last executing test programs: 5.74400539s ago: executing program 4 (id=1190): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x10008c0, &(0x7f0000000080)=ANY=[@ANYBLOB="00b6c0932b2b78099d477dd049049de5974e717ad42e3ec27c7612f8edb0"], 0x16, 0x2c6, &(0x7f0000000540)="$eJzs3c1u00wUxvFnnLRN31Z9XVqExLJQCTYIygaxCUK5CFYIaIJUERUVivhYFcQKIdiz5xa4CDYgbgBWrLiAsjKa8SSOEydOQ1y35f+TWjmxj+dM/TFzokYWgH/Wzcb3j1d/2h8jVVSR3lyXAkk1qSrptM7Unmzvbu22W81RO6q4CPtjFEeagW02t1tZoTbORXihfVXVYu97KEYURTd+lJ0ESueu/gyBNOevTre+duiZjfZywri9Kedx3Jh97euZlsrOAwBQLj/+B36cX/Tz9yCQ1v2wfyTH/0ntl51A4aKRa3vGf1dlRcYe3//dqqTecyWcXR90qsRxWp7pez2r+MxKTTBNXlXpcgnm72+1W5c2H7abgV6p7vVstup+N+NTtyMn27WM2nR+eH/G6LvJnlEuuD7M2D5sxPk/lZTKf2XCFidmPpuv5rYJ9UHN7vyvGhl7mNyRCvuOVJz/5eF7dL0M7Vbyt416vR6kNll2jZz1LXg5vaxlVyTqnFHLSn9AEObl6aJO9UXFvbuSE7WSGbXReTUkajUVZXvTPZuHt1c0887cMmv6pU9q9Mz/A5vfukZemclVY9bjocD9xeP+zGY3V3X7DAdGjsHLpftXnBuW+u/R9zQcwFvd0zUtPX7+4kGl3W49sgt3MxZ2FrvvzLyWMrcpeUF7yTtzipyBjTuDUjpcKjKxi1Pdob1/5G5sr7IjcVCO+EJVfxPe+NJ/Ip28hZLvTzgUyUEvOxOUxM67TFz/JfVKNZ7s2V9h5jx9zA8C/B4jO8fuVnBJbBTPyCX9d6AKbiGjgku32FNzDdSMruY6d0E6P36Loc/zhDANfdMdPv8HAAAAAAAAAAAAAAAAAAA4bor58sCO/zYl/1kOAAAAAAAAAAAAAAAAAAAAAMA0dJ//q87zfzXe83/7H8Uyzef/vt8Wz/8FivcnAAD//0kSeCw=") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') syz_mount_image$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x10000, 0x0, 0x3, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000200)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 5.62911719s ago: executing program 4 (id=1191): r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) write$binfmt_script(r0, &(0x7f0000000200), 0xd) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$int_in(r1, 0x0, 0x0) 5.571145063s ago: executing program 4 (id=1194): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "d2c4924dc64c3b6e6f00", 0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x4, r1, &(0x7f0000000040)) 5.499193624s ago: executing program 4 (id=1195): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000100)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x1, r1, 0x0, 0xfffffffffffffff4}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000001340)={0x48, 0x1, r1, 0x0, 0x4000400000000000}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000340)={0x28, 0x6, r1, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2b8000000000000}) 5.445250274s ago: executing program 4 (id=1197): sched_setscheduler(0x0, 0x1, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000000, &(0x7f0000000a80)={[{@noinit_itable}, {@grpquota}, {@resgid}, {@oldalloc}, {@lazytime}, {@jqfmt_vfsv1}]}, 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.dequeue\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, 0x0) 5.248515189s ago: executing program 2 (id=1200): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00') preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000080)=""/148, 0x94}], 0x1, 0x6, 0x0) 5.19445428s ago: executing program 4 (id=1201): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f00000004c0)={[{}, {@codepage={'codepage', 0x3d, 'iso8859-13'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==") r0 = open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0) r1 = open(&(0x7f0000001780)='./bus\x00', 0x46342, 0x0) ftruncate(r1, 0x2088002) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8088e3ad122bc192, 0x4002011, r0, 0x0) 5.175261139s ago: executing program 2 (id=1202): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6161, 0x4d15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000d80)={0x24, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x807}}, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, &(0x7f0000000f40)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x414}}, 0x0, 0x0}, 0x0) 3.018095914s ago: executing program 2 (id=1225): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020) 2.940915638s ago: executing program 2 (id=1227): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x35, 0x19, 0x30, 0x40, 0x1645, 0x8, 0xcf36, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf4, 0xfa, 0xdc}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f00000003c0), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 1.140394257s ago: executing program 0 (id=1256): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") mkdirat(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x7a680000) 887.070683ms ago: executing program 2 (id=1258): r0 = socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) recvmsg(r0, &(0x7f0000003800)={0x0, 0x0, &(0x7f0000003740)=[{&(0x7f00000025c0)=""/60, 0x3c}], 0x1, 0x0, 0xfffffffffffffcdf}, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)="c4", 0x1}], 0x1}, 0x0) 884.66708ms ago: executing program 0 (id=1269): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='lastblock=00000000000004000226,adinicb,gid=forget,nostrict,unhide,nostrict,dmode=00000000000017777777777,uid=ignore,shortad,volume=00000000000000000006,\x00'], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000500)=""/139, 0x8b) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 784.923196ms ago: executing program 0 (id=1259): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x7d, &(0x7f00000000c0), 0x8) 744.807449ms ago: executing program 0 (id=1260): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000300), r1) sendmsg$NET_DM_CMD_START(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x1}, 0x14}}, 0x0) 638.317912ms ago: executing program 3 (id=1263): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) io_setup(0xa42, &(0x7f00000000c0)=0x0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) sendto$inet(r1, 0x0, 0x4d, 0x200047ee, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) 627.684043ms ago: executing program 0 (id=1264): sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)={0x14}, 0x14}}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0x100, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0x1, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0xb6}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x2, r0}, 0x38) 550.772341ms ago: executing program 3 (id=1265): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003000/0x4000)=nil}) 550.088795ms ago: executing program 0 (id=1276): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendto$inet(r0, &(0x7f00000000c0)='G', 0xfffffffffffffca0, 0x8001, 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) 499.438927ms ago: executing program 1 (id=1266): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/4\x00') read$char_usb(r2, &(0x7f0000000000)=""/178, 0xb2) 472.354886ms ago: executing program 1 (id=1267): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @crypto_settings=[@NL80211_ATTR_SOCKET_OWNER={0x4}]]}, 0x30}}, 0x0) 430.696483ms ago: executing program 3 (id=1268): r0 = socket$packet(0x11, 0x4000000000002, 0x300) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pselect6(0x40, &(0x7f0000000180)={0x3c, 0x6, 0x7, 0x0, 0x3, 0x0, 0xfffffffffffffffe, 0x810}, 0x0, 0x0, 0x0, 0x0) 423.99432ms ago: executing program 1 (id=1270): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 377.200495ms ago: executing program 1 (id=1271): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xbcb07b29f486204c, 0x10012, r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) 377.048146ms ago: executing program 3 (id=1272): syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=0x0, &(0x7f0000001340)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 330.439416ms ago: executing program 1 (id=1273): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00'}, 0x45c) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xe) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_DEV_CREATE(r0, 0x5501) 313.82772ms ago: executing program 3 (id=1274): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRESDEC], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5406, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x4ba, 0x1003, 0x0, 0x4}) 40.287219ms ago: executing program 3 (id=1275): syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000940)='./bus\x00', 0x8, &(0x7f00000004c0)={[{@autodefrag}, {@acl}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@ssd}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@ssd}, {@noenospc_debug}, {@barrier}, {@nodiscard}, {@acl}]}, 0x1, 0x55a4, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569H33HvrFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vujlRmD2XzllB11x7Q9AUd8+Mj5aGxsU+xmnbQ87xu0zkztibda16HsQMN2+V1+EDtpPrL3p548MqT/3j6vvPXTt3Wbj6Xs0lz0ztadZjZNqvzNddrnsdogs+TXvD2K9hLGmqnK4Rw/J8+X/bMnJd23/jBqydOvP2Fi6+etvCaKROfHfSLsf947S53T7u8YP7f8NHz//hyjrflebljqx/WJ3Pz+EhdTGysT+bmAAAA0Gv0hqOmXx396kunPnT3oheXH1fx3XG/Omm3+oqzv99x/K4rx3/x0ivbH9+lYP4/tLTz//GUf13uaFeHMKErccGAEHbrejwJ/Cx25+QBIezVlWrJDxyWCqwO4Qtdif2zVaVK9I0lhqYCv6/PBCakAmtioCUVuDEGlqQCF8bAilRgRgysTgUOj4HQnj+OA+oz4yg5UBMDrclGXBGvQninPraW2lbrslUBAABsJ5nZYWX+3ZxrHbY1Q5xerqjpKUO8ArtohupUDekZbHZaVbSGip5qKO+phuy4F3308AtqLuup5oLLMMryM3w45DvlAybu/aO7bhxxU/OLE7/77tjjv/LnN99dvf8//fd7zpl/3QEF8/+mj57/V3fTkbKC8/8hTO76G3OXZyId2XhrS14GAAAAYBtc9djSJ2844Kj/c9/L9935pWtvKF999df/7ysbL9h71HHDy/r+3bdXFMz/J5R2/X88JtInJ3N4NB6GmD0ghKb8QFLtwYWB5Kx3v0wAAAAAeoPs+fjsufD2zG1yiXZ6Pl2Yv2Ur88cT/xO6zX/5pr9+9svXPnniwmH7bLjiv535Qdnnx/5ul2PXjnz8rT2H/UND38Lr/1tKu/6/Nv826cSa2IsrB4TQNyfwSOxlZ6DL0Bh4+dD8QGb8a+IGWByrylyYkK1qcSzRGgNNqcCyYiV+my2xW34g82RlG78gO472TImcAAAAAHzi4uGAeF4+Xv9/z+QDvrT/oJfGvLjnvQtfm7D0hFNrf7jPLbu+PqBj0pgDJxxyxDMF8//Wrbv+v2seXHB5f0e/EEZWhNAn/cWAR2uThQFjoK4sk7i/NqmrT7qq82pDGN85sHRVr2TW/69IrzH4RE1SVQzstvdPNw3rTNxQE8LI3MAz37x+TGdifiqQbfwbNSEM6RxtuvGVfZPGK9ONX9M3hD1zAtmqTu4bQmdjVemqHqzO/I5BuqrbqkMYmBPIVnVgdQgLAwC9VPxXOjP3wXkLz549vaOj7YwdmIjH8GvCrPaOtsYZczpmVhfp08xUn/OWMTqvcEyl/vLN85kliqYOuX14Kens9wSbctvKHMcvuHAwcz/uC1V2jbO5Mu/u6PSQh+9T2ETI2ZMqNuTyHTzk2txKtjyJBfXH/FWhX+i7YF7bGY1nTZ8//4xRyd9Sszcnf+NppmRbjUpvq9ru+lbCy6PoalkpH3db7Zdbycj5p80dOW/h2SPaT5t+Stspbd9pHjuquXnMV8eOaR7ZOaqm5G8PQ92vu6pTQ918fYnj2o5D3b0ip5JP4lNDQkKityWmLyk7f8K0X9//rT3WnHbWSXv8/R4zR5z0V5f/Zu6JjYdM/tX1f7m2YP4/96Pn//FTJ37yZ9ZnKHb+vyGe5k8e33KavzUGlpV6/r+h2Nn87IUBQ1OBRTGwyGl+AAAAPhvi4ch4NDMelb6u7p/uPnLmjEPe/+UJU67+27HjTj1r/b4NF1997JL/sP6dJauOeLtg/r+otO//b6f1/7NL13+t2DL/+8cSTcXW/08v859d/39RsfX/08v8Z9f/X/YprP+/IBtIbZJ3rP8PAAB8Fnxy6//3uLx/+gcCCjL0uLx/+gcCCjL0uIx/qT8QsNXr/8/p+IvaQZfPGXfoiLk/fmTV3ksG3val5yf+ep+lB424d+Ut7426tWD+v6S0+b+F+wEAAGDn8dAv+3774neH3f/UI+8fWXbpbzfedPxftR1wyB8GNp8y+eia79/0bwXz/2Wlzf8/+fX/QrHr/4cWC7QUWxjQ+n8AAAD0UsXW/7t54MtDV88fceNjP3/zlpdafzFz/Gv/bskPvjJ9WNPNa9b9pmHG+oL5/4rS5v/xsovyvNyxNx/WJ2vahfSadhvrs18ZAAAAgN6hPDQ2VpaYN29l1MM+fpvrMkuBflQ619P3DVq1oPyhq8qqN/7gkmmHNJ577Jlzjrxo/fdrn/xJ7dTG6jMK5v+rS5v/530v44HaSfWXvT3x4A9XnvzH0/edv3bqlvP/AAAAwI5T6nEJAAAAAAAAAAAAAADg0/dU69KDPhh19Bsz9xr1p28c+8IPFn/xm4/8zbV/PvPnh9+3V/vmYVMKvv8fJneVK/b9//i7f/H7Bbvm5Y6t9rz+X+b+lGNuXdi1ZOGj9SHskxuYff7sz4XMb/PvlxtYNXX/wZ2J89Ml7nvx8Nc6E9PSgaNG7PJeZ2J8KtAaF0n8QjoQf1Xxvf6pQFxe8cl0IG6PFelAVSZwSf9kHGXpbbWhLtlWZelt9VxdCANyAtltdXdd0kZZeoBXpQLZAZ6eDsQBTsoEytO9urVf0qsYqItF/6Zf0isAAHZacS+wMsxq72hrirvw8Xb3ivzbKG/JsvMKqy0rsfnnM0uTTR1y+/BS0n3S+6Jbfmu8MlR3DmFUwe5qbpayrlFun1p62HS7FhlyT6u9lRcpl7a1m66q+IhqkhE1zpjTMbOyx4GP7jlLc0WPWUYVTHZys5R3bdISaimhLyWMqMRtU0KX4/3y0NjYJ5VrXAw2hDw9vSJK/b5+7jp/xV4FuXn+tubaS/sM7vP+v42/6KEHB1R2nDq57aLdH/vngaNm/viHD7Ze8/uC+X9DafP/6txxvZf5MYBF8Zf1Dh4QQmuJIwIAAIDPvv957vI7TpyzZsOs1RXP/u53s8uPO7Fy8zl3nXP2Rc/dv/ioS/79zdsaX1H21KYT39h01l+/8ZOvXPfwWS8dPuOsuyatO2R9W/WN3/2L5acOKZj/Dy1t/h+PYGVOBSdHO1bH3/+/YEAIXT+t35AEfhaHe/KAEPbqSrXEEskP6n8tlmhKAj+LB0z2jyVaW/Kr6hsDK1KB39dnAqtTgTUxkDlK8dOQOZRzRX0IY7pSk/NLzI0lGlKB42JgaCrQGANNqUD/GJiQCrzZPxNoSQX+MQZCe/62urN/ZlsBAABsjcw8qzL/bkjP81ZU9JShrKcMtT1lKO8pQ3VPGYqNIt6/I2aoTF28UpaTqTJda02qloIM8cfwt7pfBRnCb/NzpgsWNB2vP8heb1CWn2HcD+9oPehr83686eIfPX7kgRceueTKty89ut/gK5/93+3n9uu/qbZg/t9U2vy/Nv82aX1NnP9v+f2/JPBI7N6V8dLxoTHw8qH5gcyBgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4eIAgHqaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKIxzHq4tfj96gL4XM5BziyJdpqkxJVqYbDwzXJN9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35yjL9k2XqhO2qhJB4ZVJYHadGBORRKIR36ygXvKkwBss+xRwfiCylzqktXQfbkir7/Pym+CpodXcAy0m3zdfedqR6lOP5A5ppq1dU9bQXXsEAVvj9Xebb3x3dbg3Za7I5XZQ9m8JVQdyme2zZq+oGN+fCT3m6wFdtDznPst1VLS2+F1uOjj97Zn1ekONKU+Ppq6L9f967AsVvdA7aT6y96eePDKk/94+r7z104tuRtFxC8KH3zr3AOey9m8O1p1yLzmet3nSYvPk974b2Copy2EsPyCWU8+8S/vP1+xvvm/HDh2+W1vPrb8Jwc9MGvEFzZc8uWNb717VMH8v6W0+X9F6rbLB3FjzhsQwvCcjfto3PwTBySfgzmB5FNyYGEgOeW+vr7oJycAAABsb9nDHdnjBe2Z2+SC8PQ8uTB/y1bmj8crJnSbv9R+DxzzD9879KrXv/H19btf/ujSp9b9pzdfOWLaoQ9senrFytebj/380wXz/9aPnv/3TXXT+X/n/9lBnP/v1s5+KLpv+oFF23QouqA6dgjn/7u1s7/bnP/vlvP/zv93x/n/Hjj/362d/Wkr2Euaa6crhNA64Ibbf1E7fXi/K8751oy1P3/6naZxL9Sde/Sd/+PwxeGa81b9uWD+P7e0+b/1/7pftC+7/l9rsfX/5hZb/2+R9f8AAIAdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fVq//V3vS2Se9Uv/WXtdMvP0/3zn9wudPOvHZffs8f8LtJ9w08urhL315Q8H8f1Fp8//4cuiX23pvWf9v6OQiVS2JgbkWBgQAAGBnVOwAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ+uFQ8u/uLmxfscdNOzn7/p8H9dtmbW3r86YPPoMSc3Dl88sOzKv/uXtwYtWPhG26Qzr22ZvvyaDSuXhtDeVa4sKV720KDy8tF/OOau2654uGna4CnnVmfqrczcfjEvd2z1w/oQluU8UhcTG+s772wJTDnm1oUVnYlH60PYJzcw+/zZn+tM3Fgfwn65gVVT9x/cmTg/XeK+Fw9/rTMxLR04asQu73UmxmcCZenuXtc/6W5ZuruX9Q9hQE4g291v98+vKtvGf8wEytNt3FyXtBEDdbHoj+qSNmKgI5Zo7xvCyIoQ+qSr+nV1UlWfdFV/X51U1Sdd1X+tDmF8CKEiXdWLVUlVFemRr61KqoqB3fb+6aZhnYllVSGMzA08883rx3QmTk8Fso1/vSqEIZ0vmXTjd1QmjVemG7+qMoQ9QwhV6RL/WpGUqEqXeKUihIE5gWzjp1aEsDDwmRA/fGbmPjhv4dmzp3d0tJ2xAxNVmbZqwqz2jrbGGXM6Zlan+lRMWU5683kff+zPbzpnRuft1CG3Dy8lXZEpV9nV5ebKvLujd/bex37V5lay5fkoqD/mrwr9Qt8F89rOaDxr+vz5Z4xK/paavTn52ycTTbbVqN6yrfbLrWTk/NPmjpy38OwR7adNP6XtlLbvNI8d1dw85qtjxzSP7BxVU/J3ewz1+k9+qLtX5FTySXwASEhI9LZEed6nW9PO/kFesKO/paOVobrrA7pgWpGbpaxrlNtj0Id9zBF/nP2UHkc0qmDiUJCluecsowsmE1uy1CRZuvbrCiaHuTWVd23SeL88NDb2KbYdGvLv5m7et7Zh867LbLpS0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VuH0bMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcCgAA//9aTM01") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020660b, &(0x7f0000000280)={0xd, 