last executing test programs: 8m32.822083733s ago: executing program 3 (id=712): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000800000000000061"], 0x0, 0x28}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@alu]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, r0, 0x8, 0x0, 0x0, 0x14, 0x0, 0xff3d}, 0x80) 8m31.672956256s ago: executing program 3 (id=726): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380), 0x600, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000003c0)={{0x1, 0x1, 0x6c, 0xffffffffffffffff, {0x80001}}, './file0/file0\x00'}) 8m31.376774607s ago: executing program 3 (id=731): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000010000090900010073797a3100000000d0000000030a030000060000000000000100000a0900010073797a31000000000900030073797a3000000000a400030062726964", @ANYBLOB="125ef6139fde"], 0x118}, 0x1, 0x0, 0x0, 0x240401d4}, 0x240408d0) 8m31.001745874s ago: executing program 3 (id=736): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 8m30.107373264s ago: executing program 3 (id=747): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) arch_prctl$ARCH_SHSTK_STATUS(0x5005, &(0x7f0000000080)) 8m28.959865116s ago: executing program 3 (id=762): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x15}) 8m28.194516448s ago: executing program 32 (id=762): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x15}) 1m39.113012812s ago: executing program 4 (id=5277): acct(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00') acct(0x0) 1m38.499111515s ago: executing program 4 (id=5283): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@ipv4_delrule={0x28, 0x21, 0x105, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x28}}, 0x0) 1m38.226336257s ago: executing program 4 (id=5284): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0) write$P9_RSTATu(r0, &(0x7f0000000080)={0x265, 0x2, 0xafd, {{0x54f, 0x124, 0x28, 0x1f00, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85) 1m37.719499195s ago: executing program 4 (id=5290): syz_mount_image$jfs(&(0x7f0000000240), &(0x7f0000000040)='./file1\x00', 0x3010846, &(0x7f00000002c0)=ANY=[@ANYBLOB='iocharset=koi8-u,discard=0x0000000000000004,iocharset=iso8859-9,discard,iocharset=koi8-ru,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6e6f646973636172642c696f636861727365743d69736f383835392d332c005d245603bb5b494e31b3e32f7a4536f7389f889613f9bebfad670d9c5b69025afa2ed8a0983033c21a066b886aded885e0be89c3a88225b41e870229bff872d594d5a79ca2a73ae38725a8a4251c102dd8a175ce9f42f974c650e3f4d216c776b32d707119113d826189e7cc3f2b74b5191cce0209a7c007d15932d18b9ea2f49c0c2b7395277707"], 0x24, 0x62d7, &(0x7f0000021240)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyCSgwTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6IneZ4PiKGSxHV9jv/PBvxekR8/EzE9v0769Xi84fsx/f//I8//OSpH/39T8Mz//3Lrf4bk9a7ffu3//nr3YffXwAAAOiisizLIn3MPxkRg/TZHgB48uXX/zLJy9VzV2/OWX/UarVavYB1XTne3XoREZv1bar3DE7HA8CC2YxP2u4CLZJ/pw0i4qm2OwHMtaLtDnAstu/fWS9SvkX99WBttz1fC7Iv/81i7/6OSdNpmteYzOr5tRX9eG5Cf1Zm1Id5kvPvNfO/sts+Susdd/6zMin/0e6tT52T8+838294cvLvjc2/q3L+gyPl35c/AAAAAADMsfz7/xMtn/9devRdOZSDzv+uzagPAAAAAAAAAPC4HXX8v0Fj/L89xv8DAACAuVV9Vq/87pkHyyb9LbZq+eUi4unG+kDHpJtlVtvuBwAAAAAAAAAAAAB0yWD3Gt7LRcQwIp5eXS3Lsvqqa9ZH9ajbL7qu7z90Wds/5AEAYNfHzzTu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyu1D7X5mm1bGl0iDfEg1FZfbPl2nZ10z4vT2tvfr/qsUZl/xAdm40WAweAiNh9Ndqe9Ir0P69Xi6ksn42W3+SwIA44/llQjn8Oo+3nKQAAAHD8yrIsi/TnvE+mc/69tjsFAMxEfv1vnhdQq9VqtVr95NV15Xh360VEbNa3qd4zGI4fABbMZnzSdhdokfw7bRARL7TdCWCuFW13gGOxff/OepHyLeqvB2l893wtyL78N4ud7fL246bTNK8xmdXzayv68dyE/jw/oz7Mk5x/r5n/ld32UVrv0fMv9/2asK1rjCblX+3niRb607acf7+Zf8NxH/+zshW9sfl3Vc5/cKT8+/IHAAAAAIA5ln//f2Kuzv+OHnZ3pjro/O/a2C2Ory8AAAAAAAAA8Lhs37+znu97zef/vzBmPfd/Pply/oX8Oynn32vk/9XGev3a/L23H+T/7/t31v9461+fz9PD5r+UZ4r0zCrSM6JIj1QM0vRR9u6ztob9UfVIw6LXH6Rrfsrhu3EtrsdGnN23bi/9fzxoP7evverpcKe97O+2n9/XPthrz9tf2Nc+TFcXlSu5/XSsx8/jeryz0161LU3Z/+Up7eWU9px/3/HfSdtpOnjw9WxVr6blRWNaufdR7zPHfX067nHeuvbF35w91j05nK3o7+1bXbV/L7XQn53/k6dG8cubGzdO375669aNc5Em+5aejzR5zPLxP0xfez//X95tzz/368frvY9GR85/XmzFYGL+L9fmq/19ZcZ9a0POf5S+cv7vpPbxx/8i5z/5+H+1hf4AAAAAAAAAAAAAAADAQcqy3LlF9K2IuJju/2nr3kwAYLby63+Z5OWzqvszfjy1esHrYs76M9P603K++qNWL2JdV473Zr2IiL/Vt6neM/x63DcDAObZpxHxz7Y7QWvk32H57/1V01NtdwaYqZsffPjTq9evb9y42XZPAAAAAAAAAICHlcf/XKuN/3yqLMu7jfX2jf/6dqw96vifgzyzN8DohIGq+0ffp4Ns9Ub9Xm248Rdj0vjfw725g8b/Hkx5vOGU9tGU9qUp7ctT2sfe6FGT83+xNt75qYg42Rh+vQvjvzbHvO+CnP9Ltedzlf9XGuvV8y9/v8j59/blf+bW+784c/ODD1+79v7V9zbe2/jZhXPnzl64ePHSpUtn3r12fePs7r8t9vh45fzz2NeuA+2WnH/OXP7dkvP/Uqrl3y05/y+nWv7dkvPP7/fk3y05//zZR/7dkvN/JdXy75ac/9dSLf9uyfm/murp+U/7jSaLJOf/9VQ7/rsl5/9aquXfLTn/06mWf7fk/M+k+pD5rxx3v5iNnH8+w+X475acf76yQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1se/P1/M2bMmMkzbf9kAgAAAAAAAAAAAACaZnE5cdv7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf/fTaIYmBkDqpgY1jQkg22bWd+IM2xYTPhq8SCIV+YLvetVlwbOO1S6CRbBookTAqqmgbLtoCQm1uKnLBBa0A5QK1QmoF7QXtBQKhchFVAQWkSrQCtppz3vfdmdnZmV3vePfMOb+fZD+eM2fmvHPmnTPz7Po/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZre8Zu4TQ1mWNf7kf23Psuc1/r11cnu+7JWbPUIAAABgvX6R//3c9WnB4VXcqGmdf37Jt768uLi4mL175M/HPrO4mK6YzLKxLVmWXxc99YP3DDWvEzyWTQwNN10e7rH5kR7Xj/a4fqzH9eM9rt/S4/qJHtcv2wHLbC1+HpPf2e78n9uLXZrdkI3l1+3ucKvHhrYMD8ef5eSG8tssjp3I5rNT2Vw207J+se5Qvv5Xb2ls641Z3NZw07Z2NmbITx49HscwFPbx7pZtLd1n9KNXZ5M//cmjx//2/LM3dao9d0PL/RXjvH1XY5wfC0uKsQ5lW9I+ieMcbhrnzg7PyUjLOIfy2zX+3T7O51Y5zpGlYW6o9ud8IhvO//3tfD+NNv9YL+2nnWHZz27NsuzS0rDb11m2rWw429ayZHjp+ZkoZmTjPhpT6QXZ6Jrm6S2rmKeNOru7dZ62vybi839LuN3oCmNofpp+9NHxpuf954tXMk+jxqNe6bXSPgf7/VopyxyM8+Lb+YN+vOMc3B0e/6O3rTwHO86dDnMwPe6mObir1xwcHh/Jx5yehKH8NktzcE/L+iP5loby+sxt3efg9PmHz04vfPgjd80/fOzk3Mm50/v27JnZt3//wYMHp0/Mn5qbKf6+wr1dftuy4fQa2BX2XXwNvLxt3eapuvj58WXH3yt9HU50eR1ub1u336/D0fYHN7QxL8jlc7p4bbyzsdMnLg9nK7zG8ufnjvW/DtPjbnodjja9Dju+p3R4HY6u4nXYWOfsHav7zDLa9KfTGFZ+L1jfHNzeNAfbP4+0z8F+fx4pyxycCPPiu3es/F6wM4z38am1fh4ZWTYH08MNx57GkvR5f+JgXjrNy5sbV1wznl1YmDt39yPHzp8/tycLZUO8sGmutM/XbU2PKVs2X4fXPF8Pz7/k8Zs7LN8e9tXEXY2/JlZ8rhrr3HN39+cqf3frvD9blu7NQumzjd6fnd7NG/tzPMs++42PPvi1Rz/7mhX3Z6Pf/Nj0+j+Lp7606fg7tsLxN/b9vyy2l+7qsZGx0eL1O5L2zljL8bj1qRrNj11D+bafm17d8Xgs/Nno4/ENXY7HO9rW7ffxeKz9wcXj8VCvn3asT/vzORHmyamZ7sfjxjo79q51To52PR7fGupQ2P+vCJ1C6oua5s5K8zZta3R0LDyu0biF1nm6r2X9sdCbNbb15N7woTCNcnXz9PZbi/VHmm4XbdQ8nWxbt9/zNP3sa6V5OtTrp29Xpv35nAjz4oZ93edpY52n71n/sXNr/GfTsXO81xwcGxlvjHksTcL8eJ8tbo1z8O7seHYmO5XN5teO5/NpKN/W1L2rO1aOhz8bfazc0WUO3t62br/nYHofW2nuDY0uf/B90P58ToR58cS93edgY53XHujvZ9fbiyVLP4pu+uza/vO1lX7mdXPbbrpac6UxksZj+caB7j+bbaxz6uBa+8zu++nOsOSaDvup/fW70mtqNtuY/bQjjPPZgyvvp8Z4Gut85tAq59PhLMsufvD+/Oe94fcrFy9858stv3fp9Dudix+8/8fXnvintYwfgMH3y6JsK97rmn4ztZrf/wMAAAADIfb9w6Em+n8AAACojNj3x/8Vnuj/AQAAoDJi3z8aalKF/v+Pe6+y47XPzv/yYpaS+YtBvD7thgeK9WLGdSZcnlxc0lh+/xfn/ucfL65ueMNZlv38gT/quP6OB+K4CpNhnE+9rnX5Ml++a1XbPvrQxbTd5vz658L9x8ez2mnQKYI7k2XZV6//VL6dyfdczuvTDxzN64OXHn+ssc5zh4rL8fbPvLBY/69C+PfwiWMtt38m7Icfhjrzps77I97uS5dfsfPAu5a2F283tOu6/GE/8d7ifuP35Hz6sWL9uJ9XGv/XPvnklxrrP/KyzuO/ONx5/E+G+/1iqP/74mL95uegcTne7uNh/HF78XZ3f+HrHcf/1CeK9c++vljvaKhx+7eHy7tf/+x88/56ZOhYy+PK3lCsF7c/850/za+P9xfvv338E0cut+yP9vnx9L8X9zPdtn5cHrcT/UPb9hv30zw/4/af/JOjLfu51/afevCZFzfut337d7atd/aDd+TbX7q/1m9s+uuPf6rj9uJ4Dv/92ZbHc/jt4XUctv/Ee8N8DNf/31PF/bV/u8LRt7cef+L6n9t+seXxRG/8abH9p151Mq9bJrZuu+Z511536aWNfZdl395S3F+v7Z/8mzMt4//8jcX+iNfHjH779lcSt3/uQ1OnzyxcmJ9Ne/XR6/PvznlzMZ443uvDsbX98pEz5983d25yZnImyyar+xV6V+wLof64KJe6r7247Ah6x0Ph+bz5L7+67bZ/+2Rc/h/vLJZfflPxvvXysN6nw/Lt4flb2/aXe+KWG/PX99DTYYSLy78veD127v7vg72+3zcXHn/754I438++6H35fmhcl79vxNf1Osf/vdnifr4S9uti+GbmXTcuba95/fjdCJffUbze173/wmEuPq9/F57vt/ywuP84rvh4vxc+x3x9R+vxLs6Pr1wcbr///Fs8LoXjSXapuD6uFff35edu7Di8+D0k2aWb8st/lu7npjU9zJUsfHhh+tT86QuPTJ+fWzg/vfDhjxx5+MyF0+eP5N/leeT9vW6/dHzalh+fZuf235PlR6szRbnKNnv8Zx86Pntg5rbZuRPHLpw4/9DZuXMnjy8sHJ+bXbjt2IkTcx/qdfv52fv27D2078DeqZPzs/cdPHRo36Gp+dNnGsMoBtXD/pkPTJ0+dyS/ycJ99xzac++998xMPXxmdu6+AzMzUxd63T5/b5pq3PoPp87NnTp2fv7huamF+Y/M3bfn0P79e3t+G+DDZ08sTE6fu3B6+sLC3Lnp4rFMns8XN977et2ealr4fvF5tt1Q8UV82dvu3J++n7Xhix9d8a6KVdq+QPTZ8F0033z+2YOruRz7/rFQkyr0/wAAAEAu9v3joSb6fwAAAKiM2PdvCTXR/wMAAEBlxL5/ItT0XwJq0v9XLv+/4+Kqti//L//fvL/k/2uW/39H2fL/xfFC/r8/1pu/r0P+f1Uryv/L/8v/y//L/9MHZcv/x75/a5b5/T8AAABUVOz7t4Wa6P8BAACgMmLff02oif4fAAAAKiP2/c8LNalJ/y//L/8v/y//L//fefvy/4NJ/r+7kuX/J9oXyP9vfv4/q1f+/1I/x78J+f+tzRfk/ymjsuX/Y99/bahJTfp/AAAAqIPY918XaqL/BwAAgMqIff/1oSb6fwAAAKiM2PdvDzWpSf8v/7+u/H/KXA1u/r/Ysvy//L/8v/x/Vcj/d1ey/P8y8v+bn/93/v+Byv+3kP+njMqW/499//NDTWrS/wMAAEAdxL7/BaEm+n8AAAAon9Eru1ns+18YarKs/7/CDQAAAACbLvb9N2RtQfCa/P5f/t/5/0t7/v8x+X/5/0L58/8jmfx/ecj/dyf/30M/8v+X5P/l/+X/5f+Jypb/z/v+bCJ7UahJTfp/AAAAqIPY998YaqL/BwAAgMqIff+vhJro/wEAAKAyYt+/I9SkJv2//H9l8v8/a37qKpH/d/5/+f+g/Pl/5/8vE/n/7uT/e3D+f/l/+X/5f/pqoWOntHn5/9j33xRqUpP+HwAAAOog9v03h5ro/wEAAKAyYt//q6Em+n8AAACojNj37ww1qUn/L/9f8vx/TI7W8fz/8v/y/0GZ8/8T8v+lI//fnfx/D/L/8v/y//L/9NXC94vPs+02K/8f+/4Xh5rUpP8HAACAOoh9/0tCTfT/AAAAUBmx739pqIn+HwAAACoj9v2ToSY16f/Xkv8fuiT/v5KrfP7/8VWc/7+F/P+m5P9H5f8Ldcr/Z/L/pSP/3538fw/y//L/8v/y//RV2fL/se+/JdSkJv0/AAAA1EHs+3eFmuj/AQAAoDJi339rqIn+HwAAACoj9v27Q01q0v87//9A5P8z+f+ByP87/38g/9+Z/P/GkP/vTv6/B/l/+X/5f/l/+qps+f/Y978s1KQm/T8AAADUQez7bws10f8DAABAZcS+/+WhJvp/AAAAqIzY998ealKT/l/+X/5f/l/+X/6/8/Y3PP9/Sf6/H+T/u5P/70H+X/5f/l/+n74qW/4/9v2vCDWpSf8PAAAAdRD7/jtCTfT/AAAAUBmx778z1ET/DwAAAJUR+/6pUJOa9P/y//L/1cz//6f8f5fty/+XNP/v/P99If/fnfx/D/L/8v/9yP+PhQXy//L/bHr+P35ei5dj339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f+rmf93/v9u219X/v+lS/cr/1+Q/y8X+f/u5P976Gf+f4v8f23z/+s6//+Y/D+Vstn5//bLse/fE2pSk/4fAAAA6iD2/XtDTfT/AAAAUBmx798XaqL/BwAAgMqIff89oSY16f/l/+X/5f/l/53/v/P25f8Hk/x/d/3P/8eHKP/v/P/y//3J/zv/P9VStvx/7PvvDTWpSf8PAAAAdRD7/v2hJvp/AAAAqIzY9x8INdH/AwAAQGXEvv9gqElN+n/5f/l/+X/5f/n/ztuX/x9M8v/dOf9/D/L/8v8DnP9vzC35f8qmbPn/2PcfCjWpSf8PAAAAdRD7/leGmuj/AQAAoDJi3/9roSb6fwAAACih8Su6Vez7fz3UpCb9v/y//L/8v/z/Juf/x3rl/8fl/+X/10D+vzv5/x7k/+X/Bzj/v8L5/68NV8v/synKlv+Pff99oSY16f8BAACgDmLf/xuhJvp/AAAAqIzY978q1ET/DwAAAJUR+/7DoSY16f/l/zco/x8Xljb/H5PM8v/5Avl/5/+X/x9Y8v/dyf/3IP8v/1+9/H+/z//f/jadyP/TSdny/7Hvf3WoSU36fwAAAKiD2PffH2qi/wcAAIDKiH3/a0JN9P8AAABQGbHvf22oSU36f/l/5//f/PP/j7WMXf5/6Xby/wX5f/n/tZD/707+vwf5f/l/+X/n/6evypb/j33/60JNatL/AwAAQB3Evv/1oSb6fwAAAKiM2Pe/IdRE/w8AAACVEfv+N4aa1KT/l/+X/9/8/L/z/8v/F+T/5f/7Qf6/O/n/HuT/5f/l/+X/6auy5f9j3/+boSY16f8BAACgDmLf/0Coif4fAAAAKiP2/W8KNdH/AwAAQGXEvv/NoSY16f/l/+X/5f/l/+X/O29f/n8wyf93N2D5/19cF5bL/xfk/8s9/rXm/0fbLl+V/P8PVsr/L25pv738P1dD2fL/se9/S6hJTfp/AAAAqIPY97811ET/DwAAAJUR+/63hZro/wEAAKAyYt//W6EmNen/5f8b41hKL8v/y//nC+T/5f/l/weW/H93Kf//XKd3riblyP87/38b+f9yj9/5/+X/Wa5s+f/Y97891KQm/T8AAADUQez7Hww10f8DAABAZcS+/x2hJvp/AAAAqIzY978z1KQm/b/8v/P/y//L/8v/d96+/P9gkv/vbsDO/y//30b+v9zjvyr5//+S/2ewlS3/H/v+h0JNatL/AwAAQB3Evv9doSb6fwAAAKiM2Pf/dqiJ/h8AAAAqI/b97w41qUn/L/8/KPn/Sfn/Neb/x8My+X/5f/n/epH/707+vwf5f/n/suX/nf+fAVe2/H/s+98TarL6/n9i1WsCAAAAV1P7r5OS2Pf/TqhJTX7/DwAAAHUQ+/7fDTXR/wMAAEBlxL7/90JNatL/y/8PSv7f+f8z5/+X/297PPL/8v+dbFz+Px551pT/39Jr+/L/8v/y/4M7fvl/+X+WK1v+P/b9vx9qUpP+HwAAAOog9v3vDTXR