+0x100/0x230 [ 531.648755][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.661165][ T30] RIP: 0033:0x7f60eb17dff9 [ 531.665610][ T30] RSP: 002b:00007ffe6f73b888 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 531.701030][ T30] RAX: 0000000000000000 RBX: 000000000005deeb RCX: 00007f60eb17dff9 [ 531.709048][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 531.751086][ T30] RBP: 00007f60eb337a80 R08: 0000000000000001 R09: 00007ffe6f73bb7f [ 531.759120][ T30] R10: 00007f60eb000000 R11: 0000000000000246 R12: 000000000005df30 [ 531.798976][ T30] R13: 00007ffe6f73b990 R14: 0000000000000032 R15: ffffffffffffffff [ 531.829635][ T30] [ 531.838589][ T30] INFO: task syz.5.3717:14886 blocked for more than 144 seconds. [ 531.868327][ T30] Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 531.881047][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 531.889778][ T30] task:syz.5.3717 state:D stack:27392 pid:14886 tgid:14885 ppid:11106 flags:0x00000004 [ 531.910663][ T30] Call Trace: [ 531.914319][ T30] [ 531.919443][ T30] __schedule+0x1895/0x4b30 [ 531.931136][ T30] ? __pfx___schedule+0x10/0x10 [ 531.936225][ T30] ? __pfx_lock_release+0x10/0x10 [ 531.948978][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 531.955955][ T30] ? schedule+0x90/0x320 [ 531.960246][ T30] schedule+0x14b/0x320 [ 531.972287][ T30] schedule_preempt_disabled+0x13/0x30 [ 531.977802][ T30] __mutex_lock+0x6a7/0xd70 [ 531.987982][ T30] ? __mutex_lock+0x52a/0xd70 [ 531.995200][ T30] ? genl_rcv_msg+0x121/0xec0 [ 532.000005][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 532.010604][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.018570][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 532.031213][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.036887][ T30] ? __local_bh_enable_ip+0x168/0x200 [ 532.049971][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.055820][ T30] ? radix_tree_lookup+0x238/0x290 [ 532.069327][ T30] genl_rcv_msg+0x121/0xec0 [ 532.076180][ T30] ? mark_lock+0x9a/0x360 [ 532.080555][ T30] ? __lock_acquire+0x1384/0x2050 [ 532.091033][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 532.096121][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.109020][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 532.114287][ T30] ? __pfx___might_resched+0x10/0x10 [ 532.119626][ T30] netlink_rcv_skb+0x1e5/0x430 [ 532.131112][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 532.136272][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 532.148927][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 532.154729][ T30] genl_rcv+0x28/0x40 [ 532.158747][ T30] netlink_unicast+0x7f8/0x990 [ 532.172339][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 532.177688][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.190085][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.197069][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.209432][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.215298][ T30] ? __check_object_size+0x48e/0x900 [ 532.220802][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 532.235949][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.243652][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.249618][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 532.260526][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.268510][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 532.279543][ T30] __sock_sendmsg+0x223/0x270 [ 532.287050][ T30] __sys_sendto+0x39b/0x4f0 [ 532.297533][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 532.305198][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 532.310868][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 532.321108][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 532.337136][ T30] ? exc_page_fault+0x590/0x8c0 [ 532.343422][ T30] __x64_sys_sendto+0xde/0x100 [ 532.348226][ T30] do_syscall_64+0xf3/0x230 [ 532.359972][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.367126][ T30] RIP: 0033:0x7fbb7f37fe8c [ 532.378608][ T30] RSP: 002b:00007fbb80247ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 532.388380][ T30] RAX: ffffffffffffffda RBX: 00007fbb80247fc0 RCX: 00007fbb7f37fe8c [ 532.401030][ T30] RDX: 0000000000000020 RSI: 00007fbb80248010 