0xffffffff000, 0x0, 0xa9}) 35.519866ms ago: executing program 1 (id=1286): r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n 1 [ 149.786701][ T3045] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.791595][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 149.810672][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 149.818140][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 149.825688][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 149.832934][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.887526][ T8678] netlink: 'syz.1.958': attribute type 11 has an invalid length. [ 149.900752][ T5281] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 149.915142][ T3045] bridge_slave_1: left allmulticast mode [ 149.921718][ T3045] bridge_slave_1: left promiscuous mode [ 149.927766][ T3045] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.937934][ T3045] bridge_slave_0: left allmulticast mode [ 149.943805][ T3045] bridge_slave_0: left promiscuous mode [ 149.949560][ T3045] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.997004][ T8680] loop1: detected capacity change from 0 to 1024 [ 150.081369][ T5281] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 150.090604][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.102202][ T5281] usb 4-1: config 0 descriptor?? [ 150.116012][ T5281] cp210x 4-1:0.0: cp210x converter detected [ 150.128212][ T3045] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 150.151725][ T3045] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 150.180461][ T3045] bond0 (unregistering): Released all slaves [ 150.511546][ T8704] loop1: detected capacity change from 0 to 512 [ 150.522733][ T8704] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 150.537454][ T5281] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 150.560615][ T8706] loop2: detected capacity change from 0 to 512 [ 150.576579][ T8704] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.976: corrupted in-inode xattr: e_name out of bounds [ 150.583983][ T8706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.603898][ T8706] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 150.615923][ T8704] EXT4-fs (loop1): 1 truncate cleaned up [ 150.643999][ T8704] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.677465][ T3045] hsr_slave_0: left promiscuous mode [ 150.690892][ T3045] hsr_slave_1: left promiscuous mode [ 150.699014][ T5246] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.716756][ T3045] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.725398][ T3045] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.726241][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.743399][ T3045] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.751301][ T3045] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.774684][ T5281] usb 4-1: cp210x converter now attached to ttyUSB0 [ 150.799817][ T3045] veth1_macvtap: left promiscuous mode [ 150.812984][ T3045] veth0_macvtap: left promiscuous mode [ 150.818785][ T3045] veth1_vlan: left promiscuous mode [ 150.827430][ T3045] veth0_vlan: left promiscuous mode [ 150.842890][ T8713] loop2: detected capacity change from 0 to 4096 [ 150.866444][ T8715] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 151.001582][ T46] usb 4-1: USB disconnect, device number 9 [ 151.027532][ T46] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 151.109527][ T3045] team0 (unregistering): Port device team_slave_1 removed [ 151.127705][ T3045] team0 (unregistering): Port device team_slave_0 removed [ 151.170752][ T8717] loop1: detected capacity change from 0 to 40427 [ 151.187165][ T8717] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x1fffff [ 151.196089][ T8717] F2FS-fs (loop1): Image doesn't support compression [ 151.196193][ T46] cp210x 4-1:0.0: device disconnected [ 151.203777][ T8717] F2FS-fs (loop1): Image doesn't support compression [ 151.217085][ T8717] F2FS-fs (loop1): invalid crc value [ 151.224134][ T8717] F2FS-fs (loop1): Found nat_bits in checkpoint [ 151.275170][ T8717] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 151.310182][ T29] audit: type=1800 audit(1862717100.138:33): pid=8717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.970" name="bus" dev="loop1" ino=14 res=0 errno=0 [ 151.333334][ T8717] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_convert_inline_inode+0x663/0x8c0 [ 151.391724][ T5240] syz-executor: attempt to access beyond end of device [ 151.391724][ T5240] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 151.417715][ T8675] chnl_net:caif_netlink_parms(): no params data found [ 151.437729][ T5240] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 151.461501][ T5240] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 151.517874][ T8675] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.525644][ T8675] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.532876][ T8675] bridge_slave_0: entered allmulticast mode [ 151.539601][ T8675] bridge_slave_0: entered promiscuous mode [ 151.587791][ T8675] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.597186][ T8675] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.607933][ T8675] bridge_slave_1: entered allmulticast mode [ 151.614735][ T8675] bridge_slave_1: entered promiscuous mode [ 151.662376][ T8675] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 151.713676][ T8675] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 151.823029][ T8675] team0: Port device team_slave_0 added [ 151.833281][ T8675] team0: Port device team_slave_1 added [ 151.851807][ T8746] loop1: detected capacity change from 0 to 128 [ 151.881165][ T5235] Bluetooth: hci1: command tx timeout [ 151.909025][ T8675] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 151.920194][ T8675] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.963276][ T8675] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 151.976122][ T8675] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 151.988108][ T8746] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 152.059345][ T8750] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 152.074068][ T8750] FAT-fs (loop1): Filesystem has been set read-only [ 152.081264][ T8750] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 152.091141][ T8730] loop2: detected capacity change from 0 to 40427 [ 152.107969][ T8675] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.137066][ T8675] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.154929][ T8730] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x1fffff [ 152.221296][ T8753] loop3: detected capacity change from 0 to 1024 [ 152.228461][ T8730] F2FS-fs (loop2): invalid crc value [ 152.232279][ T8753] hfsplus: request for non-existent node 3 in B*Tree [ 152.240622][ T8753] hfsplus: request for non-existent node 3 in B*Tree [ 152.275345][ T8730] F2FS-fs (loop2): Found nat_bits in checkpoint [ 152.328158][ T8675] hsr_slave_0: entered promiscuous mode [ 152.338828][ T8675] hsr_slave_1: entered promiscuous mode [ 152.345848][ T8730] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 152.353446][ T8675] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 152.353462][ T8675] Cannot create hsr debugfs directory [ 152.380936][ T46] kernel write not supported for file /uinput (pid: 46 comm: kworker/1:1) [ 152.404910][ T8730] F2FS-fs (loop2): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x65/0x1a0 [ 152.418964][ T8730] overlayfs: failed to create directory ./file0/index (errno: 12); mounting read-only [ 152.429792][ T8730] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 152.523776][ T5246] F2FS-fs (loop2): access invalid blkaddr:2816 [ 152.539624][ T5246] CPU: 1 UID: 0 PID: 5246 Comm: syz-executor Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 152.550068][ T5246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 152.560125][ T5246] Call Trace: [ 152.563398][ T5246] [ 152.566318][ T5246] dump_stack_lvl+0x241/0x360 [ 152.571018][ T5246] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.576208][ T5246] ? __pfx_f2fs_get_dnode_of_data+0x10/0x10 [ 152.582102][ T5246] ? stack_trace_save+0x118/0x1d0 [ 152.587123][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.591882][ T5246] __f2fs_is_valid_blkaddr+0xe16/0x1460 [ 152.597422][ T5246] f2fs_map_blocks+0xdd4/0x4f10 [ 152.602283][ T5246] ? page_ext_get+0x1d6/0x2a0 [ 152.606958][ T5246] ? __pfx_f2fs_map_blocks+0x10/0x10 [ 152.612239][ T5246] ? xa_load+0x2dd/0x350 [ 152.616475][ T5246] ? __pfx_xa_load+0x10/0x10 [ 152.621058][ T5246] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 152.626770][ T5246] ? folio_index+0xab/0x350 [ 152.631277][ T5246] f2fs_mpage_readpages+0xcae/0x2140 [ 152.636576][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.641347][ T5246] ? __pfx_f2fs_mpage_readpages+0x10/0x10 [ 152.647070][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.651833][ T5246] ? __pfx_lock_release+0x10/0x10 [ 152.656849][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.661620][ T5246] ? f2fs_readahead+0x184/0x340 [ 152.666483][ T5246] read_pages+0x17e/0x840 [ 152.670819][ T5246] ? percpu_ref_put+0x19/0x180 [ 152.675594][ T5246] ? __pfx_read_pages+0x10/0x10 [ 152.680470][ T5246] ? filemap_add_folio+0x26d/0x650 [ 152.685593][ T5246] ? __pfx_filemap_add_folio+0x10/0x10 [ 152.691068][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.695842][ T5246] page_cache_ra_unbounded+0x774/0x8a0 [ 152.701310][ T5246] f2fs_readdir+0x5b9/0xbf0 [ 152.705807][ T5246] ? __pfx___might_resched+0x10/0x10 [ 152.711097][ T5246] ? __pfx_f2fs_readdir+0x10/0x10 [ 152.716114][ T5246] ? trace_contention_end+0x3c/0x120 [ 152.721394][ T5246] ? iterate_dir+0x20c/0x800 [ 152.725976][ T5246] ? fdget_pos+0x24e/0x320 [ 152.730391][ T5246] ? end_current_label_crit_section+0x151/0x180 [ 152.736647][ T5246] ? common_file_perm+0x1a6/0x210 [ 152.741675][ T5246] iterate_dir+0x571/0x800 [ 152.746115][ T5246] __se_sys_getdents64+0x1d3/0x4a0 [ 152.751234][ T5246] ? __pfx___se_sys_getdents64+0x10/0x10 [ 152.756879][ T5246] ? __pfx_filldir64+0x10/0x10 [ 152.761638][ T5246] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 152.767965][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.772723][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.777487][ T5246] do_syscall_64+0xf3/0x230 [ 152.782001][ T5246] ? clear_bhb_loop+0x35/0x90 [ 152.786680][ T5246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.792570][ T5246] RIP: 0033:0x7f6b473b0193 [ 152.796975][ T5246] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 152.816572][ T5246] RSP: 002b:00007ffc0c941268 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 152.824993][ T5246] RAX: ffffffffffffffda RBX: 00005555653c6600 RCX: 00007f6b473b0193 [ 152.832968][ T5246] RDX: 0000000000008000 RSI: 00005555653c6600 RDI: 0000000000000005 [ 152.840933][ T5246] RBP: 00005555653c65d4 R08: 0000000000000000 R09: 0000000000000000 [ 152.848899][ T5246] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 152.856871][ T5246] R13: 0000000000000010 R14: 00005555653c65d0 R15: 00007ffc0c943510 [ 152.864851][ T5246] [ 152.875827][ T5246] F2FS-fs (loop2): access invalid blkaddr:2816 [ 152.882171][ T5246] CPU: 0 UID: 0 PID: 5246 Comm: syz-executor Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 152.892520][ T5246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 152.902579][ T5246] Call Trace: [ 152.905854][ T5246] [ 152.908778][ T5246] dump_stack_lvl+0x241/0x360 [ 152.913460][ T5246] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.918651][ T5246] ? __pfx_f2fs_get_dnode_of_data+0x10/0x10 [ 152.924555][ T5246] __f2fs_is_valid_blkaddr+0xe16/0x1460 [ 152.930111][ T5246] f2fs_map_blocks+0xdd4/0x4f10 [ 152.934983][ T5246] ? page_ext_get+0x1d6/0x2a0 [ 152.939668][ T5246] ? __pfx_f2fs_map_blocks+0x10/0x10 [ 152.944955][ T5246] ? xa_load+0x2dd/0x350 [ 152.949203][ T5246] ? __pfx_xa_load+0x10/0x10 [ 152.953797][ T5246] ? folio_index+0xab/0x350 [ 152.958295][ T5246] f2fs_mpage_readpages+0xcae/0x2140 [ 152.963587][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.968362][ T5246] ? __pfx_f2fs_mpage_readpages+0x10/0x10 [ 152.974097][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.978857][ T5246] ? __pfx_lock_release+0x10/0x10 [ 152.983869][ T5246] ? rcu_is_watching+0x15/0xb0 [ 152.988642][ T5246] ? f2fs_readahead+0x184/0x340 [ 152.993495][ T5246] read_pages+0x17e/0x840 [ 152.997822][ T5246] ? percpu_ref_put+0x19/0x180 [ 153.002594][ T5246] ? __pfx_read_pages+0x10/0x10 [ 153.007442][ T5246] ? filemap_add_folio+0x26d/0x650 [ 153.012553][ T5246] ? __pfx_filemap_add_folio+0x10/0x10 [ 153.018010][ T5246] ? rcu_is_watching+0x15/0xb0 [ 153.022769][ T5246] page_cache_ra_unbounded+0x774/0x8a0 [ 153.028238][ T5246] f2fs_readdir+0x5b9/0xbf0 [ 153.032739][ T5246] ? __pfx___might_resched+0x10/0x10 [ 153.038029][ T5246] ? __pfx_f2fs_readdir+0x10/0x10 [ 153.043049][ T5246] ? trace_contention_end+0x3c/0x120 [ 153.048335][ T5246] ? iterate_dir+0x20c/0x800 [ 153.052924][ T5246] ? fdget_pos+0x24e/0x320 [ 153.057341][ T5246] ? end_current_label_crit_section+0x151/0x180 [ 153.063584][ T5246] ? common_file_perm+0x1a6/0x210 [ 153.068615][ T5246] iterate_dir+0x571/0x800 [ 153.073034][ T5246] __se_sys_getdents64+0x1d3/0x4a0 [ 153.078147][ T5246] ? __pfx___se_sys_getdents64+0x10/0x10 [ 153.083769][ T5246] ? __pfx_filldir64+0x10/0x10 [ 153.088534][ T5246] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 153.094875][ T5246] ? rcu_is_watching+0x15/0xb0 [ 153.099641][ T5246] ? rcu_is_watching+0x15/0xb0 [ 153.104405][ T5246] do_syscall_64+0xf3/0x230 [ 153.108929][ T5246] ? clear_bhb_loop+0x35/0x90 [ 153.113609][ T5246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.119499][ T5246] RIP: 0033:0x7f6b473b0193 [ 153.123905][ T5246] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 42 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 153.143503][ T5246] RSP: 002b:00007ffc0c941268 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 153.151914][ T5246] RAX: ffffffffffffffda RBX: 00005555653c6600 RCX: 00007f6b473b0193 [ 153.159881][ T5246] RDX: 0000000000008000 RSI: 00005555653c6600 RDI: 0000000000000005 [ 153.167843][ T5246] RBP: 00005555653c65d4 R08: 0000000000000000 R09: 0000000000000000 [ 153.175805][ T5246] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 153.183790][ T5246] R13: 0000000000000010 R14: 00005555653c65d0 R15: 00007ffc0c943510 [ 153.191769][ T5246] [ 153.219383][ T5246] syz-executor: attempt to access beyond end of device [ 153.219383][ T5246] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 153.255023][ T5240] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 153.348123][ T8774] loop1: detected capacity change from 0 to 4096 [ 153.360092][ T5281] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 153.394944][ T8778] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.466412][ T5246] syz-executor: attempt to access beyond end of device [ 153.466412][ T5246] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 153.483781][ T5246] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 153.503935][ T8780] loop1: detected capacity change from 0 to 512 [ 153.526266][ T5246] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 153.528469][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.550250][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.560146][ T5281] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 153.569353][ T8780] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 153.573051][ T5281] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 153.589976][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.599464][ T5281] usb 4-1: config 0 descriptor?? [ 153.599907][ T8675] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 153.604985][ T8780] EXT4-fs (loop1): orphan cleanup on readonly fs [ 153.621583][ T8780] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 153.640825][ T8780] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 153.657940][ T8675] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 153.666398][ T8780] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.982: Failed to acquire dquot type 1 [ 153.698649][ T8675] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 153.709891][ T8675] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 153.763223][ T8675] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.776929][ T8675] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.784913][ T8780] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.982: bg 0: block 40: padding at end of block bitmap is not set [ 153.803317][ T8675] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 153.813686][ T8675] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 153.836963][ T3005] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.844076][ T3005] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.851741][ T8780] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 153.853147][ T3005] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.867532][ T3005] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.884476][ T8780] EXT4-fs (loop1): 1 truncate cleaned up [ 153.913760][ T8780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 153.960872][ T5235] Bluetooth: hci1: command tx timeout [ 154.015292][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.024874][ T5281] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 154.052090][ T8675] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.074912][ T5281] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 154.130565][ T5281] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 154.314355][ T936] usb 4-1: USB disconnect, device number 10 [ 154.362231][ T8675] veth0_vlan: entered promiscuous mode [ 154.381894][ T8675] veth1_vlan: entered promiscuous mode [ 154.408889][ T8675] veth0_macvtap: entered promiscuous mode [ 154.421121][ T8675] veth1_macvtap: entered promiscuous mode [ 154.433291][ T5243] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 154.442913][ T5243] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 154.454036][ T5243] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 154.457376][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.472798][ T5243] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 154.476004][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.487171][ T5243] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 154.495201][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.507174][ T5243] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 154.517577][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.536727][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.547208][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.557426][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.567898][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.578305][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.588784][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.604095][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.614740][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.624688][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.635159][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.646349][ T8675] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 154.658246][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.671449][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.681811][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.692353][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.705785][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.717602][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.730406][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.743386][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.754088][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.765078][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.775228][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.786078][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.797253][ T8675] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 154.807710][ T8675] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.818339][ T8675] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 154.828650][ T8675] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.838795][ T8675] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.847982][ T8675] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.856727][ T8675] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.936885][ T3045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.979944][ T3045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.035210][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 155.066805][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.337928][ T8821] chnl_net:caif_netlink_parms(): no params data found [ 155.396817][ T8821] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.404478][ T8821] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.411924][ T8821] bridge_slave_0: entered allmulticast mode [ 155.418593][ T8821] bridge_slave_0: entered promiscuous mode [ 155.427020][ T8821] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.434665][ T8821] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.442215][ T8821] bridge_slave_1: entered allmulticast mode [ 155.448997][ T8821] bridge_slave_1: entered promiscuous mode [ 155.476177][ T8821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.492772][ T8821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.510161][ T5281] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 155.529206][ T8821] team0: Port device team_slave_0 added [ 155.536940][ T8821] team0: Port device team_slave_1 added [ 155.560829][ T8821] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 155.578005][ T8821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.607044][ T8821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 155.619360][ T8821] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 155.626503][ T8821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 155.653214][ T8821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 155.681331][ T5281] usb 2-1: config 0 has an invalid interface number: 18 but max is 0 [ 155.689488][ T5281] usb 2-1: config 0 has no interface number 0 [ 155.695839][ T5281] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.698103][ T8821] hsr_slave_0: entered promiscuous mode [ 155.706856][ T5281] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.712294][ T5281] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 155.738859][ T8821] hsr_slave_1: entered promiscuous mode [ 155.745298][ T5281] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 155.753549][ T8821] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 155.756992][ T5281] usb 2-1: Manufacturer: syz [ 155.767078][ T5281] usb 2-1: config 0 descriptor?? [ 155.770272][ T8821] Cannot create hsr debugfs directory [ 155.888649][ T8821] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.947174][ T8821] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.988644][ T8877] loop3: detected capacity change from 0 to 32768 [ 155.996329][ T8877] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.992 (8877) [ 156.014087][ T8877] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 156.024547][ T8877] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 156.033953][ T8877] BTRFS info (device loop3): using free-space-tree [ 156.040621][ T5235] Bluetooth: hci1: command tx timeout [ 156.047432][ T8821] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.112993][ T8821] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.144833][ T12] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 156.174328][ T8332] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 156.198599][ T8821] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 156.201692][ T5281] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.18/0003:054C:03D5.001A/input/input16 [ 156.218093][ T8821] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 156.229308][ T8821] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 156.245784][ T8821] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 156.307562][ T8821] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.327432][ T8821] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.341706][ T5281] sony 0003:054C:03D5.001A: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.1-1/input18 [ 156.358120][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.365354][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.386157][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.393410][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.517889][ T8821] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 156.547661][ T5281] usb 2-1: USB disconnect, device number 17 [ 156.551145][ T8821] veth0_vlan: entered promiscuous mode [ 156.568846][ T8821] veth1_vlan: entered promiscuous mode [ 156.593706][ T8821] veth0_macvtap: entered promiscuous mode [ 156.601127][ T5235] Bluetooth: hci4: command tx timeout [ 156.606612][ T8821] veth1_macvtap: entered promiscuous mode [ 156.619023][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.633026][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.643011][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.653688][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.663785][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.674311][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.688884][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.699989][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.713027][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.725912][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.735817][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.746551][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.756665][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.767314][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.777344][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 