/wMAAMBA6PR/stvFvv9IqIn+HwAAACoj9v1HQ01q0v/L/8v/y/+XNP//F7v+5bvfeuvRPfL/8v/y/2uyoef/b7z4nf9f/l/+P5H/l/+X/6dd2fL/se8/Fmqy1Pi92Qn+AQAAYLDFvv8PQk1q8vt/AAAAqIPY9x8PNdH/AwAAQGXEvn821KQm/b/8/ybm/0ezLJP/l/+v4Pn/4/4YpPz/1JYByv/Hg678f0cbmv9/11JOXP5/rfn/8Y5L2/P/Q/L/LeT/1zz+b2ZZtmHjv/iv8v/y/7QrW/4/9v1zoSY16f8BAACgDkLfP3yiqEtX6P8BAACgMmLffzLURP8PAAAAlRH7/veFmtSk/5f/d/5/+X/5f+f/77z90ub/nf+/K/n/7sqT/+/M+f/l/wd5/M7/L//PcmXL/8e+fz7UpCb9PwAAANRB7PvfH2qi/wcAAIDKiH3/B0JN9P/w/+zdyZNlZZnH8ZuQRFUF0RG960Uvuve96k1vWDSrXnT/Ab1gw6YjulvFAeeJwnnEeR7QUBEHHEARUVGcBScUcUTFGcQJJ0SlDCqf56kcTp6bWXUz77nv+/ksfIqE5F4IrOJXybcOAABAM3L3Pzhu6WT/6//1/032/0f0/2Ovr//X/7dM/z9O/z+H/l//r//X/7NQU+v/c/c/JG7pZP8DAABAD3L3XxS32P8AAADQjNz9D41b7H8AAABoRu7+h8Utnex//b/+v8n+/z/u/r/7/13/v9vr6//1/y3T/4/T/8+h/9f/6//1/yzU1Pr/3P0Pj1s62f8AAADQg9z9j4hb7H8AAABoRu7+i+MW+x8AAACakbv/kXFLJ/t/W/+/Nuuz/8+MV//fUv/v+f+7vr7+X//fssPt/y994Hs+/b/+X/8f9P/6f/0/202t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7n9M3GL/AwAAQDNy9z82bulk/3v+v+f/6//1//r/4dfX/68mz/8f11P/f/Gt5150z7X/eN1+Xl//r//X/+v/Wayp9f+5+x8Xt3Sy/wEAAKAHufsfH7fY/wAAANCM3P1PiFvsfwAAAFhBxwY/mrv/iXFLJ/tf/6//1/9H/39U/6//1/+3QP8/btn9/9CPl5t5/n/7/f+DFvJOl/f+x+j/9f/sNLX+P3f/k+KWTvY/AAAA9CB3/5PjFvsfAAAApmvef1i2Te7+S+IW+x8AAACakbv/eNzSyf7X/x98//9X/f9q9P+e/6//1/83Qf8/btn9/zz6//b7/4O07Pev/9f/s9PU+v/c/ZfGLZ3sfwAAAOhB7v6nxC32PwAAADQjd/9T4xb7HwAAAJqRu/9pcUsn+1//7/n/+n/9/+H3/xvf2er/T/1d1f8vjv5/nP5/Dv3/mfbz5+j/9f/6fzbbZ/9/38h32wvp/3P3Pz1u6WT/AwAAQA9y9z8jbrH/AQAAoBm5+58Zt9j/AAAA0Izc/c+KWzrZ//p//b/+X/9/2v3/zn/0TvL8/2H6/8Oh/x83mf5/bX3ww/r/le//Pf9f/6//Z4upPf8/d/+z45ZO9j8AAAD0IHf/c+KWkf2/75/MBwAAAJYqd/9z4xZf/wcAAICVl9VZ7v7nxS2d7H/9v/5f/6//P/zn/69+/3/dpven/58W/f+4yfT/u9D/6/9X+f3r//X/7DS1/j93//Pjlk72PwAAAPQgd/9lcYv9DwAAAM3I3f+CuMX+BwAAgGbk7n9h3NLJ/h/u/0/9/kn3/9sj4Zn+P+n/2+7/88+o/x/t/8/3/P8+6f/H6f/n0P/r//X/u/X/x+Z9vv6fIVPr/3P3vyhu6WT/AwAAQA9y9784brH/AQAAoBm5+18St9j/AAAA0Izc/S+NWzrZ/57/r//X/69e/+/5/xuW+fz/2aH3/+v6/z1abv+/dn/+CKr/P733r//X/6/y+2+y/z9ntvX5/yO/CoD+nyFT6/9z978sbulk/wMAAEAPcve/PG6x/wEAAGA1bP5vB4aeFTeb1e5/Rdxi/wMAAEAzcve/Mm5pZ/+PPqtT/6//1/+f/HT9v/5/oP9fn02n//f8/73y/P9x+v859P8H0c+vN9b/X77b50+h/7/k4J7//6/zPl//z5At/f8Npz6+rP4/d/+r4pZ29j8AAAB0L3f/q+MW+x8AAACakbv/NXGL/Q8AAADNyN3/2rilk/1/4P3/yK8+oP/X/0+k//f8f/3/4OtP6/n/+v+90v+P0//Pof/3/H/P/9f/c+Y2/Svjlv5/k2X1/7n7Xxe3dLL/AQAAoAe5+18ft9j/AAAA0Izc/ZfHLfY/AAAANCN3/xvilk72v+f/6//1//p//f/w6+v/V9MZ9fdn6f+L/l//r//X/+v/WYCp9f9bd39/+x8AAAB68MaT/3s0fr7e/gcAAIAW5e5/U9xi/wMAAEAzcve/OW7pZP/r/w+2/8+P6//1/zP9v/5f/38oun3+/9rQj0Q77dL/3/y/x/9r60f0//p//b/+X//PHv39yO+bRP9/4tS/Xebuf0vc0sn+BwAAgB7k7r8ibrH/AQAAoBm5+98at9j/AAAA0Izc/VfGLfvc/2PNw5Tp/z3/X/+v/9f/D7++/n81ddv/75Hn/8+h/9f/6//1/yzUJPr/Tb+du/9tcYuv/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8ffn39/2rS/4/T/8+xSv3/lWfQ/68Pf3jZ/fyZWvb71//r/9lpav1/7v6r4pZO9j8AAAD0IHf/u+IW+x8AAACakbv/3XGL/Q8AAADNyN3/nrilk/2v/9f/6//1//r/4dfX/68m/f84/f9sNrt65A0M9f8njkyz//f8/8m9f/2//p+dptb/5+5/b9zSyf4HAACAHuTuvzpusf8BAACgGbn7r4lb7H8AAABoRu7+98Utnex//b/+X/+v/9f/D7++/n816f/H6f/nWKXn/+v/J/f+9f/6f3aaWv+fu//9cUsn+x8AAAB6kLv/2rjF/gcAAIBm5O7/QNxi/wMAAEAzcvdfF7d0sv/1//p//b/+f6D/P/l/df2//n8VHVz/P9P/6//1/3Po//X/+n+2m1r/n7v/g3FLJ/sfAAAAepC7//q4xf4HAACAZuTu/1DcYv8DAABAM3L3fzhu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9/xz6f/2//l//z0IN9/+XLK3/z93/kbilk/0PAAAAPcjdf0PcYv8DAABAM3L3fzRusf8BAACgGbn7Pxa3dLL/9f/6/639/2ym/9f/6/83DPT/t917xd/Vby+g/z860/8vnP5/nP5/Dv1/m/3/WbOG+v9ju36+/p8pmtrz/3P33xi3dLL/AQAAoAe5+z8et9j/AAAA0Izc/Z+IW+x/AAAAaEbu/k/GLZ3sf/2//n/Bz/+/68KB96H/36D/X/n+3/P/V4D+f5z+fw79f5v9v+f/6/9Zmqn1/7n7PxW3dLL/AQAAoAe5+z8dt9j/AAAA0Izc/Z+JW+x/AAAAaEbu/s/GLZ3sf/2//n/B/b/n/+v/9f+70P8fDv3/OP3/HPr/5vr//Ld7/b/+n+WYWv+fu/9zcUsn+x8AAAB6kLv/prjF/gcAAIBm5O6/OW6x/wEAAKAZufs/H7d0sv/1//p//f9q9v9Ht/T/Z8/0/6f+eP1/36bS/5933n/eov/X/+v/l9//e/6//p/lmlr/n7v/C3FLJ/sfAAAAepC7/4txi/0PAAAAzcjd/6W4xf4HAACAZuTu/3Lc0sn+39n/nzPbKFQ3DPX/0ajp/zfR/299//r/4X8+PP9f/6//P3hT6f89///03r/+X/+/yu9/X/3/P+/8fP0/LZpa/5+7/5a4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy998at3Sy/z3/X/+v/9f/L7z/v/7OjW/o/7fQ/x+O0+zv/+3G+Ib+P+j/9f/6/36f/3+2/p/FmVr/n7v/a3FLJ/sfAAAAepC7/7a4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9f9n+l7ahn/7/6NAHl93Pn6llv/9m+n/P/2eBptb/5+7/ZtzSyf4HAACAHuTu/1bcYv8DAABAM3L3fztusf8BAACgGbn7vxO3dLL/9f/6//b7/wv1/9teX/+v/2+Z/j9/RB+m/5+jn/5/0LL7+VV///p//T87Ta3/z91/e9zSyf4HAACAHuTu/27cYv8DAABAM3L3fy9usf8BAACgGbn7vx+3dLL/9f999f9rsx77f8//1//r/3ui/x+n/59D/6//1//r/1moqfX/ufvvWFvvcv8DAADAqvrvf/n/2/f6x95x8n+Pzn4Qt5w/O7HHL2MDAAAAE/fA7l9bn81+ePK3fP0fAAAAWpS7/0dxSyf7X//fV//f5/P/9f/6f/1/T4b6+6Hvo3ej/w/6f/2//l//r/9nAabW/+fu/3Hcsmn4re/7rxIAAACYktz9P4lbOvn6PwAAAPQgd/9P45Yd+98vBwgAAACrKnf/z+KWTr7+r/+feP8/O6D+P/44/f8G/b/+f+j19f+ryfP/x51h/39iTf+v/x+h/9f/6//Zbmr9f+7+O+OWTvY/AAAANGrLzyjk7r8rbrH/AQAAoBm5+38et9j/AAAA0Izc/XfHLZ3sf/3/off/maof4PP/j9W3PP+/8/7/sqODr6//1/+3TP8/zvP/59D/t9L/H9H/6/+Zhqn1/7n7fxG3dLL/AQAAoAe5+38Zt9j/AAAA0Izc/b+KW+x/AAAAaEbu/l/HLZ3sf/3/xJ//f1r9/x6e/6//76P/3+X12+n//+Hc4zdd8D/XXKX/55TD7P/zn4VD7v+P7PfPuZn+fw79fyv9v+f/6/+ZiMX3/+tbPrjf/j93/2/ilk72PwAAAPQgd/89cYv9DwAAAM3I3f/buMX+BwAAgGbk7v9d3NLJ/tf/6/+n0v/n3+sl9P/HT7v/PzabzZbS/2dT3Hv/7/n/+v+dPP9/nP5/Dv2//l//r/9noRbf/2/94H77/9z9v49bOtn/AAAA0IPc/X+IW3L/r+37p+4BAACAicnd/8e4xdf/AQAAoBm5+++NWzrZ//p//f9U+v/k+f+nPq+t5/9fUHFqn/3/P9W39P8HS/8/Tv8/h/5f/6//1/+zUFPr/3P3/ylu6WT/AwAAQA9y998Xt9j/AAAA0Izc/X+OW+x/AAAAaEbu/r/ELZ3sf/1/q/1/FvH6f/3/VPp/z//3/P/Dof8fp/+fQ/+v/9f/6/9ZqKn1/7n7/xYAAP//2HxcCQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 1m35.797848104s ago: executing program 4 (id=5310): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x38, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x1c, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x15, 0x0, 0x0, @uid}, @typed={0x8, 0x9, 0x0, 0x0, @fd}]}, @nested={0x4, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x40800}, 0xc000) 1m34.943188841s ago: executing program 4 (id=5322): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@call={0x85, 0x0, 0x0, 0x27}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000500)="0000000000000000000051229dc9", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m34.559841931s ago: executing program 33 (id=5322): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, [@call={0x85, 0x0, 0x0, 0x27}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7f}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000500)="0000000000000000000051229dc9", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.319362995s ago: executing program 0 (id=6381): r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='ns\x00') openat(r0, &(0x7f0000001240)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x141140, 0x100) 3.228640524s ago: executing program 2 (id=6383): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000001c0)={0x18, 0x110, 0xfa00, {0xffffffffffffffff, 0x7fffffff, 0x12, 0x0, 0x0, @ib={0x1b, 0x8, 0x6, {"78c36cbe7e38dade0099fe4e9d908e9b"}, 0xffff, 0x1ff, 0xfffffffeffffffff}, @in6={0xa, 0x4e22, 0x2, @local, 0x2}}}, 0x118) 3.053583393s ago: executing program 0 (id=6386): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000540)={'erspan0\x00', 0x0, 0x40, 0x700, 0xfff, 0x1, {{0x5, 0x4, 0x1, 0x6, 0x14, 0x66, 0xfffc, 0xf8, 0x29, 0x0, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}) 2.970804523s ago: executing program 2 (id=6388): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x5c}}, 0x4840) 2.775123854s ago: executing program 0 (id=6391): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x19, 0x0, &(0x7f0000000080)) 2.686377024s ago: executing program 2 (id=6393): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0200002c0007012bbd7000ffdbdf25067c0000080001800400dd80ff0103806000018059"], 0x21c}, 0x1, 0x0, 0x0, 0x10000004}, 0xc020) 2.521788001s ago: executing program 0 (id=6395): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000085c, &(0x7f0000000ec0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYRES64, @ANYBLOB="a8b9e17497e1650ed6c2832e66ed9ac625ef211a2a728c28981631d154bb73625e8503a902fa2200147e89a408506f95ca0884fcf78e62b1d4dd79a0008b892b688e77266f31e978f6d04569f57fe0e2c8d070c3689b31ffdac3481a9df57de37d67669b84ec1b9a1e6bb78a5e086f22b12fe99f9ae4fbd4b6eec63e81a7c163aa8cf46ea7655309b94dee9477287f18dbfcdf87fd6bdb18bb52e0a3d27c227fe5e44bb70c6fb8463a2aa66ffaa3c86b376ecc4a3045d87815f9c23260d821b7dd0db0b6cb9c1ae507dcf2e3686394311323b88f3e147e703d81d604bc18bff7a5085e9faf427d70ece9b62cdc539b9367b1ccaf63e032365a19c33b31490d", @ANYRES32, @ANYBLOB="7586a035f55c6293d0f1b99c9b1885d532ab5c9f7209d3d9472bc4f6ae44ee7a08ce61001daaba6032a03b61fba7f6b0299550c27826218b7c1898ec7cb416ad734679ede2e5f49b3ef825c5f8f4441b01e9e4a78d86b9f7a56f4d2ce1c37c28d61560e513ae401aeb1a6b2419cd3cb8f31630e01709cfcf262367e0418aa422f760e4569bca22c7bf82b1f192a3e4f618e5978e7e8a188486fa2a380915715ef67da718b0037e943a2e8bbcd8265aef7abcca6f6e85d9d36ec4da2d8a8c1ddd4a0f9dcb5a717640", @ANYRES16=0x0, @ANYRES16, @ANYRES32], 0xc1, 0x1521, &(0x7f0000003fc0)="$eJzs3AuYjlX3MPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBwmJo3z+ZBz0uSVJklyCgn7u/T2/3vff+/79n+/+j7f95/1u649s9d1P2s9637WXPPc93NdM991H1GnWd2aTYhI/CHw128pQogYIcQQIcR1QohACFEhvkL85eP5FKT8sSdhf66H0692B+xq4vnnbjz/3I3nn7vx/HM3nn/uxvPP3Xj+uRvPn7HcbNusItfzyr3rKn/+7+GPPSv7Q/j9/3+QnLITv9pQ9sYe/0YKzz83kv+54/nnbjz/3I3nn7vx/HM3nv//fDX+xTGef+7G82csN7vanz//f7Rifn3JrnYff+q6yj9+jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZyiXP+Ci2E+I/91e6LMcYYY4wxxhhjfx6f92p3wBhjjDHGGGOMsf/zQEihhBaByCPyihiRT8SKa0ScuFbkF9eJiLhexIsbRAFxoygoConCoohIEEVFMWEECitIhKK4KCGi4iZRUtwsEkUpUVqUEU6UFUniFlFO3CrKi9tEBXG7qCjuEJVEZVFFVBV3imriLlFd1BA1xd2ilqgt6oi64h5RT9wr6ov7RANxv2goHhCNxIOisXhINBEPi6biEdFMPCqai8dEC9FStBKtRZv/rfyXRG/xsugj+ooU0U/0F6+IAWKgGCQGiyHiVTFUvCaGiddFqhguRog3xEjxphgl3hKjxRgxVrwtxonxYoKYKCaJySJNvCOmiHfFVPGemCamixlipkgXs8Rs8b6YI+aKeeIDMV98KBaIhWKRWCwyxEdiiVgqMsXHYpn4RGSJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2iU/FdrFD7BS7xG6xR+wVn4l94nOxX3whssWX/2b+2f+S3wMECJAgQYOGPJAHYiAGYiEW4iAO8kN+iEAE4iEeCkABKAgFoTAUhgRIgGJQDBAQCAiKQ3GIQhRKQklIhEQoDaXBgYMkSIJycCuUh/JQASpARagIlaAyVIaqUBWqQTWoDtWhJtSEWlAL6kAduAfugXuhPtSHBtAAGkJDaASNoDE0hibQBJpCU2gGzaA5NIcW0AJaQStoA22gLbSFdtAOOkAH6AgdoRN0gmRIhs7QGbpAF+gKXaEbdIPu0B16QE/oCS/BS/AyvAx9oZbsB/2hPwyAATAIBsNgeBWGwmvwGrwOqTAcRsAb8Aa8CaPgDIyGMTAWxkI1OR4mwEQgORnSIA2mwBSYClNhGkyH6TAT0mEWzIbZMAfmwlz4AObDh+c+hIWwEBZDBmTAElgKmZAJy+AsZMFyWAErYRWshlWwFtbBWtgAG2EDbIbNsBW2wqfwKeyAHbALdsEe2AOfwWfwOXwOqZAN2XAADsBBOAiH4BDkQA4chsNwBI7AUTgKx+AYHIcTcBJOwGk4DWfgLJyDc3AezsMFeCHhm6Z7Sq1PFfIyLbXMI/PIGBkjY2WsjJNxMr/MLyMyIuNlvCwgC8iCsqAsLAvLBJkgi8liEiVKkqEsLovLqIzKkrKkTJSJsrQsLZ10MkkmyXKynCwvy8sK8nZZUd4hK8nKsr2rKqvKarKDqy5ryJqypqwla8s6sq6sK+vJerK+rC8byAayoWwoG8kHZWPZDwbBw/LyZJrJ4dBcjoAWsqVsJVvLN+Fx2VaOgnayvewgn5RjYDR0km1dsnxGdpYToIt8Tk6E52U3ORm6yxdlD9lT9pIvyd6ynesj+8pp0E/2lzNhgBwoB8nBcg7UlpcnVke+LlPlcDlCviEXw5tylHxLjpZj5Fj5thwnx8sJcqKcJCfLNPmOnCLflVPle3KanC5nyJkyXc6Ss+X7co6cK+fJD+R8+aFcIBfKRXKxzJAfySVyqcyUH8tl8hOZJZfLFXKlXCVXyzVyrVwn18