RDI: 0000000000000004 [ 532.409032][ T30] RBP: 0000000000000000 R08: 00007fbb80247f14 R09: 000000000000000c [ 532.425067][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 532.438775][ T30] R13: 00007fbb80247f68 R14: 00007fbb80248010 R15: 0000000000000000 [ 532.455196][ T30] [ 532.458322][ T30] [ 532.458322][ T30] Showing all locks held in the system: [ 532.474339][ T30] 3 locks held by kworker/u8:0/11: [ 532.479471][ T30] #0: ffff88802ddee148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 532.499040][ T30] #1: ffffc90000107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 532.523037][ T30] #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 532.540371][ T30] 1 lock held by khungtaskd/30: [ 532.547503][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 532.558501][ T30] 3 locks held by kworker/u8:2/33: [ 532.571137][ T30] #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 532.590889][ T30] #1: ffffc90000a97d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 532.610066][ T30] #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 532.619324][ T30] 2 locks held by getty/4975: [ 532.624209][ T30] #0: ffff888031cc00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 532.646442][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 532.660578][ T30] 5 locks held by kworker/1:3/5286: [ 532.670255][ T30] 3 locks held by kworker/1:5/5288: [ 532.679265][ T30] #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 532.691181][ T30] #1: ffffc900040d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 532.709363][ T30] #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 532.731120][ T30] 1 lock held by syz.1.3605/14599: [ 532.738509][ T30] #0: ffff88814c80c0e0 (&type->s_umount_key#32){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 532.756982][ T30] 1 lock held by syz-executor/14805: [ 532.763457][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 532.780040][ T30] 1 lock held by syz.0.3699/14839: [ 532.786465][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 532.806855][ T30] 2 locks held by syz.4.3702/14857: [ 532.813369][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 532.829239][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 532.850753][ T30] 3 locks held by syz.3.3712/14876: [ 532.856364][ T30] #0: ffffffff8fd37e70 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 532.876683][ T30] #1: ffffffff8fd37d28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 532.893654][ T30] #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: nl802154_pre_doit+0xb5/0xac0 [ 532.907777][ T30] 2 locks held by syz.2.3715/14881: [ 532.916554][ T30] #0: ffff888060fa6208 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 532.931205][ T30] #1: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: raw_release+0x1b8/0x8b0 [ 532.940174][ T30] 2 locks held by syz.5.3717/14886: [ 532.955368][ T30] #0: ffffffff8fd37e70 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 532.967035][ T30] #1: ffffffff8fd37d28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 532.984701][ T30] 1 lock held by syz-executor/14890: [ 532.990010][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.007574][ T30] 1 lock held by syz-executor/14892: [ 533.014154][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.030363][ T30] 1 lock held by syz-executor/14895: [ 533.037045][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.051114][ T30] 1 lock held by syz-executor/14899: [ 533.056426][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.073196][ T30] 1 lock held by syz-executor/14901: [ 533.078503][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.096330][ T30] 1 lock held by syz-executor/14905: [ 533.104044][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.121108][ T30] 1 lock held by syz-executor/14910: [ 533.126413][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.143488][ T30] 1 lock held by syz-executor/14912: [ 533.155869][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.168905][ T30] 1 lock held by syz-executor/14915: [ 533.179222][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.192212][ T30] 1 lock held by syz-executor/14918: [ 533.197704][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.211107][ T30] 1 lock held by