last executing test programs: 22.875201593s ago: executing program 3 (id=1038): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) writev(r0, &(0x7f0000000680)=[{&(0x7f0000000040)='9', 0x1}], 0x1) 22.602847535s ago: executing program 3 (id=1103): syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000080)={[{@nossd_spread}, {@nodatasum}, {@compress_force}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@flushoncommit}, {@autodefrag}, {@acl}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000240)=ANY=[@ANYBLOB="000000000000fdff1f"]) 21.421939094s ago: executing program 3 (id=1107): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) syz_io_uring_submit(r0, 0x0, 0x0) read(r1, &(0x7f0000001600)=""/233, 0xe9) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000040), 0x0, 0x4) ioctl$UFFDIO_COPY(r1, 0x8010aa02, &(0x7f0000000400)={&(0x7f0000272000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x4000}) 19.280053487s ago: executing program 3 (id=1110): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 17.995789029s ago: executing program 3 (id=1113): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8008, &(0x7f0000000840)=ANY=[@ANYRESOCT, @ANYRESOCT=0x0, @ANYRES16, @ANYRES16, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES32, @ANYRESOCT, @ANYBLOB="9c649ea1573fdbee79149086c5d33aa8d8b01bd3ce700e2b0c56ab806ef73a90a38c76f5ddd9a41b18f619863204a6d5a0a88e125646842fdb47bb7ee8b57d499bcc43cac791ef89c2e1f1d47f46cbd5efd2b36d3d0dd1e66fc40d8a665f094903921c32ca23bda1207fc6a6b896c714b66eabab65b55da2", @ANYRES8, @ANYRESDEC, @ANYRESHEX=0x0, @ANYRES8], 0xf, 0xb6, &(0x7f00000001c0)="$eJzs1zFKxEAYBeCXCDGtjQgW2qbxDp7F0kqsFEG8gRfxKh4hvYVFOhF1RJNlCdul2IXl+4qBN4+fmfZ//Xw5fe6S8piU7uTmrazd3t1fP+XvTJWZJuyHOslhkjbJ2dGY3y/Hrpr6fni46oeD843h5qOUsvDh7+WjAADAMnUu5vmnTBdf0xb4H45Xfbvl/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2m8AAAD//6ykLvo=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fsync(r0) unlink(&(0x7f0000000080)='./file1\x00') 16.952960212s ago: executing program 3 (id=1116): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 10.196563411s ago: executing program 4 (id=1141): r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000580)) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x2b464cc, 0x0, 0x0, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0xd8f3dccb89506ebe, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) r6 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) lseek(r4, 0x1, 0x1) r7 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmsg(r7, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) close_range(r2, 0xffffffffffffffff, 0x0) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000080)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000780), 0x220000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x64}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x98, &(0x7f00000000c0)=""/152}, 0x80) 8.500633116s ago: executing program 2 (id=1147): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x101c02, 0x0) pwritev(r0, &(0x7f0000001780)=[{&(0x7f0000000400)="f7", 0x1}, {&(0x7f0000000700)="79f8bdbc37a8fa771cbfe270f5960eb6118e83d2635d577b4017f249c25d0193b9fed92402501468bf3e7b0050f090d25a4890b98adc12c8ea507a0d93a7a7fb", 0x40}], 0x2, 0x0, 0x0) 8.44371261s ago: executing program 4 (id=1148): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) r0 = epoll_create1(0x0) epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x0, 0x0, 0x0) 8.365416009s ago: executing program 4 (id=1149): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6163746976655f6c6f67733d342c6163746976655f6c6f67733d342c6e6f71756f74612c66617374626f6f742c66617374626f6f742c70726a6a71756f74613d2d7b2c6a71666d743d766673763100800000656e745f63616368652c66617374626f6f742c00"], 0x1, 0x54f9, &(0x7f000000ab40)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e") 8.323477833s ago: executing program 2 (id=1150): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xffeff038}, {0x6}]}, 0x10) r2 = fcntl$dupfd(r0, 0x0, r1) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newqdisc={0x24, 0x24, 0x100}, 0x24}}, 0x0) 8.175025148s ago: executing program 2 (id=1151): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x140x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r0, 0x0, 0x0}) io_uring_enter(r0, 0x54, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): yz [ 167.001692][ T5176] usb 1-1: config 0 descriptor?? [ 167.048339][ T6719] loop4: detected capacity change from 0 to 64 [ 167.238691][ T6722] loop1: detected capacity change from 0 to 256 [ 167.350254][ T6724] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7( n@8A5W/7|{?hT8#&3r?3U 1 [ 170.956498][ T5113] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 170.964971][ T5113] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 170.973127][ T5113] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 170.981881][ T5113] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 170.990942][ T5113] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 171.211918][ T6766] loop1: detected capacity change from 0 to 4096 [ 171.322986][ T6779] loop0: detected capacity change from 0 to 164 [ 172.177090][ T6780] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 172.441935][ T75] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.534728][ T75] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.564262][ T6787] loop0: detected capacity change from 0 to 1024 [ 172.590640][ T6787] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 172.641187][ T6787] hfsplus: xattr searching failed [ 172.758973][ T75] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.086220][ T5113] Bluetooth: hci4: command tx timeout [ 173.226203][ T6800] xt_policy: neither incoming nor outgoing policy selected [ 173.272986][ T75] bridge_slave_1: left allmulticast mode [ 173.279667][ T75] bridge_slave_1: left promiscuous mode [ 173.291464][ T75] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.333140][ T75] bridge_slave_0: left allmulticast mode [ 173.361238][ T75] bridge_slave_0: left promiscuous mode [ 173.373458][ T75] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.685947][ T6813] loop0: detected capacity change from 0 to 2048 [ 173.737419][ T6813] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.846994][ T6813] EXT4-fs (loop0): Online defrag not supported with bigalloc [ 173.992582][ T5866] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.032915][ T6822] loop4: detected capacity change from 0 to 512 [ 174.091440][ T6822] EXT4-fs (loop4): orphan cleanup on readonly fs [ 174.113506][ T6822] __quota_error: 1 callbacks suppressed [ 174.113530][ T6822] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 174.136561][ T6822] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 174.148508][ T6822] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz.4.543: Failed to acquire dquot type 1 [ 174.229470][ T6822] EXT4-fs (loop4): 1 truncate cleaned up [ 174.251880][ T6822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 174.315872][ T6822] 9pnet_fd: Insufficient options for proto=fd [ 174.322700][ T6827] loop0: detected capacity change from 0 to 1764 [ 174.448555][ T6328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.529450][ T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.555914][ T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.578527][ T75] bond0 (unregistering): Released all slaves [ 174.590268][ T6820] loop1: detected capacity change from 0 to 40427 [ 174.618342][ T6774] chnl_net:caif_netlink_parms(): no params data found [ 174.657783][ T6820] F2FS-fs (loop1): invalid crc value [ 174.683563][ T6820] F2FS-fs (loop1): Found nat_bits in checkpoint [ 174.821820][ T6820] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 174.835421][ T1792] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 174.958955][ T6774] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.968114][ T6774] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.980100][ T6774] bridge_slave_0: entered allmulticast mode [ 175.001578][ T6774] bridge_slave_0: entered promiscuous mode [ 175.036040][ T1792] usb 1-1: Using ep0 maxpacket: 16 [ 175.070037][ T1792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.085514][ T1792] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.113922][ T6774] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.123359][ T1792] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 175.140359][ T6774] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.153540][ T6774] bridge_slave_1: entered allmulticast mode [ 175.164165][ T1792] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 175.178085][ T5113] Bluetooth: hci4: command tx timeout [ 175.202912][ T6774] bridge_slave_1: entered promiscuous mode [ 175.210415][ T1792] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.226780][ T1792] usb 1-1: config 0 descriptor?? [ 175.289274][ T5101] syz-executor: attempt to access beyond end of device [ 175.289274][ T5101] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 175.311927][ T5101] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 175.362156][ T6852] loop4: detected capacity change from 0 to 2048 [ 175.415929][ T6852] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 175.423753][ T75] hsr_slave_0: left promiscuous mode [ 175.430292][ T6852] UDF-fs: Scanning with blocksize 512 failed [ 175.438083][ T75] hsr_slave_1: left promiscuous mode [ 175.464076][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 175.472353][ T75] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 175.483175][ T6852] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 175.500243][ T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.515683][ T75] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.563108][ T75] veth1_macvtap: left promiscuous mode [ 175.570632][ T75] veth0_macvtap: left promiscuous mode [ 175.594949][ T75] veth1_vlan: left promiscuous mode [ 175.602086][ T75] veth0_vlan: left promiscuous mode [ 175.665535][ T6829] loop0: detected capacity change from 0 to 8 [ 175.682388][ T6829] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 175.726111][ T1792] usbhid 1-1:0.0: can't add hid device: -71 [ 175.742881][ T1792] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 175.774593][ T1792] usb 1-1: USB disconnect, device number 5 [ 176.435641][ T6863] hub 6-0:1.0: USB hub found [ 176.443014][ T6863] hub 6-0:1.0: 1 port detected [ 176.765691][ T5176] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 176.826012][ T75] team0 (unregistering): Port device team_slave_1 removed [ 176.969031][ T5176] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.981438][ T75] team0 (unregistering): Port device team_slave_0 removed [ 177.000840][ T5176] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.033724][ T5176] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 177.045324][ T5176] usb 1-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 177.076362][ T5176] usb 1-1: Product: syz [ 177.113278][ T5176] usb 1-1: config 0 descriptor?? [ 177.235783][ T5113] Bluetooth: hci4: command tx timeout [ 177.389337][ T5102] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 177.411361][ T5102] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 177.421117][ T5102] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 177.449250][ T5102] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 177.466923][ T5102] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 177.477863][ T5102] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 177.572252][ T5176] konepure 0003:1E7D:2DB4.0002: unknown global tag 0xc [ 177.585420][ T5176] konepure 0003:1E7D:2DB4.0002: item 0 2 1 12 parsing failed [ 177.602032][ T5176] konepure 0003:1E7D:2DB4.0002: parse failed [ 177.612774][ T5176] konepure 0003:1E7D:2DB4.0002: probe with driver konepure failed with error -22 [ 178.017143][ T5176] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 178.076444][ T6774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.097810][ T6774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.119975][ T6878] netlink: 92 bytes leftover after parsing attributes in process `syz.1.560'. [ 178.129986][ T6878] Zero length message leads to an empty skb [ 178.217825][ T5176] usb 5-1: Using ep0 maxpacket: 16 [ 178.238196][ T5176] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.260370][ T6774] team0: Port device team_slave_0 added [ 178.266829][ T5176] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.279598][ T5176] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 178.304509][ T6774] team0: Port device team_slave_1 added [ 178.312341][ T5176] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 178.331457][ T5176] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.367735][ T5176] usb 5-1: config 0 descriptor?? [ 178.432499][ T6774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.460662][ T6774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.483406][ T6890] netlink: 'syz.1.566': attribute type 11 has an invalid length. [ 178.492795][ T6774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.535085][ T6774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.542447][ T6774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.568684][ T6774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.759039][ T6774] hsr_slave_0: entered promiscuous mode [ 178.767051][ T6774] hsr_slave_1: entered promiscuous mode [ 178.810335][ T6884] loop4: detected capacity change from 0 to 8 [ 178.838865][ T6884] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 178.886794][ T5176] usbhid 5-1:0.0: can't add hid device: -71 [ 178.892872][ T5176] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 178.904648][ T5176] usb 5-1: USB disconnect, device number 6 [ 179.022594][ T4874] usb 1-1: USB disconnect, device number 6 [ 179.231792][ T6869] chnl_net:caif_netlink_parms(): no params data found [ 179.316052][ T5102] Bluetooth: hci4: command tx timeout [ 179.378183][ T6869] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.386798][ T6869] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.394433][ T6869] bridge_slave_0: entered allmulticast mode [ 179.403298][ T6869] bridge_slave_0: entered promiscuous mode [ 179.413101][ T6869] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.420798][ T6869] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.428394][ T6869] bridge_slave_1: entered allmulticast mode [ 179.436151][ T6869] bridge_slave_1: entered promiscuous mode [ 179.465453][ T46] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 179.499936][ T6869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.533998][ T6869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.555667][ T5102] Bluetooth: hci5: command tx timeout [ 179.632408][ T6869] team0: Port device team_slave_0 added [ 179.661362][ T46] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 179.670856][ T6907] netlink: 4 bytes leftover after parsing attributes in process `syz.4.571'. [ 179.685706][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.703618][ T46] usb 2-1: config 0 descriptor?? [ 179.737467][ T6869] team0: Port device team_slave_1 added [ 179.875565][ T6774] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 179.888629][ T6774] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 179.952563][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.982525][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.011031][ T46] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 180.029313][ T6869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.035446][ T46] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 180.055851][ T46] [drm:udl_init] *ERROR* Selecting channel failed [ 180.072227][ T6869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.089353][ T46] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 180.091961][ T6869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.105508][ T46] [drm] Initialized udl on minor 2 [ 180.131012][ T6869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.139019][ T46] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 180.169991][ T46] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 180.172554][ T6774] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 180.197211][ T4874] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 180.207919][ T46] usb 2-1: USB disconnect, device number 4 [ 180.224252][ T4874] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 180.313895][ T6774] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 180.419845][ T6869] hsr_slave_0: entered promiscuous mode [ 180.430772][ T6869] hsr_slave_1: entered promiscuous mode [ 180.443138][ T6924] loop0: detected capacity change from 0 to 256 [ 180.449620][ T6869] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.463996][ T6869] Cannot create hsr debugfs directory [ 180.625843][ T5176] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 180.825730][ T5176] usb 5-1: Using ep0 maxpacket: 16 [ 180.837067][ T5176] usb 5-1: config 0 has no interfaces? [ 180.855854][ T5176] usb 5-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice= 7.fb [ 180.879353][ T5176] usb 5-1: New USB device strings: Mfr=7, Product=130, SerialNumber=11 [ 180.905521][ T5176] usb 5-1: Product: syz [ 180.909754][ T5176] usb 5-1: Manufacturer: syz [ 180.919486][ T5176] usb 5-1: SerialNumber: syz [ 180.930631][ T5176] usb 5-1: config 0 descriptor?? [ 180.971522][ T6869] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.100134][ T6869] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.244405][ T6869] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.275868][ T5176] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 181.290389][ T6907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'. [ 181.331894][ T6774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.388465][ T46] usb 5-1: USB disconnect, device number 7 [ 181.402603][ T6869] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.477770][ T5176] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 181.504349][ T5176] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 181.507628][ T6774] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.531954][ T5176] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice=10.00 [ 181.541423][ T5176] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.567689][ T1792] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.575297][ T1792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.580352][ T5176] usb 2-1: config 0 descriptor?? [ 181.629987][ T1792] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.637262][ T1792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.656504][ T5102] Bluetooth: hci5: command tx timeout [ 181.690211][ T6936] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 181.833318][ T6931] netlink: 224 bytes leftover after parsing attributes in process `syz.1.581'. [ 181.909026][ T6940] EXT4-fs warning (device sda1): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled. [ 181.942195][ T6869] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 181.963539][ T6869] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 182.031970][ T6869] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 182.056390][ T6869] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 182.078035][ T5176] hid-multitouch 0003:1FD2:6007.0003: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0 [ 182.455849][ T6950] loop4: detected capacity change from 0 to 256 [ 182.593759][ T6954] MTD: Couldn't look up './file1': -15 [ 182.676197][ T46] usb 2-1: USB disconnect, device number 5 [ 182.836587][ T6957] loop4: detected capacity change from 0 to 8 [ 182.837482][ T6774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 183.060725][ T6869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.112258][ T6774] veth0_vlan: entered promiscuous mode [ 183.162631][ T6869] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.186586][ T6774] veth1_vlan: entered promiscuous mode [ 183.218986][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.226242][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.272840][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.280050][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.439710][ T6962] loop1: detected capacity change from 0 to 128 [ 183.453696][ T6774] veth0_macvtap: entered promiscuous mode [ 183.514796][ T6774] veth1_macvtap: entered promiscuous mode [ 183.649611][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.671614][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.685534][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.706787][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.717207][ T5102] Bluetooth: hci5: command tx timeout [ 183.730665][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.743983][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.756337][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 183.766893][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.779580][ T6774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.857807][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.876080][ T6964] netlink: 16 bytes leftover after parsing attributes in process `syz.1.592'. [ 183.895093][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.914632][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.933641][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.945147][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 183.967817][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 183.984639][ T6774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 184.004922][ T6774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 184.023948][ T6774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.097344][ T6774] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.107031][ T6774] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.128307][ T6774] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.141805][ T6774] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.170761][ T6973] loop4: detected capacity change from 0 to 1764 [ 184.221322][ T6976] loop1: detected capacity change from 0 to 256 [ 184.387255][ T6981] MTD: Couldn't look up './file1': -15 [ 184.535579][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.554139][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.590515][ T6985] loop4: detected capacity change from 0 to 512 [ 184.618959][ T6985] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 184.662984][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.683989][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 184.719708][ T6992] loop1: detected capacity change from 0 to 256 [ 184.726086][ T6985] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #17: comm syz.4.599: iget: bad i_size value: -6917529027641081756 [ 184.726654][ T6985] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.599: couldn't read orphan inode 17 (err -117) [ 184.798215][ T6869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.822216][ T6985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.949109][ T6985] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.599: bg 0: block 65: padding at end of block bitmap is not set [ 184.953261][ T29] audit: type=1326 audit(1719520698.428:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 184.967842][ T6985] Quota error (device loop4): write_blk: dquota write failed [ 185.006121][ T6992] Process accounting resumed [ 185.031539][ T6992] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00006005) [ 185.061670][ T29] audit: type=1326 audit(1719520698.468:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.066116][ T6985] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 185.103173][ T6992] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006005) [ 185.127477][ T29] audit: type=1326 audit(1719520698.468:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.150698][ T6985] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz.4.599: Failed to acquire dquot type 0 [ 185.182448][ T6999] loop3: detected capacity change from 0 to 256 [ 185.186105][ T29] audit: type=1326 audit(1719520698.468:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.199811][ T6999] udf: Unknown parameter '01777777777777777777777' [ 185.255380][ T29] audit: type=1326 audit(1719520698.478:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.303359][ T29] audit: type=1326 audit(1719520698.478:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.350274][ T6869] veth0_vlan: entered promiscuous mode [ 185.364719][ T29] audit: type=1326 audit(1719520698.478:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.402533][ T29] audit: type=1326 audit(1719520698.508:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.3.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b2e975b29 code=0x7ffc0000 [ 185.455880][ T6328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.457226][ T7001] loop1: detected capacity change from 0 to 256 [ 185.530898][ T6869] veth1_vlan: entered promiscuous mode [ 185.547669][ T7001] FAT-fs (loop1): Directory bread(block 64) failed [ 185.576723][ T7001] FAT-fs (loop1): Directory bread(block 65) failed [ 185.583523][ T7001] FAT-fs (loop1): Directory bread(block 66) failed [ 185.589986][ T7003] netlink: 16 bytes leftover after parsing attributes in process `syz.4.603'. [ 185.651676][ T7001] FAT-fs (loop1): Directory bread(block 67) failed [ 185.659624][ T7001] FAT-fs (loop1): Directory bread(block 68) failed [ 185.697570][ T7001] FAT-fs (loop1): Directory bread(block 69) failed [ 185.704290][ T7001] FAT-fs (loop1): Directory bread(block 70) failed [ 185.744293][ T7001] FAT-fs (loop1): Directory bread(block 71) failed [ 185.785929][ T7001] FAT-fs (loop1): Directory bread(block 72) failed [ 185.792566][ T7001] FAT-fs (loop1): Directory bread(block 73) failed [ 185.801934][ T5102] Bluetooth: hci5: command tx timeout [ 185.896713][ T6869] veth0_macvtap: entered promiscuous mode [ 188.268436][ T6869] veth1_macvtap: entered promiscuous mode [ 188.526704][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.547637][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.570675][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.594643][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.615482][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.626766][ T7021] capability: warning: `syz.4.610' uses deprecated v2 capabilities in a way that may be insecure [ 188.635856][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.653639][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.667832][ T7021] program syz.4.610 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 188.687937][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.703970][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.725145][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.744837][ T6869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.824271][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.850972][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.888815][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.895920][ C1] sd 0:0:1:0: [sda] tag#8093 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 188.909766][ C1] sd 0:0:1:0: [sda] tag#8093 CDB: Write(6) 0a 00 00 00 00 00 [ 188.940400][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.983368][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.003905][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.023306][ T7023] loop0: detected capacity change from 0 to 64 [ 189.029780][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.040727][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.072593][ T6869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.087114][ T6869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.099321][ T6869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 189.132705][ T7025] sch_tbf: peakrate 3 is lower than or equals to rate 7694164499349936757 ! [ 189.183598][ T6869] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.210356][ T6869] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.229864][ T6869] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.248820][ T6869] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.978209][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.005618][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.149504][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.184473][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.566840][ T7027] loop4: detected capacity change from 0 to 32768 [ 190.574777][ T7027] XFS: noikeep mount option is deprecated. [ 190.599798][ T7027] XFS: noikeep mount option is deprecated. [ 190.620831][ T7027] xfs: Unknown parameter 'biosize' [ 191.019504][ T7058] loop2: detected capacity change from 0 to 1764 [ 191.077824][ T7027] erofs: (device loop4): erofs_read_superblock: cannot find valid erofs superblock [ 191.187897][ T7062] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 191.272893][ T7041] loop1: detected capacity change from 0 to 40427 [ 191.338644][ T7041] F2FS-fs (loop1): invalid crc value [ 191.362589][ T7041] F2FS-fs (loop1): Found nat_bits in checkpoint [ 191.566280][ T7041] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 191.638627][ T5108] Bluetooth: hci1: command 0x0406 tx timeout [ 191.644847][ T5108] Bluetooth: hci3: command 0x0406 tx timeout [ 192.170218][ T7084] syz.1.620: attempt to access beyond end of device [ 192.170218][ T7084] loop1: rw=2049, sector=77824, nr_sectors = 544 limit=40427 [ 192.327295][ T5101] syz-executor: attempt to access beyond end of device [ 192.327295][ T5101] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 192.385965][ T5101] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 192.525817][ T5113] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 192.541575][ T5113] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 192.558577][ T5113] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 192.568717][ T5113] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 192.583250][ T5113] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 192.590823][ T5113] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 192.715434][ T4874] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 192.918413][ T4874] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 192.935025][ T4874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.957453][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.973631][ T4874] usb 1-1: Product: syz [ 192.989100][ T4874] usb 1-1: Manufacturer: syz [ 193.013260][ T4874] usb 1-1: SerialNumber: syz [ 193.072445][ T4874] usb 1-1: config 0 descriptor?? [ 193.367102][ T4874] usb-storage 1-1:0.0: USB Mass Storage device detected [ 193.383940][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.594907][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.605026][ T4874] usb 1-1: USB disconnect, device number 7 [ 193.732043][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.127768][ T7091] chnl_net:caif_netlink_parms(): no params data found [ 194.685046][ T5113] Bluetooth: hci5: command tx timeout [ 194.694374][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.702890][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.710529][ T7103] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 194.819410][ T11] bridge_slave_1: left allmulticast mode [ 194.865011][ T11] bridge_slave_1: left promiscuous mode [ 194.896664][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.942197][ T11] bridge_slave_0: left allmulticast mode [ 194.996778][ T11] bridge_slave_0: left promiscuous mode [ 195.016891][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.505201][ T7113] loop1: detected capacity change from 0 to 4096 [ 196.318873][ T5102] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 196.330227][ T5102] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 196.340337][ T5102] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 196.363221][ T5102] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 196.379091][ T5102] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 196.386811][ T5102] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 196.568884][ T7133] loop4: detected capacity change from 0 to 512 [ 196.691990][ T7123] loop1: detected capacity change from 0 to 32768 [ 196.712992][ T7123] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.649 (7123) [ 196.730618][ T7123] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 196.746857][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.756778][ T5113] Bluetooth: hci5: command tx timeout [ 196.763894][ T7123] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 196.772837][ T7123] BTRFS info (device loop1): using free-space-tree [ 196.791821][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.816171][ T11] bond0 (unregistering): Released all slaves [ 196.923143][ T7109] dvmrp0: entered allmulticast mode [ 196.954767][ T7109] dvmrp0: left allmulticast mode [ 197.008206][ T7152] loop4: detected capacity change from 0 to 256 [ 197.138195][ T5101] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 197.149970][ T7091] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.173399][ T7091] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.181709][ T7091] bridge_slave_0: entered allmulticast mode [ 197.214253][ T7091] bridge_slave_0: entered promiscuous mode [ 197.232597][ T7091] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.273422][ T5113] Bluetooth: hci0: SCO packet for unknown connection handle 3528 [ 197.276225][ T7091] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.320024][ T7091] bridge_slave_1: entered allmulticast mode [ 197.351299][ T7091] bridge_slave_1: entered promiscuous mode [ 197.684244][ T7091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.707915][ T7091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.933290][ T7172] loop4: detected capacity change from 0 to 1024 [ 197.941892][ T7172] hfsplus: unable to parse mount options [ 198.041828][ T7091] team0: Port device team_slave_0 added [ 198.054795][ T29] kauditd_printk_skb: 28 callbacks suppressed [ 198.054816][ T29] audit: type=1800 audit(1719520711.538:220): pid=7173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.661" name="bus" dev="sda1" ino=1994 res=0 errno=0 [ 198.163828][ T7091] team0: Port device team_slave_1 added [ 198.222102][ T7175] loop0: detected capacity change from 0 to 512 [ 198.244405][ T11] hsr_slave_0: left promiscuous mode [ 198.271547][ T11] hsr_slave_1: left promiscuous mode [ 198.311819][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.332404][ T7173] loop4: detected capacity change from 0 to 256 [ 198.333193][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.358559][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.372331][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.435709][ T5113] Bluetooth: hci4: command tx timeout [ 198.446019][ T11] veth1_macvtap: left promiscuous mode [ 198.451644][ T11] veth0_macvtap: left promiscuous mode [ 198.505338][ T11] veth1_vlan: left promiscuous mode [ 198.521845][ T11] veth0_vlan: left promiscuous mode [ 198.835412][ T5113] Bluetooth: hci5: command tx timeout [ 200.525824][ T5113] Bluetooth: hci4: command tx timeout [ 200.552734][ T11] team0 (unregistering): Port device team_slave_1 removed [ 200.637535][ T11] team0 (unregistering): Port device team_slave_0 removed [ 200.923680][ T5113] Bluetooth: hci5: command tx timeout [ 201.309864][ T5113] Bluetooth: hci0: SCO packet for unknown connection handle 3528 [ 201.375593][ T5176] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 201.578313][ T5176] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.604507][ T5176] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.615372][ T5176] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice=10.00 [ 201.624570][ T5176] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.636232][ T5176] usb 1-1: config 0 descriptor?? [ 201.652562][ T7194] dvmrp0: entered allmulticast mode [ 201.658774][ T7194] dvmrp0: left allmulticast mode [ 201.744917][ T7091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.754875][ T7091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 201.812545][ T7091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.897032][ T7197] netlink: 224 bytes leftover after parsing attributes in process `syz.0.668'. [ 201.914736][ T7091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.944015][ T7091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 202.055507][ T7091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 202.214168][ T7211] loop1: detected capacity change from 0 to 512 [ 202.250292][ T5176] hid-multitouch 0003:1FD2:6007.0004: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0 [ 202.360674][ T7091] hsr_slave_0: entered promiscuous mode [ 202.403053][ T7091] hsr_slave_1: entered promiscuous mode [ 202.429406][ T7091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 202.453721][ T7091] Cannot create hsr debugfs directory [ 202.595417][ T5113] Bluetooth: hci4: command tx timeout [ 202.807706][ T5176] usb 1-1: USB disconnect, device number 8 [ 203.216171][ T7126] chnl_net:caif_netlink_parms(): no params data found [ 203.328149][ T7227] loop4: detected capacity change from 0 to 164 [ 204.034176][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.082039][ T7218] loop1: detected capacity change from 0 to 32768 [ 204.090090][ T7218] XFS: ikeep mount option is deprecated. [ 204.095933][ T7218] XFS: ikeep mount option is deprecated. [ 204.118234][ T7218] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 204.251695][ T7218] XFS (loop1): Ending clean mount [ 204.264703][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.433829][ T29] audit: type=1804 audit(1719520717.908:221): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.673" name="/root/syzkaller.6JBG2J/179/file0/bus" dev="loop1" ino=9289 res=1 errno=0 [ 204.477406][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.518779][ T29] audit: type=1804 audit(1719520717.998:222): pid=7247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.673" name="/root/syzkaller.6JBG2J/179/file0/bus" dev="loop1" ino=9289 res=1 errno=0 [ 204.564245][ T29] audit: type=1804 audit(1719520718.038:223): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.673" name="/root/syzkaller.6JBG2J/179/file0/bus" dev="loop1" ino=9289 res=1 errno=0 [ 204.603722][ T7244] dvmrp0: entered allmulticast mode [ 204.611498][ T29] audit: type=1804 audit(1719520718.098:224): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.673" name="/root/syzkaller.6JBG2J/179/file0/bus" dev="loop1" ino=9289 res=1 errno=0 [ 204.675835][ T5113] Bluetooth: hci4: command tx timeout [ 204.722509][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.726165][ T5101] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 204.775788][ T7240] dvmrp0: left allmulticast mode [ 204.955670][ T7126] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.962875][ T7126] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.045719][ T7126] bridge_slave_0: entered allmulticast mode [ 205.064867][ T7126] bridge_slave_0: entered promiscuous mode [ 205.106647][ T7126] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.113828][ T7126] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.135675][ T7126] bridge_slave_1: entered allmulticast mode [ 205.143400][ T7126] bridge_slave_1: entered promiscuous mode [ 205.194467][ T7260] loop4: detected capacity change from 0 to 2048 [ 205.273131][ T7260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.426688][ T7126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.439236][ T2826] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 205.478649][ T7126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.496393][ T2826] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 205.530377][ T7272] loop0: detected capacity change from 0 to 512 [ 205.536951][ T2826] EXT4-fs (loop4): This should not happen!! Data will be lost [ 205.536951][ T2826] [ 205.546856][ T2826] EXT4-fs (loop4): Total free blocks count 0 [ 205.554578][ T7272] EXT4-fs: Ignoring removed mblk_io_submit option [ 205.576463][ T2826] EXT4-fs (loop4): Free/Dirty block details [ 205.582589][ T2826] EXT4-fs (loop4): free_blocks=2415919104 [ 205.613062][ T7272] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 205.626900][ T2826] EXT4-fs (loop4): dirty_blocks=16 [ 205.632232][ T2826] EXT4-fs (loop4): Block reservation details [ 205.662697][ T7272] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 205.676413][ T2826] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 205.720287][ T6328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.061053][ T7272] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 206.308005][ T7126] team0: Port device team_slave_0 added [ 206.334994][ T7272] EXT4-fs (loop0): 1 truncate cleaned up [ 206.356339][ T7272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.384436][ T7126] team0: Port device team_slave_1 added [ 206.628231][ T5866] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.794126][ T7126] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.823060][ T7126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.875400][ T7126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.900450][ T7126] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.917951][ T7126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.943968][ C0] vkms_vblank_simulate: vblank timer overrun [ 206.951596][ T7285] hub 6-0:1.0: USB hub found [ 206.956789][ T7285] hub 6-0:1.0: 1 port detected [ 206.971268][ T7126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.022516][ T11] bridge_slave_1: left allmulticast mode [ 207.048889][ T11] bridge_slave_1: left promiscuous mode [ 207.054778][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.082058][ T11] bridge_slave_0: left allmulticast mode [ 207.110553][ T11] bridge_slave_0: left promiscuous mode [ 207.126562][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.237589][ T5150] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 207.426251][ T7279] loop4: detected capacity change from 0 to 32768 [ 207.434572][ T7279] XFS: ikeep