sNcqPcJDfLLXKr3CY/ldvlDrlT7pK75R65V34m98nP5X75hcyWX8oD8i/yoPxKHpJfyxz5jTwsv5VH5HfyqPxeHpM/yOPyhDwpT8nT8kd5Rp6V5+RP8rz8WV6QF+Ul6aVQoKRSSqtA5VF5VYzKp2LVNSpOXavyq+tURF2v4tUNqoC6URVUhVRhVUQlqKKqmDIKlVWkQlVclVBRdZMqqW5WiaqUKq3KKKfKqiR1iyqnblXl1W2qgrpdVVR3qEqqsqqiqqo7VTV1l6quaqia6m5VS9VWdVRddY+qp+5V9dV9qoG6XzVUD6hG6kHVWD2kmqiHVVP1iGqmHlXN1WOqhWqpWqnWqo16XLVVT6h2qr3qoJ5UHdVTqpN6WiWrZ1Rn9azqop5TXdXzqpt6QXVXL6oeqqfqpS6qS8qrPqqvSlH9VH/1ihqgBqpBarAaol5VQ9Vraph6XaWq4WqEekONVG+qUeotNVqNUWPV22qcGq8mqIlqkpqs0tQ7aop6V01V76lparqaoWaqdDVLDfq10rz/Rv67/yB/2C/PvlVtU5+q7WqH2ql2qd1qj9qr9qp9ap/ar/arbJWtDqgD6qA6qA6pQypH5ajD6rA6oo6oo+qoOqaOqePqhPpJnVKn1Y/qjDqrzqqf1Hl1Xl349TUQGrTUSmsd6Dw6r47R+XSsvkbH6Wt1fn2djujrdby+QRfQN+qCupAurIvoBF1UF9NGo7aadKiL6xI6qm/SJfXNOlGX0qV1Ge10WZ2kb/nD+b/XXxvdRrfVbXU73U530B10R91Rd9KddLJO1p11Z91Fd9FddVfdTXfT3XV33UP30L10L91b99Z9dB+dolN0f/2KHqAH6kF6sB6iX9VD9VA9TA/TqTpVj9Aj9Eg9Uo/So/RoPVqP1WP1OD1OT9AT9CQ9SafpND1FT9FT9VQ9TU/TM/QMna7T9Ww9W8/Rc/Q8PU/P1/P1Ar1AL9KLdIbO0Ev0Ep2pM/UyvUxn6eV6uV6pV+rVerVeq9fq9Xq93qg36s16s87S2/Q2vV1v1zv1Tr1b79Z79V69T+/T+/V+na2z9QF9QB/UB/UhfUjn6Bx9WB/WR/QRfVQf1cf0MX1cH9cn9Ul9Wp/WZ/QZfU6f0+f1eX1BX9CX9KXLl32BDGSgAx3kCfIEMUFMEBvEBnFBXJA/yB9EgkgQH8QHBYIbg4JBoaBwUCRICIoGxQITYGADCsKgeFAiiAY3BSWDm4PEoFRQOigTuKBskBTcEpQLbg3KB7cFFYLbg4rBHUGloHJQJaga3BlUC+4Kqgc1gprB3UGtoHZQJ6gbVB7/12vS+4IGwf1Bw+CBoFHwYNA4eChoEjwcNA0eCZoFjwbNg8eCFkHLoFXQOmjzb9W/J6gX3BvUD/5Zfe/PFHrC9TF9TYrpZ/qbV8wAM9AMMoPNEPOqGWpeM8PM6ybVDDcjzBtmpHnTjDJvmdFmjBlr3jbjzHgzwUw0k8xkk2beMVPMu2aqec9MM9PNDDPTpJtZZrZ538wxc80884GZbz40C8xCs8gsNhnmI7PELDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzFHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzSlz2vxozpiz5pz5yZw3P5sL5qK5ZPzli/vLb++oUWMezIMxGIOxGItxGIf5MT9GMILxGI8FsAAWxIJYGAtjAiZgMSyGlxESFsfiGMUolsSSmIiJWBpLo0OHSZiE5bAclsfyWAErYEWsiJWwElbBKngn3ol34V1YA2vg3Xg31sbaWBfrYj2sh/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2ApbYRtsg22xLbbDdtgBO2BH7IidsBMmYzJ2xs7YBbtgV+yK3bAbdsfu2AN7YC/shb2xN/bBPpiCKdgf++MAHICDcBAOwSE4FIfiMByGqZiKI3AEjsSROApH4Wgcg2PxbRyH43ECTsRJOBnTMA2n4BScilNxGk7DGTgD0zEdZ+NsnINzcB7Ow/k4HxfgAlyEizADM/IKXIKZmInLcBlmYRauwBW4ClfhGlyD63AdbsANuAk34RbcgttwG27H7bgTd+Ju3I17cS/uw324H/djNmbjATyAB/EgHsJDmIM5eBgP4xE8gkfxKB7DY3gcj+NJPImn8TSewTN4Ds/hefwZL+BFvIQeY6wUsfYaG2evtfntdTbG5rN/Gxe2RWyCLWqLWWML2kJ/F6O1NtGWsqVtGetsWZtkb/lNXMlWtlVsVXunrWbvstV/E9ez99r69j7bwN5v69p7/i5uaB+wjeyjtrF9zDaxLW1T29o2s4/a5vYx28K2tK1sa9vRPmU72adtsn3GdrbP/iZeYpfadXa93WA32n32c3vO/mSP2O/sefuz7WP72iH2VTvUvmaH2ddtqh3+m3isfduOs+PtBDvRTrKTfxPPsDNtup1lZ9v37Rw79zdxhv3IzreZdoFdaBfZxb/El3vKtB/bZfYTm2WX2xV2pV1lV9s1du1/9rrSbrZb7Fa7135mt9sddqfdZXfbPb/El89jv/3CZtsv7WH7rT1ov7KH7FGbY7/5Jb58fkft9/aY/cEetyfsSXvKnrY/2jP27C/nf/ncT9mL9pL1VhCQJEWaAspDeSmG8lEsXUNxdC3lp+soQtdTPN1ABehGKkiFqDAVoQQqSsXIEJIlopCKUwmK0k1Ukm6mRCpFpakMOSpLSXQLlaNbqTzdRhXodqpId1AlqkxVqCrdSdXoLqpONagm3U21qDbVobp0D9Wje6k+3UcN6H5qSA9QI3qQGtND1IQepqb0CDWjR6k5PUYtqCW1otbUhh6ntvQEtaP21IGepI70FHWipymZnqHO9Cx1oeeoKz1P3egF6k4vUg/qSb3oJepNL1Mf6ksp1I/60ys0gAbSIBpMQ+hVGkqv0TB6nVJpOI2gN2gkvUmj6C0aTWNoLL1N42g8TaCJNIkmUxq9Q1PoXZpK79E0mk4zaCal0yyaTe/THJpL8+gDmk8f0gJaSItoMWXQR7SEllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Cx2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpFJ2mH+kMnaVz9BOdp5/pAl2kS+RJhBDKUIU6DMI8Yd4wJswXxobXhHHhtWH+8LowEl4fxoc3hAXCG8OCYaGwcFgkTAiLhsVCE2JoQwrDsHhYIoyGN4Ulw5vDxLBUWDosE7qwbJgU3hKWC28Ny4e3hRXC28OK4R1hpbBy+Oj9VcM7w2rhXWH1sEZYM7w7rBXWDuuEdcN7wnrhvWH98L6wQXh/WD58IGwUPhg2Dh8Km4QPh03DR8Jm4aNh8/CxsEXYMmwVtg7bhI+HbcMnwnZh+7BD+GTYMXwq7BQ+HSaHz4Sdw2d/93hK2C/sH74SvhJ6f59aFF0czYh+FF0SXRrNjH4cXRb9JJoVXR5dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a9b5uXuHASaecdoHL4/K6GJfPxbprXJy71uV317mIu97FuxtcAXejK+gKucKuiEtwRV0xZxw668iFrrgr4aLuJlfS3ewSXSlX2pVxzpV1Sa61a+PauLbuCdfOtXcd3JPuSfeUe8o97Z52z7jO7lnXxT3nurrnXTf3gnvBveh6uJ6ul3vJ9XYvuz6ur0txKa6/6+8GuAFukBvkhrghbqgb6oa5YS7VpboRboQb6Ua6UW6UG+1Gu7FurBvnxrkJboKb5Ca5NJfmprgpbqqb6qa5aW6Gm+HSXbqb7Wa7OW6Om+fmufmJ890Ct8AtcotchstwS9wSl+ky3TK3zGW5LLfCrXCr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da33W13O91Ot9vtdnvdXrfP7XP73X6X7bLdAXfAHXQH3SH3tctx37jD7lt3xH3njrrv3TH3gzvuTriT7pQ77X50Z9xZd8795M67n90Fd9Fdct6lRd6JTIm8G5kaeS8yLTI9MiMyM5IemRWZHXk/MicyNzIv8kFkfuTDyILIwsiiyOJIRuSjyJLI0khm5OPIssgnkazI8siKyMrIqsjqiPdFt4e+uC/ho/4mX9Lf7BN9KV/al/HOl/VJ/hZfzt/qy/vbfAV/u6/o7/CVfGVfxT/mW/iWvpVv7dv4x31b/4Rv59v7Dv5J39E/5Tv5p32yf8Z39s/6Lv4539U/77v5F3x3/6Lv4Xv6Xv4l39u/7Pv4vj7F9/P9/St+gB/oB/nBfoh/1Q/1r/lh/nWf6of7Ef4NP9K/6Uf5t/xoP8aP9W/7cX68n+An+kl+sk/z7/gp/l0/1b/np/npfoaf6dP9LD/bv+/n+Ll+nv/Az/cf+gV+oV/kF/sM/5Ff4pf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/4g/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/6UP+1/9Gf8WX/O/+TP+5/9BX/RX+K/WWOMMcYY+2/ZUvBfH+/3X+JTXggp/rou6y+EuHZHkZy/fYwSQmz6te5AmdAxIoR4pm/3h/9j1aqVkpLy62OzlAhKLBRCRK7k5xFX4uW/fE0W7UW5f9jfQNnzPP1O/ejtQsT+TU6MuBIvFx3EU7/Uv/Wf1H/8ybFLKobn4v9F/YVCJJa4kpNPXImv1C//T+oXavs7/ef7Kk2Idn+TEyeuxFfqJ4knxLMi+e8eyRhjjDHGGGOM/dVAWaXr790/X74/T9BXcvKKK/GV+89/fH/OGGOMMcYYY4yxq+/5nr2efjw5uX1X3vzhDcD/E23whjd/wuZq/2ZijDHGGGOM/dmuXPRf7U4YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLHc6//GvxO72ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXW3/KwAA///UIjrY") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa05007, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 2.491461728s ago: executing program 6 (id=6396): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='coredump_filter\x00') write$cgroup_int(r0, &(0x7f0000000080)=0x101, 0x12) 2.380034167s ago: executing program 2 (id=6398): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) 2.23499604s ago: executing program 6 (id=6400): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0x42}, 0x8, 0x2, 0x3, 0xf, 0x7, 0x6}, 0x20) 2.075014227s ago: executing program 2 (id=6403): socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x9e, 0xbb, 0x64, 0x10, 0x2c7c, 0x203, 0x562a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x10, 0x4, "", [{{0x9, 0x4, 0x5d, 0xd, 0x2, 0xff, 0x3e, 0xcb, 0x2, [], [{{0x9, 0x5, 0xe, 0x2, 0x200, 0x8, 0x1, 0x9}}, {{0x9, 0x5, 0x83, 0x2, 0x200, 0x9, 0x1, 0x6}}]}}]}}]}}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0}) 2.053922526s ago: executing program 0 (id=6404): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="400d02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.915080483s ago: executing program 6 (id=6406): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, 0x8) 1.647800415s ago: executing program 6 (id=6410): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000023c0)='/proc/asound/card0/oss_mixer\x00', 0xa01, 0x0) write$proc_mixer(r0, 0x0, 0xffffff30) 1.460356284s ago: executing program 1 (id=6413): r0 = syz_open_dev$video(&(0x7f0000000100), 0x9, 0x1e3a00) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f00000002c0)={0x3, "c5c2a91e002b1ba00000ffe73d5eff0010ffffffe70000ffe7fffffffffffffd", 0x3, 0x4, 0x0, 0x1000, 0xb5217881d29ded7e, 0x4}) 1.452091904s ago: executing program 7 (id=6415): setreuid(0x0, 0xee01) setreuid(0xee01, 0xee00) 1.39535609s ago: executing program 6 (id=6416): r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) 1.193988445s ago: executing program 5 (id=6417): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x90, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0) 1.131125899s ago: executing program 7 (id=6418): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000007100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x18000000000002a0, 0x67, 0x0, &(0x7f0000000080)="d2df03c3ff837fe5fbb1cb460800747feb506f7a5a14cad92f5f014e9c7adaf9c92c00b679c2b8c25697ad6c405d6d71eddd7fee5eb49ee1dd8ce593352d9fea6028f7ecf0e849d29a4d4a2372f5d5d30c60c6a65b2ddbd0b5c78487e5b08a9e1578c462dd1f45", 0x0, 0x95b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.13100546s ago: executing program 1 (id=6419): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x9730514a12869b60, 0x0) ioctl$COMEDI_POLL(r0, 0x640f) 1.045832001s ago: executing program 5 (id=6420): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_ENCODER_CMD(r0, 0xc028564d, &(0x7f0000000040)={0x3, 0x1, [0x1, 0x0, 0x5, 0x6, 0xe2f, 0x9, 0xffffff00, 0xb]}) 898.670691ms ago: executing program 1 (id=6421): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) listen(r0, 0xb4) 791.400875ms ago: executing program 5 (id=6422): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0xfffc}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x22}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xdc}, 0x1, 0x0, 0x0, 0x24000890}, 0x0) 678.724623ms ago: executing program 7 (id=6423): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x28100, 0x0) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000180)=0xffffffffffffffff) 654.463854ms ago: executing program 1 (id=6424): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x7f) 588.915561ms ago: executing program 5 (id=6425): r0 = syz_open_dev$video(&(0x7f0000000440), 0x2008, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x1, {0x4, 0x1000, 0x4fc, 0x2}}) 487.435017ms ago: executing program 7 (id=6426): r0 = syz_io_uring_setup(0x38, &(0x7f0000000580)={0x0, 0xbbda, 0x13100}, &(0x7f0000000240), &(0x7f0000000080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, 0x0, 0x1) 482.478258ms ago: executing program 5 (id=6427): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 395.192815ms ago: executing program 1 (id=6428): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f00000000c0)={0x0, 0x0}) 345.016624ms ago: executing program 6 (id=6429): syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000005880)={[{@barrier}, {@autodefrag}, {@noacl}, {@compress_algo={'compress', 0x3d, 'no'}}, {@max_inline={'max_inline', 0x3d, [0x30, 0x30, 0x32, 0x74, 0x74, 0x0]}}, {@noautodefrag}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x6d]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==") truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000) 324.334715ms ago: executing program 7 (id=6430): mmap$IORING_OFF_CQ_RING(&(0x7f0000e02000/0x1000)=nil, 0x1000, 0x7cc74eb8cfa42279, 0x8031, 0xffffffffffffffff, 0x8000000) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3) 251.225457ms ago: executing program 2 (id=6431): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000006d40)=@newtaction={0xe70, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe5c, 0x1, [@m_pedit={0xe58, 0x1, 0x0, 0x0, {{0xa}, {0xe2c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xcdc5, 0x100, 0x8, 0xc, 0x7ff}, 0xc, 0x5e}, [{0x7fff, 0x6, 0x9, 0x59, 0x8, 0x1000}, {0x0, 0x9, 0x9, 0x6, 0x7, 0x6}, {0x400, 0x0, 0xa, 0x2, 0x1000, 0xf}, {0x5, 0x2, 0x9f, 0x9, 0xfffff001, 0x8}, {0x4, 0x1, 0xffff, 0x6, 0x80000000, 0xa}, {0x3, 0x2, 0x7, 0x6, 0x8, 0x2}, {0x4d5f, 0x17, 0x6, 0x8, 0x6, 0x2}, {0x9, 0x4, 0x5, 0x9, 0x8, 0x8}, {0x3, 0x80000000, 0x3, 0x9, 0x9ce, 0x100}, {0x3, 0x1, 0x401, 0x8, 0x7f, 0xed}, {0x40, 0xfffffff2, 0x7fffffff, 0x1, 0x7, 0x9}, {0xffffffff, 