syz-executor/14920: [ 533.216430][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.233301][ T30] 1 lock held by syz-executor/14930: [ 533.238625][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.255880][ T30] 1 lock held by syz-executor/14935: [ 533.264766][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.282747][ T30] 1 lock held by syz-executor/14938: [ 533.288082][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.305473][ T30] 1 lock held by syz-executor/14941: [ 533.310789][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.323352][ T30] 1 lock held by syz-executor/14947: [ 533.328663][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.341031][ T30] 1 lock held by syz-executor/14950: [ 533.346346][ T30] #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 533.365977][ T30] [ 533.368337][ T30] ============================================= [ 533.368337][ T30] [ 533.379571][ T30] NMI backtrace for cpu 0 [ 533.383920][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 533.394440][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 533.404513][ T30] Call Trace: [ 533.407805][ T30] [ 533.410773][ T30] dump_stack_lvl+0x241/0x360 [ 533.415495][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 533.420813][ T30] ? __pfx__printk+0x10/0x10 [ 533.425461][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 533.430435][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 533.435921][ T30] ? _printk+0xd5/0x120 [ 533.440112][ T30] ? __pfx__printk+0x10/0x10 [ 533.444743][ T30] ? __wake_up_klogd+0xcc/0x110 [ 533.449625][ T30] ? __pfx__printk+0x10/0x10 [ 533.454252][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.459909][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 533.464974][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 533.470998][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 533.477015][ T30] watchdog+0xff4/0x1040 [ 533.481292][ T30] ? watchdog+0x1ea/0x1040 [ 533.485751][ T30] ? __pfx_watchdog+0x10/0x10 [ 533.490563][ T30] kthread+0x2f2/0x390 [ 533.494661][ T30] ? __pfx_watchdog+0x10/0x10 [ 533.499541][ T30] ? __pfx_kthread+0x10/0x10 [ 533.504155][ T30] ret_from_fork+0x4d/0x80 [ 533.508604][ T30] ? __pfx_kthread+0x10/0x10 [ 533.513217][ T30] ret_from_fork_asm+0x1a/0x30 [ 533.518032][ T30] [ 533.522230][ T30] Sending NMI from CPU 0 to CPUs 1: [ 533.527462][ C1] NMI backtrace for cpu 1 [ 533.527477][ C1] CPU: 1 UID: 0 PID: 5286 Comm: kworker/1:3 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 533.527504][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 533.527519][ C1] Workqueue: events nsim_dev_trap_report_work [ 533.527551][ C1] RIP: 0010:unwind_next_frame+0x179b/0x22d0 [ 533.527577][ C1] Code: d0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 93 0a 00 00 48 0f bf 03 48 8b 34 24 48 01 c6 49 8d 55 40 4c 89 ef e8 37 0e 00 00 84 c0 <0f> 84 66 01 00 00 49 bc 00 00 00 00 00 fc ff df 48 8b 44 24 20 42 [ 533.527597][ C1] RSP: 0018:ffffc90000a170d0 EFLAGS: 00000202 [ 533.527616][ C1] RAX: 1ffff92000142e01 RBX: ffffffff912b2462 RCX: 0000000000000000 [ 533.527633][ C1] RDX: dffffc0000000000 RSI: ffffc90000a11000 RDI: ffffc90000a17d18 [ 533.527651][ C1] RBP: dffffc0000000000 R08: ffffc90000a17d18 R09: ffffc90000a171f0 [ 533.527668][ C1] R10: dffffc0000000000 R11: fffff52000142e40 R12: ffffc90000a19000 [ 533.527702][ C1] R13: ffffc90000a171a0 R14: ffffffff8a1e0199 R15: ffffc90000a171f0 [ 533.527723][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 533.527743][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 533.527759][ C1] CR2: 00007fff9f664ecc CR3: 000000000e734000 CR4: 0000000000350ef0 [ 533.527777][ C1] Call Trace: [ 533.527785][ C1] [ 533.527794][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 533.527824][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 533.527862][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 533.527890][ C1] ? nmi_handle+0x2a/0x5a0 [ 533.527925][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 533.527957][ C1] ? nmi_handle+0x151/0x5a0 [ 533.527981][ C1] ? nmi_handle+0x2a/0x5a0 [ 533.528006][ C1] ? unwind_next_frame+0x179b/0x22d0 [ 533.528028][ C1] ? default_do_nmi+0x63/0x160 [ 533.528059][ C1] ? exc_nmi+0x123/0x1f0 [ 533.528092][ C1] ? end_repeat_nmi+0xf/0x53 [ 