156.787823][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.799030][ T8821] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.817472][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.833995][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.844494][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.857295][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.867165][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.877633][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.887601][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.898090][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.907935][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.918403][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.928619][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.941187][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.951260][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.961823][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.971665][ T8821] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 156.982231][ T8821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 156.993003][ T8821] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.003725][ T8821] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.012470][ T8821] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.022250][ T8821] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.030967][ T8821] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.079619][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.094740][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.118334][ T8903] loop1: detected capacity change from 0 to 16 [ 157.126500][ T8903] erofs: (device loop1): mounted with root inode @ nid 36. [ 157.142581][ T8903] erofs: (device loop1): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 157.142753][ T2571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.152481][ T8903] syz.1.995: attempt to access beyond end of device [ 157.152481][ T8903] loop1: rw=0, sector=296, nr_sectors = 8 limit=16 [ 157.167833][ T2571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.213183][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 86 @ nid 36 [ 157.228956][ T8903] erofs: (device loop1): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 157.249588][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 84 @ nid 36 [ 157.279962][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 80 @ nid 36 [ 157.291202][ T8903] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 157.302065][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 74 @ nid 36 [ 157.313023][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 72 @ nid 36 [ 157.326146][ T8908] rdma_rxe: rxe_newlink: failed to add veth1_vlan [ 157.335589][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 70 @ nid 36 [ 157.350652][ T8904] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 62 of nid 36 [ 157.370616][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 63 @ nid 36 [ 157.388835][ T8904] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 62 of nid 36 [ 157.400155][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 62 @ nid 36 [ 157.409406][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 58 @ nid 36 [ 157.419374][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 57 @ nid 36 [ 157.429963][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 54 @ nid 36 [ 157.463744][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 53 @ nid 36 [ 157.472971][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 52 @ nid 36 [ 157.519124][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 51 @ nid 36 [ 157.529144][ T8904] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 363 @ lcn 50 of nid 36 [ 157.551902][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 50 @ nid 36 [ 157.562452][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 47 @ nid 36 [ 157.571648][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 46 @ nid 36 [ 157.592784][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 40 @ nid 36 [ 157.602347][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 39 @ nid 36 [ 157.613926][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 38 @ nid 36 [ 157.624386][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 34 @ nid 36 [ 157.637178][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 32 @ nid 36 [ 157.663751][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 30 @ nid 36 [ 157.676379][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 27 @ nid 36 [ 157.686040][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 26 @ nid 36 [ 157.701929][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 25 @ nid 36 [ 157.713626][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 24 @ nid 36 [ 157.723649][ T8921] vlan2: entered allmulticast mode [ 157.727961][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 23 @ nid 36 [ 157.728912][ T8921] mac80211_hwsim hwsim26 wlan0: entered allmulticast mode [ 157.741691][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 22 @ nid 36 [ 157.755266][ T8921] mac80211_hwsim hwsim26 wlan0: left allmulticast mode [ 157.757454][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 21 @ nid 36 [ 157.775142][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 20 @ nid 36 [ 157.784752][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 18 @ nid 36 [ 157.794180][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 12 @ nid 36 [ 157.803854][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 10 @ nid 36 [ 157.813719][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 6 @ nid 36 [ 157.822823][ T8904] erofs: (device loop1): z_erofs_readahead: readahead error at folio 4 @ nid 36 [ 157.832144][ T8904] syz.1.995: attempt to access beyond end of device [ 157.832144][ T8904] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16 [ 157.846098][ T8904] syz.1.995: attempt to access beyond end of device [ 157.846098][ T8904] loop1: rw=524288, sector=6520, nr_sectors = 16 limit=16 [ 157.860942][ T8904] syz.1.995: attempt to access beyond end of device [ 157.860942][ T8904] loop1: rw=524288, sector=34359736328, nr_sectors = 16 limit=16 [ 157.875242][ T8904] syz.1.995: attempt to access beyond end of device [ 157.875242][ T8904] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 157.890387][ T8904] syz.1.995: attempt to access beyond end of device [ 157.890387][ T8904] loop1: rw=524288, sector=536576856, nr_sectors = 16 limit=16 [ 157.904565][ T8904] syz.1.995: attempt to access beyond end of device [ 157.904565][ T8904] loop1: rw=524288, sector=13478624032, nr_sectors = 8 limit=16 [ 157.918792][ T8904] syz.1.995: attempt to access beyond end of device [ 157.918792][ T8904] loop1: rw=524288, sector=13716630376, nr_sectors = 8 limit=16 [ 157.933040][ T8904] syz.1.995: attempt to access beyond end of device [ 157.933040][ T8904] loop1: rw=524288, sector=133693448, nr_sectors = 8 limit=16 [ 158.121214][ T5235] Bluetooth: hci1: command tx timeout [ 158.290320][ T8929] loop1: detected capacity change from 0 to 32768 [ 158.301021][ T8929] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1005 (8929) [ 158.323634][ T8929] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 158.356955][ T8929] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 158.380795][ T8929] BTRFS info (device loop1): using free-space-tree [ 158.588838][ T2571] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 158.613535][ T5243] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 158.621086][ T5243] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 158.628307][ T5243] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 158.635997][ T5243] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 158.643542][ T5243] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 158.651664][ T5243] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 158.659085][ T5240] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 158.681649][ T8957] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1010'. [ 158.690703][ T5235] Bluetooth: hci4: command tx timeout [ 158.915738][ T8962] loop2: detected capacity change from 0 to 256 [ 158.949634][ T8962] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 158.992595][ T8962] exFAT-fs (loop2): write: fail to zero from 0 to 3(-5) [ 159.069209][ T8954] chnl_net:caif_netlink_parms(): no params data found [ 159.145840][ T8973] loop3: detected capacity change from 0 to 16 [ 159.221759][ T8954] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.229068][ T8954] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.274933][ T8973] erofs: (device loop3): mounted with root inode @ nid 36. [ 159.292780][ T8954] bridge_slave_0: entered allmulticast mode [ 159.304936][ T8968] loop1: detected capacity change from 0 to 32768 [ 159.306778][ T8973] erofs: (device loop3): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 159.323489][ T8968] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1013 (8968) [ 159.338718][ T8954] bridge_slave_0: entered promiscuous mode [ 159.348623][ T8968] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 159.353518][ T8954] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.359040][ T8968] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 159.366739][ T8973] bio_check_eod: 14 callbacks suppressed [ 159.366757][ T8973] syz.3.1017: attempt to access beyond end of device [ 159.366757][ T8973] loop3: rw=0, sector=296, nr_sectors = 8 limit=16 [ 159.395082][ T8954] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.403305][ T8954] bridge_slave_1: entered allmulticast mode [ 159.410442][ T8954] bridge_slave_1: entered promiscuous mode [ 159.416897][ T8973] erofs: (device loop3): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 159.432215][ T8968] BTRFS info (device loop1): using free-space-tree [ 159.437908][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 86 @ nid 36 [ 159.463363][ T8954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.470413][ T8973] erofs: (device loop3): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 159.475524][ T8954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.490668][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 84 @ nid 36 [ 159.510614][ T8954] team0: Port device team_slave_0 added [ 159.518365][ T8954] team0: Port device team_slave_1 added [ 159.548371][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 80 @ nid 36 [ 159.575022][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 74 @ nid 36 [ 159.607358][ T8954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.615551][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 72 @ nid 36 [ 159.634250][ T8954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.661497][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 70 @ nid 36 [ 159.672872][ T8979] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 62 of nid 36 [ 159.683801][ T8954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 159.697854][ T8954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 159.705108][ T8954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 159.735385][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 63 @ nid 36 [ 159.744717][ T8954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.771866][ T8954] hsr_slave_0: entered promiscuous mode [ 159.783354][ T8968] BTRFS info (device loop1): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 159.793608][ T8954] hsr_slave_1: entered promiscuous mode [ 159.804631][ T8979] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 62 of nid 36 [ 159.815601][ T8954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 159.824279][ T8954] Cannot create hsr debugfs directory [ 159.841551][ T8968] BTRFS warning (device loop1): qgroup rescan init failed, running in simple mode [ 159.857888][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 62 @ nid 36 [ 159.884196][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 58 @ nid 36 [ 159.900351][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 57 @ nid 36 [ 159.910454][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 54 @ nid 36 [ 159.927478][ T5240] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 159.940075][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 53 @ nid 36 [ 159.957416][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 52 @ nid 36 [ 159.967884][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 51 @ nid 36 [ 160.004587][ T8979] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 363 @ lcn 50 of nid 36 [ 160.019819][ T8954] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.040287][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 50 @ nid 36 [ 160.058100][ T8975] loop2: detected capacity change from 0 to 40427 [ 160.064627][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 47 @ nid 36 [ 160.064655][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 46 @ nid 36 [ 160.064761][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 40 @ nid 36 [ 160.114591][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 39 @ nid 36 [ 160.123125][ T8975] F2FS-fs (loop2): invalid crc value [ 160.131538][ T8954] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.139368][ T8975] F2FS-fs (loop2): Found nat_bits in checkpoint [ 160.160893][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 38 @ nid 36 [ 160.180789][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 34 @ nid 36 [ 160.201735][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 32 @ nid 36 [ 160.210231][ T8975] F2FS-fs (loop2): Start checkpoint disabled! [ 160.213971][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 30 @ nid 36 [ 160.226958][ T8999] loop1: detected capacity change from 0 to 512 [ 160.229234][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 27 @ nid 36 [ 160.237977][ T8975] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 160.242613][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 26 @ nid 36 [ 160.259387][ T8999] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 160.261178][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 25 @ nid 36 [ 160.279647][ T8954] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.292923][ T8999] EXT4-fs (loop1): invalid journal inode [ 160.299849][ T8999] EXT4-fs (loop1): can't get journal size [ 160.306323][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 24 @ nid 36 [ 160.322556][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 23 @ nid 36 [ 160.322715][ T8999] EXT4-fs (loop1): 1 truncate cleaned up [ 160.333941][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 22 @ nid 36 [ 160.347959][ T8999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.353132][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 21 @ nid 36 [ 160.376105][ T8954] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.394225][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 20 @ nid 36 [ 160.406619][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 18 @ nid 36 [ 160.416182][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 12 @ nid 36 [ 160.425496][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 10 @ nid 36 [ 160.434926][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 6 @ nid 36 [ 160.444613][ T8979] erofs: (device loop3): z_erofs_readahead: readahead error at folio 4 @ nid 36 [ 160.454006][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.454006][ T8979] loop3: rw=524288, sector=1049264, nr_sectors = 16 limit=16 [ 160.476559][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.476559][ T8979] loop3: rw=524288, sector=6520, nr_sectors = 16 limit=16 [ 160.490731][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.490731][ T8979] loop3: rw=524288, sector=34359736328, nr_sectors = 16 limit=16 [ 160.538907][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.538907][ T8979] loop3: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 160.553810][ T2571] kworker/u8:5: attempt to access beyond end of device [ 160.553810][ T2571] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 160.555756][ T8954] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 160.573922][ T2571] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 160.576212][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.576212][ T8979] loop3: rw=524288, sector=536576856, nr_sectors = 16 limit=16 [ 160.586010][ T2571] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 160.599117][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.599117][ T8979] loop3: rw=524288, sector=13478624032, nr_sectors = 8 limit=16 [ 160.611763][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.617883][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.617883][ T8979] loop3: rw=524288, sector=13716630376, nr_sectors = 8 limit=16 [ 160.618003][ T8979] syz.3.1017: attempt to access beyond end of device [ 160.618003][ T8979] loop3: rw=524288, sector=133693448, nr_sectors = 8 limit=16 [ 160.634277][ T2571] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 160.665841][ T8954] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 160.692565][ T8954] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 160.699752][ T5235] Bluetooth: hci6: command tx timeout [ 160.714206][ T8954] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 160.760262][ T5235] Bluetooth: hci4: command tx timeout [ 160.811454][ T8954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.827373][ T8954] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.862139][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.869268][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.892078][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.899243][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 161.044453][ T8954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.074128][ T8954] veth0_vlan: entered promiscuous mode [ 161.084323][ T8954] veth1_vlan: entered promiscuous mode [ 161.105128][ T8954] veth0_macvtap: entered promiscuous mode [ 161.113718][ T8954] veth1_macvtap: entered promiscuous mode [ 161.127178][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.138503][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.149160][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.159785][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.169830][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.180456][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.190326][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.198739][ T9016] loop2: detected capacity change from 0 to 128 [ 161.200777][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.200796][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.227367][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.237770][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.248819][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.258781][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.269276][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.279146][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.289668][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.302976][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.313788][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.329658][ T8954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 161.347079][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.358439][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.368451][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.378975][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.389117][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.399685][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.411963][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.422629][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.432554][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.443607][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.453558][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.464031][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.473881][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.484625][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.494543][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.505034][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.514925][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.526791][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.538794][ T8954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 161.561793][ T8954] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.571046][ T8954] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.579766][ T8954] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.588864][ T8954] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.697942][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.719751][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.759752][ T3045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.767891][ T3045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.850144][ T5279] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 162.016670][ T5279] usb 4-1: Using ep0 maxpacket: 16 [ 162.021837][ T9021] loop4: detected capacity change from 0 to 32768 [ 162.029387][ T9021] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1022 (9021) [ 162.030474][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.061620][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.072818][ T5279] usb 4-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 162.082432][ T9021] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 162.082465][ T5279] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.099502][ T9021] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 162.117800][ T9021] BTRFS info (device loop4): using free-space-tree [ 162.165534][ T5279] usb 4-1: config 0 descriptor?? [ 162.404128][ T11] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 162.477036][ T8675] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 162.666655][ T5279] hid-led 0003:1294:1320.001B: unknown main item tag 0x2 [ 162.682526][ T5279] hid-led 0003:1294:1320.001B: unbalanced collection at end of report description [ 162.692515][ T5279] hid-led 0003:1294:1320.001B: probe with driver hid-led failed with error -22 [ 162.747217][ T9064] loop0: detected capacity change from 0 to 40427 [ 162.760544][ T5235] Bluetooth: hci6: command tx timeout [ 162.823705][ T9064] F2FS-fs (loop0): invalid crc value [ 162.840339][ T5235] Bluetooth: hci4: command tx timeout [ 162.873475][ T9064] F2FS-fs (loop0): Found nat_bits in checkpoint [ 162.929224][ T5281] usb 4-1: USB disconnect, device number 11 [ 162.933950][ T9064] F2FS-fs (loop0): Start checkpoint disabled! [ 162.964954][ T9064] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 163.124806][ T61] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 163.132082][ T61] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 163.149704][ T61] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 163.293034][ T9094] loop2: detected capacity change from 0 to 32768 [ 163.305683][ T9094] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1048 (9094) [ 163.320783][ T9094] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 163.333193][ T9094] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 163.342178][ T9094] BTRFS info (device loop2): using free-space-tree [ 163.524206][ T9094] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 163.555919][ T9094] BTRFS warning (device loop2): qgroup rescan init failed, running in simple mode [ 163.738995][ T8821] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 164.067877][ T5281] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 164.237418][ T5281] usb 4-1: config 0 has no interfaces? [ 164.243184][ T5281] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 164.262946][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.300172][ T5281] usb 4-1: config 0 descriptor?? [ 164.358781][ T9123] loop4: detected capacity change from 0 to 40427 [ 164.377984][ T9123] F2FS-fs (loop4): invalid crc value [ 164.386387][ T9125] loop0: detected capacity change from 0 to 32768 [ 164.396908][ T9123] F2FS-fs (loop4): Found nat_bits in checkpoint [ 164.406568][ T9125] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1050 (9125) [ 164.445213][ T9125] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 164.464214][ T9125] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 164.490091][ T9125] BTRFS info (device loop0): using free-space-tree [ 164.500076][ T936] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 164.531400][ T9123] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 164.576563][ T5346] usb 4-1: USB disconnect, device number 12 [ 164.610755][ T9123] bio_check_eod: 15 callbacks suppressed [ 164.610772][ T9123] syz.4.1054: attempt to access beyond end of device [ 164.610772][ T9123] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 164.624518][ T11] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 164.630395][ T9123] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 164.650926][ T9123] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 164.660118][ T936] usb 3-1: Using ep0 maxpacket: 32 [ 164.673838][ T936] usb 3-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5 [ 164.683389][ T936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.699524][ T936] usb 3-1: Product: syz [ 164.700803][ T8954] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 164.703957][ T936] usb 3-1: Manufacturer: syz [ 164.721617][ T936] usb 3-1: SerialNumber: syz [ 164.731244][ T936] usb 3-1: config 0 descriptor?? [ 164.761007][ T936] hub 3-1:0.0: bad descriptor, ignoring hub [ 164.766940][ T936] hub 3-1:0.0: probe with driver hub failed with error -5 [ 164.775299][ T936] gspca_main: vc032x-2.14.0 probing 0ac8:c301 [ 164.811138][ T9137] loop1: detected capacity change from 0 to 32768 [ 164.825284][ T9137] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1071 (9137) [ 164.841279][ T5235] Bluetooth: hci6: command tx timeout [ 164.849964][ T9137] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 164.860292][ T9137] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 164.868938][ T9137] BTRFS info (device loop1): using free-space-tree [ 165.227703][ T5240] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 165.380740][ T936] gspca_vc032x: reg_r err -71 [ 