0x4, 0x8, 0xe, 0x5, 0xf}, {0x6, 0x6, 0x2, 0x9, 0x4, 0xe2571b5}, {0xffff, 0x3, 0x7, 0x87, 0x3, 0x7fffffff}, {0x8e7, 0x4, 0xe4bd, 0x3, 0x7, 0x3d4}, {0x8, 0x6, 0x8, 0x0, 0xffffff61}, {0x1ff, 0x81, 0xaf2, 0x401, 0x3, 0x1}, {0x80000000, 0x2, 0x1, 0x4, 0xd56, 0xc}, {0x81, 0xffffff7f, 0x2, 0x0, 0x101, 0x1000}, {0x6, 0x1, 0x8, 0xffffffff, 0x5, 0x8}, {0x605, 0x3, 0xffffff7c, 0x8, 0xc3c, 0x3}, {0xfffffff7, 0xfffffff3, 0xb8, 0xc, 0x0, 0x100}, {0x7, 0x4, 0x6, 0x40, 0x3, 0x1000100}, {0x6fe, 0xcf, 0x3, 0x3, 0xba, 0x3}, {0x200, 0xffffff09, 0xcba, 0x4, 0x1, 0xdc}, {0x7f, 0x5, 0x7, 0x7, 0x8000, 0x6}, {0x7, 0x1, 0x8, 0x10, 0x6, 0xffff}, {0x101, 0x7, 0x683b, 0x2, 0x3d8, 0x10}, {0x6, 0x6, 0xb, 0x2, 0xc442, 0x9}, {0xa, 0xb5, 0x6, 0x8, 0x7f, 0x1}, {0x6de, 0x101, 0x8, 0x3d, 0x6e2d1bf4, 0xffff}, {0x4, 0x9, 0x7, 0xfff, 0x9}, {0x6, 0x3, 0x101, 0x9, 0x6, 0x1}, {0x6, 0x40, 0x3, 0x0, 0x6, 0x7}, {0x44f6, 0x8, 0x8, 0xa8, 0x5, 0x4}, {0x7, 0xd0a1, 0x1, 0x6, 0x8, 0x8}, {0x6, 0x4, 0x5a, 0x2, 0x4, 0x9}, {0xfffffc00, 0x0, 0x8, 0x2, 0x5801, 0x6}, {0xd68a, 0x4, 0x8001, 0x3, 0x8, 0x1}, {0x5, 0x7, 0x8, 0x5, 0xffffc2a8, 0x2}, {0x7ff, 0x8000, 0xfffffffa, 0x8, 0x80000000, 0x9}, {0x63, 0x100, 0x8, 0x8, 0x7fffffff}, {0x7, 0x0, 0xb, 0x4, 0xd778, 0x8655}, {0xfffffff9, 0x401, 0x3, 0x1, 0x1f, 0x4}, {0x4, 0x0, 0x6, 0x9, 0xa061, 0x2f33}, {0x7, 0x3, 0x5, 0x1, 0x2, 0x600000}, {0x81, 0x2, 0x7, 0x401, 0x4, 0x1}, {0x3, 0xc3e3, 0x3e5, 0x9, 0x9313, 0x4}, {0x9, 0x1, 0x1, 0x80, 0x5, 0x9}, {0x8, 0x4, 0x2, 0x40, 0x1, 0x4}, {0x6, 0x10001, 0x4, 0x100, 0x5, 0x3ff}, {0x7ff, 0x81, 0x3, 0x7, 0xa, 0x7}, {0x1, 0x2, 0x5, 0x399, 0x3, 0xffffffff}, {0x10, 0x2, 0x9, 0x8001, 0x1ff, 0x5}, {0x8000, 0x7, 0xfffffffb, 0x5, 0x7, 0x5fc}, {0xc917, 0x10, 0x1, 0x2, 0x4, 0xfffff1da}, {0xfffff837, 0xb, 0xba7c, 0xfffffff2, 0x6, 0x2}, {0x5, 0x40, 0x4, 0x0, 0xf07, 0xf}, {0x2, 0x8001, 0x4, 0x810, 0x8, 0xffffffff}, {0x0, 0xcb, 0xc, 0x3, 0x0, 0x80}, {0x6, 0x7, 0x3, 0x4, 0x7, 0x2}, {0xfff, 0x10001, 0x7f, 0x5, 0xe841, 0x8}, {0x2, 0x1, 0x1ff, 0x3, 0x0, 0x1}, {0x6, 0x7, 0x1400000, 0x8, 0x80000000, 0x5}, {0xb7e, 0x3, 0x4, 0x0, 0x5, 0x400}, {0xc, 0x81, 0x2, 0x5, 0x400}, {0x4, 0x3, 0x6, 0x7, 0x3, 0x3}, {0x5, 0xffff, 0x0, 0x0, 0x2e2, 0x2}, {0x6, 0x4, 0xff, 0x9, 0x61222e, 0x3}, {0x0, 0xc4b, 0x8, 0x80000000, 0x200, 0x1}, {0x1, 0x2, 0x3, 0x5, 0x5192c3ef, 0x2}, {0x100, 0xfffffffa, 0x2fb, 0x0, 0x4, 0x3}, {0x8, 0x3, 0x80000001, 0x101, 0x431, 0x2}, {0x6, 0x0, 0xf5, 0x3ff, 0x3, 0xe4e6}, {0xab, 0xffff, 0x200, 0x4, 0x3, 0x9}, {0x2, 0x7, 0x3, 0x4, 0x0, 0x4}, {0x80000000, 0x9, 0x37, 0x80000001, 0x1, 0x9}, {0x331, 0x800, 0x9, 0x4, 0xf, 0x6}, {0xe9, 0x0, 0xa7, 0x7, 0x4, 0x9}, {0x9, 0x3, 0x3, 0xfffffff7, 0x7fff, 0x3}, {0x1, 0x9, 0x4, 0xfffffffb, 0xd, 0x9}, {0x2, 0x1, 0x7, 0x8001, 0x1, 0xffff8001}, {0x2, 0x19a8, 0x800, 0x101, 0x3, 0x5}, {0x4800, 0xcb, 0x80000001, 0x2, 0x7, 0x7}, {0xb, 0x3, 0x8, 0x4df0, 0x7, 0x40}, {0x3, 0x0, 0xda2, 0x42d4, 0x3, 0x4}, {0x0, 0xbf, 0x5, 0xffff, 0x6}, {0x1ff, 0x10001, 0x0, 0x9, 0x7, 0x10001}, {0x45b, 0x9, 0x4, 0x5, 0x6, 0xbc2}, {0x4, 0x2, 0xa9, 0x2, 0x2, 0x9}, {0x0, 0x200, 0xbf, 0x6, 0x266, 0x8}, {0x80000001, 0x0, 0x0, 0x1, 0x6, 0x5}, {0x19c00000, 0x9, 0x5, 0x9, 0x4, 0x1}, {0x0, 0x0, 0x7, 0x2, 0x4, 0xfffffffd}, {0xfffffffc, 0x1, 0xe, 0x8, 0x79, 0xd}, {0x400, 0x7, 0xc, 0x8, 0xf, 0x3}, {0x5, 0x5, 0x9, 0xa0d, 0x40, 0x6456}, {0xbb4e, 0x0, 0x3a, 0x8, 0xfffffffb, 0x8}, {0x10, 0x7ff, 0x7, 0xfff, 0x0, 0x9}, {0x8, 0x40, 0xfff, 0x1, 0x1, 0x1}, {0x0, 0x0, 0xe72, 0x8, 0x0, 0x3}, {0x401, 0x6, 0x8, 0x2, 0x2dbf19f1, 0x81}, {0x7, 0x6, 0xa5, 0x0, 0x401, 0xc}, {0x2, 0x9, 0x9864, 0x9b, 0x5}, {0x6, 0x7ff, 0x5fc5, 0xb, 0x7, 0x237}, {0x0, 0x80000001, 0xa4, 0x0, 0x7, 0x40}, {0x9, 0x6, 0x1000, 0x7, 0xd2e, 0x1}, {0x7, 0x3, 0xc, 0x8, 0x40, 0xb}, {0x7, 0x2, 0x7, 0x8, 0x200, 0x8}, {0x9, 0xffff, 0x101, 0x7a, 0x8, 0xfffffff8}, {0x9, 0x4, 0x0, 0x4, 0x8001, 0x800}, {0x2, 0x83a, 0x5, 0x2, 0x9, 0xffffffff}, {0xffffff4c, 0x2, 0x10001, 0x2, 0x7, 0x2}, {0x5, 0x0, 0x3, 0x0, 0xb, 0x6}, {0x3, 0x9, 0x7, 0x0, 0x7f, 0x800}, {0x2, 0x80000001, 0xe, 0x2, 0x6, 0xd5f}, {0x1, 0x7fffffff, 0x2, 0x3, 0x7, 0x6}, {0x400, 0xfffffffc, 0x4, 0xa6, 0x0, 0xfffffffc}, {0x5, 0x5, 0xfc, 0xfffffffd, 0x5, 0x2}, {0x3, 0x4, 0x6, 0xc6b60000, 0x3ff, 0x10}, {0x2, 0xf27, 0x8, 0x6, 0xfffffffb, 0x5}, {0xe, 0x53, 0x400, 0x8, 0x6, 0x9}, {0x42, 0x1, 0xfff, 0x15f2, 0x3, 0x401}, {0xc7e8, 0x1, 0xfffffffe, 0x9, 0x3, 0x6}, {0x7f, 0x1000, 0xd19, 0x5, 0xfff, 0xb7}, {0x3, 0xed0, 0x8, 0x2, 0x1, 0x2}, {0x1, 0xdba, 0x4, 0xe3, 0x5, 0x5}, {0x8001, 0x831b0aa, 0x6, 0x200, 0x0, 0x4}], [{0x1}, {0x5}, {0x4, 0x1}, {}, {0x5}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {}, {0x3, 0xd482b2beb95f1396}, {0x1, 0x1}, {0x2, 0x1}, {0xdf6e2fd7682863b7, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x4}, {0x4}, {0x1, 0x1}, {0x4}, {}, {0x0, 0x1}, {0x4}, {0x4, 0x1}, {0x5, 0x1}, {0x3}, {0x5, 0x1}, {0x2}, {0x5}, {}, {0x0, 0x5dc99bf9bb419254}, {0x1}, {}, {0x3, 0x1}, {0x2}, {0x5, 0x1}, {0x5, 0x1}, {0x2}, {0x3, 0x1}, {0x6d7d4d20e070fc88, 0x1}, {0x2}, {0x2}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0xe371b5ac9b19a6e7}, {0x5}, {0x0, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {}, {0x3, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x6}, {}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x3}, {0x2}, {0x3, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x434f78b2e54d0b0e}, {0x3}, {0x4, 0x1}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x4}, {}, {}, {0x5, 0x1}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x4, 0x1}, {}, {0x0, 0x1}, {0x4}, {}, {0x5}, {0x0, 0x1}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x5, 0x1}, {0x0, 0x1}, {0x3}, {0x3}, {0x63017a1fdf0e3bbe}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x1}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x4}, {0x3}, {0x3}, {0x1, 0x1}, {0x4}, {0x3}], 0x1}}, @TCA_PEDIT_KEYS_EX={0x8, 0x5, 0x0, 0x1, [{0x4}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe70}}, 0x0) 134.792508ms ago: executing program 1 (id=6432): mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000400)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}, {@favordynmods}]}) 113.841152ms ago: executing program 0 (id=6433): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000a030000000000000000000002"], 0x0, 0x56}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1a00000004000000000000000100000000800000", @ANYRES32=0x1, @ANYBLOB="ffffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000400"/20, @ANYRES32=r0], 0x50) 44.458148ms ago: executing program 5 (id=6434): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7) 0s ago: executing program 7 (id=6435): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000500)={0x20, 0xe, 0x1, 'queue0\x00'}) kernel console output (not intermixed with test programs): cted capacity change from 0 to 16 [ 548.580209][T17486] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.597825][T17486] bridge_slave_0: left allmulticast mode [ 548.608057][T17489] erofs (device loop1): mounted with root inode @ nid 36. [ 548.636283][T17486] bridge_slave_0: left promiscuous mode [ 548.667793][T17486] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.717699][ T5773] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 548.758319][ T5773] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 548.807730][ T5773] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 548.829835][ T5773] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 548.849601][ T5773] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 548.883273][ T5773] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 548.923339][ T5773] usb 5-1: config 0 descriptor?? [ 549.176077][ T5773] hdpvr 5-1:0.0: firmware version 0xd dated 8°mPª{, [ 549.176077][ T5773] #ðãpó⊻’lôEÈ¥£]Ô +±aV@g_C.ÏÁ«r‡9 [ 549.332559][T17483] loop0: detected capacity change from 0 to 32768 [ 549.377619][ T5773] hdpvr 5-1:0.0: device init failed [ 549.398160][ T5773] hdpvr 5-1:0.0: probe with driver hdpvr failed with error -12 [ 549.417760][ T5773] usb 5-1: USB disconnect, device number 24 [ 549.431596][T17483] JBD2: Ignoring recovery information on journal [ 549.491338][T17511] netlink: 17 bytes leftover after parsing attributes in process `syz.6.4946'. [ 549.651136][T17483] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 549.870550][T17523] loop5: detected capacity change from 0 to 512 [ 549.889924][T17521] loop6: detected capacity change from 0 to 1024 [ 549.931420][T17521] EXT4-fs (loop6): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 549.961632][T17523] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 550.060472][T17521] EXT4-fs error (device loop6): ext4_map_blocks:791: inode #3: block 2: comm syz.6.4938: lblock 2 mapped to illegal pblock 2 (length 1) [ 550.075817][T17521] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 550.078020][T17521] Quota error (device loop6): qtree_write_dquot: dquota write failed [ 550.087340][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 550.087375][ C0] EXT4-fs (loop6): initial error at time 550: ext4_map_blocks:791: inode 3: block 2 [ 550.087436][ C0] EXT4-fs (loop6): last error at time 550: ext4_map_blocks:791: inode 3: block 2 [ 550.122845][T17521] EXT4-fs error (device loop6): ext4_map_blocks:791: inode #3: block 48: comm syz.6.4938: lblock 0 mapped to illegal pblock 48 (length 1) [ 550.137208][T17521] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 550.140416][T17521] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 550.161320][T17521] EXT4-fs error (device loop6): ext4_acquire_dquot:7032: comm syz.6.4938: Failed to acquire dquot type 0 [ 550.173010][T17521] loop6: lost filesystem error report for type 5 error -117 [ 550.173382][T17521] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 550.178810][T17523] EXT4-fs warning (device loop5): dx_probe:836: inode #2: comm syz.5.4937: Unimplemented hash flags: 0x0001 [ 550.180745][T17521] loop6: lost filesystem error report for type 5 error -117 [ 550.217496][ T5624] ocfs2: Unmounting device (7,0) on (node local) [ 550.231420][T17523] EXT4-fs warning (device loop5): dx_probe:933: inode #2: comm syz.5.4937: Corrupt directory, running e2fsck is recommended [ 550.268417][T17521] EXT4-fs error (device loop6): ext4_evict_inode:267: inode #11: comm syz.6.4938: mark_inode_dirty error [ 550.293244][T17521] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 550.293600][T17521] EXT4-fs warning (device loop6): ext4_evict_inode:269: couldn't mark inode dirty (err -117) [ 550.323077][T17521] EXT4-fs (loop6): 1 orphan inode deleted [ 550.363082][T17521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 550.368853][ T12] EXT4-fs error (device loop6): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 550.478357][ T12] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 550.536065][ T12] EXT4-fs error (device loop6): ext4_release_dquot:7068: comm