533.528115][ C1] ? ip_route_output_flow+0x29/0x140 [ 533.528154][ C1] ? unwind_next_frame+0x179b/0x22d0 [ 533.528177][ C1] ? unwind_next_frame+0x179b/0x22d0 [ 533.528201][ C1] ? unwind_next_frame+0x179b/0x22d0 [ 533.528224][ C1] [ 533.528232][ C1] [ 533.528246][ C1] ? ip_route_output_key_hash+0x193/0x2b0 [ 533.528282][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 533.528312][ C1] arch_stack_walk+0x11c/0x150 [ 533.528342][ C1] ? ip_route_output_flow+0x29/0x140 [ 533.528376][ C1] stack_trace_save+0x118/0x1d0 [ 533.528406][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 533.528435][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.528466][ C1] save_stack+0xfb/0x1f0 [ 533.528490][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.528514][ C1] ? mark_lock+0x9a/0x360 [ 533.528537][ C1] ? __pfx_save_stack+0x10/0x10 [ 533.528560][ C1] ? post_alloc_hook+0x1f3/0x230 [ 533.528593][ C1] ? get_page_from_freelist+0x3045/0x3190 [ 533.528618][ C1] ? __alloc_pages_noprof+0x292/0x710 [ 533.528642][ C1] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 533.528670][ C1] ? alloc_slab_page+0x6a/0x120 [ 533.528693][ C1] ? allocate_slab+0x5a/0x2f0 [ 533.528714][ C1] ? ___slab_alloc+0xcd1/0x14b0 [ 533.528748][ C1] ? __slab_alloc+0x58/0xa0 [ 533.528780][ C1] ? kmem_cache_alloc_noprof+0x1c1/0x2a0 [ 533.528809][ C1] ? dst_alloc+0x12b/0x190 [ 533.528830][ C1] ? ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 533.528865][ C1] ? ip_route_output_key_hash+0x193/0x2b0 [ 533.528908][ C1] __set_page_owner+0x92/0x800 [ 533.528931][ C1] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 533.528964][ C1] ? get_page_from_freelist+0x87d/0x3190 [ 533.528990][ C1] ? __pfx_lock_release+0x10/0x10 [ 533.529025][ C1] ? __pfx___set_page_owner+0x10/0x10 [ 533.529056][ C1] post_alloc_hook+0x1f3/0x230 [ 533.529096][ C1] get_page_from_freelist+0x3045/0x3190 [ 533.529141][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529177][ C1] __alloc_pages_noprof+0x292/0x710 [ 533.529201][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529228][ C1] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 533.529260][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529285][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529315][ C1] alloc_pages_mpol_noprof+0x3e8/0x680 [ 533.529347][ C1] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 533.529378][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 533.529414][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529438][ C1] ? alloc_pages_noprof+0x43/0x170 [ 533.529468][ C1] alloc_slab_page+0x6a/0x120 [ 533.529491][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.529518][ C1] allocate_slab+0x5a/0x2f0 [ 533.529543][ C1] ___slab_alloc+0xcd1/0x14b0 [ 533.529579][ C1] ? dst_alloc+0x12b/0x190 [ 533.529605][ C1] ? dst_alloc+0x12b/0x190 [ 533.529625][ C1] __slab_alloc+0x58/0xa0 [ 533.529660][ C1] ? dst_alloc+0x12b/0x190 [ 533.529681][ C1] kmem_cache_alloc_noprof+0x1c1/0x2a0 [ 533.529715][ C1] dst_alloc+0x12b/0x190 [ 533.529738][ C1] ip_route_output_key_hash_rcu+0x13cc/0x2390 [ 533.529784][ C1] ip_route_output_key_hash+0x193/0x2b0 [ 533.529818][ C1] ? ip_route_output_key_hash+0xdf/0x2b0 [ 533.529853][ C1] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 533.529891][ C1] ? __pfx_lock_release+0x10/0x10 [ 533.529925][ C1] ? __asan_memset+0x23/0x50 [ 533.529967][ C1] ip_route_output_flow+0x29/0x140 [ 533.530000][ C1] ip_route_me_harder+0x80d/0x1300 [ 533.530039][ C1] ? __pfx_ip_route_me_harder+0x10/0x10 [ 533.530075][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.530100][ C1] ? __kmalloc_node_track_caller_noprof+0x242/0x440 [ 533.530147][ C1] synproxy_send_tcp+0x356/0x6c0 [ 533.530186][ C1] synproxy_send_client_synack+0x8b8/0xf30 [ 533.530228][ C1] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 533.530260][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.530288][ C1] ? synproxy_pernet+0x45/0x270 [ 533.530322][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.530349][ C1] nft_synproxy_eval_v4+0x3ca/0x610 [ 533.530388][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 533.530425][ C1] ? nf_ip_checksum+0x13a/0x500 [ 533.530464][ C1] nft_synproxy_do_eval+0x362/0xa60 [ 533.530503][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 