165.385572][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.391888][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.397203][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.412300][ T9188] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1067'. [ 165.413396][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.454997][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.476634][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.485326][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.491254][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.496824][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.506040][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.511543][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.516834][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.522182][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.527476][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.533849][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.539147][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.544529][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.549829][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.555421][ T936] gspca_vc032x: I2c Bus Busy Wait 00 [ 165.561126][ T936] gspca_vc032x: Unknown sensor... [ 165.566261][ T936] vc032x 3-1:0.0: probe with driver vc032x failed with error -22 [ 165.601651][ T936] usb 3-1: USB disconnect, device number 17 [ 165.659402][ T9185] loop0: detected capacity change from 0 to 32768 [ 165.671621][ T9185] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1064 (9185) [ 165.689179][ T9185] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 165.700749][ T9185] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 165.709436][ T9185] BTRFS info (device loop0): using free-space-tree [ 165.740188][ T5278] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 165.807141][ T9185] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 165.823670][ T9185] BTRFS warning (device loop0): qgroup rescan init failed, running in simple mode [ 165.855976][ T8954] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 165.892048][ T9209] loop3: detected capacity change from 0 to 2048 [ 165.910087][ T5278] usb 2-1: Using ep0 maxpacket: 16 [ 165.918929][ T9209] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 165.928823][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 165.940554][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 165.952462][ T5278] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 165.966406][ T9210] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 165.966947][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.994940][ T5278] usb 2-1: config 0 descriptor?? [ 166.369286][ T9224] loop3: detected capacity change from 0 to 1024 [ 166.407518][ T5278] hid-led 0003:1294:1320.001C: unknown main item tag 0x2 [ 166.411126][ T9213] loop2: detected capacity change from 0 to 32768 [ 166.419018][ T5278] hid-led 0003:1294:1320.001C: unbalanced collection at end of report description [ 166.431354][ T5278] hid-led 0003:1294:1320.001C: probe with driver hid-led failed with error -22 [ 166.469024][ T9224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.485511][ T9213] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 166.567456][ T9213] XFS (loop2): Ending clean mount [ 166.578308][ T9213] XFS (loop2): Quotacheck needed: Please wait. [ 166.599181][ T9213] XFS (loop2): Quotacheck: Done. [ 166.609212][ T9222] loop0: detected capacity change from 0 to 32768 [ 166.622683][ T8332] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.632585][ T5282] usb 2-1: USB disconnect, device number 18 [ 166.658558][ T9222] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 166.684768][ T8821] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 166.738250][ T9222] XFS (loop0): Ending clean mount [ 166.831490][ T8954] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 166.920219][ T5235] Bluetooth: hci6: command tx timeout [ 167.000273][ T9243] loop3: detected capacity change from 0 to 32768 [ 167.010263][ T9243] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1077 (9243) [ 167.038033][ T9243] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 167.048367][ T9243] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 167.060102][ T9243] BTRFS info (device loop3): using free-space-tree [ 167.096539][ T9249] netlink: 'syz.0.1079': attribute type 4 has an invalid length. [ 167.118401][ T9249] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1079'. [ 167.174484][ T11] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 167.236008][ T9266] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1080'. [ 167.253153][ T8332] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 167.464610][ T9246] loop2: detected capacity change from 0 to 40427 [ 167.489744][ T9246] F2FS-fs (loop2): invalid crc value [ 167.509408][ T9246] F2FS-fs (loop2): Found nat_bits in checkpoint [ 167.563616][ T9280] dvmrp9: entered allmulticast mode [ 167.608994][ T9246] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 167.635109][ T9246] syz.2.1078: attempt to access beyond end of device [ 167.635109][ T9246] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 167.665503][ T9246] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 167.673309][ T9246] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 167.718341][ T9288] loop3: detected capacity change from 0 to 64 [ 168.013823][ T9297] loop3: detected capacity change from 0 to 2048 [ 168.037364][ T9283] loop1: detected capacity change from 0 to 32768 [ 168.061804][ T9300] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 168.123687][ T9299] loop0: detected capacity change from 0 to 4096 [ 168.472880][ T9316] loop4: detected capacity change from 0 to 256 [ 168.560456][ T936] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 168.565580][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.578067][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.611523][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.624616][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.635612][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.635740][ T9316] syz.4.1103: attempt to access beyond end of device [ 168.635740][ T9316] loop4: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 168.643449][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.666296][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.682424][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.690501][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.697901][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.706195][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.717755][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.723385][ T9316] syz.4.1103: attempt to access beyond end of device [ 168.723385][ T9316] loop4: rw=2049, sector=608, nr_sectors = 416 limit=256 [ 168.726031][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.740749][ T936] usb 1-1: Using ep0 maxpacket: 8 [ 168.755615][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.764828][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.774187][ T936] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 168.776368][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.783904][ T9316] syz.4.1103: attempt to access beyond end of device [ 168.783904][ T9316] loop4: rw=2049, sector=1056, nr_sectors = 8 limit=256 [ 168.790242][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.810115][ T936] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 168.815576][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.837269][ T5278] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 168.845391][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.853556][ T936] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 168.859000][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.875637][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.883838][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.887392][ T936] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 168.895636][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.914757][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.924199][ T936] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 168.928718][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.946508][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.954857][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.956356][ T936] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 168.971127][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 168.991342][ T936] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.997708][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 169.008318][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 169.020529][ T5278] usb 4-1: config 0 has no interfaces? [ 169.026134][ T5278] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 169.035893][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 169.043782][ T5278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.052187][ T5346] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 169.061766][ T5278] usb 4-1: config 0 descriptor?? [ 169.073076][ T5346] hid-generic 0000:0000:0000.001D: hidraw0: HID v0.00 Device [syz0] on syz0 [ 169.223225][ T9337] tipc: Started in network mode [ 169.228305][ T9337] tipc: Node identity 1, cluster identity 2 [ 169.236179][ T9337] tipc: Node number set to 1 [ 169.274284][ T936] usb 1-1: usb_control_msg returned -32 [ 169.281224][ T936] usbtmc 1-1:16.0: can't read capabilities [ 169.322700][ T5279] usb 4-1: USB disconnect, device number 13 [ 169.504376][ T9334] loop4: detected capacity change from 0 to 32768 [ 169.529837][ T9334] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 169.579154][ T9334] XFS (loop4): Ending clean mount [ 169.586592][ T9334] XFS (loop4): Quotacheck needed: Please wait. [ 169.597866][ T9334] XFS (loop4): Quotacheck: Done. [ 169.622855][ T8675] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 169.640100][ T936] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 169.670103][ T9] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 169.811548][ T936] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.822638][ T936] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.834060][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 169.839236][ T936] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 169.848770][ T936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.857938][ T9] usb 2-1: config 0 has an invalid interface number: 251 but max is 0 [ 169.869000][ T936] usb 3-1: config 0 descriptor?? [ 169.878584][ T9] usb 2-1: config 0 has no interface number 0 [ 169.898231][ T9] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 169.908737][ T9] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 169.925716][ T9] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 169.935972][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.947502][ T9] usb 2-1: Product: syz [ 169.965972][ T9] usb 2-1: Manufacturer: syz [ 169.971309][ T9] usb 2-1: SerialNumber: syz [ 169.977063][ T9] usb 2-1: config 0 descriptor?? [ 169.982573][ T9346] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 169.989922][ T9346] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 170.200552][ T9346] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 170.207802][ T9346] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 170.299358][ T936] cm6533_jd 0003:0D8C:0022.001E: unknown main item tag 0x0 [ 170.308003][ T936] cm6533_jd 0003:0D8C:0022.001E: unknown main item tag 0x0 [ 170.317470][ T936] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.001E/input/input17 [ 170.342586][ T936] cm6533_jd 0003:0D8C:0022.001E: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 170.416566][ T9] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 170.429060][ T9] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 170.439051][ T9] asix 2-1:0.251: probe with driver asix failed with error -5 [ 170.450325][ T9] usb 2-1: USB disconnect, device number 19 [ 170.506825][ T5346] usb 3-1: USB disconnect, device number 18 [ 170.604386][ T9364] loop3: detected capacity change from 0 to 1024 [ 170.617647][ T9364] EXT4-fs: Ignoring removed nomblk_io_submit option [ 170.648638][ T9364] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 170.657936][ T9364] System zones: 0-1, 3-36 [ 170.673802][ T9364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.710545][ T8332] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.822057][ T9376] geneve2: entered promiscuous mode [ 170.827310][ T9376] geneve2: entered allmulticast mode [ 170.997003][ T9380] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 171.007151][ T9374] loop3: detected capacity change from 0 to 32768 [ 171.015304][ T9374] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1120 (9374) [ 171.025456][ T9379] loop4: detected capacity change from 0 to 4096 [ 171.070931][ T9374] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 171.098878][ T9382] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.104517][ T9374] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 171.129143][ T9379] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '.' [ 171.134598][ T9384] loop2: detected capacity change from 0 to 1024 [ 171.145321][ T9374] BTRFS info (device loop3): using free-space-tree [ 171.158142][ T9379] Remounting filesystem read-only [ 171.207889][ T9384] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 171.394432][ T9] usb 1-1: USB disconnect, device number 15 [ 171.510469][ T53] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 171.594690][ T8332] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 171.804652][ T9412] input: syz0 as /devices/virtual/input/input18 [ 171.927843][ T9386] loop1: detected capacity change from 0 to 131072 [ 171.938513][ T9386] F2FS-fs (loop1): invalid crc value [ 171.965808][ T9386] F2FS-fs (loop1): Found nat_bits in checkpoint [ 172.023787][ T9386] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 172.080257][ T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 172.196655][ T9428] loop3: detected capacity change from 0 to 2048 [ 172.223639][ T9429] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 172.250052][ T29] audit: type=1800 audit(1996934849.059:34): pid=9428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1137" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 172.287205][ T29] audit: type=1800 audit(1996934849.059:35): pid=9428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1137" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 172.325862][ T29] audit: type=1800 audit(1996934849.059:36): pid=9428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1137" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 172.526075][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.537418][ T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.547222][ T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 172.557037][ T9] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 172.566861][ T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 172.580323][ T9] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 172.598545][ T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 172.607846][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.615944][ T9] usb 1-1: Product: syz [ 172.623875][ T9] usb 1-1: Manufacturer: syz [ 172.628486][ T9] usb 1-1: SerialNumber: syz [ 172.864782][ T9445] loop1: detected capacity change from 0 to 256 [ 172.874293][ T9433] loop2: detected capacity change from 0 to 32768 [ 172.876298][ T9445] MINIX-fs: mounting file system with errors, running fsck is recommended [ 172.905784][ T9445] MINIX-fs warning: remounting fs with errors, running fsck is recommended [ 173.009662][ T9447] loop1: detected capacity change from 0 to 2048 [ 173.046854][ T9448] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 173.068594][ T9447] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 173.095354][ T9447] Remounting filesystem read-only [ 173.201570][ T9458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1150'. [ 173.211452][ T9458] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1150'. [ 173.221020][ T9458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1150'. [ 173.242398][ T9431] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 173.248320][ T9431] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 173.305064][ T9431] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.323054][ T9431] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 173.345323][ T9431] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 173.360125][ T9431] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 173.431206][ T9431] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 173.447390][ T9431] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 173.489522][ T9456] loop1: detected capacity change from 0 to 32768 [ 173.503138][ T9456] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1149 (9456) [ 173.556466][ T9456] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 173.567420][ T9456] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 173.580867][ T9456] BTRFS info (device loop1): disk space caching is enabled [ 173.588149][ T9456] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 173.634117][ T9466] loop3: detected capacity change from 0 to 512 [ 173.661846][ T9] cdc_ncm 1-1:1.0: bind() failure [ 173.670965][ T9] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71 [ 173.696114][ T9] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71 [ 173.711047][ T9] usbtest 1-1:1.1: probe with driver usbtest failed with error -71 [ 173.714372][ T9466] EXT4-fs (loop3): 1 truncate cleaned up [ 173.728161][ T9466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.733163][ T9] usb 1-1: USB disconnect, device number 16 [ 173.752747][ T9456] BTRFS info (device loop1): rebuilding free space tree [ 173.767045][ T9456] BTRFS info (device loop1): disabling free space tree [ 173.770479][ T9466] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.1152: Directory hole found for htree leaf block 0 [ 173.774090][ T9456] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 173.796610][ T9456] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 173.820544][ T9460] loop2: detected capacity change from 0 to 32768 [ 173.843912][ T9466] EXT4-fs (loop3): Remounting filesystem read-only [ 173.851612][ T29] audit: type=1800 audit(1996934850.669:37): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1149" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 173.874257][ T29] audit: type=1800 audit(1996934850.669:38): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1149" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 173.878125][ T8332] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.964244][ T5240] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 174.144887][ T9491] loop1: detected capacity change from 0 to 128 [ 174.157181][ T9491] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 174.226165][ T9492] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 174.234536][ T9492] FAT-fs (loop1): Filesystem has been set read-only [ 174.247410][ T9492] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 174.304785][ T9496] loop0: detected capacity change from 0 to 128 [ 174.319431][ T2571] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8) [ 174.320542][ T29] audit: type=1800 audit(1996934851.139:39): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1159" name="file1" dev="loop0" ino=1048683 res=0 errno=0 [ 174.335006][ T2571] FAT-fs (loop0): Filesystem has been set read-only [ 174.348263][ C0] vkms_vblank_simulate: vblank timer overrun [ 174.363990][ T29] audit: type=1800 audit(1996934851.139:40): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1159" name="file1" dev="loop0" ino=1048683 res=0 errno=0 [ 174.385104][ T2571] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522) [ 174.393826][ T9496] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522) [ 174.403972][ T9496] FAT-fs (loop0): Filesystem has been set read-only [ 174.762871][ T9512] loop2: detected capacity change from 0 to 64 [ 174.933147][ T9514] wireguard0: entered promiscuous mode [ 174.938939][ T9514] wireguard0: entered allmulticast mode [ 174.975139][ T5278] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 175.114211][ T5240] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 175.202955][ T9526] loop3: detected capacity change from 0 to 128 [ 175.219509][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.230569][ T5278] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 175.246889][ T5278] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 175.257661][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.266693][ T9526] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 175.266949][ T5278] usb 1-1: config 0 descriptor?? [ 175.294114][ T9526] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 175.340170][ T9502] loop4: detected capacity change from 0 to 65536 [ 175.388016][ T8332] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 175.463766][ T9502] XFS (loop4): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 175.468204][ T9533] loop1: detected capacity change from 0 to 2048 [ 175.515592][ T9533] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.550397][ T9502] XFS (loop4): Ending clean mount [ 175.588461][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.646419][ T9552] loop1: detected capacity change from 0 to 512 [ 175.674091][ T9552] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 175.689060][ T8675] XFS (loop4): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 [ 175.701066][ T5278] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 175.708464][ T5278] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 175.719900][ T5278] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 175.733301][ T5278] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 175.745762][ T9552] EXT4-fs (loop1): 1 orphan inode deleted [ 175.763807][ T9552] EXT4-fs (loop1): 1 truncate cleaned up [ 175.770730][ T9552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.780046][ T5278] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 175.791256][ T5278] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving [ 175.875192][ T9551] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 175.893814][ T9551] EXT4-fs (loop1): Remounting filesystem read-only [ 175.936335][ T5278] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 175.965831][ T9561] loop2: detected capacity change from 0 to 128 [ 175.977108][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.012488][ T9561] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 176.063283][ T5346] usb 1-1: USB disconnect, device number 17 [ 176.099759][ T9547] loop3: detected capacity change from 0 to 40427 [ 176.124265][ T9547] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 176.137173][ T9568] FAT-fs (loop2): error, invalid access to FAT (entry 0x0affffff) [ 176.146100][ T9547] F2FS-fs (loop3): Image doesn't support compression [ 176.153326][ T9568] FAT-fs (loop2): Filesystem has been set read-only [ 176.161069][ T9547] F2FS-fs (loop3): Image doesn't support compression [ 176.177490][ T9547] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x4 [ 176.184360][ T9568] FAT-fs (loop2): error, invalid access to FAT (entry 0x0affffff) [ 176.202594][ T9547] F2FS-fs (loop3): invalid crc value [ 176.224842][ T9547] F2FS-fs (loop3): Found nat_bits in checkpoint [ 176.355791][ T9547] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 176.365628][ T9574] loop1: detected capacity change from 0 to 4096 [ 176.380498][ T9574] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.395505][ T9581] loop4: detected capacity change from 0 to 64 [ 176.409459][ T9547] syz.3.1175: attempt to access beyond end of device [ 176.409459][ T9547] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 176.428663][ T9574] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.497089][ T8332] syz-executor: attempt to access beyond end of device [ 176.497089][ T8332] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 176.511143][ T8332] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 176.526519][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.665372][ T9594] loop4: detected capacity change from 0 to 512 [ 176.681744][ T9594] EXT4-fs: Ignoring removed oldalloc option [ 176.684352][ T29] audit: type=1326 audit(1996934853.499:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9590 comm="syz.1.1193" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a35b7dff9 code=0x0 [ 176.712749][ T9594] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 176.743319][ T9594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 176.769465][ T9596] loop1: detected capacity change from 0 to 2048 [ 176.776082][ T9594] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.817035][ T9596] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 176.841066][ T9596] NILFS (loop1): mounting unchecked fs [ 176.846731][ T9596] NILFS (loop1): recovery required for readonly filesystem [ 176.847312][ T8821] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 176.854538][ T9596] NILFS (loop1): write access will be enabled during recovery [ 176.887133][ T5570] udevd[5570]: incorrect nilfs2 checksum on /dev/loop1 [ 176.899195][ T8675] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 176.909391][ T9596] NILFS (loop1): recovery complete [ 177.013341][ T9606] loop4: detected capacity change from 0 to 64 [ 177.144899][ T9608] loop3: detected capacity change from 0 to 4096 [ 177.154730][ T9608] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 177.180091][ T5278] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 177.188485][ T9608] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 177.211102][ T29] audit: type=1800 audit(1996934854.029:42): pid=9608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1192" name="bus" dev="loop3" ino=0 res=0 errno=0 [ 177.340474][ T5278] usb 3-1: Using ep0 maxpacket: 16 [ 177.347777][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 177.359185][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.380800][ T5278] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 177.401838][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.417436][ T5278] usb 3-1: config 0 descriptor?? [ 177.920367][ T3393] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 178.136877][ T3393] usb 2-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 178.147196][ T9638] loop3: detected capacity change from 0 to 256 [ 178.152931][ T3393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.178508][ T9638] FAT-fs (loop3): Directory bread(block 64) failed [ 178.189515][ T3393] usb 2-1: Product: syz [ 178.193723][ T9638] FAT-fs (loop3): Directory bread(block 65) failed [ 178.193789][ T9638] FAT-fs (loop3): Directory bread(block 66) failed [ 178.216185][ T9638] FAT-fs (loop3): Directory bread(block 67) failed [ 178.220423][ T3393] usb 2-1: Manufacturer: syz [ 178.224316][ T9638] FAT-fs (loop3): Directory bread(block 68) failed [ 178.227345][ T3393] usb 2-1: SerialNumber: syz [ 178.236331][ T9638] FAT-fs (loop3): Directory bread(block 69) failed [ 178.240357][ T5278] letsketch 0003:6161:4D15.0020: Device info: Д [ 178.246565][ T9638] FAT-fs (loop3): Directory bread(block 70) failed [ 178.261281][ T3393] usb 2-1: config 0 descriptor?? [ 178.267433][ T9638] FAT-fs (loop3): Directory bread(block 71) failed [ 178.276343][ T9638] FAT-fs (loop3): Directory bread(block 72) failed [ 178.284793][ T9638] FAT-fs (loop3): Directory bread(block 73) failed [ 178.464280][ T5278] usb 3-1: Max retries (5) exceeded reading string descriptor 201 [ 178.472272][ T5278] letsketch 0003:6161:4D15.0020: probe with driver letsketch failed with error -71 [ 178.490484][ T5278] usb 3-1: USB disconnect, device number 19 [ 178.617183][ T9636] loop0: detected capacity change from 0 to 40427 [ 178.625098][ T9636] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 178.633492][ T9636] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 178.647542][ T9636] F2FS-fs (loop0): invalid crc value [ 178.668902][ T9636] F2FS-fs (loop0): Found nat_bits in checkpoint [ 178.739348][ T9636] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 178.748489][ T9636] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 178.781835][ T8954] syz-executor: attempt to access beyond end of device [ 178.781835][ T8954] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 178.801789][ T8954] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 178.924897][ T3393] mos7840 2-1:0.0: required endpoints missing [ 178.940182][ T3393] usb 2-1: USB disconnect, device number 20 [ 179.113088][ T9656] loop3: detected capacity change from 0 to 32768 [ 179.166453][ T9665] loop0: detected capacity change from 0 to 1024 [ 179.186930][ T9656] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 179.220096][ T3005] hfsplus: b-tree write err: -5, ino 4 [ 179.223202][ T8332] ocfs2: Unmounting device (7,3) on (node local) [ 179.287386][ T9670] netlink: 'syz.0.1228': attribute type 1 has an invalid length. [ 179.400673][ T5281] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 179.524193][ T9683] netlink: 129384 bytes leftover after parsing attributes in process `syz.0.1232'. [ 179.554916][ T5281] usb 3-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 179.574476][ T5281] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.595224][ T5281] usb 3-1: config 0 descriptor?? [ 179.658154][ T9689] sch_tbf: burst 5526 is lower than device lo mtu (65550) ! [ 179.838612][ T9681] loop3: detected capacity change from 0 to 40427 [ 179.856425][ T5281] kaweth 3-1:0.0: Firmware present in device. [ 179.862665][ T9681] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 179.870403][ T9681] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 179.881037][ T9681] F2FS-fs (loop3): invalid crc value [ 179.896639][ T9681] F2FS-fs (loop3): Found nat_bits in checkpoint [ 179.944702][ T9681] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 179.952160][ T9681] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 180.027901][ T5281] kaweth 3-1:0.0: Statistics collection: 0 [ 180.034847][ T5281] kaweth 3-1:0.0: Multicast filter limit: 0 [ 180.046124][ T5281] kaweth 3-1:0.0: MTU: 0 [ 180.055862][ T5281] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00 [ 180.063706][ T8332] syz-executor: attempt to access beyond end of device [ 180.063706][ T8332] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 180.082710][ T8332] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 180.090242][ T9709] loop1: detected capacity change from 0 to 4096 [ 180.107409][ T9709] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 180.408583][ T9720] loop1: detected capacity change from 0 to 2048 [ 180.415759][ T9720] EXT4-fs: Ignoring removed nomblk_io_submit option [ 180.459416][ T9720] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.499025][ T9712] loop0: detected capacity change from 0 to 32768 [ 180.517435][ T9712] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1245 (9712) [ 180.557609][ T9712] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 180.570206][ T9712] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 180.577770][ T9720] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1249: bg 0: block 234: padding at end of block bitmap is not set [ 180.592099][ T9712] BTRFS info (device loop0): using free-space-tree [ 180.601528][ T9720] EXT4-fs (loop1): Remounting filesystem read-only [ 180.608212][ T9720] EXT4-fs warning (device loop1): ext4_xattr_inode_lookup_create:1605: inode #18: comm syz.1.1249: cleanup dec ref error -28 [ 180.641432][ T5281] kaweth 3-1:0.0: Error setting receive filter [ 180.648675][ T5281] kaweth 3-1:0.0: probe with driver kaweth failed with error -5 [ 180.668541][ T5281] usb 3-1: USB disconnect, device number 20 [ 180.685882][ T5240] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.746606][ T9744] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 180.757269][ T9744] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 180.829729][ T8954] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 180.910710][ T9753] loop3: detected capacity change from 0 to 512 [ 180.932581][ T9753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.977000][ T9753] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.987677][ T9757] loop0: detected capacity change from 0 to 256 [ 181.001286][ T9753] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 181.005464][ T9757] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 181.018734][ T9753] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 181.040432][ T9753] EXT4-fs (loop3): This should not happen!! Data will be lost [ 181.040432][ T9753] [ 181.050445][ T9753] EXT4-fs (loop3): Total free blocks count 0 [ 181.061547][ T9753] EXT4-fs (loop3): Free/Dirty block details [ 181.067612][ T9753] EXT4-fs (loop3): free_blocks=65280 [ 181.073092][ T9753] EXT4-fs (loop3): dirty_blocks=32 [ 181.078111][ T9757] exFAT-fs (loop0): error, broken FAT chain. [ 181.078509][ T9753] EXT4-fs (loop3): Block reservation details [ 181.091526][ T9757] exFAT-fs (loop0): Filesystem has been set read-only [ 181.091666][ T9753] EXT4-fs (loop3): i_reserved_data_blocks=32 [ 181.098361][ T9757] exFAT-fs (loop0): error, failed to bmap (inode : ffff88807a3b14a8 iblock : 8, err : -5) [ 181.105932][ T9758] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 181.122738][ T9757] exFAT-fs (loop0): error, broken FAT chain. [ 181.133133][ T9757] exFAT-fs (loop0): error, failed to bmap (inode : ffff88807a3b14a8 iblock : 8, err : -5) [ 181.246448][ T9763] loop0: detected capacity change from 0 to 2048 [ 181.258739][ T9763] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 181.271200][ T9763] UDF-fs: Scanning with blocksize 512 failed [ 181.279557][ T9763] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 181.793354][ T9799] input: syz1 as /devices/virtual/input/input20 [ 181.971444][ T9801] loop3: detected capacity change from 0 to 32768 [ 181.983745][ T9801] JBD2: Ignoring recovery information on journal [ 182.008271][ T9801] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 182.056426][ T8332] ocfs2: Unmounting device (7,3) on (node local) [ 182.094437][ T9805] loop0: detected capacity change from 0 to 1 [ 182.123272][ T5279] Oops: general protection fault, probably for non-canonical address 0xdffffc00000000c7: 0000 [#1] PREEMPT SMP KASAN PTI [ 182.135879][ T5279] KASAN: null-ptr-deref in range [0x0000000000000638-0x000000000000063f] [ 182.144314][ T5279] CPU: 0 UID: 0 PID: 5279 Comm: kworker/0:3 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0 [ 182.154574][ T5279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 182.164651][ T5279] Workqueue: events_long flush_mdb [ 182.169805][ T5279] RIP: 0010:hfs_mdb_commit+0x37/0xfd0 [ 182.175209][ T5279] Code: 53 48 83 ec 48 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 9c 85 0a ff 48 89 5c 24 08 4c 8d a3 38 06 00 00 4c 89 e3 48 c1 eb 03 <42> 80 3c 2b 00 74 08 4c 89 e7 e8 aa 3c 74 ff 4d 8b 34 24 49 8d 6e [ 182.194840][ T5279] RSP: 0018:ffffc900043a7b40 EFLAGS: 00010202 [ 182.200927][ T5279] RAX: ffffffff828a6eb4 RBX: 00000000000000c7 RCX: ffff88802dd83c00 [ 182.208909][ T5279] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 182.216887][ T5279] RBP: ffffc900043a7dc0 R08: ffff888058d919eb R09: 1ffff1100b1b233d [ 182.224882][ T5279] R10: dffffc0000000000 R11: ffffed100b1b233e R12: 0000000000000638 [ 182.232877][ T5279] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000800000 [ 182.240859][ T5279] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 182.249800][ T5279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.256395][ T5279] CR2: 00007f6a35b61160 CR3: 000000006fb38000 CR4: 00000000003526f0 [ 182.264384][ T5279] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 182.272376][ T5279] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 182.273400][ T9807] loop2: detected capacity change from 0 to 256 [ 182.280342][ T5279] Call Trace: [ 182.280353][ T5279] [ 182.280361][ T5279] ? __die_body+0x5f/0xb0 [ 182.280384][ T5279] ? die_addr+0xb0/0xe0 [ 182.280403][ T5279] ? exc_general_protection+0x3dd/0x5d0 [ 182.303699][ T9807] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010253, chksum : 0xa98551aa, utbl_chksum : 0xe619d30d) [ 182.306916][ T5279] ? asm_exc_general_protection+0x26/0x30 [ 182.324651][ T5279] ? hfs_mdb_commit+0x24/0xfd0 [ 182.329447][ T5279] ? hfs_mdb_commit+0x37/0xfd0 [ 182.334265][ T5279] ? process_scheduled_works+0x976/0x1850 [ 182.340022][ T5279] ? _raw_spin_unlock+0x28/0x50 [ 182.344894][ T5279] ? process_scheduled_works+0x976/0x1850 [ 182.350644][ T5279] process_scheduled_works+0xa63/0x1850 [ 182.356231][ T5279] ? __pfx_process_scheduled_works+0x10/0x10 [ 182.362238][ T5279] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 182.367799][ T5279] ? assign_work+0x364/0x3d0 [ 182.372403][ T5279] worker_thread+0x870/0xd30 [ 182.377006][ T5279] ? __kthread_parkme+0x169/0x1d0 [ 182.382035][ T5279] ? __pfx_worker_thread+0x10/0x10 [ 182.387157][ T5279] kthread+0x2f0/0x390 [ 182.391233][ T5279] ? __pfx_worker_thread+0x10/0x10 [ 182.396347][ T5279] ? __pfx_kthread+0x10/0x10 [ 182.400935][ T5279] ret_from_fork+0x4b/0x80 [ 182.405354][ T5279] ? __pfx_kthread+0x10/0x10 [ 182.409957][ T5279] ret_from_fork_asm+0x1a/0x30 [ 182.414742][ T5279] [ 182.417755][ T5279] Modules linked in: [ 182.422221][ T5279] ---[ end trace 0000000000000000 ]--- [ 182.450528][ T9805] Dev loop0: unable to read RDB block 1 [ 182.456121][ T9805] loop0: unable to read partition table [ 182.478277][ T9805] loop0: partition table beyond EOD, truncated [ 182.493633][ T5279] RIP: 0010:hfs_mdb_commit+0x37/0xfd0 [ 182.499132][ T5279] Code: 53 48 83 ec 48 48 89 fb 49 bd 00 00 00 00 00 fc ff df e8 9c 85 0a ff 48 89 5c 24 08 4c 8d a3 38 06 00 00 4c 89 e3 48 c1 eb 03 <42> 80 3c 2b 00 74 08 4c 89 e7 e8 aa 3c 74 ff 4d 8b 34 24 49 8d 6e [ 182.523079][ T5279] RSP: 0018:ffffc900043a7b40 EFLAGS: 00010202 [ 182.529275][ T5279] RAX: ffffffff828a6eb4 RBX: 00000000000000c7 RCX: ffff88802dd83c00 [ 182.542619][ T5279] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 182.547489][ T9809] loop3: detected capacity change from 0 to 32768 [ 182.559072][ T5279] RBP: ffffc900043a7dc0 R08: ffff888058d919eb R09: 1ffff1100b1b233d [ 182.566503][ T9809] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1275 (9809) [ 182.569772][ T5279] R10: dffffc0000000000 R11: ffffed100b1b233e R12: 0000000000000638 [ 182.588068][ T9805] loop_reread_partitions: partition scan of loop0 (SaEǷ>#|J_diV3Q~d!=U5hcs-3hгJHv>l,) failed (rc=-5) [ 182.592348][ T5279] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000800000 [ 182.610182][ T4689] Dev loop0: unable to read RDB block 1 [ 182.617269][ T4689] loop0: unable to read partition table [ 182.620423][ T5279] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 182.623278][ T9809] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 182.635797][ T5279] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.642542][ T4689] loop0: partition table beyond EOD, truncated [ 182.655277][ T9809] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 182.656390][ T5279] CR2: 0000001b32d15ff8 CR3: 000000006b9ce000 CR4: 00000000003526f0 [ 182.672373][ T9809] BTRFS info (device loop3): using free-space-tree [ 182.683416][ T5279] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 182.708082][ T5279] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 182.739363][ T5279] Kernel panic - not syncing: Fatal exception [ 182.745760][ T5279] Kernel Offset: disabled [ 182.750088][ T5279] Rebooting in 86400 seconds..