kworker/u8:0: Failed to release dquot type 0 [ 550.709317][T17540] loop4: detected capacity change from 0 to 164 [ 550.720197][ T5628] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.750958][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.770799][T15903] EXT4-fs error (device loop6): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 550.806006][T17540] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 550.846051][T15903] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 550.848023][T15903] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 550.915047][T15903] EXT4-fs error (device loop6): ext4_release_dquot:7068: comm kworker/u8:11: Failed to release dquot type 0 [ 550.950621][T17540] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 550.959916][T15903] loop6: lost filesystem error report for type 5 error -117 [ 550.983227][T17540] Symlink component flag not implemented [ 551.001027][ T7587] EXT4-fs error (device loop6): __ext4_get_inode_loc:4884: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 551.027936][T17540] Symlink component flag not implemented [ 551.034351][T17540] Symlink component flag not implemented (7) [ 551.068571][T17540] Symlink component flag not implemented (116) [ 551.073539][ T7587] loop6: lost filesystem error report for type 5 error -117 [ 551.083540][ T7587] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 551.150406][ T7587] loop6: lost filesystem error report for type 5 error -117 [ 551.163476][ T7587] EXT4-fs error (device loop6): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 551.192808][ T29] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 551.207073][ T7587] loop6: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 551.386821][ T29] usb 3-1: Using ep0 maxpacket: 16 [ 551.406828][T17553] loop1: detected capacity change from 0 to 256 [ 551.435242][ T29] usb 3-1: config 0 has an invalid interface number: 8 but max is 0 [ 551.461670][ T29] usb 3-1: config 0 has no interface number 0 [ 551.504331][ T29] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 551.536315][ T29] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 551.562201][ T29] usb 3-1: Product: syz [ 551.569774][ T29] usb 3-1: SerialNumber: syz [ 551.602070][ T29] usb 3-1: config 0 descriptor?? [ 551.640043][ T29] cm109 3-1:0.8: invalid payload size 32, expected 4 [ 551.685866][ T29] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input29 [ 551.850650][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.858186][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.865416][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.872884][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.880061][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.887862][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.895325][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.902486][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.913231][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.920349][ T29] usb 3-1: USB disconnect, device number 19 [ 551.920425][ C1] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 551.920777][T17566] loop1: detected capacity change from 0 to 1024 [ 551.926336][ C1] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 551.997500][ T29] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 552.214364][T17567] loop6: detected capacity change from 0 to 4096 [ 552.265275][T17567] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 552.413988][T17567] ntfs3(loop6): ino=19, mi_enum_attr [ 553.243935][T17563] loop4: detected capacity change from 0 to 32768 [ 553.305779][T17563] JBD2: Ignoring recovery information on journal [ 553.431518][T17563] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 553.842813][ T5626] ocfs2: Unmounting device (7,4) on (node local) [ 553.958445][T17602] loop6: detected capacity change from 0 to 4096 [ 554.039342][T17602] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 554.094488][T17602] ntfs3(loop6): Failed to load $Extend (-22). [ 554.117075][T17602] ntfs3(loop6): Failed to initialize $Extend. [ 554.333617][T17614] program syz.0.4982 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 554.477260][T17616] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 554.906669][T17620] loop0: detected capacity change from 0 to 4096 [ 555.460727][T17642] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.4994'. [ 555.662424][ T24] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 555.794193][T17652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4999'. [ 555.825477][T17652] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4999'. [ 555.850409][T17651] loop4: detected capacity change from 0 to 4096 [ 555.871656][T17651] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 555.881004][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 555.895154][ T24] usb 1-1: config 1 has an invalid interface number: 225 but max is 2 [ 555.922899][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 555.955624][T17651] ntfs3(loop4): ino=19, mi_enum_attr [ 555.965398][ T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 555.993847][ T24] usb 1-1: config 1 has no interface number 0 [ 556.016334][ T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 556.040725][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 556.053565][T17651] ntfs3(loop4): failed to convert "c46c" to maciceland [ 556.059947][ T24] usb 1-1: Product: syz [ 556.069032][ T24] usb 1-1: Manufacturer: syz [ 556.074520][T17656] ip6t_srh: unknown srh invflags 7F00 [ 556.086008][ T24] usb 1-1: SerialNumber: syz [ 556.093613][T17651] ntfs3(loop4): ino=20, mi_enum_attr [ 556.185000][ T24] usb 1-1: 225:2 : does not exist [ 556.222011][ T24] usb 1-1: unit 9 not found! [ 556.406199][ T24] usb 1-1: 4:225: cannot get min/max values for control 9 (id 4) [ 556.475088][ T24] usb 1-1: 4:225: cannot get min/max values for control 10 (id 4) [ 556.699521][ T24] usb 1-1: USB disconnect, device number 23 [ 556.828080][T17673] loop4: detected capacity change from 0 to 16 [ 556.842051][T17674] loop1: detected capacity change from 0 to 16 [ 556.848883][ T5644] udevd[5644]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.225/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 556.882263][T17673] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 556.898400][T17674] erofs (device loop1): mounted with root inode @ nid 36. [ 557.444679][ T5773] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 557.612023][ T5773] usb 2-1: Using ep0 maxpacket: 16 [ 557.640233][ T5773] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 557.670571][ T5773] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 557.700601][ T5773] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 557.764297][ T5773] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 557.785214][ T5773] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 557.824804][ T5773] usb 2-1: Manufacturer: syz [ 557.877736][ T5773] usb 2-1: config 0 descriptor?? [ 558.171573][ T24] usb 2-1: USB disconnect, device number 16 [ 558.481996][ T5773] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 558.670532][ T5773] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 558.671268][T17692] loop2: detected capacity change from 0 to 32768 [ 558.699096][ T5773] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.715761][ T5773] usb 7-1: Product: syz [ 558.725161][ T5773] usb 7-1: Manufacturer: syz [ 558.734907][ T5773] usb 7-1: SerialNumber: syz [ 558.767539][T17709] loop4: detected capacity change from 0 to 4096 [ 558.800312][ T5773] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 558.831503][T17709] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 558.863543][ T10] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 558.918505][T17692] JBD2: Ignoring recovery information on journal [ 559.042521][T17692] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 559.096605][T17709] ntfs3(loop4): ino=19, mi_enum_attr [ 559.261687][ C0] usb 7-1: ath: unknown panic pattern! [ 559.305676][T17692] (syz.2.5021,17692,0):ocfs2_find_entry:1111 ERROR: status = -117 [ 559.408147][T17692] (syz.2.5021,17692,0):ocfs2_find_entry:1111 ERROR: status = -117 [ 559.489482][T17692] (syz.2.5021,17692,1):ocfs2_symlink:2078 ERROR: status = -117 [ 559.501966][ T5772] usb 7-1: USB disconnect, device number 14 [ 559.860268][ T5625] ocfs2: Unmounting device (7,2) on (node local) [ 560.024444][ T10] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 560.065105][ T10] ath9k_htc: Failed to initialize the device [ 560.105811][ T5772] usb 7-1: ath9k_htc: USB layer deinitialized [ 560.442590][T17747] nbd: illegal input index -1495182229 [ 560.635988][T17745] loop6: detected capacity change from 0 to 4096 [ 560.696000][T17745] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 560.786193][T17745] ntfs3(loop6): ino=b, mi_enum_attr [ 560.803521][T17745] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 560.834261][T17745] ntfs3(loop6): Failed to load $Extend (-22). [ 560.855986][T17745] ntfs3(loop6): Failed to initialize $Extend. [ 561.139327][T17757] loop5: detected capacity change from 0 to 4096 [ 561.279557][T17757] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 561.299369][T17763] loop1: detected capacity change from 0 to 512 [ 561.401633][T17763] EXT4-fs: Ignoring removed oldalloc option [ 561.417324][T17757] ntfs3(loop5): Failed to load $Extend (-22). [ 561.453656][T17763] EXT4-fs error (device loop1): ext4_iget_extra_inode:5127: inode #15: comm syz.1.5053: corrupted in-inode xattr: invalid ea_ino [ 561.477467][T17757] ntfs3(loop5): Failed to initialize $Extend. [ 561.522017][T17763] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 561.530047][T17763] EXT4-fs (loop1): Remounting filesystem read-only [ 561.539362][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 561.539399][ C1] EXT4-fs (loop1): initial error at time 561: ext4_iget_extra_inode:5127: inode 15 [ 561.539455][ C1] EXT4-fs (loop1): last error at time 561: ext4_iget_extra_inode:5127: inode 15 [ 561.585106][T17763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 561.634111][T17771] loop2: detected capacity change from 0 to 1764 [ 561.800089][T17777] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5059'. [ 561.936547][ T5627] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.155544][T17781] loop0: detected capacity change from 0 to 2048 [ 562.224935][T17781] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 562.299680][T17781] UDF-fs: incorrect filename length (10) [ 562.346085][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.352671][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.665787][T17801] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 562.991371][T17809] Unsupported ieee802154 address type: 0 [ 563.330651][T17822] loop0: detected capacity