533.530537][ C1] ? ip_vs_conn_hashkey_param+0x3ad/0x6b0 [ 533.530573][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 533.530610][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.530635][ C1] ? ip_vs_conn_out_get+0xba6/0xc00 [ 533.530671][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.530700][ C1] nft_do_chain+0x4af/0x1da0 [ 533.530740][ C1] ? tcp_conn_schedule+0x45e/0x880 [ 533.530776][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 533.530829][ C1] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 533.530854][ C1] ? __pfx_ip_vs_in_hook+0x10/0x10 [ 533.530881][ C1] nft_do_chain_inet+0x418/0x6b0 [ 533.530918][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 533.530964][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 533.531003][ C1] nf_hook_slow+0xc5/0x220 [ 533.531040][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 533.531073][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 533.531102][ C1] NF_HOOK+0x29e/0x450 [ 533.531128][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.531158][ C1] ? NF_HOOK+0x9a/0x450 [ 533.531184][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 533.531215][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 533.531248][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.531276][ C1] ? ip_rcv_finish+0x406/0x560 [ 533.531306][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 533.531335][ C1] NF_HOOK+0x3a6/0x450 [ 533.531361][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.531388][ C1] ? __lock_acquire+0x1384/0x2050 [ 533.531427][ C1] ? NF_HOOK+0x9a/0x450 [ 533.531455][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 533.531481][ C1] ? ip_rcv_core+0x801/0xd10 [ 533.531511][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 533.531545][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 533.531575][ C1] __netif_receive_skb+0x2bf/0x650 [ 533.531609][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 533.531646][ C1] ? __pfx___netif_receive_skb+0x10/0x10 [ 533.531675][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 533.531710][ C1] ? __pfx_lock_release+0x10/0x10 [ 533.531746][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 533.531788][ C1] process_backlog+0x662/0x15b0 [ 533.531823][ C1] ? process_backlog+0x33b/0x15b0 [ 533.531860][ C1] ? __pfx_process_backlog+0x10/0x10 [ 533.531890][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 533.531928][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 533.531966][ C1] __napi_poll+0xcd/0x490 [ 533.531996][ C1] net_rx_action+0x89b/0x1240 [ 533.532042][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 533.532077][ C1] ? __pfx_tmigr_handle_remote+0x10/0x10 [ 533.532135][ C1] handle_softirqs+0x2c7/0x980 [ 533.532170][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 533.532204][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 533.532237][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.532262][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 533.532287][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 533.532318][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 533.532353][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.532379][ C1] irq_exit_rcu+0x9/0x30 [ 533.532409][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 533.532443][ C1] [ 533.532450][ C1] [ 533.532459][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 533.532482][ C1] RIP: 0010:kasan_check_range+0x6a/0x290 [ 533.532511][ C1] Code: 00 00 00 00 00 fc ff df 4e 8d 1c 13 49 ff c8 4d 89 c1 49 c1 e9 03 49 be 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd <48> 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48 [ 533.532530][ C1] RSP: 0018:ffffc900040f7460 EFLAGS: 00000202 [ 533.532550][ C1] RAX: ffffc900040f7901 RBX: 1ffff9200081eeba RCX: ffffffff8141732b [ 533.532568][ C1] RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc900040f75d0 [ 533.532584][ C1] RBP: 0000000000000002 R08: ffffc900040f75df R09: 1ffff9200081eebb [ 533.532600][ C1] R10: dffffc0000000000 R11: fffff5200081eeba R12: ffffc900040f8000 [ 533.532617][ C1] R13: ffffc900040f7580 R14: dffffc0000000001 R15: fffff5200081eebc [ 533.532640][ C1] ? unwind_next_frame+0xcfb/0x22d0 [ 533.532669][ C1] __asan_memset+0x23/0x50 [ 533.532703][ C1] ? __kmalloc_node_track_caller_noprof+0x225/0x440 [ 533.532737][ C1] unwind_next_frame+0xcfb/0x22d0 [ 533.532764][ C1] ? __kasan_kmalloc+0x98/0xb0 [ 533.532791][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 533.532821][ C1] arch_stack_walk+0x11c/0x150 [ 533.532850][ C1] ? __kmalloc_node_track_caller_noprof+0x225/0x440 [ 533.532901][ C1] stack_trace_save+0x118/0x1d0 [ 533.532931][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 533.532958][ C1] ? stack_trace_save+0x118/0x1d0 [ 533.532986][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 533.533012][ C1] ? arch_stack_walk+0x11c/0x150 [ 533.533042][ C1] kasan_save_track+0x3f/0x80 [ 533.533064][ C1] ? kasan_save_track+0x3f/0x80 [ 533.533090][ C1] ? __kasan_kmalloc+0x98/0xb0 [ 533.533145][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.533172][ C1] __kasan_kmalloc+0x98/0xb0 [ 533.533198][ C1] __kmalloc_node_track_caller_noprof+0x225/0x440 [ 533.533231][ C1] ? __alloc_skb+0x1f3/0x440 [ 533.533256][ C1] ? __alloc_skb+0x1f3/0x440 [ 533.533277][ C1] kmalloc_reserve+0x111/0x2a0 [ 533.533302][ C1] __alloc_skb+0x1f3/0x440 [ 533.533323][ C1] ? kasan_quarantine_put+0xdc/0x230 [ 533.533345][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.533373][ C1] ? __pfx___alloc_skb+0x10/0x10 [ 533.533395][ C1] ? nsim_dev_trap_report_work+0x6d0/0xaa0 [ 533.533422][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.533448][ C1] ? nsim_dev_trap_report_work+0x765/0xaa0 [ 533.533478][ C1] nsim_dev_trap_report_work+0x254/0xaa0 [ 533.533515][ C1] ? process_scheduled_works+0x976/0x1850 [ 533.533549][ C1] process_scheduled_works+0xa65/0x1850 [ 533.533599][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 533.533638][ C1] ? assign_work+0x364/0x3d0 [ 533.533672][ C1] worker_thread+0x870/0xd30 [ 533.533707][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.533734][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 533.533759][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 533.533796][ C1] ? __kthread_parkme+0x169/0x1d0 [ 533.533832][ C1] ? __pfx_worker_thread+0x10/0x10 [ 533.533866][ C1] kthread+0x2f2/0x390 [ 533.533888][ C1] ? __pfx_worker_thread+0x10/0x10 [ 533.533920][ C1] ? __pfx_kthread+0x10/0x10 [ 533.533944][ C1] ret_from_fork+0x4d/0x80 [ 533.533978][ C1] ? __pfx_kthread+0x10/0x10 [ 533.534001][ C1] ret_from_fork_asm+0x1a/0x30 [ 533.534043][ C1] [ 534.798772][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 534.805772][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 [ 534.816310][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 534.826391][ T30] Call Trace: [ 534.829685][ T30] [ 534.832631][ T30] dump_stack_lvl+0x241/0x360 [ 534.837342][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 534.842568][ T30] ? __pfx__printk+0x10/0x10 [ 534.847193][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 534.853218][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 534.858878][ T30] ? vscnprintf+0x5d/0x90 [ 534.863236][ T30] panic+0x349/0x880 [ 534.867168][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 534.872918][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 534.879110][ T30] ? __pfx_panic+0x10/0x10 [ 534.883600][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 534.889010][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 534.894675][ T30] ? __irq_work_queue_local+0x137/0x410 [ 534.900273][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 534.905932][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 534.911332][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 534.917516][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 534.923712][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 534.929375][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 534.935565][ T30] watchdog+0x1033/0x1040 [ 534.939933][ T30] ? watchdog+0x1ea/0x1040 [ 534.944479][ T30] ? __pfx_watchdog+0x10/0x10 [ 534.949275][ T30] kthread+0x2f2/0x390 [ 534.953370][ T30] ? __pfx_watchdog+0x10/0x10 [ 534.958087][ T30] ? __pfx_kthread+0x10/0x10 [ 534.962712][ T30] ret_from_fork+0x4d/0x80 [ 534.967174][ T30] ? __pfx_kthread+0x10/0x10 [ 534.971793][ T30] ret_from_fork_asm+0x1a/0x30 [ 534.976622][ T30] [ 534.979893][ T30] Kernel Offset: disabled [ 534.984273][ T30] Rebooting in 86400 seconds..