mount option is deprecated. [ 207.465461][ T7279] XFS: ikeep mount option is deprecated. [ 207.466304][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.490982][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.540080][ T7279] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 207.540147][ T5150] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 207.599871][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 207.615869][ T5150] usb 1-1: Product: syz [ 207.645230][ T5150] usb 1-1: config 0 descriptor?? [ 207.697804][ T7279] XFS (loop4): Ending clean mount [ 207.813146][ T29] audit: type=1804 audit(1719520721.288:225): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.692" name="/root/syzkaller.6HimFZ/80/file0/bus" dev="loop4" ino=9289 res=1 errno=0 [ 207.835917][ C0] vkms_vblank_simulate: vblank timer overrun [ 207.908088][ T29] audit: type=1804 audit(1719520721.388:226): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.692" name="/root/syzkaller.6HimFZ/80/file0/bus" dev="loop4" ino=9289 res=1 errno=0 [ 208.008293][ T29] audit: type=1804 audit(1719520721.418:227): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.692" name="/root/syzkaller.6HimFZ/80/file0/bus" dev="loop4" ino=9289 res=1 errno=0 [ 208.025629][ T5149] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 208.051984][ T29] audit: type=1804 audit(1719520721.458:228): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.692" name="/root/syzkaller.6HimFZ/80/file0/bus" dev="loop4" ino=9289 res=1 errno=0 [ 208.099824][ T6328] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 208.101165][ T5150] konepure 0003:1E7D:2DB4.0005: unknown global tag 0xc [ 208.116255][ T5150] konepure 0003:1E7D:2DB4.0005: item 0 2 1 12 parsing failed [ 208.140050][ T5150] konepure 0003:1E7D:2DB4.0005: parse failed [ 208.156911][ T5150] konepure 0003:1E7D:2DB4.0005: probe with driver konepure failed with error -22 [ 208.304413][ T5149] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 208.315978][ T5149] usb 2-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 208.329079][ T5149] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 208.339526][ T5149] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.361010][ T5149] usb 2-1: invalid MIDI out EP 0 [ 208.408722][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.508430][ T5149] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 208.553156][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.587569][ T11] bond0 (unregistering): Released all slaves [ 208.631516][ T8] usb 2-1: USB disconnect, device number 6 [ 209.009136][ T7091] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 209.079559][ T7091] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 209.163811][ T7126] hsr_slave_0: entered promiscuous mode [ 209.180825][ T7126] hsr_slave_1: entered promiscuous mode [ 209.192113][ T7126] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 209.205042][ T7126] Cannot create hsr debugfs directory [ 209.220725][ T7091] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 209.238157][ T7091] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 209.388281][ T11] hsr_slave_0: left promiscuous mode [ 209.394625][ T11] hsr_slave_1: left promiscuous mode [ 209.413159][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.421151][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.435627][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.443426][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.501905][ T11] veth1_macvtap: left promiscuous mode [ 209.515447][ T11] veth0_macvtap: left promiscuous mode [ 209.531744][ T11] veth1_vlan: left promiscuous mode [ 209.548399][ T11] veth0_vlan: left promiscuous mode [ 210.408176][ T7316] loop4: detected capacity change from 0 to 512 [ 210.427179][ T7316] EXT4-fs: Ignoring removed mblk_io_submit option [ 210.473556][ T7316] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 210.594460][ T7316] EXT4-fs (loop4): 1 truncate cleaned up [ 210.643272][ T7316] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.780525][ T6328] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.997437][ T7324] loop4: detected capacity change from 0 to 16 [ 211.015777][ T7324] erofs: (device loop4): mounted with root inode @ nid 36. [ 211.251459][ T11] team0 (unregistering): Port device team_slave_1 removed [ 211.348675][ T11] team0 (unregistering): Port device team_slave_0 removed [ 211.645217][ T5113] Bluetooth: hci3: SCO packet for unknown connection handle 3528 [ 212.982543][ T5147] usb 1-1: USB disconnect, device number 9 [ 213.738387][ T7091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.802476][ T7369] loop0: detected capacity change from 0 to 256 [ 213.893453][ T7369] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 214.000645][ T7091] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.144464][ T7126] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 214.221803][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.229022][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.263552][ T7126] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 214.324954][ T7126] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 214.364956][ T7126] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 214.413141][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.420524][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.927180][ T7383] syz.1.725 (pid 7383) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 215.448176][ T7383] fscrypt (sda1, inode 1993): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 215.983322][ T7126] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.090951][ T7126] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.102871][ T5101] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)" [ 216.158290][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.165679][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.233905][ T1792] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.241134][ T1792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.503549][ T7091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 216.559320][ T7397] netlink: 'syz.0.729': attribute type 21 has an invalid length. [ 216.585394][ T7397] netlink: 128 bytes leftover after parsing attributes in process `syz.0.729'. [ 216.594573][ T7397] netlink: 'syz.0.729': attribute type 4 has an invalid length. [ 216.638410][ T7397] netlink: 'syz.0.729': attribute type 5 has an invalid length. [ 216.684845][ T7397] netlink: 3 bytes leftover after parsing attributes in process `syz.0.729'. [ 216.994893][ T7091] veth0_vlan: entered promiscuous mode [ 217.033386][ T7091] veth1_vlan: entered promiscuous mode [ 217.110606][ T7091] veth0_macvtap: entered promiscuous mode [ 217.134165][ T7091] veth1_macvtap: entered promiscuous mode [ 217.161411][ T7126] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 217.190678][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.204610][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.214946][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.226564][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.238449][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.249432][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.259421][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 217.271058][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.282423][ T7091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 217.300815][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.317776][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.328536][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.339504][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.349406][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.360117][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.370297][ T7091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 217.380864][ T7091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 217.392261][ T7091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 217.412641][ T7091] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.422276][ T7091] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.432099][ T7091] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.441485][ T7091] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.584914][ T952] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.595106][ T7126] veth0_vlan: entered promiscuous mode [ 217.595657][ T952] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.657530][ T7126] veth1_vlan: entered promiscuous mode [ 217.679056][ T2826] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.687811][ T2826] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.762086][ T7126] veth0_macvtap: entered promiscuous mode [ 217.807857][ T7126] veth1_macvtap: entered promiscuous mode [ 218.031896][ T7427] x_tables: unsorted underflow at hook 2 [ 222.979566][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.030693][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.059071][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.090557][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.111116][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.135644][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.159462][ T7441] loop2: detected capacity change from 0 to 1024 [ 223.165764][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.184829][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.212634][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.239411][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.261135][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 223.289359][ T952] hfsplus: b-tree write err: -5, ino 4 [ 223.348925][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.377723][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.398925][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.426639][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.461204][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.643937][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.653950][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.664621][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.675454][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.698539][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.894682][ T7453] loop2: detected capacity change from 0 to 128 [ 223.914231][ T7453] befs: (loop2): No write support. Marking filesystem read-only [ 224.551149][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.566255][ T7453] befs: (loop2): invalid magic header [ 224.677571][ T7126] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.689346][ T7126] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.145640][ T7126] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.173007][ T7126] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.925633][ T7464] loop2: detected capacity change from 0 to 16 [ 225.937221][ T7464] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 226.056920][ T7467] netlink: 4 bytes leftover after parsing attributes in process `syz.4.750'. [ 226.238144][ T5176] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz1 [ 226.494323][ T2460] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.506615][ T2460] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.658313][ T5148] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 226.697136][ T7477] syzkaller0: entered promiscuous mode [ 226.703826][ T7477] syzkaller0: entered allmulticast mode [ 226.770893][ T2452] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 226.801487][ T2452] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 226.868703][ T5148] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 226.889440][ T5148] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 226.909881][ T5148] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 226.925632][ T5148] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.933867][ T5148] usb 2-1: Product: syz [ 226.942703][ T5148] usb 2-1: Manufacturer: syz [ 226.947563][ T5148] usb 2-1: SerialNumber: syz [ 226.954638][ T5148] usb 2-1: config 0 descriptor?? [ 226.974608][ T7478] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 226.985151][ T7478] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 227.889184][ T7478] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 227.955827][ T7478] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 228.210738][ T5148] Error reading MAC address [ 228.238795][ T5148] usb 2-1: USB disconnect, device number 7 [ 229.246732][ T5113] Bluetooth: hci2: command 0x0405 tx timeout [ 229.402296][ T7502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.761'. [ 232.320337][ T7531] 9pnet: p9_errstr2errno: server reported unknown error sŧ6 [ 232.545407][ T5176] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 232.595462][ T5113] Bluetooth: hci2: command 0x0405 tx timeout [ 232.625946][ T7539] syzkaller0: entered promiscuous mode [ 232.631651][ T7539] syzkaller0: entered allmulticast mode [ 232.735491][ T5176] usb 1-1: Using ep0 maxpacket: 16 [ 232.743135][ T5176] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.773832][ T5176] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 232.820747][ T5176] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 232.849539][ T5176] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.877500][ T5176] usb 1-1: config 0 descriptor?? [ 234.034651][ T7574] raw-gadget.0 gadget.0: fail, usb_ep_set_wedge returned -11 [ 234.081272][ T7576] loop4: detected capacity change from 0 to 128 [ 234.382529][ T7580] 9pnet: p9_errstr2errno: server reported unknown error sŧ6 [ 235.133059][ T5176] usbhid 1-1:0.0: can't add hid device: -71 [ 235.150790][ T5176] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 235.208136][ T5176] usb 1-1: USB disconnect, device number 10 [ 236.286874][ T7601] loop2: detected capacity change from 0 to 32768 [ 238.168616][ T7615] syz.4.802[7615] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 238.168795][ T7615] syz.4.802[7615] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 238.239204][ T7615] hub 6-0:1.0: USB hub found [ 238.286403][ T7615] hub 6-0:1.0: 1 port detected [ 238.345448][ T5148] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 238.370534][ T7615] netlink: 24 bytes leftover after parsing attributes in process `syz.4.802'. [ 238.563002][ T5148] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 238.585362][ T5148] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 239.499505][ T5148] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 239.515797][ T5148] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.523922][ T5148] usb 1-1: Product: syz [ 239.531059][ T5148] usb 1-1: Manufacturer: syz [ 239.545534][ T5148] usb 1-1: SerialNumber: syz [ 239.557338][ T5148] usb 1-1: config 0 descriptor?? [ 239.583849][ T7608] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 239.611815][ T7608] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 239.715624][ T5148] usb 1-1: can't set config #0, error -71 [ 239.726469][ T5148] usb 1-1: USB disconnect, device number 11 [ 239.877200][ T7646] loop2: detected capacity change from 0 to 64 [ 240.148253][ T7623] loop1: detected capacity change from 0 to 32768 [ 240.179203][ T7652] fuse: Unknown parameter 'grou00000000000000000000' [ 240.760326][ T5102] Bluetooth: hci4: command tx timeout [ 241.306644][ T7659] netlink: 'syz.0.820': attribute type 21 has an invalid length. [ 241.385513][ T7659] netlink: 128 bytes leftover after parsing attributes in process `syz.0.820'. [ 241.394615][ T7659] netlink: 'syz.0.820': attribute type 4 has an invalid length. [ 241.495649][ T7659] netlink: 'syz.0.820': attribute type 5 has an invalid length. [ 241.515562][ T7659] netlink: 3 bytes leftover after parsing attributes in process `syz.0.820'. [ 241.670024][ T7686] loop2: detected capacity change from 0 to 2048 [ 241.743396][ T7686] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 241.772846][ T7686] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 242.035701][ T5150] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 242.060214][ T7700] loop3: detected capacity change from 0 to 2048 [ 242.109347][ T7705] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 242.228033][ T5150] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 242.275747][ T5150] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 242.308671][ T5150] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 242.328678][ T5150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.347866][ T5150] usb 5-1: Product: syz [ 242.356676][ T5150] usb 5-1: Manufacturer: syz [ 242.361332][ T5150] usb 5-1: SerialNumber: syz [ 242.388556][ T5150] usb 5-1: config 0 descriptor?? [ 242.394467][ T7690] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 242.413598][ T7690] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 242.546466][ T5149] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 242.704501][ T7690] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 242.723069][ T7690] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 242.757987][ T5149] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 242.795420][ T5149] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.817439][ T5149] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 242.826899][ T5149] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 242.846383][ T5149] usb 3-1: Manufacturer: syz [ 242.860007][ T5149] usb 3-1: config 0 descriptor?? [ 242.962955][ T5150] Error reading MAC address [ 242.984194][ T5150] usb 5-1: USB disconnect, device number 8 [ 243.015585][ T5149] rc_core: IR keymap rc-hauppauge not found [ 243.035580][ T5149] Registered IR keymap rc-empty [ 243.044138][ T5149] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 243.101608][ T7714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 243.108378][ T5149] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9 [ 243.137506][ T7714] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 243.168475][ T7714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 243.185781][ T7714] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 243.231553][ T5150] usb 3-1: USB disconnect, device number 8 [ 243.605545][ T5149] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 243.795610][ T5149] usb 1-1: Using ep0 maxpacket: 16 [ 243.803610][ T5149] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.828483][ T5149] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 243.856797][ T5149] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 243.894470][ T5149] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.937115][ T5149] usb 1-1: config 0 descriptor?? [ 244.450550][ T7747] raw-gadget.0 gadget.0: fail, usb_ep_set_wedge returned -11 [ 244.513404][ T7732] loop3: detected capacity change from 0 to 32768 [ 244.669797][ T7756] netlink: 'syz.2.858': attribute type 3 has an invalid length. [ 244.681922][ T7756] netlink: 'syz.2.858': attribute type 4 has an invalid length. [ 244.706719][ T7756] netlink: 'syz.2.858': attribute type 7 has an invalid length. [ 244.716899][ T7756] netlink: 'syz.2.858': attribute type 8 has an invalid length. [ 244.745422][ T7756] netlink: 'syz.2.858': attribute type 7 has an invalid length. [ 244.761313][ T7756] netlink: 198200 bytes leftover after parsing attributes in process `syz.2.858'. [ 245.267880][ T7773] process 'syz.3.866' launched './file0' with NULL argv: empty string added [ 246.007829][ T7802] loop1: detected capacity change from 0 to 256 [ 246.027348][ T7802] exfat: Deprecated parameter 'utf8' [ 246.047917][ T7802] exfat: Deprecated parameter 'utf8' [ 246.106403][ T5149] usbhid 1-1:0.0: can't add hid device: -71 [ 246.135449][ T7802] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 246.147741][ T5149] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 246.178559][ T5149] usb 1-1: USB disconnect, device number 12 [ 246.361228][ T7810] syzkaller0: entered promiscuous mode [ 246.379336][ T7810] syzkaller0: entered allmulticast mode [ 246.533563][ T7786] loop3: detected capacity change from 0 to 32768 [ 247.053287][ T7837] loop1: detected capacity change from 0 to 256 [ 247.073199][ T7837] exfat: Deprecated parameter 'utf8' [ 247.082872][ T7837] exfat: Deprecated parameter 'utf8' [ 247.101400][ T7837] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 250.234676][ T7855] IPv4: Oversized IP packet from 172.20.20.24 [ 250.244755][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 250.254238][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 250.445151][ T7858] loop0: detected capacity change from 0 to 4096 [ 250.465971][ T7858] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 250.594710][ T7858] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 250.757381][ T2460] ntfs3: loop0: ino=1a, ntfs3_write_inode failed, -22. [ 250.775095][ T5866] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 251.135326][ T29] audit: type=1326 audit(1719520764.608:229): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=7867 comm="syz.4.910" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eb8775b29 code=0x0 [ 251.158968][ T5148] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 251.186176][ T7872] syzkaller0: entered promiscuous mode [ 251.208974][ T7872] syzkaller0: entered allmulticast mode [ 251.294328][ T7864] loop1: detected capacity change from 0 to 32768 [ 251.343350][ T7851] loop2: detected capacity change from 0 to 40427 [ 251.382794][ T7851] F2FS-fs (loop2): invalid crc value [ 251.388318][ T5148] usb 4-1: Using ep0 maxpacket: 16 [ 251.397154][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 251.416154][ T5148] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 251.441657][ T5148] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 251.455503][ T7851] F2FS-fs (loop2): Found nat_bits in checkpoint [ 251.475368][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.506475][ T5148] usb 4-1: config 0 descriptor?? [ 251.637148][ T7851] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 252.019716][ T7888] raw-gadget.0 gadget.3: fail, usb_ep_set_wedge returned -11 [ 252.194367][ T7891] syz.2.902[7891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 252.195016][ T7891] syz.2.902[7891] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 252.225621][ T7891] overlayfs: failed to resolve './file0': -2 [ 253.407478][ T7091] syz-executor: attempt to access beyond end of device [ 253.407478][ T7091] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 253.421936][ T7091] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 253.651022][ T5148] usbhid 4-1:0.0: can't add hid device: -71 [ 253.670377][ T5148] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 253.688120][ T5148] usb 4-1: USB disconnect, device number 6 [ 254.258460][ T7901] IPv4: Oversized IP packet from 172.20.20.24 [ 254.265333][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 254.271929][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 254.548364][ T7908] loop3: detected capacity change from 0 to 2048 [ 254.568080][ T7908] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 254.579630][ T7908] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 254.596481][ T7908] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 254.604877][ T7908] System zones: 0-19 [ 254.632930][ T7908] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 254.895933][ T7908] 9pnet_fd: Insufficient options for proto=fd [ 255.402351][ T7126] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.103453][ T7922] loop3: detected capacity change from 0 to 32768 [ 256.133645][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.140725][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.206326][ T7922] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 256.296017][ T7922] XFS (loop3): Ending clean mount [ 256.610637][ T5148] XFS (loop3): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 256.634844][ T5148] XFS (loop3): Unmount and run xfs_repair [ 256.640826][ T5148] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 256.648366][ T5148] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 256.657423][ T5148] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 256.670651][ T5148] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 256.679669][ T5148] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 256.688745][ T5148] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 256.697722][ T5148] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 256.706737][ T5148] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 256.722330][ T5148] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 256.731452][ T7922] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 256.785614][ T7922] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 256.800372][ T7922] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 256.918035][ T7918] netlink: 12 bytes leftover after parsing attributes in process `syz.2.924'. [ 257.013967][ T7126] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 257.355767][ T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 257.387686][ T7948] kvm: user requested TSC rate below hardware speed [ 257.551399][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 257.572526][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 257.611683][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 257.645390][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 257.670694][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.693250][ T8] usb 5-1: config 0 descriptor?? [ 257.703703][ T7935] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 257.781442][ T7966] netlink: 'syz.0.940': attribute type 4 has an invalid length. [ 258.186654][ T29] audit: type=1804 audit(1719520771.658:230): pid=7969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.942" name="/root/syzkaller.OS7kxo/36/file1" dev="sda1" ino=2004 res=1 errno=0 [ 258.434757][ T8] plantronics 0003:047F:FFFF.0007: unknown main item tag 0xd [ 258.457486][ T8] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 258.473875][ T8] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 258.713020][ T7975] libceph: resolve '. [ 258.713020][ T7975] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 258.713020][ T7975] ' (ret=-3): failed [ 258.771386][ T5150] usb 5-1: USB disconnect, device number 9 [ 258.969346][ T7957] loop1: detected capacity change from 0 to 32768 [ 259.025877][ T7957] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 259.194543][ T29] audit: type=1804 audit(1719520772.658:231): pid=7999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.953" name="/root/syzkaller.RrdeiU/136/file1" dev="sda1" ino=1977 res=1 errno=0 [ 259.211791][ T7957] XFS (loop1): Ending clean mount [ 259.374390][ T8015] netlink: 'syz.3.955': attribute type 4 has an invalid length. [ 259.678266][ T4874] XFS (loop1): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 259.762939][ T4874] XFS (loop1): Unmount and run xfs_repair [ 259.806931][ T4874] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 259.848556][ T8024] libceph: resolve '. [ 259.848556][ T8024] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 259.848556][ T8024] ' (ret=-3): failed [ 259.867325][ T4874] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 259.879602][ T4874] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 259.891196][ T4874] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 259.901135][ T4874] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 259.927174][ T4874] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 259.939903][ T4874] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 259.954483][ T4874] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 259.969220][ T4874] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 259.985333][ T7957] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 260.021414][ T7957] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 260.095338][ T7957] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 260.164400][ T5101] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 