last executing test programs: 4.291490753s ago: executing program 3 (id=454): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) unshare(0x64000600) r2 = socket$inet6(0x10, 0x2, 0x0) write(r2, &(0x7f0000000000)="fc0000001c000705ab092509b86813000aab080102000000b85b0e93210001c0f0060848050000010000000000039815fa2c53c28648000000b937799f377a00bc000c00f0036cdf0db400600033d44000040060b16a482c0a3c313012dafd5a32e273fc83ab82d710f74cec18444ef90d475ef8b2863ef3d92c94170e5bba2e177312e081f691bc5110556888100000463ae4f5df1b394cfd6239ec2a0f0d1bcae5f5502943283f4b9e611183b102b2b8f5566791cb19020191bd0733802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4794eedfca92c09d776e7a90ab79a6f00a1960548deac279c00"/252, 0xfc) 4.064949787s ago: executing program 0 (id=458): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r0) sendmsg$NL802154_CMD_SET_TX_POWER(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="478829bd7000000000011d"], 0x1c}}, 0x40040) 3.952287148s ago: executing program 0 (id=460): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000880)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde9809c8814618e976832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada133b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631def9f126c25ba4f37caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d3130180613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd60200c1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0xeeee8000, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0xddccb000, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x2}, {0x5002, 0x5000, 0xf, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x8080000, 0x0, 0xa, 0x0, 0x0, 0xf3}, {0x11000, 0x0, 0x0, 0x7, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x31, 0x0, 0x0, 0x84}, {0x3000, 0x80a0000, 0x9, 0x0, 0x20}, {0x0, 0x0, 0xf, 0x82, 0x0, 0x0, 0x0, 0xe, 0x5}, {0x1}, {0x1, 0xfffe}, 0x60040030, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x900, [0x0, 0x0, 0x10000, 0x3]}) 3.804320921s ago: executing program 3 (id=462): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000001c0)={'wg1\x00', 0x400}) close(0x3) 3.450165327s ago: executing program 2 (id=465): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0, {0xa, 0x0, 0x0, @private0, 0x80000}}}, 0x80, 0x0}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)=[{0x0}], 0x1}, 0x0) r0 = socket$kcm(0x2, 0x1, 0x84) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98) sendmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000740)=@in={0x2, 0x4e21, @loopback}, 0x80, &(0x7f0000001bc0)=[{&(0x7f0000000880)='\r', 0x1}], 0x1}, 0x40) 3.398300077s ago: executing program 0 (id=466): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000000)=0x7ffd, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 3.377689797s ago: executing program 3 (id=467): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x2, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @multicast}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 3.2342626s ago: executing program 2 (id=469): io_submit(0x0, 0x0, &(0x7f0000000800)) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) r1 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000001c0)='source', &(0x7f0000000100)='%\xff:2\x82|\x9a\xe0\xadA\xde\xd5\x03\x00\x00\x00\xb7\xe5\xee:\xb5\x0e\xec\xe5\xdc\xe5\x8d?\x16BE\x8b\xe8)\xa9H\x99\x10\x02q\xf7\xd3\xc5*\x15\xdf_\xb2_`\x92|\x7f\xff9\xf7o$e&1\xfd\xea\xb0\xb0', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%\xde({F\xfaA:', 0x0) 3.21720621s ago: executing program 3 (id=470): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x48, &(0x7f0000001980)=ANY=[@ANYBLOB="6c617374626c6f636b3d30303030303030303030303030343030303232362c6164696e6963622c6769643d666f726765742c6e6f7374726963742c756e686964652c6e6f7374726963742c646d6f64653d30303030303030303030303031373737373737373737372c7569643d69676e6f72652c73686f727461642c766f6c756d653d30303030303030303030303030303030303030362c00e0bd89d9769ec151a9dd3fcce86efe0412c35bb5431b7a34148813bbff9a2eb303fa20aacab0e18e7e45e7fdc77cffc4574c9a903b48c8305358a61aa2a661c0a1e26939713f130d48b5f3ddf1cd90e44daa2db950cc51ec869a8f9ae4ff85e6b7d1859dc1ff3341e6b8b75187b0acf8a4f9947a19539ee6226e54131a1bd6388c7074a35b3d4cd627e335610a28f6133d48b3e9ec6beec108511b948eaa1c775de24fbb4b29a16f92150776a153ec0535168a53116d01f06c196731fa4072782467cfb1e55af1bc08b3a831c01d859d7d6ea3aa58d4afaa957670687d1a89bea1715f356538374253d4590ca7c938901038446393c0ffba0a1f896d4b794d9538e659de433e7f4e764c40d84cf8eb1a9e2f"], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000) 3.163618791s ago: executing program 0 (id=471): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000000088}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x300000a, &(0x7f00000001c0)={[{@nospace_cache}, {@thread_pool={'thread_pool', 0x3d, 0x1000003}}, {@enospc_debug}, {@skip_balance}, {@discard_async}, {@clear_cache}, {@ref_verify}, {@ssd_spread}, {@discard_async}, {@subvolid}, {@ssd_spread}, {@nodatacow}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000a40)='./file1\x00', 0x0, 0x8d) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4080}, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0xc400941b, &(0x7f0000000000)={0x1, 0x500000}) 3.103386902s ago: executing program 2 (id=472): setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[], 0xc48}, 0x0, 0xe3d08660d3cd4684}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 2.734473508s ago: executing program 2 (id=475): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2) 2.57862097s ago: executing program 3 (id=476): r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x1) fchdir(r1) r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) lseek(r2, 0x2, 0x0) 2.492465091s ago: executing program 1 (id=477): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=") sendmmsg$inet(0xffffffffffffffff, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aad", 0x3a}], 0x1}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737491a1c6bd2a64", 0x6b}, {&(0x7f0000000340)="c86d573ac19fb682d1911dfb13d5d0a616279230f2052742399d2244ceb7e4b0158ffb4912c2f3bb9b033f0f8c57871e66173fb794c68ea09f70f6f438a7f8f091ab27adda7b1de7196cff3dc7d8ccaf8f8cb0", 0x53}], 0x2}}], 0x2, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00') setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00]) read$msr(r0, &(0x7f0000000d40)=""/43, 0x2b) 2.441136362s ago: executing program 2 (id=478): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x41, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080048e0050000000000002f77fbac141416e000030a860c9f03b180000602040200845013f2325f003901050b038da1880b25181a", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000800)={r0, &(0x7f0000000780)}, 0x20) 2.294026424s ago: executing program 3 (id=479): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000200), 0xfea7) copy_file_range(r1, &(0x7f00000001c0)=0x2000, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000) 2.209892226s ago: executing program 1 (id=480): r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0xe}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 2.209602586s ago: executing program 2 (id=481): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r0, &(0x7f0000000400), 0x2000011a) syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000102505a1a44000000001010902"], 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r0) 1.869142431s ago: executing program 0 (id=482): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000040000000", @ANYRES32=0x1, @ANYBLOB='\x00'/14, @ANYRES32, @ANYRES32, @ANYBLOB="01a39cb0c58929"], 0x50) 1.839432162s ago: executing program 1 (id=483): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 1.727486623s ago: executing program 1 (id=484): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10) sendto$inet(r1, &(0x7f00000001c0)="f72bacc3ca1aaadf08e239411cbcf4b2ef908084f500db36e2ef38b56d756f041132ccc67bec238c21e52da753", 0x2d, 0x0, &(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10) readv(r0, &(0x7f0000000340)=[{&(0x7f0000000540)=""/4076, 0xfec}], 0x1) 1.547573166s ago: executing program 1 (id=485): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @loopback}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x45833af92e4b39ff, 0x0) 1.02518ms ago: executing program 1 (id=486): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb3}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 0s ago: executing program 0 (id=487): syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='.\x02\x00', 0x8c48, &(0x7f0000000240)=ANY=[@ANYBLOB='nojoliet,mode=0x00000000000000e4,dmode=0x0000000000000005,check=relaxed,overriderockperm,utf8,mode=0x0000000000000000,nojoliet,cruft,mode=0xfffffffffffffffb,utf8,session=0x0000000000000043,hide,dmode=0x000000000000001f,uid=', @ANYRESDEC, @ANYBLOB="2c6d6f64653d3078303030303030303038303030303030310086cb4be138f89f69aed82c696f636861727365743d6d6163696e7569742c66756e633d4250524d5f434845434b2c0020e70c853946a2904771793dc06c06611e03f5e2c7602f64a957c88cc3d8ee83589beff40c21fbbb1601b5869235b81f95cf0a39f6c3195e5125f94f2f8c75c38fc0c09c03ea3fbd2e56cce2a69c86db67514e59f271f5f87b7b075aabe717344a6eaeb832436386d4424b4a3d25832eb577d44c6accfaa75c7ae620d71699794e59af4cb377883fc3e4c9dfdb6340cb6395e3776c2b7e56043e63b8dd704ed4ede91e42537942c5e62bf46bf7b8542c03f6240d54f161466db4e9134915ca2839bbf4d798c1de7af1366d9b142b4e603178a6862a8b03340d309cab1a0cd33fb757910ccc8420000000934038e92ed734e0eb7d200c8283ff14dcc7b61114a4fef9561fa91274ac0114c707f4e3bf295693ab"], 0x1, 0x5a7, &(0x7f0000000f80)="$eJzs3M9v29YdAPBHx64NFwsGFGvSNEDZtIfsEFeSFwdGd4hGUzZbSRRIunBOQ7E4nTG7G5YNWHPLpVuBDTvtPPS6v2D/VP8GD5TkRLKTKD+cKQU+HyB+T+KX730fQ/ALEyYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABCiZKvRaEahm/V39+KnS7aKvPeM7Sfj/XeqmbI08TNEIUT1v7CyEi6Pvrr8zuPYn9U/roVLo0+XwkrdrIQHb7/700/fWVyod1yKovCMhM7F8owZ7n/z4HdfHh7u//F1J/J/cBy9+D7baT8r86zX3k7jrMzjzY2Nxic7nTLuZN20vFNWaS9OirRd5UV8PbkdQthcj9O1O/luf3ur3U3j68nP4+bm5q0brUZjI/5sbZC2izLvf/LZWpnsZN1u1t8extSbb7Q+CLfqE/HzrIqrtN2L43sHh/vrs5Ksg5rPE9SaFdRqtFrNZqvV3Li5efNWo7EyPlsffbHYOCWc3mXx9Z+0vHHeGp8oww8n17i3zu8qDi/nOPnnvFMAAAAAXrNoeI89Gt6XvzzsdbJu2piKOY7mlh4AAABwDoa/2l8a3wAI4XKIzv7+DwAAAPy4/e2Zz9iFKArlYDk6eVRlsPdxdNSue+2jC6OvLpwesepciS6OBxk2G4vjT0l6NXpvFPTeSfQP4+berDyioliKHr5aAuHv4coo5srdUXv3ZMtoltVO1k3Xkrz7aTO02xcXqnSv+vPXB38JoSiOL3zX712Mwr2Dw/213/z+8O4wl4f1KA+Pxn8hceYPJaZzWQ4Tufzp0XOP4xXfnl7x0vBGTL3q7/q91dG8jcn1L4x2X3iB9X8b3h/FvL86alen179Sz9lce8LqJ7NoDvY+Xh5P9pwrP5XF1VHM1esf1c1H18dbliayaM3KojV5/F/qWDwli8ljsf6MLI7DweH++itmATAv905XoVHdDY/r/5m6+xJXuRnVvS7hM6v7b2fO8m34cBTz4ZXFxxXp1BW9MauuNJ6zrofw5Cz+E679+18h7IZrJ8FPq7H1vP+YqqrR0ff1Dt+fmXdlevooLB/9Ibx7/5sHNw6Ovvxq/6v9r1ut9Y3GLxqNm62wNFzGuFF7AHiCtPghWq3+GhVFNvh1c3Oz2a520rjIk8/jItvaTuOsX6VFstPub6fxoMirPMm7deeLbCst43J3MMiLKu7kRTzIy2xv+OaXePzqlzLttftVlpSDbtou0zjJ+1U7qeKtrEziwe6vulm5kxbDnctBmmSdLGlXWd6Py3y3SNK1OC7TdCIw20r7VdbJ6m4/HhRZr13cib/Iu7u9NN5Ky6TIBlU+GvBkrqzfyYvecNi1eR9sAHhD3A/jN9g9epXdC3fCyoyYea8RAJh2ukovzzshAAAAAAAAAAAAAADgjMnH9X45fqXPCz7/t/xqjw+ee+f220/a9MH8E5vshBAWX+sUJy9OmvtK59ipz+dzGnCl7iyEea9rafy/+rLjRCGE2cE/qWPmdUUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKf7XwAAAP//3geMdQ==") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xf001}}}}}}}, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000340)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x7, 0xc2, 0xffff, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}]}}}}}}}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.59' (ED25519) to the list of known hosts. syzkaller login: [ 81.643146][ T5759] cgroup: Unknown subsys name 'net' [ 81.785111][ T5759] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.512526][ T5759] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.180838][ T5778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.189859][ T5778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.198160][ T5778] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.206510][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.214751][ T5778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.223279][ T5778] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.232901][ T5782] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.237315][ T5778] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.250186][ T5782] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.250214][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.260067][ T5086] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.266757][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.272673][ T5086] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.280419][ T5783] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.287595][ T5086] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.293104][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.300436][ T5086] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.311353][ T5783] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.314010][ T5086] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.325281][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.335002][ T5086] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.337354][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.355820][ T5787] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.363574][ T5787] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.881304][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 85.978153][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 86.043236][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 86.088497][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 86.206826][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.214191][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.222028][ T5771] bridge_slave_0: entered allmulticast mode [ 86.230113][ T5771] bridge_slave_0: entered promiscuous mode [ 86.262903][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.270235][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.278035][ T5771] bridge_slave_1: entered allmulticast mode [ 86.285016][ T5771] bridge_slave_1: entered promiscuous mode [ 86.311348][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.319178][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.326487][ T5769] bridge_slave_0: entered allmulticast mode [ 86.333482][ T5769] bridge_slave_0: entered promiscuous mode [ 86.371394][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.378865][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.386371][ T5769] bridge_slave_1: entered allmulticast mode [ 86.393362][ T5769] bridge_slave_1: entered promiscuous mode [ 86.439424][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.447393][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.454619][ T5772] bridge_slave_0: entered allmulticast mode [ 86.462717][ T5772] bridge_slave_0: entered promiscuous mode [ 86.486614][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.496324][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.503831][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.512333][ T5770] bridge_slave_0: entered allmulticast mode [ 86.519507][ T5770] bridge_slave_0: entered promiscuous mode [ 86.528067][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.535235][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.542667][ T5770] bridge_slave_1: entered allmulticast mode [ 86.550303][ T5770] bridge_slave_1: entered promiscuous mode [ 86.557257][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.564395][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.571911][ T5772] bridge_slave_1: entered allmulticast mode [ 86.579258][ T5772] bridge_slave_1: entered promiscuous mode [ 86.602519][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.614950][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.676281][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.701109][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.714019][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.764334][ T5771] team0: Port device team_slave_0 added [ 86.790821][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.803664][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.815660][ T5769] team0: Port device team_slave_0 added [ 86.825301][ T5769] team0: Port device team_slave_1 added [ 86.832760][ T5771] team0: Port device team_slave_1 added [ 86.904694][ T5770] team0: Port device team_slave_0 added [ 86.937057][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.944046][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.970533][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.984640][ T5770] team0: Port device team_slave_1 added [ 87.005335][ T5772] team0: Port device team_slave_0 added [ 87.012765][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.020801][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.047143][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.059028][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.067066][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.095885][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.133131][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.140228][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.171892][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.187328][ T5772] team0: Port device team_slave_1 added [ 87.194508][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.203693][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.230128][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.273860][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.281009][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.307648][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.384948][ T5769] hsr_slave_0: entered promiscuous mode [ 87.393972][ T5769] hsr_slave_1: entered promiscuous mode [ 87.406944][ T50] Bluetooth: hci1: command tx timeout [ 87.407381][ T5777] Bluetooth: hci0: command tx timeout [ 87.412750][ T50] Bluetooth: hci3: command tx timeout [ 87.418258][ T5779] Bluetooth: hci2: command tx timeout [ 87.456212][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.463228][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.489629][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.503050][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.511158][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.537572][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.604984][ T5771] hsr_slave_0: entered promiscuous mode [ 87.613923][ T5771] hsr_slave_1: entered promiscuous mode [ 87.621160][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.629519][ T5771] Cannot create hsr debugfs directory [ 87.673221][ T5770] hsr_slave_0: entered promiscuous mode [ 87.680410][ T5770] hsr_slave_1: entered promiscuous mode [ 87.687377][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.694983][ T5770] Cannot create hsr debugfs directory [ 87.784063][ T5772] hsr_slave_0: entered promiscuous mode [ 87.790661][ T5772] hsr_slave_1: entered promiscuous mode [ 87.798095][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.805679][ T5772] Cannot create hsr debugfs directory [ 88.220253][ T5769] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.235812][ T5769] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.248346][ T5769] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.259700][ T5769] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.328293][ T5771] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.350208][ T5771] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.360693][ T5771] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.377716][ T5771] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.491505][ T5772] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.528567][ T5772] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.543046][ T5772] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.554117][ T5772] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.593141][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.643350][ T5770] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.654444][ T5770] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.688331][ T5770] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.699937][ T5770] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.734419][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.755253][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.762720][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.798907][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.806228][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.893592][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.924025][ T5769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.971465][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.983509][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.012171][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.019460][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.054530][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.061810][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.122410][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.147789][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.154981][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.201033][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.208322][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.282990][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.330080][ T5771] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.378197][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.408383][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.415639][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.478636][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.487076][ T5779] Bluetooth: hci2: command tx timeout [ 89.492555][ T5779] Bluetooth: hci0: command tx timeout [ 89.498005][ T5777] Bluetooth: hci3: command tx timeout [ 89.498048][ T5777] Bluetooth: hci1: command tx timeout [ 89.515196][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.522461][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.728603][ T5769] veth0_vlan: entered promiscuous mode [ 89.768817][ T5769] veth1_vlan: entered promiscuous mode [ 89.816410][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.914531][ T5769] veth0_macvtap: entered promiscuous mode [ 89.933910][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.959518][ T5769] veth1_macvtap: entered promiscuous mode [ 90.024940][ T5771] veth0_vlan: entered promiscuous mode [ 90.041966][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.073130][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.085583][ T5769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.095355][ T5769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.104477][ T5769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.114958][ T5769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.134186][ T5771] veth1_vlan: entered promiscuous mode [ 90.207802][ T5772] veth0_vlan: entered promiscuous mode [ 90.231939][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.252589][ T5772] veth1_vlan: entered promiscuous mode [ 90.302795][ T5771] veth0_macvtap: entered promiscuous mode [ 90.337114][ T5771] veth1_macvtap: entered promiscuous mode [ 90.373681][ T5772] veth0_macvtap: entered promiscuous mode [ 90.407122][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.427518][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.430026][ T5772] veth1_macvtap: entered promiscuous mode [ 90.469731][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.480687][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.493806][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.549495][ T5770] veth0_vlan: entered promiscuous mode [ 90.567518][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.569155][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.586022][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.594609][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.607697][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.615308][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.626388][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.639440][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.650686][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.662129][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.685011][ T5771] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.694642][ T5771] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.704269][ T5771] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.715065][ T5771] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.728405][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.739352][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.749606][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.760518][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.772563][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.784652][ T5772] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.793949][ T5772] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.803405][ T5772] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.812804][ T5772] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.894700][ T5770] veth1_vlan: entered promiscuous mode [ 91.040107][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.072104][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.134832][ T5770] veth0_macvtap: entered promiscuous mode [ 91.162864][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.170838][ T5770] veth1_macvtap: entered promiscuous mode [ 91.203752][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.296326][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.308291][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.318723][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.331722][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.342667][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.353522][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.365583][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.407308][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.422252][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.432655][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.444667][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.458689][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.469421][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.481289][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.498742][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.521732][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.549326][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.559875][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.560643][ T5770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.567888][ T5779] Bluetooth: hci1: command tx timeout [ 91.567940][ T5779] Bluetooth: hci3: command tx timeout [ 91.567972][ T5779] Bluetooth: hci2: command tx timeout [ 91.568003][ T5779] Bluetooth: hci0: command tx timeout [ 91.601466][ T5770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.611237][ T5770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.623617][ T5770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.889115][ T1083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.906099][ T1083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.019636][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.036701][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.214734][ T1208] cfg80211: failed to load regulatory.db [ 92.427509][ T5857] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET) [ 93.147617][ T5879] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14'. [ 93.502756][ T28] audit: type=1326 audit(1750259202.395:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.570514][ T28] audit: type=1326 audit(1750259202.395:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.627968][ T28] audit: type=1326 audit(1750259202.425:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.648481][ T5779] Bluetooth: hci0: command tx timeout [ 93.656746][ T5779] Bluetooth: hci2: command tx timeout [ 93.662833][ T5779] Bluetooth: hci3: command tx timeout [ 93.663813][ T5777] Bluetooth: hci1: command tx timeout [ 93.739356][ T28] audit: type=1326 audit(1750259202.435:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.814778][ T28] audit: type=1326 audit(1750259202.435:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.845888][ T28] audit: type=1326 audit(1750259202.435:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.897620][ T28] audit: type=1326 audit(1750259202.435:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 93.956164][ T5896] syz.3.21[5896]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.988969][ T28] audit: type=1326 audit(1750259202.435:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 94.058374][ T28] audit: type=1326 audit(1750259202.435:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 94.075183][ T5896] loop3: detected capacity change from 0 to 512 [ 94.124556][ T28] audit: type=1326 audit(1750259202.435:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.3.19" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e638e929 code=0x7ffc0000 [ 94.153159][ T5896] ======================================================= [ 94.153159][ T5896] WARNING: The mand mount option has been deprecated and [ 94.153159][ T5896] and is ignored by this kernel. Remove the mand [ 94.153159][ T5896] option from the mount to silence this warning. [ 94.153159][ T5896] ======================================================= [ 94.387574][ T5896] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 94.451155][ T5896] EXT4-fs (loop3): orphan cleanup on readonly fs [ 94.521499][ T5896] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.21: Failed to acquire dquot type 1 [ 94.611897][ T5896] EXT4-fs (loop3): 1 truncate cleaned up [ 94.661677][ T5896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 94.818598][ T5905] ptrace attach of "./syz-executor exec"[5906] was attempted by "./syz-executor exec"[5905] [ 95.029412][ T5908] loop1: detected capacity change from 0 to 128 [ 95.122076][ T5910] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.019788][ T5929] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 96.057415][ T5929] netlink: 'syz.0.33': attribute type 12 has an invalid length. [ 96.105606][ T5929] netlink: 'syz.0.33': attribute type 29 has an invalid length. [ 96.141607][ T5929] netlink: 148 bytes leftover after parsing attributes in process `syz.0.33'. [ 96.151381][ T5929] Zero length message leads to an empty skb [ 96.391709][ T5939] loop0: detected capacity change from 0 to 256 [ 96.440817][ T5939] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 96.484741][ T5939] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 96.544092][ T5939] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 97.476263][ T8] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 97.660815][ T5966] loop2: detected capacity change from 0 to 128 [ 97.691480][ T8] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 97.705890][ T8] usb 2-1: config 0 has no interface number 0 [ 97.735658][ T8] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 97.765924][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.818155][ T8] usb 2-1: config 0 descriptor?? [ 97.860099][ T8] usb 2-1: selecting invalid altsetting 1 [ 97.878362][ T8] dvb_ttusb_budget: ttusb_init_controller: error [ 97.902774][ T8] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 98.090309][ T5975] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 98.119173][ T8] DVB: Unable to find symbol cx22700_attach() [ 98.236927][ T8] DVB: Unable to find symbol tda10046_attach() [ 98.253408][ T8] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 98.307610][ T8] usb 2-1: USB disconnect, device number 2 [ 98.466273][ T5981] netlink: 12 bytes leftover after parsing attributes in process `syz.0.54'. [ 98.496279][ T5981] netlink: 'syz.0.54': attribute type 15 has an invalid length. [ 98.554195][ T5981] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.563610][ T5981] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.573751][ T5981] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.582758][ T5981] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 98.626971][ T5981] vxlan0: entered promiscuous mode [ 98.904942][ T5989] loop1: detected capacity change from 0 to 128 [ 99.092170][ T5989] syz.1.58: attempt to access beyond end of device [ 99.092170][ T5989] loop1: rw=2049, sector=145, nr_sectors = 304 limit=128 [ 99.404838][ T5987] loop2: detected capacity change from 0 to 32768 [ 99.448299][ T5987] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.57 (5987) [ 99.550408][ T5987] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 99.562447][ T5987] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 99.603920][ T5987] BTRFS info (device loop2): setting nodatacow, compression disabled [ 99.615149][ T5987] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 99.651323][ T5987] BTRFS info (device loop2): trying to use backup root at mount time [ 99.674432][ T5987] BTRFS info (device loop2): force zlib compression, level 3 [ 99.705137][ T5987] BTRFS info (device loop2): turning off barriers [ 99.716285][ T5987] BTRFS info (device loop2): enabling ssd optimizations [ 99.723359][ T5987] BTRFS info (device loop2): using spread ssd allocation scheme [ 99.757309][ T5987] BTRFS info (device loop2): doing ref verification [ 99.778219][ T5987] BTRFS info (device loop2): using free space tree [ 99.927856][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.601477][ T5995] loop0: detected capacity change from 0 to 31092 [ 100.672648][ T5995] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.59 (5995) [ 100.745692][ T5771] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 100.780828][ T5995] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 100.806984][ T5995] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 100.835883][ T5995] BTRFS info (device loop0): using free space tree [ 100.933387][ T5995] BTRFS error (device loop0): device total_bytes should be at most 15919104 but found 16777216 [ 100.957220][ T6037] Illegal XDP return value 4294967294 on prog (id 16) dev N/A, expect packet loss! [ 101.016192][ T5995] BTRFS error (device loop0): failed to read chunk tree: -22 [ 101.129710][ T5995] BTRFS error (device loop0): open_ctree failed: -22 [ 104.176461][ T6075] loop2: detected capacity change from 0 to 512 [ 104.191293][ T6072] loop0: detected capacity change from 0 to 512 [ 104.211428][ T6072] EXT4-fs: Ignoring removed oldalloc option [ 104.228732][ T6072] EXT4-fs: Ignoring removed mblk_io_submit option [ 104.235381][ T6075] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 104.247074][ T6075] EXT4-fs (loop2): mount failed [ 104.262067][ T6072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 104.348068][ T6072] __quota_error: 7 callbacks suppressed [ 104.348084][ T6072] Quota error (device loop0): do_check_range: Getting block 196613 out of range 1-5 [ 104.372926][ T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 104.394069][ T6072] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 104.443983][ T6072] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.80: Failed to acquire dquot type 1 [ 104.485495][ T6072] EXT4-fs (loop0): 1 truncate cleaned up [ 104.534911][ T6072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.564981][ T6072] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 104.578166][ T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.595883][ T8] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 104.615678][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.638058][ T8] usb 4-1: config 0 descriptor?? [ 104.648541][ T8] pwc: Askey VC010 type 2 USB webcam detected. [ 104.782455][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.810591][ T6082] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.094121][ T8] pwc: recv_control_msg error -32 req 02 val 2b00 [ 105.136399][ T8] pwc: recv_control_msg error -32 req 02 val 2700 [ 105.168196][ T8] pwc: recv_control_msg error -32 req 02 val 2c00 [ 105.405008][ T8] pwc: recv_control_msg error -71 req 04 val 1300 [ 105.436036][ T8] pwc: recv_control_msg error -71 req 04 val 1400 [ 105.449079][ T8] pwc: recv_control_msg error -71 req 02 val 2000 [ 105.476665][ T8] pwc: recv_control_msg error -71 req 02 val 2100 [ 105.513618][ T8] pwc: recv_control_msg error -71 req 04 val 1500 [ 105.546909][ T8] pwc: recv_control_msg error -71 req 02 val 2500 [ 105.579024][ T8] pwc: recv_control_msg error -71 req 02 val 2400 [ 105.595456][ T8] pwc: recv_control_msg error -71 req 02 val 2600 [ 105.624952][ T8] pwc: recv_control_msg error -71 req 02 val 2900 [ 105.654635][ T8] pwc: recv_control_msg error -71 req 02 val 2800 [ 105.674710][ T8] pwc: recv_control_msg error -71 req 04 val 1100 [ 105.696783][ T8] pwc: recv_control_msg error -71 req 04 val 1200 [ 105.754334][ T8] pwc: Registered as video103. [ 105.762235][ T6093] loop1: detected capacity change from 0 to 16 [ 105.773866][ T8] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input5 [ 105.849385][ T6093] erofs: (device loop1): mounted with root inode @ nid 36. [ 105.897423][ T8] usb 4-1: USB disconnect, device number 2 [ 106.007986][ T6093] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 106.052148][ T6093] erofs: (device loop1): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 106.085553][ T6093] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 106.115949][ T6093] erofs: (device loop1): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 106.140185][ T6093] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 106.179018][ T6093] erofs: (device loop1): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 106.205406][ T6093] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 106.232339][ T6093] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 106.245099][ T6093] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 89 [ 106.279701][ T28] audit: type=1800 audit(1750259215.175:17): pid=6093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.84" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 106.851008][ T6115] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6 [ 106.882603][ T6117] loop3: detected capacity change from 0 to 512 [ 106.901601][ T6117] EXT4-fs: Ignoring removed mblk_io_submit option [ 106.925874][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 106.957589][ T6117] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 107.015982][ T28] audit: type=1326 audit(1750259215.905:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6112 comm="syz.1.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a35f8e929 code=0x7fc00000 [ 107.065205][ T6117] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002] [ 107.076523][ T6117] System zones: 1-12 [ 107.090036][ T28] audit: type=1326 audit(1750259215.985:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.110214][ T6117] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.93: corrupted in-inode xattr: e_value size too large [ 107.121554][ T28] audit: type=1326 audit(1750259215.985:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.133600][ T6117] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.93: couldn't read orphan inode 15 (err -117) [ 107.150944][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 107.176865][ T28] audit: type=1326 audit(1750259216.015:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.179253][ T6117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.226934][ T8] usb 1-1: config 0 interface 0 has no altsetting 0 [ 107.235291][ T28] audit: type=1326 audit(1750259216.015:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.260279][ T8] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 107.280507][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.293738][ T8] usb 1-1: Product: syz [ 107.298069][ T8] usb 1-1: Manufacturer: syz [ 107.302704][ T8] usb 1-1: SerialNumber: syz [ 107.315111][ T28] audit: type=1326 audit(1750259216.015:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.338835][ T8] usb 1-1: config 0 descriptor?? [ 107.382248][ T28] audit: type=1326 audit(1750259216.055:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.2.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 107.390483][ T6125] loop2: detected capacity change from 0 to 1024 [ 107.486608][ T6125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.527718][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.579550][ T8] gs_usb 1-1:0.0: Couldn't send data format (err=-71) [ 107.587407][ T8] gs_usb: probe of 1-1:0.0 failed with error -71 [ 107.600133][ T8] usb 1-1: USB disconnect, device number 2 [ 107.719463][ T6130] loop3: detected capacity change from 0 to 512 [ 107.739114][ T6130] EXT4-fs: Ignoring removed nomblk_io_submit option [ 107.780527][ T6130] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 107.818103][ T6130] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 107.838122][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.853421][ T6130] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 107.915496][ T6130] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 107.972661][ T6130] EXT4-fs (loop3): 1 truncate cleaned up [ 107.996724][ T6130] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.090727][ T6138] loop1: detected capacity change from 0 to 164 [ 108.124392][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.150462][ T6138] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 108.192082][ T6138] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 108.248544][ T6143] loop3: detected capacity change from 0 to 64 [ 108.822475][ T6159] loop3: detected capacity change from 0 to 1024 [ 108.844496][ T6159] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 108.888541][ T6159] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 108.900969][ T6159] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 108.935617][ T6159] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.109: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0) [ 108.999272][ T6159] EXT4-fs (loop3): no journal found [ 109.004569][ T6159] EXT4-fs (loop3): can't get journal size [ 109.050359][ T6159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 109.343608][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.563838][ T6180] loop2: detected capacity change from 0 to 256 [ 109.685705][ T6182] loop3: detected capacity change from 0 to 128 [ 109.733394][ T6182] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 109.796486][ T6182] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 109.903413][ T6182] overlayfs: failed to clone lowerpath [ 110.416933][ T6190] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4290638775 (549201763200 ns) > initial count (439443453440 ns). Using initial count to start timer. [ 110.664983][ T6207] netlink: 12 bytes leftover after parsing attributes in process `syz.1.129'. [ 110.806566][ T6211] 8021q: adding VLAN 0 to HW filter on device bond2 [ 110.815243][ T6211] bond1: (slave bond2): Enslaving as an active interface with an up link [ 110.971158][ T6219] vcan0: entered allmulticast mode [ 110.982738][ T6219] vcan0: left allmulticast mode [ 111.303034][ T6228] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 111.329820][ T6228] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 111.913839][ T6232] loop0: detected capacity change from 0 to 32768 [ 112.022561][ T6232] JBD2: Ignoring recovery information on journal [ 112.056705][ T787] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 112.146508][ T6232] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 112.266342][ T787] usb 4-1: Using ep0 maxpacket: 16 [ 112.282425][ T787] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 112.312054][ T787] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.344931][ T787] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 112.369240][ T787] usb 4-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 112.411518][ T787] usb 4-1: config 7 interface 0 has no altsetting 0 [ 112.419610][ T787] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 112.441912][ T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.924677][ T6247] loop2: detected capacity change from 0 to 4096 [ 112.973466][ T787] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.0/0003:0458:5010.0001/input/input7 [ 112.991590][ T6247] ntfs3: loop2: ino=3, Correct links count -> 2. [ 113.142126][ T787] kye 0003:0458:5010.0001: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0 [ 113.364045][ T5769] ocfs2: Unmounting device (7,0) on (node local) [ 113.891364][ T6257] netlink: 'syz.0.144': attribute type 4 has an invalid length. [ 114.100169][ T6264] TCP: tcp_parse_options: Illegal window scaling value 236 > 14 received [ 114.113843][ C1] kye 0003:0458:5010.0001: usb_submit_urb(ctrl) failed: -1 [ 114.286446][ T787] usb 4-1: reset high-speed USB device number 3 using dummy_hcd [ 114.406178][ T23] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 114.597662][ T23] usb 2-1: config 0 has an invalid interface number: 255 but max is 0 [ 114.606594][ T23] usb 2-1: config 0 has no interface number 0 [ 114.612746][ T23] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 114.624460][ T23] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 114.638288][ T23] usb 2-1: config 0 interface 255 has no altsetting 0 [ 114.645301][ T23] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 114.659575][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.670441][ T23] usb 2-1: config 0 descriptor?? [ 114.681276][ T23] ums-realtek 2-1:0.255: USB Mass Storage device detected [ 114.899057][ T5817] usb 2-1: USB disconnect, device number 3 [ 115.065982][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 115.139638][ T27] usb 4-1: USB disconnect, device number 3 [ 115.256818][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 115.279845][ T23] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 115.296254][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.329859][ T23] usb 3-1: config 0 descriptor?? [ 115.560089][ T6286] syzkaller0: tun_chr_ioctl cmd 1074025676 [ 115.566646][ T6286] syzkaller0: owner set to 6 [ 115.655965][ T787] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 115.740096][ T6289] loop1: detected capacity change from 0 to 512 [ 115.756288][ T6289] EXT4-fs: Ignoring removed mblk_io_submit option [ 115.763124][ T6289] EXT4-fs: Ignoring removed mblk_io_submit option [ 115.777841][ T6289] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 115.804861][ T6289] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c118, mo2=0002] [ 115.826852][ T6289] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.158: corrupted in-inode xattr: e_value size too large [ 115.841903][ T6289] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.158: couldn't read orphan inode 15 (err -117) [ 115.859508][ T6289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.871739][ T787] usb 1-1: Using ep0 maxpacket: 16 [ 115.884275][ T787] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 115.907010][ T787] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 115.945825][ T787] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 115.966698][ T787] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 115.976823][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 115.983625][ T6289] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.158: Unrecognised inode hash code 4 [ 115.996663][ T787] usb 1-1: SerialNumber: syz [ 116.012854][ T787] hub 1-1:1.0: bad descriptor, ignoring hub [ 116.017106][ T6289] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.158: Corrupt directory, running e2fsck is recommended [ 116.023960][ T787] hub: probe of 1-1:1.0 failed with error -5 [ 116.048250][ T787] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 116.064388][ T6289] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.158: Unrecognised inode hash code 4 [ 116.095836][ T6289] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.158: Corrupt directory, running e2fsck is recommended [ 116.126484][ T6289] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.158: Unrecognised inode hash code 4 [ 116.138574][ T6289] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.158: Corrupt directory, running e2fsck is recommended [ 116.166768][ T23] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 116.196109][ T23] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 116.260620][ T23] asix: probe of 3-1:0.0 failed with error -71 [ 116.269408][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.290502][ T23] usb 3-1: USB disconnect, device number 2 [ 116.387240][ T8] usb 1-1: USB disconnect, device number 3 [ 116.444462][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 