change from 0 to 256 [ 563.430528][T17822] FAT-fs (loop0): Directory bread(block 64) failed [ 563.463624][T17822] FAT-fs (loop0): Directory bread(block 65) failed [ 563.496971][T17822] FAT-fs (loop0): Directory bread(block 66) failed [ 563.524903][T17822] FAT-fs (loop0): Directory bread(block 67) failed [ 563.556337][T17822] FAT-fs (loop0): Directory bread(block 68) failed [ 563.589173][T17822] FAT-fs (loop0): Directory bread(block 69) failed [ 563.606064][T17832] loop6: detected capacity change from 0 to 2048 [ 563.619868][T17822] FAT-fs (loop0): Directory bread(block 70) failed [ 563.650267][T17822] FAT-fs (loop0): Directory bread(block 71) failed [ 563.676377][T17822] FAT-fs (loop0): Directory bread(block 72) failed [ 563.704166][T17822] FAT-fs (loop0): Directory bread(block 73) failed [ 563.713828][T17832] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.729639][T17839] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5089'. [ 563.813247][T17832] EXT4-fs error (device loop6): ext4_map_blocks:791: inode #12: block 2: comm syz.6.5086: lblock 0 mapped to illegal pblock 2 (length 1) [ 564.086972][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.317073][T17847] loop4: detected capacity change from 0 to 1764 [ 564.750459][ T5641] Bluetooth: hci3: unexpected cc 0x2039 length: 9 > 1 [ 564.760207][ T5641] Bluetooth: hci3: unexpected event for opcode 0x2039 [ 564.908731][T17875] loop2: detected capacity change from 0 to 64 [ 565.048333][T17877] loop5: detected capacity change from 0 to 2048 [ 565.083671][T17877] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 565.123812][T17880] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 565.297884][T17884] loop0: detected capacity change from 0 to 64 [ 566.072087][ T5773] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 566.248594][ T5773] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 566.285670][ T5773] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 566.298973][T17882] loop6: detected capacity change from 0 to 32768 [ 566.305717][ T5773] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 566.305769][ T5773] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.335888][ T5773] usb 2-1: config 0 descriptor?? [ 566.370055][T17895] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 566.386995][T17895] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 566.599093][T17882] dmapctl: invalid leafidx 1365 (expected 341) [ 566.632303][T17882] ERROR: (device loop6): dbAllocAG: Corrupt dmapctl page [ 566.632303][T17882] [ 566.677033][T17882] ERROR: (device loop6): remounting filesystem as read-only [ 566.713947][T17882] jfs_mkdir: dtInsert returned -EIO [ 566.739590][T17882] ERROR: (device loop6): txAbort: [ 566.739590][T17882] [ 566.762175][T17890] loop5: detected capacity change from 0 to 32768 [ 566.776042][ T5773] Bluetooth: Can't get version to change to load ram patch err [ 566.817805][ T5773] Bluetooth: Loading patch file failed [ 566.846094][ T5773] ath3k 2-1:0.0: probe with driver ath3k failed with error -71 [ 566.859999][T17906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5111'. [ 566.884245][T17890] UFO tlock:0xffffc90002932048 [ 566.887784][ T5773] usb 2-1: USB disconnect, device number 17 [ 567.152882][ T136] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.189778][ T136] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.227689][ T136] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.259646][ T136] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 567.311708][T17910] loop5: detected capacity change from 0 to 1024 [ 567.439915][T17902] loop0: detected capacity change from 0 to 32768 [ 567.480002][T17902] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5122 (17902) [ 567.545209][T17902] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 567.595372][T17902] BTRFS info (device loop0): using sha256 checksum algorithm [ 567.820067][T17902] BTRFS info (device loop0): enabling ssd optimizations [ 567.828002][T17902] BTRFS info (device loop0): turning on async discard [ 567.835459][T17902] BTRFS info (device loop0): enabling free space tree [ 567.892188][T17937] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 568.031506][ T5624] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 568.159702][T17940] loop2: detected capacity change from 0 to 4096 [ 568.198626][T17940] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 568.296370][T17940] ntfs3(loop2): ino=19, mi_enum_attr [ 568.370687][T17940] ntfs3(loop2): failed to convert "c46c" to macinuit [ 568.395825][T17940] ntfs3(loop2): ino=20, mi_enum_attr [ 568.841864][ T5641] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 568.856390][ T5641] Bluetooth: hci3: Injecting HCI hardware error event [ 568.871223][ T5641] Bluetooth: hci3: hardware error 0x00 [ 569.297548][T17972] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5137'. [ 569.845828][ T5633] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 569.961968][ T5773] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 570.002585][ T5633] usb 2-1: Using ep0 maxpacket: 32 [ 570.010253][ T5633] usb 2-1: config 0 has an invalid interface number: 119 but max is 0 [ 570.029174][ T5633] usb 2-1: config 0 has no interface number 0 [ 570.042962][ T5633] usb 2-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 570.067640][ T5633] usb 2-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 570.116322][ T5633] usb 2-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27 [ 570.132857][ T5773] usb 5-1: Using ep0 maxpacket: 16 [ 570.153957][ T5773] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 570.174382][ T5633] usb 2-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 570.215202][ T5773] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 570.238570][ T5633] usb 2-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 570.255358][ T5773] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a [ 570.273278][ T5633] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.286181][ T5773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.304603][ T5633] usb 2-1: Product: syz [ 570.313125][T17996] kAFS: Can only specify source 'none' with -o dyn [ 570.320852][ T5773] usb 5-1: Product: syz [ 570.329445][ T5633] usb 2-1: Manufacturer: syz [ 570.339612][ T5773] usb 5-1: Manufacturer: syz [ 570.348296][ T5633] usb 2-1: SerialNumber: syz [ 570.357907][ T5773] usb 5-1: SerialNumber: syz [ 570.384361][ T5633] usb 2-1: config 0 descriptor?? [ 570.391388][ T5773] usb 5-1: config 0 descriptor?? [ 570.413657][T17977] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 570.431004][ T5773] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input30 [ 570.465916][ T5633] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.119/input/input31 [ 570.501154][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.508919][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.518016][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.525380][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.532838][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.540216][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.547632][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.555409][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.562836][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.570195][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.577551][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.590778][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.598272][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.606180][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.614022][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.621515][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.628920][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.636309][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.643690][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.651050][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.658413][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.672205][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.681443][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.689162][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.696536][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.703877][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.706042][ T4974] usb 5-1: control msg error: -71 [ 570.711228][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.724354][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.731801][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.739154][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.746743][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.754148][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.761509][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.768876][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.776495][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.783860][ C1] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.791084][ C1] usb 5-1: pegasus_irq - usb_submit_urb failed with result -1 [ 570.825388][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.833154][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.840492][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.848033][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.855407][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.862807][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.870184][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.877765][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.885376][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.892775][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.900142][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.901959][ T4974] usb 5-1: control msg error: -71 [ 570.908318][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.920489][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.928058][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.938885][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.948269][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.955631][ C0] usb 5-1: pegasus_irq - nonzero urb status received: -71 [ 570.966815][ C0] usb 5-1: pegasus_irq - urb shutting down with status: -2 [ 570.985701][ T5641] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 570.995012][ T5633] usb 2-1: USB disconnect, device number 18 [ 571.003231][ T5773] usb 5-1: USB disconnect, device number 25 [ 571.017296][T17986] loop5: detected capacity change from 0 to 32768 [ 571.413909][T18008] loop0: detected capacity change from 0 to 1024 [ 571.681651][T18012] netlink: 'syz.2.5158': attribute type 21 has an invalid length. [ 572.071083][T18024] openvswitch: netlink: nsh attr 247 is out of