260.199481][ T8032] futex_wake_op: syz.2.966 tries to shift op by 32; fix this program [ 261.003579][ T8026] loop4: detected capacity change from 0 to 32768 [ 261.053656][ T8026] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.963 (8026) [ 261.105390][ T8026] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 261.136606][ T8026] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 261.171449][ T8026] BTRFS info (device loop4): using free-space-tree [ 261.381396][ T29] audit: type=1804 audit(1719520774.858:232): pid=8081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.986" name="/root/syzkaller.R61euB/65/file1" dev="sda1" ino=2004 res=1 errno=0 [ 261.397910][ T8091] loop3: detected capacity change from 0 to 2048 [ 261.484119][ T8091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.521632][ T6328] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 261.628583][ T7126] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.934858][ T8061] loop0: detected capacity change from 0 to 32768 [ 262.033375][ T8061] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 262.244176][ T8061] XFS (loop0): Ending clean mount [ 263.392338][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 263.845602][ T8146] loop2: detected capacity change from 0 to 2048 [ 263.894511][ T8151] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.017959][ T8155] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1010'. [ 264.032857][ T8129] loop1: detected capacity change from 0 to 32768 [ 264.039922][ T8155] gretap0: entered promiscuous mode [ 264.057866][ T8129] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1000 (8129) [ 264.062347][ T8155] netlink: 'syz.3.1010': attribute type 3 has an invalid length. [ 264.082634][ T8155] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1010'. [ 264.086477][ T8129] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 264.108997][ T8129] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 264.131365][ T8129] BTRFS info (device loop1): using free-space-tree [ 264.217087][ T8170] loop2: detected capacity change from 0 to 512 [ 264.218706][ T8173] netlink: 'syz.4.1013': attribute type 1 has an invalid length. [ 264.231668][ T8170] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 264.248499][ T8173] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1013'. [ 264.426576][ T5101] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 264.509014][ T8181] loop4: detected capacity change from 0 to 4096 [ 264.591271][ T8181] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 264.640877][ T8181] ntfs3: loop4: Failed to load $MFT (-2). [ 266.407356][ T8208] mmap: syz.2.1022 (8208) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 266.856482][ T8205] loop0: detected capacity change from 0 to 2048 [ 267.008540][ T8215] netlink: 'syz.4.1024': attribute type 4 has an invalid length. [ 267.131595][ T8205] NILFS (loop0): invalid segment: Inconsistency found [ 267.188106][ T8205] NILFS (loop0): trying rollback from an earlier position [ 267.327482][ T8205] NILFS (loop0): recovery complete [ 267.370581][ T8217] netlink: 'syz.1.1025': attribute type 1 has an invalid length. [ 267.430506][ T8220] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 267.450114][ T8217] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1025'. [ 267.906292][ T8230] loop2: detected capacity change from 0 to 4096 [ 267.947666][ T8] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 267.996365][ T8230] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 268.125591][ T8230] ntfs3: loop2: Failed to load $MFT (-2). [ 268.193596][ T8] usb 1-1: unable to get BOS descriptor or descriptor too short [ 268.305145][ T8] usb 1-1: not running at top speed; connect to a high speed hub [ 268.429050][ T8] usb 1-1: config 243 has too many interfaces: 239, using maximum allowed: 32 [ 268.527154][ T8] usb 1-1: config 243 contains an unexpected descriptor of type 0x1, skipping [ 268.568151][ T8] usb 1-1: config 243 has an invalid descriptor of length 1, skipping remainder of the config [ 268.613961][ T8] usb 1-1: config 243 has 0 interfaces, different from the descriptor's value: 239 [ 268.660195][ T8] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 268.695276][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.750302][ T8] usb 1-1: Product: syz [ 268.787316][ T8] usb 1-1: Manufacturer: syz [ 268.821443][ T8] usb 1-1: SerialNumber: syz [ 269.611029][ T8257] loop2: detected capacity change from 0 to 1764 [ 269.900632][ T5113] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 269.913632][ T5113] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 269.936086][ T5113] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 269.947979][ T5113] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 269.958554][ T5113] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 269.966368][ T5113] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 270.191986][ T8260] overlay: ./file0 is not a directory [ 270.353341][ T8] usb 1-1: USB disconnect, device number 13 [ 270.970518][ T8272] loop2: detected capacity change from 0 to 16 [ 271.019802][ T8272] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 271.104406][ T8258] chnl_net:caif_netlink_parms(): no params data found [ 271.187972][ T5146] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz1 [ 271.612256][ T8258] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.635967][ T8258] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.656994][ T8258] bridge_slave_0: entered allmulticast mode [ 271.678491][ T8258] bridge_slave_0: entered promiscuous mode [ 271.705195][ T8258] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.724525][ T8258] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.743205][ T8258] bridge_slave_1: entered allmulticast mode [ 271.766938][ T8258] bridge_slave_1: entered promiscuous mode [ 271.890485][ T8258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 271.923892][ T8258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 272.035811][ T5113] Bluetooth: hci6: command tx timeout [ 272.048488][ T8258] team0: Port device team_slave_0 added [ 272.124368][ T8258] team0: Port device team_slave_1 added [ 272.167860][ T8268] loop0: detected capacity change from 0 to 32768 [ 272.213196][ T8258] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 272.234426][ T8258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.271707][ T8258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 272.302865][ T8258] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 272.312127][ T8258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.342181][ T8258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 272.356201][ T8268] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 272.581932][ T8268] XFS (loop0): Ending clean mount [ 272.611008][ T8258] hsr_slave_0: entered promiscuous mode [ 272.654358][ T8258] hsr_slave_1: entered promiscuous mode [ 272.862934][ T4874] XFS (loop0): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 272.897606][ T4874] XFS (loop0): Unmount and run xfs_repair [ 272.948953][ T4874] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 272.983712][ T4874] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 273.009941][ T4874] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 273.021930][ T4874] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 273.037824][ T4874] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 273.049986][ T4874] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 273.063534][ T4874] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 273.092543][ T4874] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 273.110971][ T4874] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 273.121720][ T8268] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 273.149328][ T8268] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 273.172005][ T8268] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 273.253942][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 273.397274][ T8297] UBIFS error (pid: 8297): cannot open "./file0", error -22 [ 273.532338][ T8258] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.809696][ T8258] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.962009][ T8258] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.522021][ T5113] Bluetooth: hci6: command tx timeout [ 274.958320][ T8258] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.273904][ T8323] loop2: detected capacity change from 0 to 8 [ 276.078767][ T8258] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 276.136295][ T8258] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 276.165970][ T8258] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 276.203195][ T8258] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 276.694643][ T8333] loop2: detected capacity change from 0 to 256 [ 276.891749][ T5102] Bluetooth: hci6: command tx timeout [ 277.051351][ T8333] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 277.384332][ T8258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.423951][ T8258] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.504256][ T8326] loop0: detected capacity change from 0 to 32768 [ 277.697433][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.704604][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.733332][ T8326] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 278.630184][ T5176] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.637434][ T5176] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.740688][ T8326] XFS (loop0): Ending clean mount [ 278.915839][ T5108] Bluetooth: hci0: command 0x0406 tx timeout [ 278.921993][ T5108] Bluetooth: hci6: command tx timeout [ 279.812585][ T8258] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 279.917772][ T5176] XFS (loop0): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 279.956967][ T5176] XFS (loop0): Unmount and run xfs_repair [ 279.962959][ T5176] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 280.891735][ T5176] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 280.901186][ T5176] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 280.912791][ T5176] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 280.922194][ T5176] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 280.936055][ T5176] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 280.944961][ T5176] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 280.953946][ T5176] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 280.965354][ T5176] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 280.996420][ T8326] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 281.026774][ T8326] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 281.047643][ T8326] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 281.118017][ T8375] loop4: detected capacity change from 0 to 8 [ 281.126289][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 281.298669][ T8378] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1072'. [ 281.511389][ T5108] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 281.536585][ T8258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.556803][ T5108] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 281.572116][ T5108] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 281.584986][ T5108] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 281.595064][ T5108] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 281.605279][ T5108] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 281.706759][ T5146] [U]  [ 281.745936][ T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 281.774276][ T8389] fscrypt (sda1, inode 2001): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 281.798635][ T8258] veth0_vlan: entered promiscuous mode [ 281.888561][ T8391] UBIFS error (pid: 8391): cannot open "./file0", error -22 [ 281.928826][ T8258] veth1_vlan: entered promiscuous mode [ 281.947536][ T8] usb 3-1: unable to get BOS descriptor or descriptor too short [ 281.961495][ T8] usb 3-1: config 0 has no interfaces? [ 281.970653][ T8] usb 3-1: New USB device found, idVendor=0f94, idProduct=0001, bcdDevice=17.9c [ 281.980649][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.995360][ T8] usb 3-1: Product: syz [ 281.999751][ T8] usb 3-1: Manufacturer: syz [ 282.003053][ T8393] loop0: detected capacity change from 0 to 164 [ 282.005139][ T8] usb 3-1: SerialNumber: syz [ 282.020851][ T8393] iso9660: Unknown parameter '000000000000000000000008' [ 282.028185][ T8] usb 3-1: config 0 descriptor?? [ 282.420328][ T8258] veth0_macvtap: entered promiscuous mode [ 282.476478][ T8382] chnl_net:caif_netlink_parms(): no params data found [ 282.506480][ T8393] loop0: detected capacity change from 0 to 40427 [ 282.516665][ T8393] F2FS-fs (loop0): Wrong SIT boundary, start(1536) end(50334208) blocks(1024) [ 282.525768][ T8393] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 282.547847][ T8393] F2FS-fs (loop0): invalid crc value [ 282.578012][ T8393] F2FS-fs (loop0): Found nat_bits in checkpoint [ 282.589637][ T8258] veth1_macvtap: entered promiscuous mode [ 282.642724][ T8393] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 282.650073][ T8393] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 282.907760][ T5176] usb 3-1: USB disconnect, device number 9 [ 283.181676][ T8407] ubi0: attaching mtd0 [ 283.204223][ T8407] ubi0: scanning is finished [ 283.209282][ T8407] ubi0: empty MTD device detected [ 283.634877][ T8407] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 283.646998][ T5102] Bluetooth: hci4: command tx timeout [ 284.092795][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.128672][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.159023][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.183008][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.207867][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.218556][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.230082][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.240746][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.250877][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.261529][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.284839][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.344298][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.389601][ T8258] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.439197][ T8382] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.457460][ T8382] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.464891][ T8382] bridge_slave_0: entered allmulticast mode [ 284.479493][ T8382] bridge_slave_0: entered promiscuous mode [ 284.506437][ T8382] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.514394][ T8382] bridge0: port 2(bridge_slave_1) entered disabled state [ 284.562814][ T8382] bridge_slave_1: entered allmulticast mode [ 284.585465][ T8382] bridge_slave_1: entered promiscuous mode [ 284.640955][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.654659][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.666043][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.677963][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.688395][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.699889][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.710492][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.722457][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.732703][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.744794][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.755098][ T8258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.769381][ T8258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.790259][ T8258] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.890618][ T8424] pimreg2: entered allmulticast mode [ 284.976175][ T8382] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.985199][ T5176] [U]  [ 285.047520][ T8258] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.063319][ T8258] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.097793][ T8258] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.114522][ T8428] UBIFS error (pid: 8428): cannot open "./file0", error -22 [ 285.135024][ T8258] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.204113][ T8382] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.386899][ T8382] team0: Port device team_slave_0 added [ 285.426448][ T8382] team0: Port device team_slave_1 added [ 285.753147][ T5102] Bluetooth: hci4: command tx timeout [ 286.386776][ T8382] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 286.415319][ T8382] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.517539][ T8382] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 286.577777][ T8382] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 286.591745][ T8382] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.626257][ T8382] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 286.766052][ T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 286.875318][ T5176] [U]  [ 286.889141][ T8382] hsr_slave_0: entered promiscuous mode [ 286.909641][ T8382] hsr_slave_1: entered promiscuous mode [ 286.916675][ T8382] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 286.924292][ T8382] Cannot create hsr debugfs directory [ 286.974133][ T8] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 286.993897][ T8455] UBIFS error (pid: 8455): cannot open "./file0", error -22 [ 286.997457][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 287.024690][ T8] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 287.035503][ T8] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 287.043968][ T8] usb 3-1: Manufacturer: syz [ 287.061505][ T8] usb 3-1: config 0 descriptor?? [ 287.061783][ T8456] pimreg2: entered allmulticast mode [ 287.155385][ T8] rc_core: IR keymap rc-hauppauge not found [ 287.162095][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.178829][ T8] Registered IR keymap rc-empty [ 287.184805][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.213693][ T8] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 287.229129][ T8461] loop0: detected capacity change from 0 to 64 [ 287.238309][ T8] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input11 [ 287.293750][ T8442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 287.324383][ T8442] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 287.442387][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.461212][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.534685][ T8442] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 287.595672][ T8442] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 287.795465][ T5102] Bluetooth: hci4: command tx timeout [ 287.813832][ T4874] usb 3-1: USB disconnect, device number 10 [ 287.819061][ T8474] loop4: detected capacity change from 0 to 2048 [ 287.827881][ T8476] loop0: detected capacity change from 0 to 1024 [ 287.856453][ T8476] hfsplus: invalid extent btree flag [ 287.868069][ T8476] hfsplus: failed to load extents file [ 287.885000][ T8474] NILFS (loop4): invalid segment: Inconsistency found [ 287.895699][ T8474] NILFS (loop4): trying rollback from an earlier position [ 287.931972][ T8382] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.995543][ T8474] NILFS (loop4): recovery complete [ 288.008538][ T8479] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 288.147400][ T8382] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.291845][ T8382] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.375349][ T5148] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 288.432556][ T8382] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.524752][ T8480] loop3: detected capacity change from 0 to 32768 [ 288.547631][ T8480] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1103 (8480) [ 288.591732][ T8480] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 288.605313][ T5148] usb 5-1: unable to get BOS descriptor or descriptor too short [ 288.625754][ T8480] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 288.634916][ T8480] BTRFS info (device loop3): using free-space-tree [ 288.649125][ T5148] usb 5-1: not running at top speed; connect to a high speed hub [ 288.688176][ T5148] usb 5-1: config 243 has too many interfaces: 239, using maximum allowed: 32 [ 288.705463][ T5148] usb 5-1: config 243 contains an unexpected descriptor of type 0x1, skipping [ 288.717872][ T5148] usb 5-1: config 243 has an invalid descriptor of length 1, skipping remainder of the config [ 288.757907][ T5148] usb 5-1: config 243 has 0 interfaces, different from the descriptor's value: 239 [ 288.781406][ T5148] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 288.797792][ T5148] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.807195][ T8501] loop2: detected capacity change from 0 to 16 [ 288.807309][ T5148] usb 5-1: Product: syz [ 288.820909][ T5148] usb 5-1: Manufacturer: syz [ 288.827482][ T8501] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 288.827737][ T5148] usb 5-1: SerialNumber: syz [ 288.934216][ T4874] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz1 [ 288.984081][ T8382] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 289.041954][ T8382] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 289.073158][ T8382] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 289.132660][ T8382] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 289.257557][ T8506] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 289.271681][ T8258] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 289.298166][ T8506] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 289.472686][ T8509] xt_CT: You must specify a L4 protocol and not use inversions on it [ 289.806867][ T8382] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.878631][ T5102] Bluetooth: hci4: command tx timeout [ 290.170481][ T8382] 8021q: adding VLAN 0 to HW filter on device team0 [ 290.272818][ T5176] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.280132][ T5176] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.405894][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.413264][ T5149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.809297][ T5148] usb 5-1: USB disconnect, device number 10 [ 291.711253][ T8528] Invalid ELF header len 9 [ 292.568176][ T8382] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.651262][ T8533] loop3: detected capacity change from 0 to 64 [ 293.641600][ T8382] veth0_vlan: entered promiscuous mode [ 293.781121][ T8382] veth1_vlan: entered promiscuous mode [ 293.908662][ T8382] veth0_macvtap: entered promiscuous mode [ 293.941729][ T8382] veth1_macvtap: entered promiscuous mode [ 293.992344][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.025381][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.049825][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.061627][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.149248][ T8561] loop0: detected capacity change from 0 to 16 [ 294.189557][ T8561] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 294.209042][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.242782][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.293639][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.339286][ T5149] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz0] on syz1 [ 294.362527][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.383767][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.448181][ T8565] Invalid ELF header len 9 [ 294.679082][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.811250][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.955413][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.990009][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.025014][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.074480][ T8382] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 295.218400][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.233876][ T8570] loop2: detected capacity change from 0 to 64 [ 295.240067][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240090][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240111][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240132][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240148][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240167][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240183][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240203][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240219][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240237][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240254][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.240274][ T8382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240291][ T8382] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.242342][ T8382] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 295.412901][ T8382] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.439422][ T8382] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.454468][ T8382] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.463411][ T8382] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.489118][ T2452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.523609][ T2452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.633919][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.649866][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.874073][ T8594] loop1: detected capacity change from 0 to 512 [ 296.899194][ T8594] EXT4-fs: Ignoring removed mblk_io_submit option [ 296.965426][ T8594] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 297.187261][ T8594] EXT4-fs (loop1): 1 truncate cleaned up [ 297.198691][ T8594] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.037392][ T8382] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.463511][ T8608] Invalid ELF header len 9 [ 299.407494][ T5146] libceph: connect (1)[c::]:6789 error -101 [ 299.431584][ T5146] libceph: mon0 (1)[c::]:6789 connect error [ 299.491791][ T5146] libceph: connect (1)[c::]:6789 error -101 [ 299.516215][ T5146] libceph: mon0 (1)[c::]:6789 connect error [ 299.782048][ T5146] libceph: connect (1)[c::]:6789 error -101 [ 299.796578][ T5146] libceph: mon0 (1)[c::]:6789 connect error [ 299.937616][ T8600] loop4: detected capacity change from 0 to 32768 [ 299.970461][ T8600] XFS: noikeep mount option is deprecated. [ 300.063694][ T8600] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 300.087382][ T8612] ceph: No mds server is up or the cluster is laggy [ 300.097784][ T8600] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop4": -EINTR [ 300.098705][ T8600] XFS (loop4): log mount failed [ 300.328882][ T8609] loop1: detected capacity change from 0 to 40427 [ 300.362811][ T8628] fscrypt (sda1, inode 2008): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 300.375403][ T8609] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 300.405439][ T8609] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 300.469770][ T8609] F2FS-fs (loop1): Found nat_bits in checkpoint [ 300.561826][ T8609] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 300.575407][ T8609] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 300.618053][ T5150] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 301.035152][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 301.135371][ T5150] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 301.507109][ T5150] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 301.618731][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.764742][ T8650] loop2: detected capacity change from 0 to 512 [ 301.776408][ T5150] usb 1-1: config 0 descriptor?? [ 301.776941][ T8650] EXT4-fs: Ignoring removed mblk_io_submit option [ 301.789074][ T8650] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 301.849226][ T8650] EXT4-fs (loop2): 1 truncate cleaned up [ 301.856653][ T8650] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.980903][ T7091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.200174][ T5150] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0 [ 302.231441][ T5150] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 302.274691][ T5150] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 302.485094][ T5150] libceph: connect (1)[c::]:6789 error -101 [ 302.499418][ T5150] libceph: mon0 (1)[c::]:6789 connect error [ 302.506127][ T8] usb 1-1: USB disconnect, device number 14 [ 302.518076][ T5150] libceph: connect (1)[c::]:6789 error -101 [ 302.524354][ T5150] libceph: mon0 (1)[c::]:6789 connect error [ 302.970821][ T5147] libceph: connect (1)[c::]:6789 error -101 [ 302.977198][ T5147] libceph: mon0 (1)[c::]:6789 connect error [ 303.507293][ T8] libceph: connect (1)[c::]:6789 error -101 [ 303.866110][ T8662] ceph: No mds server is up or the cluster is laggy [ 303.894113][ T8658] loop4: detected capacity change from 0 to 40427 [ 303.955499][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 304.023729][ T8658] F2FS-fs (loop4): Found nat_bits in checkpoint [ 304.036290][ T8675] fscrypt (sda1, inode 2006): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 304.225719][ T8658] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 304.261474][ T8684] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.405110][ T8690] loop2: detected capacity change from 0 to 512 [ 304.447421][ T8690] EXT4-fs: Ignoring removed mblk_io_submit option [ 304.526262][ T8690] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 304.827014][ T8696] loop1: detected capacity change from 0 to 256 [ 304.935998][ T8690] EXT4-fs (loop2): 1 truncate cleaned up [ 305.067313][ T8690] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.116810][ T8696] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 305.240466][ T5108] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 305.265672][ T5108] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 305.279841][ T5108] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 305.294406][ T5108] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 305.316145][ T5108] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 305.323724][ T5108] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 305.551937][ T7091] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.651569][ T8703] fscrypt (sda1, inode 2000): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 305.911494][ T8] libceph: connect (1)[c::]:6789 error -101 [ 305.938465][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 306.852492][ T8707] ceph: No mds server is up or the cluster is laggy [ 306.875724][ T8698] chnl_net:caif_netlink_parms(): no params data found [ 306.976591][ T1154] libceph: connect (1)[c::]:6789 error -101 [ 306.985814][ T1154] libceph: mon0 (1)[c::]:6789 connect error [ 307.148856][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 307.203712][ T8698] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.221514][ T8698] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.242083][ T8698] bridge_slave_0: entered allmulticast mode [ 307.261068][ T8698] bridge_slave_0: entered promiscuous mode [ 307.300298][ T8733] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.341877][ T8698] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.374556][ T8698] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.399515][ T8698] bridge_slave_1: entered allmulticast mode [ 307.410626][ T5108] Bluetooth: hci7: command tx timeout [ 307.426018][ T8698] bridge_slave_1: entered promiscuous mode [ 307.558514][ T8737] Invalid ELF header len 9 [ 307.622290][ T8698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 307.831890][ T8698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 308.147483][ T8739] loop0: detected capacity change from 0 to 512 [ 308.170823][ T8739] EXT4-fs: Ignoring removed mblk_io_submit option [ 308.197268][ T8698] team0: Port device team_slave_0 added [ 308.206397][ T8739] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 308.246982][ T8698] team0: Port device team_slave_1 added [ 308.256923][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 308.273968][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 308.288802][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 308.296547][ T8739] EXT4-fs (loop0): 1 truncate cleaned up [ 308.298716][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.314403][ T8] usb 5-1: config 0 descriptor?? [ 308.327096][ T8739] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.374868][ T8698] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 308.379751][ T8743] loop1: detected capacity change from 0 to 256 [ 308.382505][ T8698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 308.422389][ T8698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 308.436676][ T8698] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 308.443679][ T8698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 308.483873][ T8743] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 308.496941][ T8698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 308.526798][ T5866] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.673029][ T8698] hsr_slave_0: entered promiscuous mode [ 308.684585][ T8698] hsr_slave_1: entered promiscuous mode [ 308.701305][ T8698] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 308.714450][ T8698] Cannot create hsr debugfs directory [ 308.752308][ T8] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 308.769371][ T8] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 308.793676][ T8] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 309.005150][ T8698] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.146104][ T5150] usb 5-1: USB disconnect, device number 11 [ 309.149455][ T8698] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.279965][ T8756] loop1: detected capacity change from 0 to 256 [ 309.302396][ T8698] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.414846][ T8698] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.475886][ T5108] Bluetooth: hci7: command tx timeout [ 309.722682][ T8698] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 309.761375][ T8698] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 309.792242][ T8698] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 309.817503][ T8698] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 309.951722][ T5150] libceph: connect (1)[c::]:6789 error -101 [ 309.960668][ T5150] libceph: mon0 (1)[c::]:6789 connect error [ 310.156073][ T8698] 8021q: adding VLAN 0 to HW filter on device bond0 [ 310.227372][ T5150] libceph: connect (1)[c::]:6789 error -101 [ 310.234337][ T5150] libceph: mon0 (1)[c::]:6789 connect error [ 310.251909][ T8698] 8021q: adding VLAN 0 to HW filter on device team0 [ 310.273147][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state [ 310.280564][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 310.354357][ T5150] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.361671][ T5150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 310.746549][ T8] libceph: connect (1)[c::]:6789 error -101 [ 310.763373][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 310.770878][ T5147] ------------[ cut here ]------------ [ 310.780678][ T5147] WARNING: CPU: 0 PID: 5147 at io_uring/io_uring.c:703 io_cqring_event_overflow+0x442/0x660 [ 310.780709][ T5147] Modules linked in: [ 310.780732][ T5147] CPU: 0 UID: 0 PID: 5147 Comm: kworker/0:3 Not tainted 6.10.0-rc5-next-20240627-syzkaller #0 [ 310.780750][ T5147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 310.780760][ T5147] Workqueue: events io_fallback_req_func [ 310.780788][ T5147] RIP: 0010:io_cqring_event_overflow+0x442/0x660 [ 310.780805][ T5147] Code: 0f 95 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ed 1f ee fc 90 0f 0b 90 e9 c5 fc ff ff e8 df 1f ee fc 90 <0f> 0b 90 e9 6e fc ff ff e8 d1 1f ee fc c6 05 59 1d f4 0a 01 90 48 [ 310.780820][ T5147] RSP: 0000:ffffc90003ecfa08 EFLAGS: 00010293 [ 310.780833][ T5147] RAX: ffffffff84a55e81 RBX: 0000000000000000 RCX: ffff8880296a8000 [ 310.780845][ T5147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 310.780854][ T5147] RBP: 0000000000000000 R08: ffffffff84a55ae4 R09: 0000000000000000 [ 310.780865][ T5147] R10: dffffc0000000000 R11: ffffffff84a98540 R12: ffff88807d3da000 [ 310.780877][ T5147] R13: 0000000000000000 R14: ffff88807d3da000 R15: 0000000000000000 [ 310.780887][ T5147] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 310.780901][ T5147] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 310.780912][ T5147] CR2: 0000001b31217ff8 CR3: 0000000070522000 CR4: 00000000003506f0 [ 310.780926][ T5147] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000006800 [ 310.780936][ T5147] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 310.780946][ T5147] Call Trace: [ 310.780953][ T5147] [ 310.780960][ T5147] ? __warn+0x168/0x4e0 [ 310.780975][ T5147] ? io_cqring_event_overflow+0x442/0x660 [ 310.780994][ T5147] ? report_bug+0x2b3/0x500 [ 310.781016][ T5147] ? io_cqring_event_overflow+0x442/0x660 [ 310.781037][ T5147] ? handle_bug+0x3e/0x70 [ 310.781054][ T5147] ? exc_invalid_op+0x1a/0x50 [ 310.781070][ T5147] ? asm_exc_invalid_op+0x1a/0x20 [ 310.781093][ T5147] ? __pfx_io_msg_tw_complete+0x10/0x10 [ 310.781118][ T5147] ? io_cqring_event_overflow+0xa4/0x660 [ 310.781133][ T5147] ? io_cqring_event_overflow+0x441/0x660 [ 310.781150][ T5147] ? io_cqring_event_overflow+0x442/0x660 [ 310.781168][ T5147] ? io_cqring_event_overflow+0x441/0x660 [ 310.781182][ T5147] ? io_get_cqe_overflow+0x57f/0x590 [ 310.781202][ T5147] io_add_aux_cqe+0x27c/0x320 [ 310.781222][ T5147] ? io_fallback_req_func+0x71/0x1c0 [ 310.781249][ T5147] ? __pfx_io_add_aux_cqe+0x10/0x10 [ 310.781274][ T5147] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 310.781298][ T5147] io_msg_tw_complete+0x9d/0x4d0 [ 310.781321][ T5147] ? percpu_ref_get_many+0x1f/0x1d0 [ 310.781345][ T5147] io_fallback_req_func+0xce/0x1c0 [ 310.781371][ T5147] ? process_scheduled_works+0x945/0x1830 [ 310.781390][ T5147] process_scheduled_works+0xa2c/0x1830 [ 310.781433][ T5147] ? __pfx_process_scheduled_works+0x10/0x10 [ 310.781460][ T5147] ? assign_work+0x364/0x3d0 [ 310.781484][ T5147] worker_thread+0x86d/0xd40 [ 310.781513][ T5147] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 310.781537][ T5147] ? __kthread_parkme+0x169/0x1d0 [ 310.781561][ T5147] ? __pfx_worker_thread+0x10/0x10 [ 310.781581][ T5147] kthread+0x2f0/0x390 [ 310.781603][ T5147] ? __pfx_worker_thread+0x10/0x10 [ 310.781630][ T5147] ? __pfx_kthread+0x10/0x10 [ 310.781661][ T5147] ret_from_fork+0x4b/0x80 [ 310.781691][ T5147] ? __pfx_kthread+0x10/0x10 [ 310.781718][ T5147] ret_from_fork_asm+0x1a/0x30 [ 310.781754][ T5147] [ 310.781762][ T5147] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 311.123557][ T5147] CPU: 0 UID: 0 PID: 5147 Comm: kworker/0:3 Not tainted 6.10.0-rc5-next-20240627-syzkaller #0 [ 311.133801][ T5147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 311.143880][ T5147] Workqueue: events io_fallback_req_func [ 311.149547][ T5147] Call Trace: [ 311.152842][ T5147] [ 311.155816][ T5147] dump_stack_lvl+0x241/0x360 [ 311.160518][ T5147] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.165728][ T5147] ? __pfx__printk+0x10/0x10 [ 311.170440][ T5147] ? vscnprintf+0x5d/0x90 [ 311.174775][ T5147] panic+0x349/0x870 [ 311.178700][ T5147] ? __warn+0x177/0x4e0 [ 311.182897][ T5147] ? __pfx_panic+0x10/0x10 [ 311.187362][ T5147] ? ret_from_fork_asm+0x1a/0x30 [ 311.192348][ T5147] __warn+0x34b/0x4e0 [ 311.196334][ T5147] ? io_cqring_event_overflow+0x442/0x660 [ 311.202095][ T5147] report_bug+0x2b3/0x500 [ 311.206450][ T5147] ? io_cqring_event_overflow+0x442/0x660 [ 311.212188][ T5147] handle_bug+0x3e/0x70 [ 311.216365][ T5147] exc_invalid_op+0x1a/0x50 [ 311.220887][ T5147] asm_exc_invalid_op+0x1a/0x20 [ 311.225762][ T5147] RIP: 0010:io_cqring_event_overflow+0x442/0x660 [ 311.232096][ T5147] Code: 0f 95 c0 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ed 1f ee fc 90 0f 0b 90 e9 c5 fc ff ff e8 df 1f ee fc 90 <0f> 0b 90 e9 6e fc ff ff e8 d1 1f ee fc c6 05 59 1d f4 0a 01 90 48 [ 311.251725][ T5147] RSP: 0000:ffffc90003ecfa08 EFLAGS: 00010293 [ 311.257799][ T5147] RAX: ffffffff84a55e81 RBX: 0000000000000000 RCX: ffff8880296a8000 [ 311.265888][ T5147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 311.273964][ T5147] RBP: 0000000000000000 R08: ffffffff84a55ae4 R09: 0000000000000000 [ 311.281933][ T5147] R10: dffffc0000000000 R11: ffffffff84a98540 R12: ffff88807d3da000 [ 311.289910][ T5147] R13: 0000000000000000 R14: ffff88807d3da000 R15: 0000000000000000 [ 311.297891][ T5147] ? __pfx_io_msg_tw_complete+0x10/0x10 [ 311.303462][ T5147] ? io_cqring_event_overflow+0xa4/0x660 [ 311.309107][ T5147] ? io_cqring_event_overflow+0x441/0x660 [ 311.314853][ T5147] ? io_cqring_event_overflow+0x441/0x660 [ 311.320602][ T5147] ? io_get_cqe_overflow+0x57f/0x590 [ 311.325910][ T5147] io_add_aux_cqe+0x27c/0x320 [ 311.330706][ T5147] ? io_fallback_req_func+0x71/0x1c0 [ 311.336090][ T5147] ? __pfx_io_add_aux_cqe+0x10/0x10 [ 311.341323][ T5147] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 311.347337][ T5147] io_msg_tw_complete+0x9d/0x4d0 [ 311.352288][ T5147] ? percpu_ref_get_many+0x1f/0x1d0 [ 311.357498][ T5147] io_fallback_req_func+0xce/0x1c0 [ 311.362651][ T5147] ? process_scheduled_works+0x945/0x1830 [ 311.368373][ T5147] process_scheduled_works+0xa2c/0x1830 [ 311.373960][ T5147] ? __pfx_process_scheduled_works+0x10/0x10 [ 311.379967][ T5147] ? assign_work+0x364/0x3d0 [ 311.384564][ T5147] worker_thread+0x86d/0xd40 [ 311.389168][ T5147] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 311.395080][ T5147] ? __kthread_parkme+0x169/0x1d0 [ 311.400134][ T5147] ? __pfx_worker_thread+0x10/0x10 [ 311.405361][ T5147] kthread+0x2f0/0x390 [ 311.409434][ T5147] ? __pfx_worker_thread+0x10/0x10 [ 311.414560][ T5147] ? __pfx_kthread+0x10/0x10 [ 311.419161][ T5147] ret_from_fork+0x4b/0x80 [ 311.423581][ T5147] ? __pfx_kthread+0x10/0x10 [ 311.428291][ T5147] ret_from_fork_asm+0x1a/0x30 [ 311.433075][ T5147] [ 311.436448][ T5147] Kernel Offset: disabled [ 311.440919][ T5147] Rebooting in 86400 seconds..