116.444479][ T28] audit: type=1804 audit(1750259225.335:36): pid=6294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.159" name="file0" dev="ramfs" ino=9301 res=1 errno=0 [ 116.880295][ T6303] batadv0: entered promiscuous mode [ 116.927685][ T6303] batadv_slave_1: entered promiscuous mode [ 116.952361][ T6301] batadv_slave_1: left promiscuous mode [ 116.963274][ T6301] batadv0: left promiscuous mode [ 117.178347][ T6315] netlink: 12 bytes leftover after parsing attributes in process `syz.1.169'. [ 117.438958][ T6312] loop2: detected capacity change from 0 to 40427 [ 117.453186][ T6312] F2FS-fs (loop2): Invalid segment/section count (24 != 1 * 1) [ 117.461265][ T6312] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 117.511581][ T6312] F2FS-fs (loop2): invalid crc value [ 117.533698][ T6312] F2FS-fs (loop2): Found nat_bits in checkpoint [ 117.606807][ T6312] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 117.614275][ T6312] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 117.818514][ T5771] syz-executor: attempt to access beyond end of device [ 117.818514][ T5771] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 117.839412][ T5771] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 118.557327][ T6330] loop1: detected capacity change from 0 to 32768 [ 118.747753][ T6343] loop2: detected capacity change from 0 to 128 [ 118.817647][ T6343] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 118.858022][ T6343] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.978909][ T5771] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 119.801170][ T6361] netlink: 12 bytes leftover after parsing attributes in process `syz.3.186'. [ 119.937638][ T6367] loop1: detected capacity change from 0 to 764 [ 120.092626][ T5770] Symlink component flag not implemented [ 120.753774][ T6372] loop0: detected capacity change from 0 to 32768 [ 120.779739][ T6372] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.191 (6372) [ 120.808624][ T6372] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 120.820331][ T6372] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 120.829248][ T6372] BTRFS info (device loop0): using free space tree [ 120.860686][ T6372] BTRFS info (device loop0): enabling ssd optimizations [ 120.868700][ T6372] BTRFS info (device loop0): auto enabling async discard [ 120.993745][ T5769] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 121.016867][ T787] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 121.226055][ T787] usb 2-1: Using ep0 maxpacket: 32 [ 121.251586][ T787] usb 2-1: config 0 has an invalid interface number: 151 but max is 0 [ 121.266118][ T787] usb 2-1: config 0 has no interface number 0 [ 121.275345][ T787] usb 2-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f [ 121.285312][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.306114][ T787] usb 2-1: Product: syz [ 121.310455][ T787] usb 2-1: Manufacturer: syz [ 121.315097][ T787] usb 2-1: SerialNumber: syz [ 121.332531][ T787] usb 2-1: config 0 descriptor?? [ 121.591807][ T787] usb 2-1: USB disconnect, device number 4 [ 122.084953][ T6425] loop0: detected capacity change from 0 to 32768 [ 122.094434][ T6425] (syz.0.207,6425,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 122.109116][ T6425] (syz.0.207,6425,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 122.126675][ T5842] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 122.168787][ T6425] JBD2: Ignoring recovery information on journal [ 122.204489][ T6425] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 122.326397][ T5842] usb 4-1: Using ep0 maxpacket: 8 [ 122.350607][ T5842] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 122.367181][ T5842] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.384988][ T5842] usb 4-1: Product: syz [ 122.394571][ T5842] usb 4-1: Manufacturer: syz [ 122.405879][ T5842] usb 4-1: SerialNumber: syz [ 122.418137][ T5842] usb 4-1: config 0 descriptor?? [ 122.462074][ T6425] syz.0.207 (6425) used greatest stack depth: 18288 bytes left [ 122.521999][ T5769] ocfs2: Unmounting device (7,0) on (node local) [ 122.664076][ T5842] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 122.682653][ T6431] loop1: detected capacity change from 0 to 32768 [ 122.698536][ T6431] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.209 (6431) [ 122.721295][ T6431] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 122.736066][ T6431] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 122.752045][ T6431] BTRFS info (device loop1): using free space tree [ 122.835996][ T6431] BTRFS info (device loop1): enabling ssd optimizations [ 122.854511][ T6431] BTRFS info (device loop1): auto enabling async discard [ 122.858187][ T6439] loop0: detected capacity change from 0 to 4096 [ 122.933734][ T6439] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 123.181795][ T5770] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 123.299219][ T5842] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -32 [ 123.320627][ T5842] usb 4-1: USB disconnect, device number 4 [ 123.754150][ T6466] loop1: detected capacity change from 0 to 2048 [ 123.941782][ T6472] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 124.311100][ T6491] loop3: detected capacity change from 0 to 512 [ 124.323750][ T6491] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 124.337681][ T6491] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e11c, mo2=0002] [ 124.345860][ T6491] System zones: 1-12 [ 124.350149][ T6491] EXT4-fs (loop3): orphan cleanup on readonly fs [ 124.371977][ T6491] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.229: bg 0: block 361: padding at end of block bitmap is not set [ 124.395823][ T6491] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 124.405516][ T6491] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.229: invalid indirect mapped block 12 (level 1) [ 124.421891][ T6491] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.229: invalid indirect mapped block 2 (level 2) [ 124.437370][ T6491] EXT4-fs (loop3): 1 truncate cleaned up [ 124.444059][ T6491] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 124.456649][ T6496] macvlan0: entered allmulticast mode [ 124.462087][ T6496] veth1_vlan: entered allmulticast mode [ 124.475487][ T6496] veth1_vlan: left allmulticast mode [ 124.554039][ T6496] macvlan0 (unregistering): left allmulticast mode [ 124.600908][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 124.717272][ T6503] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 124.896135][ T5842] libceph: connect (1)[c::]:6789 error -101 [ 124.936949][ T5842] libceph: mon0 (1)[c::]:6789 connect error [ 124.947241][ T6508] ceph: No mds server is up or the cluster is laggy [ 124.964293][ T5842] libceph: connect (1)[c::]:6789 error -101 [ 124.980561][ T5842] libceph: mon0 (1)[c::]:6789 connect error [ 125.473518][ T6536] process 'syz.0.245' launched '/dev/fd/6' with NULL argv: empty string added [ 125.520073][ T6540] loop2: detected capacity change from 0 to 128 [ 125.537968][ T6540] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 125.558062][ T6540] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 126.297588][ T1083] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xc [ 126.543898][ T6573] loop0: detected capacity change from 0 to 32768 [ 126.567098][ T6573] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 126.637371][ T6573] XFS (loop0): Ending clean mount [ 126.654986][ T6573] XFS (loop0): Quotacheck needed: Please wait. [ 126.707356][ T6573] XFS (loop0): Quotacheck: Done. [ 126.878411][ T5769] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 126.893396][ T6586] bond1: entered promiscuous mode [ 126.903776][ T6586] 8021q: adding VLAN 0 to HW filter on device bond1 [ 126.968185][ T6586] 8021q: adding VLAN 0 to HW filter on device bond1 [ 126.975342][ T6586] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 127.001875][ T6586] bond1: (slave ip6gre1): Error -95 calling set_mac_address [ 128.093189][ T6618] loop0: detected capacity change from 0 to 8 [ 128.289455][ T6622] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 128.595592][ T6632] netlink: 'syz.3.282': attribute type 4 has an invalid length. [ 128.700278][ T6632] netlink: 'syz.3.282': attribute type 4 has an invalid length. [ 128.859520][ T6637] netlink: 12 bytes leftover after parsing attributes in process `syz.3.284'. [ 128.914754][ T6637] 8021q: adding VLAN 0 to HW filter on device bond1 [ 128.974393][ T6634] loop1: detected capacity change from 0 to 40427 [ 128.989991][ T6634] F2FS-fs (loop1): invalid crc value [ 129.004057][ T6639] 8021q: adding VLAN 0 to HW filter on device bond1 [ 129.017223][ T6634] F2FS-fs (loop1): Found nat_bits in checkpoint [ 129.031198][ T6639] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 129.058640][ T6639] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 129.072089][ T6634] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 129.130732][ T6634] syz.1.283: attempt to access beyond end of device [ 129.130732][ T6634] loop1: rw=2049, sector=45096, nr_sectors = 32 limit=40427 [ 129.253591][ T5770] syz-executor: attempt to access beyond end of device [ 129.253591][ T5770] loop1: rw=2049, sector=45128, nr_sectors = 8 limit=40427 [ 129.275143][ T5770] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 129.623133][ T6650] loop2: detected capacity change from 0 to 128 [ 129.662184][ T6650] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 129.671228][ T6650] FAT-fs (loop2): Filesystem has been set read-only [ 129.678092][ T6650] syz.2.288: attempt to access beyond end of device [ 129.678092][ T6650] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 129.692147][ T6650] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 129.700122][ T6650] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 129.716515][ T6650] syz.2.288: attempt to access beyond end of device [ 129.716515][ T6650] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 129.742401][ T6650] syz.2.288: attempt to access beyond end of device [ 129.742401][ T6650] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 129.748300][ T28] audit: type=1800 audit(1750259238.625:37): pid=6650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.288" name="file2" dev="loop2" ino=1048600 res=0 errno=0 [ 129.756641][ T6650] syz.2.288: attempt to access beyond end of device [ 129.756641][ T6650] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 129.793487][ T6650] syz.2.288: attempt to access beyond end of device [ 129.793487][ T6650] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 130.576198][ T787] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 130.775631][ T787] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 130.786186][ T787] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 130.801918][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 130.817875][ T787] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 130.834147][ T787] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 130.849994][ T787] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 130.859727][ T787] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 130.868265][ T787] usb 3-1: Product: syz [ 130.873712][ T787] usb 3-1: Manufacturer: syz [ 130.894817][ T787] cdc_wdm 3-1:1.0: skipping garbage [ 130.903773][ T787] cdc_wdm 3-1:1.0: skipping garbage [ 130.924186][ T787] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 130.930575][ T787] cdc_wdm 3-1:1.0: Unknown control protocol [ 131.057654][ T6677] loop1: detected capacity change from 0 to 40427 [ 131.065906][ T6677] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff [ 131.077711][ T6677] F2FS-fs (loop1): invalid crc value [ 131.096926][ T6677] F2FS-fs (loop1): Found nat_bits in checkpoint [ 131.125357][ T787] usb 3-1: USB disconnect, device number 3 [ 131.160252][ T6677] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 131.212450][ T28] audit: type=1804 audit(1750259240.105:38): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.297" name="/newroot/83/file1/file1" dev="loop1" ino=10 res=1 errno=0 [ 131.260923][ T5770] syz-executor: attempt to access beyond end of device [ 131.260923][ T5770] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 