range max 3 [ 572.314711][T18032] loop6: detected capacity change from 0 to 128 [ 572.368766][T18034] loop1: detected capacity change from 0 to 512 [ 572.410235][T18032] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 572.483270][T18028] loop0: detected capacity change from 0 to 4096 [ 572.547557][T18028] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 572.567797][T18034] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.5167: invalid indirect mapped block 256 (level 2) [ 572.581234][T18042] loop2: detected capacity change from 0 to 2048 [ 572.655967][T18034] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 572.670140][T18042] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 572.672830][ C0] EXT4-fs (loop1): initial error at time 572: ext4_free_branches:1020: inode 11 [ 572.697444][ C0] EXT4-fs (loop1): last error at time 572: ext4_free_branches:1020: inode 11 [ 572.729603][T18028] ntfs3(loop0): ino=19, mi_enum_attr [ 572.756606][ T7587] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 572.776476][T18034] EXT4-fs (loop1): 2 truncates cleaned up [ 572.866048][T18028] ntfs3(loop0): failed to convert "c46c" to maccroatian [ 572.878423][T18034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 572.913221][T18028] ntfs3(loop0): ino=20, mi_enum_attr [ 572.997886][T18047] netlink: 4975 bytes leftover after parsing attributes in process `syz.5.5173'. [ 573.057574][T18047] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 573.150219][T18050] loop6: detected capacity change from 0 to 512 [ 573.152438][ T5627] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.233078][T18050] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 573.339191][T18050] EXT4-fs warning (device loop6): dx_probe:836: inode #2: comm syz.6.5172: Unimplemented hash flags: 0x0001 [ 573.432826][T18050] EXT4-fs warning (device loop6): dx_probe:933: inode #2: comm syz.6.5172: Corrupt directory, running e2fsck is recommended [ 573.643156][ T5772] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 573.809954][T18064] IPv6: NLM_F_CREATE should be specified when creating new route [ 573.835328][ T5772] usb 5-1: Using ep0 maxpacket: 32 [ 573.873678][ T5772] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 573.900899][ T5772] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 573.958394][ T5772] usb 5-1: config 0 descriptor?? [ 574.004028][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.008526][ T5772] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 574.427026][ T5772] gspca_nw80x: reg_r err -71 [ 574.440024][ T5772] nw80x 5-1:0.0: probe with driver nw80x failed with error -71 [ 574.485652][ T5772] usb 5-1: USB disconnect, device number 26 [ 574.557776][T18086] loop5: detected capacity change from 0 to 1024 [ 575.415481][T18111] netlink: 'syz.5.5204': attribute type 2 has an invalid length. [ 575.532820][T18119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5207'. [ 575.574786][T18119] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5207'. [ 576.930137][T18116] loop1: detected capacity change from 0 to 32768 [ 577.147616][T18116] JBD2: Ignoring recovery information on journal [ 577.361663][ T31] audit: type=1326 audit(577.322:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5222" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2260f9ce59 code=0x7ffc0000 [ 577.442144][T18127] loop5: detected capacity change from 0 to 32768 [ 577.459402][T18116] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 577.479511][ T31] audit: type=1326 audit(577.322:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5222" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2260f9ce59 code=0x7ffc0000 [ 577.613705][ T31] audit: type=1326 audit(577.362:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5222" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f2260f9ce59 code=0x7ffc0000 [ 577.656674][T18116] (syz.1.5206,18116,0):ocfs2_find_entry:1111 ERROR: status = -117 [ 577.697473][T18133] loop4: detected capacity change from 0 to 32768 [ 577.723038][T18180] loop2: detected capacity change from 0 to 256 [ 577.748911][T18116] (syz.1.5206,18116,0):ocfs2_find_entry:1111 ERROR: status = -117 [ 577.762930][ T31] audit: type=1326 audit(577.362:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5222" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2260f9ce59 code=0x7ffc0000 [ 577.773992][T18133] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5213 (18133) [ 577.833917][T18116] (syz.1.5206,18116,0):ocfs2_symlink:2078 ERROR: status = -117 [ 577.944736][T18133] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 577.967139][ T31] audit: type=1326 audit(577.362:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5222" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2260f9ce59 code=0x7ffc0000 [ 578.012616][T18180] FAT-fs (loop2): Directory bread(block 64) failed [ 578.038388][T18133] BTRFS info (device loop4): using sha256 checksum algorithm [ 578.051844][T18180] FAT-fs (loop2): Directory bread(block 65) failed [ 578.081138][T18180] FAT-fs (loop2): Directory bread(block 66) failed [ 578.131909][T18180] FAT-fs (loop2): Directory bread(block 67) failed [ 578.149916][T18180] FAT-fs (loop2): Directory bread(block 68) failed [ 578.191880][T18180] FAT-fs (loop2): Directory bread(block 69) failed [ 578.214655][T18180] FAT-fs (loop2): Directory bread(block 70) failed [ 578.230972][T18180] FAT-fs (loop2): Directory bread(block 71) failed [ 578.256056][ T5627] ocfs2: Unmounting device (7,1) on (node local) [ 578.284995][T18180] FAT-fs (loop2): Directory bread(block 72) failed [ 578.360022][T18180] FAT-fs (loop2): Directory bread(block 73) failed [ 578.385322][T18202] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 578.412805][T18133] BTRFS info (device loop4): enabling ssd optimizations [ 578.451445][T18133] BTRFS info (device loop4): turning on async discard [ 578.480967][T18133] BTRFS info (device loop4): enabling free space tree [ 578.838934][ T5626] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 579.164002][T18221] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5238'. [ 579.206547][T18221] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5238'. [ 579.262895][T18225] loop4: detected capacity change from 0 to 512 [ 579.338810][T18225] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 579.420124][T18234] xt_TCPMSS: Only works on TCP SYN packets [ 579.500414][T18236] comedi: No check for data length of config insn id 536875917 is implemented [ 579.557800][T18236] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c [ 579.608089][T18236] comedi: Assuming n=15 is correct [ 579.756392][ T5626] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.191116][T18256] openvswitch: netlink: nsh attr 0 has unexpected len 1 expected 0 [ 580.654545][T18273] loop0: detected capacity change from 0 to 256 [ 580.687504][T18273] exfat: Deprecated parameter 'utf8' [ 580.751702][T18273] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 580.830008][T18278] loop2: detected capacity change from 0 to 256 [ 581.059872][T18286] netlink: 'syz.6.5266': attribute type 92 has an invalid length. [ 581.322913][T18293] openvswitch: netlink: VXLAN extension 307 out of range max 1 [ 581.798244][T18313] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5279'. [ 581.854891][ T5773] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 581.986179][T18309] Process accounting resumed [ 582.034380][ T5773] usb 6-1: Using ep0 maxpacket: 16 [ 582.060344][ T5773] usb 6-1: config 0 has an invalid interface number: 251 but max is 0 [ 582.094797][ T5773] usb 6-1: config 0 has no interface number 0 [ 582.117309][ T5773] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 582.149585][ T5773] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 582.188642][T18317] loop6: detected capacity change from 0 to 4096 [ 582.223550][ T5773] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 582.240361][T18317] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 582.258352][ T5773] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.285570][ T5773] usb 6-1: Product: syz [ 582.297373][ T5773] usb 6-1: Manufacturer: syz [ 582.307919][T18317] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 582.315260][ T5773] usb 6-1: SerialNumber: syz [ 582.358815][ T5773] usb 6-1: config 0 descriptor?? [ 582.369219][ T31] audit: type=1800 audit(582.332:171): pid=18317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5281" name="bus" dev="loop6" ino=33 res=0 errno=0 [ 582.405746][T18303] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 582.448528][T18303] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 582.741609][T18303] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 582.779866][T18303] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 583.013847][ T5773] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 583.054793][ T5773] asix 6-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 583.085958][ T5773] asix 6-1:0.251: probe with driver asix failed with error -5 [ 583.102723][T18315] loop0: detected capacity change from 0 to 32768 [ 583.142067][ T5773] usb 6-1: USB disconnect, device number 24 [ 583.581537][T18348] xt_l2tp: v2 doesn't support IP mode [ 583.741855][ T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 583.927490][ T24] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 583.970118][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 583.994290][ T24] usb 1-1: Product: syz [ 584.016077][ T24] usb 1-1: Manufacturer: syz [ 584.021239][ T24] usb 1-1: SerialNumber: syz [ 584.055017][ T24] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 584.083688][ T5772] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 584.096047][T18358] loop2: detected capacity change from 0 to 128 [ 584.151436][T18358] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 584.212190][T18358] hpfs: filesystem error: improperly stopped [ 584.231992][T18358] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 584.264420][T18358] hpfs: You really don't want any checks? You are crazy... [ 584.333606][T18358] hpfs: Code page index out of array [ 584.355909][T18358] hpfs: code page support is disabled [ 584.365649][T18358] hpfs: hpfs_map_4sectors(): unaligned read [ 584.378037][T18358] hpfs: hpfs_map_4sectors(): unaligned read [ 584.392629][T18358] hpfs: filesystem error: unable to find root dir [ 584.405616][T18335] loop4: detected capacity change from 0 to 32768 [ 584.413003][ C1] usb 1-1: ath9k_htc: over RX MAX_PKT_NUM [ 584.452138][ T5773] usb 2-1: new full-speed USB device number 19 using dummy_hcd [ 584.507567][T18366] IPv6: NLM_F_CREATE should be specified when creating new route [ 584.560302][T18366] netlink: 'syz.5.5307': attribute type 1 has an invalid length. [ 584.627467][ T5773] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 