131.275443][ T5770] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 131.885871][ T787] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 132.081930][ T787] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 132.101764][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.112995][ T787] usb 4-1: Product: syz [ 132.117667][ T787] usb 4-1: Manufacturer: syz [ 132.122644][ T787] usb 4-1: SerialNumber: syz [ 132.136979][ T787] usb 4-1: config 0 descriptor?? [ 132.577325][ T787] usb 4-1: Firmware: major: 22, minor: 220, hardware type: UNKNOWN (68) [ 132.783170][ T787] usb 4-1: no permanent extended address found, random address set [ 132.816227][ T787] usb 4-1: atusb_probe: initialization failed, error = -524 [ 132.824189][ T787] atusb: probe of 4-1:0.0 failed with error -524 [ 133.023784][ T787] usb 4-1: USB disconnect, device number 5 [ 133.169422][ T6708] loop0: detected capacity change from 0 to 32768 [ 133.192077][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.200126][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.224932][ T6708] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.309 (6708) [ 133.248701][ T6708] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 133.264447][ T6708] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 133.273882][ T6708] BTRFS info (device loop0): force clearing of disk cache [ 133.287886][ T6708] BTRFS info (device loop0): enabling auto defrag [ 133.294691][ T6708] BTRFS info (device loop0): max_inline at 0 [ 133.304161][ T6708] BTRFS info (device loop0): enabling disk space caching [ 133.314035][ T6708] BTRFS info (device loop0): disk space caching is enabled [ 133.661295][ T6708] BTRFS info (device loop0): enabling ssd optimizations [ 133.703128][ T6708] BTRFS info (device loop0): rebuilding free space tree [ 133.883382][ T6708] BTRFS info (device loop0): disabling free space tree [ 133.920369][ T6708] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 133.960106][ T6708] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 134.278389][ T6742] loop3: detected capacity change from 0 to 2048 [ 134.285743][ C0] sched: RT throttling activated [ 134.431874][ T6742] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 134.523226][ T6723] loop2: detected capacity change from 0 to 131072 [ 134.549744][ T6743] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 134.578653][ T6723] F2FS-fs (loop2): Found nat_bits in checkpoint [ 134.591084][ T5769] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 134.632754][ T6723] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 134.714926][ T6723] F2FS-fs (loop2): lookup inode (7) has corrupted xattr [ 134.756672][ T28] audit: type=1800 audit(1750259243.635:39): pid=6723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.316" name="file1" dev="loop2" ino=7 res=0 errno=0 [ 135.426375][ T6752] netlink: 'syz.3.321': attribute type 10 has an invalid length. [ 135.525593][ T6752] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.553796][ T6752] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 135.890867][ T6750] loop0: detected capacity change from 0 to 32768 [ 135.918809][ T6750] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.319 (6750) [ 135.951366][ T6750] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 135.965930][ T6750] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 135.987113][ T6750] BTRFS info (device loop0): using free space tree [ 136.066478][ T6750] BTRFS info (device loop0): enabling ssd optimizations [ 136.082547][ T6750] BTRFS info (device loop0): auto enabling async discard [ 136.232645][ T6773] loop2: detected capacity change from 0 to 256 [ 136.246139][ T28] audit: type=1804 audit(1750259245.135:40): pid=6750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.319" name="/newroot/76/bus/bus" dev="loop0" ino=263 res=1 errno=0 [ 136.269237][ T6773] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x18b10316, utbl_chksum : 0xe619d30d) [ 136.315354][ T6773] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 136.391787][ T28] audit: type=1800 audit(1750259245.275:41): pid=6773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.320" name="file1" dev="loop2" ino=1048601 res=0 errno=0 [ 136.424037][ T5769] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 136.960775][ T6773] syz.2.320: attempt to access beyond end of device [ 136.960775][ T6773] loop2: rw=0, sector=184, nr_sectors = 32759 limit=256 [ 137.579949][ T6775] loop3: detected capacity change from 0 to 32768 [ 137.602970][ T6775] XFS: ikeep mount option is deprecated. [ 137.626061][ T6775] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 137.757993][ T6775] XFS (loop3): Ending clean mount [ 137.789968][ T6792] loop2: detected capacity change from 0 to 2048 [ 137.809009][ T6792] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 138.021143][ T5772] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 138.554241][ T28] audit: type=1326 audit(1750259247.445:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6803 comm="syz.2.333" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x0 [ 138.877799][ T6796] loop0: detected capacity change from 0 to 40427 [ 138.902592][ T6796] F2FS-fs (loop0): invalid crc value [ 138.929658][ T6796] F2FS-fs (loop0): Found nat_bits in checkpoint [ 139.026366][ T6796] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 139.085083][ T6815] loop3: detected capacity change from 0 to 4096 [ 139.137948][ T6817] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 139.181738][ T5769] syz-executor: attempt to access beyond end of device [ 139.181738][ T5769] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 139.195102][ T6815] capability: warning: `syz.3.336' uses deprecated v2 capabilities in a way that may be insecure [ 139.208812][ T5769] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 139.221831][ T5769] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 139.349281][ T5772] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 139.366202][ T5772] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 139.407248][ T5772] Remounting filesystem read-only [ 139.426127][ T5772] NILFS (loop3): error -5 truncating bmap (ino=12) [ 139.456127][ T5772] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 139.473728][ T6807] loop1: detected capacity change from 0 to 32768 [ 139.476312][ T5772] NILFS (loop3): discard dirty page: offset=0, ino=2 [ 139.507000][ T5772] NILFS (loop3): discard dirty block: blocknr=14, size=4096 [ 139.537104][ T5772] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 139.543892][ T5772] NILFS (loop3): discard dirty block: blocknr=23, size=4096 [ 139.563466][ T6807] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 139.579056][ T6807] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 139.589631][ T5772] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 139.598106][ T5772] NILFS (loop3): discard dirty block: blocknr=24, size=4096 [ 139.605465][ T5772] NILFS (loop3): discard dirty page: offset=8192, ino=6 [ 139.614199][ T5772] NILFS (loop3): discard dirty block: blocknr=25, size=4096 [ 139.712676][ T6807] XFS (loop1): Ending clean mount [ 139.729765][ T6807] XFS (loop1): Quotacheck needed: Please wait. [ 139.802842][ T6807] XFS (loop1): Quotacheck: Done. [ 140.092846][ T5770] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 140.141076][ T6843] loop2: detected capacity change from 0 to 128 [ 140.178205][ T6843] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 140.574520][ T6854] warning: `syz.3.351' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 141.063663][ T6873] loop0: detected capacity change from 0 to 1024 [ 141.096887][ T6873] EXT4-fs: Ignoring removed mblk_io_submit option [ 141.113693][ T6873] EXT4-fs: Ignoring removed bh option [ 141.169744][ T6873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.394154][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.418702][ T6864] loop1: detected capacity change from 0 to 32768 [ 141.438485][ T6864] XFS: attr2 mount option is deprecated. [ 141.478955][ T6864] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 141.516115][ T6864] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 141.531219][ T6874] loop2: detected capacity change from 0 to 32768 [ 141.542465][ T6874] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.358 (6874) [ 141.560897][ T6874] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 141.592479][ T6866] loop3: detected capacity change from 0 to 32768 [ 141.610602][ T6866] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 141.612575][ T6874] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 141.630181][ T6866] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 141.633602][ T6874] BTRFS info (device loop2): force clearing of disk cache [ 141.652916][ T6874] BTRFS info (device loop2): enabling auto defrag [ 141.663878][ T6874] BTRFS info (device loop2): max_inline at 0 [ 141.682099][ T6874] BTRFS info (device loop2): enabling disk space caching [ 141.692674][ T6874] BTRFS info (device loop2): disk space caching is enabled [ 141.706993][ T6864] XFS (loop1): Ending clean mount [ 141.748713][ T6864] XFS (loop1): Quotacheck needed: Please wait. [ 141.824145][ T6874] BTRFS info (device loop2): enabling ssd optimizations [ 141.833143][ T6864] XFS (loop1): Quotacheck: Done. [ 141.834692][ T6874] BTRFS info (device loop2): rebuilding free space tree [ 141.883009][ T6874] BTRFS info (device loop2): disabling free space tree [ 141.899916][ T6874] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 141.914600][ T6874] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 141.933747][ T6866] XFS (loop3): Ending clean mount [ 141.947866][ T6866] XFS (loop3): Quotacheck needed: Please wait. [ 141.957473][ T28] audit: type=1804 audit(1750259250.845:43): pid=6864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.355" name="/newroot/91/file0/file1" dev="loop1" ino=4422 res=1 errno=0 [ 142.049418][ T6866] XFS (loop3): Quotacheck: Done. [ 142.149649][ T5770] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 142.175622][ T5771] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.295147][ T5772] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 142.812714][ T6929] loop2: detected capacity change from 0 to 128 [ 142.821309][ T6929] EXT4-fs: Ignoring removed nobh option [ 142.842195][ T6929] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 142.863665][ T6929] ext4 filesystem being mounted at /92/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 142.869190][ T6932] loop0: detected capacity change from 0 to 256 [ 142.903363][ T6932] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x18b10316, utbl_chksum : 0xe619d30d) [ 142.918746][ T6932] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 142.967905][ T28] audit: type=1800 audit(1750259251.865:44): pid=6932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.368" name="file1" dev="loop0" ino=1048606 res=0 errno=0 [ 143.040125][ T5771] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 143.046507][ T6932] syz.0.368: attempt to access beyond end of device [ 143.046507][ T6932] loop0: rw=0, sector=184, nr_sectors = 6247 limit=256 [ 143.084119][ T6932] syz.0.368: attempt to access beyond end of device [ 143.084119][ T6932] loop0: rw=0, sector=6431, nr_sectors = 3360 limit=256 [ 143.231318][ T6932] syz.0.368: attempt to access beyond end of device [ 143.231318][ T6932] loop0: rw=0, sector=9791, nr_sectors = 13272 limit=256 [ 143.338701][ T6932] syz.0.368: attempt to access beyond end of device [ 143.338701][ T6932] loop0: rw=0, sector=23063, nr_sectors = 9880 limit=256 [ 143.547866][ T6943] 8021q: adding VLAN 0 to HW filter on device bond2 [ 143.578741][ T6943] bridge0: port 3(bond2) entered blocking state [ 143.616090][ T6943] bridge0: port 3(bond2) entered disabled state [ 143.622762][ T6943] bond2: entered allmulticast mode [ 143.632791][ T6943] bond2: entered promiscuous mode [ 143.639416][ T6943] bridge0: port 3(bond2) entered blocking state [ 143.646346][ T6943] bridge0: port 3(bond2) entered forwarding state [ 143.776171][ T11] bridge0: port 3(bond2) entered disabled state [ 143.904954][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.3.365'. [ 144.073232][ T6957] Bluetooth: MGMT ver 1.22 [ 144.299546][ T6965] input: syz1 as /devices/virtual/input/input8 [ 144.619443][ T6963] loop2: detected capacity change from 0 to 32768 [ 144.696936][ T28] audit: type=1326 audit(1750259253.595:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 144.750839][ T28] audit: type=1326 audit(1750259253.595:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 144.836841][ T28] audit: type=1326 audit(1750259253.625:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 144.909987][ T28] audit: type=1326 audit(1750259253.625:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 144.955835][ T28] audit: type=1326 audit(1750259253.625:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 144.995040][ T6976] tls_set_device_offload: netdev not found [ 145.024466][ T28] audit: type=1326 audit(1750259253.625:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 145.067446][ T28] audit: type=1326 audit(1750259253.685:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 145.153870][ T28] audit: type=1326 audit(1750259253.685:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6970 comm="syz.0.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22a598e929 code=0x7ffc0000 [ 145.395873][ T5817] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 145.576129][ T5817] usb 3-1: Using ep0 maxpacket: 8 [ 145.583596][ T6992] loop3: detected capacity change from 0 to 512 [ 145.598039][ T5817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.615554][ T5817] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 145.632002][ T5817] usb 3-1: New USB device found, idVendor=056a, idProduct=0001, bcdDevice= 0.00 [ 145.645516][ T6978] loop1: detected capacity change from 0 to 32768 [ 145.647399][ T6992] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.670455][ T6978] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.388 (6978) [ 145.674761][ T5817] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.701143][ T6978] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 145.713912][ T6992] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 145.731008][ T6978] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 145.745996][ T6978] BTRFS info (device loop1): force clearing of disk cache [ 145.756685][ T5817] usb 3-1: config 0 descriptor?? [ 145.761900][ T6978] BTRFS info (device loop1): enabling auto defrag [ 145.769321][ T6978] BTRFS info (device loop1): max_inline at 0 [ 145.775368][ T6978] BTRFS info (device loop1): enabling disk space caching [ 145.797698][ T6978] BTRFS info (device loop1): disk space caching is enabled [ 145.891187][ T6978] BTRFS info (device loop1): enabling ssd optimizations [ 145.917423][ T6978] BTRFS info (device loop1): rebuilding free space tree [ 145.980691][ T6978] BTRFS info (device loop1): disabling free space tree [ 145.983100][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.998490][ T6978] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 146.008850][ T6978] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 146.230938][ T5817] wacom 0003:056A:0001.0002: Unknown device_type for 'HID 056a:0001'. Ignoring. [ 146.286406][ T5770] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 146.528442][ T787] usb 3-1: USB disconnect, device number 4 [ 146.858558][ T7012] loop3: detected capacity change from 0 to 32768 [ 146.867400][ T7012] XFS: attr2 mount option is deprecated. [ 146.882855][ T7012] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 146.893542][ T7012] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 146.942104][ T7012] XFS (loop3): Ending clean mount [ 146.957078][ T7012] XFS (loop3): Quotacheck needed: Please wait. [ 147.005572][ T7012] XFS (loop3): Quotacheck: Done. [ 147.091774][ T28] audit: type=1804 audit(1750259255.985:53): pid=7012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.395" name="/newroot/94/file0/file1" dev="loop3" ino=4422 res=1 errno=0 [ 147.210369][ T5772] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 148.768019][ T7055] 8021q: adding VLAN 0 to HW filter on device bond1 [ 148.794855][ T7055] bridge0: port 3(bond1) entered blocking state [ 148.821536][ T7055] bridge0: port 3(bond1) entered disabled state [ 148.846182][ T27] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 148.856215][ T7055] bond1: entered allmulticast mode [ 148.875351][ T7055] bond1: entered promiscuous mode [ 148.906540][ T7055] bridge0: port 3(bond1) entered blocking state [ 148.914025][ T7055] bridge0: port 3(bond1) entered forwarding state [ 149.000400][ T144] bridge0: port 3(bond1) entered disabled state [ 149.061810][ T27] usb 4-1: Using ep0 maxpacket: 32 [ 149.090021][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 149.109123][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 149.120830][ T27] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 149.143256][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.182107][ T27] usb 4-1: config 0 descriptor?? [ 149.193955][ T27] hub 4-1:0.0: USB hub found [ 149.301560][ T7071] loop1: detected capacity change from 0 to 128 [ 149.310317][ T7071] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 149.406066][ T27] hub 4-1:0.0: 1 port detected [ 150.063806][ T787] hub 4-1:0.0: activate --> -90 [ 150.275421][ T27] usb 4-1: USB disconnect, device number 6 [ 150.281703][ T787] hub 4-1:0.0: hub_ext_port_status failed (err = -71) [ 151.515068][ T7096] loop3: detected capacity change from 0 to 32768 [ 151.550500][ T7096] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.425 (7096) [ 151.590457][ T7096] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 151.603264][ T7096] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 151.614517][ T7096] BTRFS info (device loop3): force clearing of disk cache [ 151.626509][ T7096] BTRFS info (device loop3): enabling auto defrag [ 151.633198][ T7096] BTRFS info (device loop3): max_inline at 0 [ 151.643194][ T7096] BTRFS info (device loop3): enabling disk space caching [ 151.657559][ T7096] BTRFS info (device loop3): disk space caching is enabled [ 151.659908][ T7091] loop0: detected capacity change from 0 to 32768 [ 151.704512][ T7091] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 151.714071][ T7096] BTRFS info (device loop3): enabling ssd optimizations [ 151.723822][ T7096] BTRFS info (device loop3): rebuilding free space tree [ 151.755395][ T7096] BTRFS info (device loop3): disabling free space tree [ 151.763925][ T7096] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 151.774446][ T7096] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 151.812686][ T7091] XFS (loop0): Ending clean mount [ 151.936438][ T5769] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 151.951577][ T5772] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 152.646030][ T7147] netlink: 'syz.2.441': attribute type 1 has an invalid length. [ 152.680050][ T787] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 152.691644][ T7147] 8021q: adding VLAN 0 to HW filter on device bond3 [ 152.740282][ T7151] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 152.892456][ T787] usb 1-1: Using ep0 maxpacket: 32 [ 152.912999][ T787] usb 1-1: config index 0 descriptor too short (expected 164, got 36) [ 152.945843][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.966854][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.977964][ T787] usb 1-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 152.987314][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.003058][ T787] usb 1-1: config 0 descriptor?? [ 153.474238][ T787] logitech 0003:046D:C29C.0003: unknown main item tag 0xe [ 153.503349][ T787] logitech 0003:046D:C29C.0003: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.0-1/input0 [ 154.001088][ T7156] loop2: detected capacity change from 0 to 40427 [ 154.025021][ T7156] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff [ 154.044338][ T7156] F2FS-fs (loop2): Image doesn't support compression [ 154.074211][ T7156] F2FS-fs (loop2): Image doesn't support compression [ 154.094560][ T7156] F2FS-fs (loop2): invalid crc value [ 154.094749][ T787] logitech 0003:046D:C29C.0003: no inputs found [ 154.144167][ T7156] F2FS-fs (loop2): Found nat_bits in checkpoint [ 154.186074][ T787] usb 1-1: USB disconnect, device number 4 [ 154.288975][ T7156] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 154.454082][ T7155] syz.2.445: attempt to access beyond end of device [ 154.454082][ T7155] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 154.515579][ T7156] syz.2.445: attempt to access beyond end of device [ 154.515579][ T7156] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 154.649722][ T5771] syz-executor: attempt to access beyond end of device [ 154.649722][ T5771] loop2: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 154.687145][ T5771] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 154.896833][ T7169] netlink: 28 bytes leftover after parsing attributes in process `syz.1.449'. [ 155.138040][ T7171] loop1: detected capacity change from 0 to 16 [ 155.184506][ T7171] erofs: (device loop1): mounted with root inode @ nid 36. [ 155.797384][ T7186] netlink: 'syz.3.454': attribute type 12 has an invalid length. [ 155.802716][ T7185] loop1: detected capacity change from 0 to 512 [ 155.838004][ T7185] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 155.858016][ T7185] EXT4-fs warning (device loop1): ext4_multi_mount_protect:318: fsck is running on the filesystem [ 155.876006][ T7185] EXT4-fs warning (device loop1): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4 [ 155.948673][ T7191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.458'. [ 156.031497][ T28] audit: type=1326 audit(1750259264.925:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.106140][ T28] audit: type=1326 audit(1750259264.925:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.143400][ T28] audit: type=1326 audit(1750259264.955:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.167809][ T28] audit: type=1326 audit(1750259264.955:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.192136][ T28] audit: type=1326 audit(1750259264.955:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.283668][ T28] audit: type=1326 audit(1750259264.955:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.356508][ T28] audit: type=1326 audit(1750259264.965:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.399455][ T28] audit: type=1326 audit(1750259264.965:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.434644][ T28] audit: type=1326 audit(1750259264.965:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f136818e929 code=0x7ffc0000 [ 156.487438][ T28] audit: type=1326 audit(1750259264.965:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.2.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f136818d290 code=0x7ffc0000 [ 156.631943][ T7214] veth1_to_bond: entered allmulticast mode [ 156.652236][ T7214] veth1_to_bond: entered promiscuous mode [ 156.661007][ T7214] veth1_to_bond: left promiscuous mode [ 156.667220][ T7214] veth1_to_bond: left allmulticast mode [ 156.945239][ T7221] loop3: detected capacity change from 0 to 2048 [ 156.964026][ T7221] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 156.973391][ T7221] UDF-fs: Scanning with blocksize 512 failed [ 156.989879][ T7221] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 157.193553][ T7223] loop0: detected capacity change from 0 to 32768 [ 157.224573][ T7223] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.471 (7223) [ 157.246217][ T7223] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 157.257514][ T7223] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 157.268812][ T7223] BTRFS info (device loop0): disabling free space tree [ 157.275836][ T7223] BTRFS info (device loop0): turning on async discard [ 157.282649][ T7223] BTRFS info (device loop0): force clearing of disk cache [ 157.289866][ T7223] BTRFS info (device loop0): doing ref verification [ 157.296613][ T7223] BTRFS info (device loop0): enabling ssd optimizations [ 157.303594][ T7223] BTRFS info (device loop0): using spread ssd allocation scheme [ 157.311403][ T7223] BTRFS info (device loop0): setting nodatacow, compression disabled [ 157.319642][ T7223] workqueue: max_active 16777219 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 157.340061][ T7223] workqueue: max_active 16777219 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 157.378039][ T7223] workqueue: max_active 16777219 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 157.407908][ T7223] workqueue: max_active 16777219 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 157.431010][ T7223] workqueue: max_active 16777219 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 157.443663][ T7223] workqueue: max_active 16777219 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 157.460181][ T7223] workqueue: max_active 16777219 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 157.509699][ T7244] loop1: detected capacity change from 0 to 256 [ 157.542578][ T7223] BTRFS info (device loop0): rebuilding free space tree [ 157.587639][ T7223] BTRFS info (device loop0): disabling free space tree [ 157.594650][ T7223] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 157.604446][ T7223] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 157.834867][ T7223] workqueue: max_active 16777219 requested for btrfs-scrub is out of range, clamping between 1 and 512 [ 157.846786][ T7223] BTRFS info (device loop0): scrub: started on devid 1 [ 157.866409][ T7223] BTRFS info (device loop0): scrub: finished on devid 1 with status: 0 [ 158.106001][ T5769] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 158.286587][ T787] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 158.469246][ T7254] loop3: detected capacity change from 0 to 32768 [ 158.495964][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 158.505279][ T787] usb 3-1: config 0 has no interfaces? [ 158.513245][ T787] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 158.532015][ T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 158.562287][ T787] usb 3-1: SerialNumber: syz [ 158.652431][ T787] usb 3-1: config 0 descriptor?? [ 158.778598][ T7254] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 159.940828][ T7254] [ 159.943249][ T7254] ====================================================== [ 159.950388][ T7254] WARNING: possible circular locking dependency detected [ 159.957449][ T7254] 6.6.93-syzkaller #0 Not tainted [ 159.962492][ T7254] ------------------------------------------------------ [ 159.969523][ T7254] syz.3.479/7254 is trying to acquire lock: [ 159.975428][ T7254] ffff88805dd222e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 159.987155][ T7254] [ 159.987155][ T7254] but task is already holding lock: [ 159.994539][ T7254] ffff88805dd22378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320 [ 160.005281][ T7254] [ 160.005281][ T7254] which lock already depends on the new lock. [ 160.005281][ T7254] [ 160.015704][ T7254] [ 160.015704][ T7254] the existing dependency chain (in reverse order) is: [ 160.024755][ T7254] [ 160.024755][ T7254] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 160.032611][ T7254] down_read+0x46/0x2e0 [ 160.037366][ T7254] ocfs2_init_acl+0x2fa/0x720 [ 160.042587][ T7254] ocfs2_mknod+0x12e5/0x20f0 [ 160.047715][ T7254] ocfs2_create+0x196/0x410 [ 160.052758][ T7254] path_openat+0x1277/0x3190 [ 160.057997][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.063033][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.068270][ T7254] __x64_sys_openat+0x139/0x160 [ 160.073662][ T7254] do_syscall_64+0x55/0xb0 [ 160.078621][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.085065][ T7254] [ 160.085065][ T7254] -> #3 (jbd2_handle){++++}-{0:0}: [ 160.092387][ T7254] start_this_handle+0x1e9d/0x20c0 [ 160.098134][ T7254] jbd2__journal_start+0x2bb/0x5b0 [ 160.103800][ T7254] jbd2_journal_start+0x2a/0x40 [ 160.109190][ T7254] ocfs2_start_trans+0x376/0x6c0 [ 160.114662][ T7254] ocfs2_mknod+0xe47/0x20f0 [ 160.119729][ T7254] ocfs2_create+0x196/0x410 [ 160.124807][ T7254] path_openat+0x1277/0x3190 [ 160.129933][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.134982][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.140200][ T7254] __x64_sys_open+0x11f/0x140 [ 160.145414][ T7254] do_syscall_64+0x55/0xb0 [ 160.150387][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.156825][ T7254] [ 160.156825][ T7254] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 160.165356][ T7254] down_read+0x46/0x2e0 [ 160.170062][ T7254] ocfs2_start_trans+0x36a/0x6c0 [ 160.175549][ T7254] ocfs2_mknod+0xe47/0x20f0 [ 160.180594][ T7254] ocfs2_create+0x196/0x410 [ 160.185634][ T7254] path_openat+0x1277/0x3190 [ 160.190758][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.195798][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.201044][ T7254] __x64_sys_open+0x11f/0x140 [ 160.206278][ T7254] do_syscall_64+0x55/0xb0 [ 160.211247][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.217705][ T7254] [ 160.217705][ T7254] -> #1 (sb_internal#4){.+.+}-{0:0}: [ 160.225241][ T7254] ocfs2_start_trans+0x26b/0x6c0 [ 160.230733][ T7254] ocfs2_truncate_file+0x611/0x13a0 [ 160.236582][ T7254] ocfs2_setattr+0x150d/0x1b20 [ 160.241904][ T7254] notify_change+0xb0d/0xe10 [ 160.247038][ T7254] do_truncate+0x19b/0x220 [ 160.251998][ T7254] path_openat+0x298c/0x3190 [ 160.257122][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.262162][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.267378][ T7254] __x64_sys_openat+0x139/0x160 [ 160.272769][ T7254] do_syscall_64+0x55/0xb0 [ 160.277733][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.284175][ T7254] [ 160.284175][ T7254] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}: [ 160.292968][ T7254] __lock_acquire+0x2ddb/0x7c80 [ 160.298360][ T7254] lock_acquire+0x197/0x410 [ 160.303394][ T7254] down_write+0x97/0x1f0 [ 160.308180][ T7254] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 160.314695][ T7254] ocfs2_truncate_file+0xd84/0x13a0 [ 160.320438][ T7254] ocfs2_setattr+0x150d/0x1b20 [ 160.325747][ T7254] notify_change+0xb0d/0xe10 [ 160.330890][ T7254] do_truncate+0x19b/0x220 [ 160.335930][ T7254] path_openat+0x298c/0x3190 [ 160.341097][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.346133][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.351365][ T7254] __x64_sys_openat+0x139/0x160 [ 160.356756][ T7254] do_syscall_64+0x55/0xb0 [ 160.361730][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.368165][ T7254] [ 160.368165][ T7254] other info that might help us debug this: [ 160.368165][ T7254] [ 160.378406][ T7254] Chain exists of: [ 160.378406][ T7254] &ocfs2_file_ip_alloc_sem_key --> jbd2_handle --> &oi->ip_xattr_sem [ 160.378406][ T7254] [ 160.392612][ T7254] Possible unsafe locking scenario: [ 160.392612][ T7254] [ 160.400072][ T7254] CPU0 CPU1 [ 160.405463][ T7254] ---- ---- [ 160.410835][ T7254] lock(&oi->ip_xattr_sem); [ 160.415442][ T7254] lock(jbd2_handle); [ 160.422050][ T7254] lock(&oi->ip_xattr_sem); [ 160.429183][ T7254] lock(&ocfs2_file_ip_alloc_sem_key); [ 160.434745][ T7254] [ 160.434745][ T7254] *** DEADLOCK *** [ 160.434745][ T7254] [ 160.442906][ T7254] 3 locks held by syz.3.479/7254: [ 160.447947][ T7254] #0: ffff888023448418 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 160.457211][ T7254] #1: ffff88805dd22658 (&sb->s_type->i_mutex_key#31){+.+.}-{3:3}, at: do_truncate+0x187/0x220 [ 160.467603][ T7254] #2: ffff88805dd22378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320 [ 160.478692][ T7254] [ 160.478692][ T7254] stack backtrace: [ 160.484604][ T7254] CPU: 0 PID: 7254 Comm: syz.3.479 Not tainted 6.6.93-syzkaller #0 [ 160.492506][ T7254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 160.502583][ T7254] Call Trace: [ 160.505874][ T7254] [ 160.508826][ T7254] dump_stack_lvl+0x16c/0x230 [ 160.513535][ T7254] ? load_image+0x3b0/0x3b0 [ 160.518054][ T7254] ? show_regs_print_info+0x20/0x20 [ 160.523285][ T7254] ? print_circular_bug+0x12b/0x1a0 [ 160.528513][ T7254] check_noncircular+0x2bd/0x3c0 [ 160.533476][ T7254] ? print_deadlock_bug+0x5d0/0x5d0 [ 160.538735][ T7254] ? lockdep_lock+0xe0/0x220 [ 160.543346][ T7254] ? lockdep_unlock+0x137/0x2d0 [ 160.548214][ T7254] ? _find_first_zero_bit+0xd3/0x100 [ 160.553516][ T7254] __lock_acquire+0x2ddb/0x7c80 [ 160.558401][ T7254] ? verify_lock_unused+0x140/0x140 [ 160.563979][ T7254] lock_acquire+0x197/0x410 [ 160.568504][ T7254] ? ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 160.574714][ T7254] ? __might_sleep+0xe0/0xe0 [ 160.579336][ T7254] ? read_lock_is_recursive+0x20/0x20 [ 160.584740][ T7254] down_write+0x97/0x1f0 [ 160.589008][ T7254] ? ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 160.595186][ T7254] ? down_read_killable+0x340/0x340 [ 160.600409][ T7254] ? ocfs2_truncate_file+0xcaa/0x13a0 [ 160.605807][ T7254] ? __lock_acquire+0x7c80/0x7c80 [ 160.610877][ T7254] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 160.616880][ T7254] ? ocfs2_remove_refcount_tree+0xd50/0xd50 [ 160.622793][ T7254] ? up_write+0x1c3/0x410 [ 160.627148][ T7254] ocfs2_truncate_file+0xd84/0x13a0 [ 160.632368][ T7254] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 160.638115][ T7254] ? ocfs2_simple_size_update+0x470/0x470 [ 160.643859][ T7254] ? do_raw_spin_unlock+0x121/0x230 [ 160.649081][ T7254] ? _raw_spin_unlock+0x28/0x40 [ 160.653970][ T7254] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 160.659714][ T7254] ? ocfs2_inode_lock_atime+0x4e0/0x4e0 [ 160.665276][ T7254] ? ocfs2_rw_lock+0x138/0x240 [ 160.670755][ T7254] ? dquot_initialize+0x20/0x20 [ 160.675634][ T7254] ? ocfs2_create_new_inode_locks+0x640/0x640 [ 160.681717][ T7254] ? setattr_prepare+0x1e6/0xac0 [ 160.686677][ T7254] ? inode_newsize_ok+0x116/0x1b0 [ 160.691724][ T7254] ocfs2_setattr+0x150d/0x1b20 [ 160.696520][ T7254] ? ocfs2_extend_allocation+0x1760/0x1760 [ 160.702360][ T7254] ? ktime_get_coarse_real_ts64+0x3a/0x120 [ 160.708193][ T7254] ? seqcount_lockdep_reader_access+0x176/0x1c0 [ 160.714456][ T7254] ? ktime_get_coarse_real_ts64+0x110/0x120 [ 160.720369][ T7254] ? current_time+0x18e/0x270 [ 160.725415][ T7254] ? inode_set_ctime_current+0x2d0/0x2d0 [ 160.731335][ T7254] ? evm_inode_setattr+0x94/0x6a0 [ 160.736382][ T7254] ? bpf_lsm_inode_setattr+0x9/0x10 [ 160.741600][ T7254] ? try_break_deleg+0x79/0x120 [ 160.746469][ T7254] ? ocfs2_extend_allocation+0x1760/0x1760 [ 160.752308][ T7254] notify_change+0xb0d/0xe10 [ 160.756935][ T7254] do_truncate+0x19b/0x220 [ 160.761375][ T7254] ? put_page_bootmem+0x2c0/0x2c0 [ 160.766415][ T7254] ? apparmor_file_truncate+0x23f/0x2d0 [ 160.771981][ T7254] ? ima_bprm_check+0x1f0/0x1f0 [ 160.776863][ T7254] path_openat+0x298c/0x3190 [ 160.781486][ T7254] ? do_filp_open+0x3d0/0x3d0 [ 160.786191][ T7254] do_filp_open+0x1c5/0x3d0 [ 160.790713][ T7254] ? vfs_tmpfile+0x490/0x490 [ 160.795326][ T7254] ? _raw_spin_unlock+0x28/0x40 [ 160.800206][ T7254] ? alloc_fd+0x58f/0x630 [ 160.804566][ T7254] do_sys_openat2+0x12c/0x1c0 [ 160.809268][ T7254] ? do_sys_open+0xe0/0xe0 [ 160.813708][ T7254] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 160.819716][ T7254] ? lock_chain_count+0x20/0x20 [ 160.824585][ T7254] __x64_sys_openat+0x139/0x160 [ 160.829460][ T7254] do_syscall_64+0x55/0xb0 [ 160.833902][ T7254] ? clear_bhb_loop+0x40/0x90 [ 160.838603][ T7254] ? clear_bhb_loop+0x40/0x90 [ 160.843381][ T7254] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.849384][ T7254] RIP: 0033:0x7fe5e638e929 [ 160.853824][ T7254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.873458][ T7254] RSP: 002b:00007fe5e7134038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 160.881882][ T7254] RAX: ffffffffffffffda RBX: 00007fe5e65b5fa0 RCX: 00007fe5e638e929 [ 160.889965][ T7254] RDX: 000000000000275a RSI: 0000200000000140 RDI: ffffffffffffff9c [ 160.897948][ T7254] RBP: 00007fe5e6410b39 R08: 0000000000000000 R09: 0000000000000000 [ 160.905933][ T7254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.913916][ T7254] R13: 0000000000000000 R14: 00007fe5e65b5fa0 R15: 00007ffef65b6d28 [ 160.921907][ T7254] [ 160.987528][ T7275] loop0: detected capacity change from 0 to 736 [ 161.003004][ T1083] tipc: Subscription rejected, illegal request [ 161.025880][ T787] usb 3-1: can't set config #0, error -71 [ 161.052643][ T787] usb 3-1: USB disconnect, device number 5 [ 161.060974][ T5772] ocfs2: Unmounting device (7,3) on (node local) [ 161.115479][ T7275] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.