584.646128][ T5633] usb 1-1: USB disconnect, device number 24 [ 584.672263][T18368] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5306'. [ 584.687750][ T5773] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29 [ 584.718466][ T5773] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16 [ 584.741090][ T5773] usb 2-1: Manufacturer: syz [ 584.766976][ T5773] usb 2-1: SerialNumber: syz [ 584.916455][ T5626] read_mapping_page failed! [ 584.943300][ T5626] ERROR: (device loop4): txAbort: [ 584.943300][ T5626] [ 584.976103][ T5626] read_mapping_page failed! [ 584.999679][ T5626] ERROR: (device loop4): txAbort: [ 584.999679][ T5626] [ 585.075597][ T5773] usbhid 2-1:36.0: couldn't find an input interrupt endpoint [ 585.112325][ T5773] usb 2-1: USB disconnect, device number 19 [ 585.227179][ T5772] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 585.269439][ T5772] ath9k_htc: Failed to initialize the device [ 585.320550][ T5633] usb 1-1: ath9k_htc: USB layer deinitialized [ 586.185737][ T31] audit: type=1326 audit(586.152:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.267530][ T31] audit: type=1326 audit(586.192:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.326664][ T31] audit: type=1326 audit(586.192:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.377159][T18405] loop0: detected capacity change from 0 to 1764 [ 586.481547][ T31] audit: type=1326 audit(586.192:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.594068][ T31] audit: type=1326 audit(586.202:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.688815][ T31] audit: type=1326 audit(586.202:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.739289][ T31] audit: type=1326 audit(586.202:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.866270][T17962] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 586.885479][ T31] audit: type=1326 audit(586.202:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.922004][T17962] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 586.935307][ T31] audit: type=1326 audit(586.202:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18399 comm="syz.5.5328" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 586.935435][T17962] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 586.972712][ T5650] Bluetooth: hci0: unexpected event for opcode 0x2012 [ 586.987978][T17962] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 587.002515][T17962] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 587.055808][T18425] netlink: 5252 bytes leftover after parsing attributes in process `syz.2.5337'. [ 587.065234][T18425] nbd: must specify a size in bytes for the device [ 587.608056][T18441] loop6: detected capacity change from 0 to 64 [ 588.445596][T18464] openvswitch: netlink: Key type 51 is out of range max 32 [ 588.929590][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 588.963932][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 588.985083][T18479] usb usb7: usbfs: process 18479 (syz.6.5355) did not claim interface 0 before use [ 589.013293][ T1169] bond0 (unregistering): Released all slaves [ 589.048180][ T1169] bond1 (unregistering): Released all slaves [ 589.062681][T17962] Bluetooth: hci2: command tx timeout [ 589.104552][ T1169] bond2 (unregistering): Released all slaves [ 589.452160][ T5284] 8021q: adding VLAN 0 to HW filter on device eth5 [ 589.574143][T18489] loop1: detected capacity change from 0 to 64 [ 589.906045][T18496] loop5: detected capacity change from 0 to 256 [ 589.938659][T18496] exfat: Deprecated parameter 'namecase' [ 589.960943][ T31] audit: type=1800 audit(589.912:181): pid=18489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5358" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 589.978390][T18496] exfat: Deprecated parameter 'namecase' [ 590.086901][T18496] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 590.504672][T18477] loop0: detected capacity change from 0 to 32768 [ 590.686504][T18477] UFO tlock:0xffffc90002932120 [ 591.083629][T18516] usb usb7: usbfs: process 18516 (syz.1.5369) did not claim interface 0 before use [ 591.141940][T17962] Bluetooth: hci2: command tx timeout [ 591.253793][T18520] netdevsim netdevsim6 netdevsim0: entered allmulticast mode [ 591.530103][T18497] loop2: detected capacity change from 0 to 32768 [ 591.553439][ T5773] Process accounting resumed [ 591.628190][T18497] JBD2: Ignoring recovery information on journal [ 591.851552][T18497] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 592.459473][T18549] netlink: 'syz.0.5379': attribute type 16 has an invalid length. [ 592.495657][T18549] netlink: 'syz.0.5379': attribute type 17 has an invalid length. [ 592.650354][ T5625] ocfs2: Unmounting device (7,2) on (node local) [ 592.710589][T18549] bridge0: port 1(bridge_slave_0) entered disabled state [ 592.755442][T18549] bridge0: port 2(bridge_slave_1) entered disabled state [ 592.912701][T18556] loop6: detected capacity change from 0 to 8 [ 593.057927][ T5284] 8021q: adding VLAN 0 to HW filter on device eth6 [ 593.221913][T17962] Bluetooth: hci2: command tx timeout [ 593.324902][ T1169] hsr_slave_0: left promiscuous mode [ 593.358565][ T1169] hsr_slave_1: left promiscuous mode [ 593.378637][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 593.418007][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 593.475214][T18561] loop5: detected capacity change from 0 to 1764 [ 593.570098][T18561] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 594.000735][T18577] netlink: 'syz.5.5392': attribute type 3 has an invalid length. [ 594.024098][T18577] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5392'. [ 594.403017][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 594.504361][ T1169] team0 (unregistering): Port device team_slave_0 removed [ 594.529916][T18565] loop2: detected capacity change from 0 to 32768 [ 594.657327][T18565] UFO tlock:0xffffc90002932090 [ 594.929593][T18571] loop0: detected capacity change from 0 to 32768 [ 595.257432][T18574] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 595.302042][T17962] Bluetooth: hci2: command tx timeout [ 595.450074][T18596] loop2: detected capacity change from 0 to 256 [ 595.469929][T18596] exfat: Deprecated parameter 'utf8' [ 595.479149][T18596] exfat: Deprecated parameter 'namecase' [ 595.485104][T18596] exfat: Deprecated parameter 'namecase' [ 595.606659][T18600] vivid-000: disconnect [ 595.629094][T18598] vivid-000: reconnect [ 595.646740][T18596] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 596.391009][T18619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5409'. [ 596.954915][T18635] openvswitch: netlink: Missing key (keys=40, expected=80) [ 596.997662][T18637] loop6: detected capacity change from 0 to 2048 [ 597.121009][T18637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 597.255255][T18637] EXT4-fs error (device loop6): ext4_find_extent:903: inode #2: comm syz.6.5416: inode has invalid extent depth: 7 [ 597.353762][T18415] bridge0: port 1(bridge_slave_0) entered blocking state [ 597.403534][T18415] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.443777][T18415] bridge_slave_0: entered allmulticast mode [ 597.474612][T18415] bridge_slave_0: entered promiscuous mode [ 597.525103][T18415] bridge0: port 2(bridge_slave_1) entered blocking state [ 597.558884][T18415] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.587680][T18660] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 597.588639][T18415] bridge_slave_1: entered allmulticast mode [ 597.621244][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.631970][ T5772] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 597.656735][T18415] bridge_slave_1: entered promiscuous mode [ 597.805286][ T5772] usb 1-1: Using ep0 maxpacket: 16 [ 597.834844][T18415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.838920][ T5772] usb 1-1: config 0 has an invalid interface number: 63 but max is 0 [ 597.891485][ T5772] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 597.912409][T18415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 597.945713][ T5772] usb 1-1: config 0 has no interface number 0 [ 597.981025][ T5772] usb 1-1: config 0 interface 63 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 598.008682][ T5772] usb 1-1: config 0 interface 63 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 598.037567][ T5772] usb 1-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice=41.e6 [ 598.065124][ T5772] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.105846][ T5772] usb 1-1: config 0 descriptor?? [ 598.131074][T18415] team0: Port device team_slave_0 added [ 598.173002][T18415] team0: Port device team_slave_1 added [ 598.286680][T18673] loop6: detected capacity change from 0 to 128 [ 598.317414][T18673] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 598.386287][T18673] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 598.449301][ T5284] 8021q: adding VLAN 0 to HW filter on device eth7 [ 598.467151][ T29] usb 1-1: USB disconnect, device number 25 [ 598.494016][T18415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 598.513423][T18415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 598.580616][T18415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 598.614364][T18415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 598.631862][T18415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 598.673389][T18651] loop5: detected capacity change from 0 to 32768 [ 598.710911][T18415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 598.744149][T18651] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 598.807406][T18651] JBD2: Ignoring recovery information on journal [ 599.003352][T18415] hsr_slave_0: entered promiscuous mode [ 599.026953][T18651] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 599.044950][T18415] hsr_slave_1: entered promiscuous mode [ 599.083443][T18415] debugfs: 'hsr0' already exists in 'hsr' [ 599.117674][T18415] Cannot create hsr debugfs directory [ 599.324930][T18694] loop0: detected capacity change from 0 to 128 [ 599.487062][T18699] loop1: detected capacity change from 0 to 512 [ 599.498761][ T5628] ocfs2: Unmounting device (7,5) on (node local) [ 599.573434][T18699] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 599.711697][T18699] EXT4-fs error (device loop1): ext4_lookup:1785: inode #12: comm syz.1.5438: iget: bad i_size value: 2533274857506816 [ 599.749113][T18706] loop5: detected capacity change from 0 to 4096 [ 599.813675][T18706] ntfs3(loop5): ino=18, mi_enum_attr [ 599.846106][T18706] ntfs3(loop5): ino=1a, mi_enum_attr [ 600.009250][T18706] ntfs3(loop5): ino=5, "/" indx_read_ra [ 600.067629][ T5627] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 601.046505][T18743] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 601.378729][T18752] loop2: detected capacity change from 0 to 24 [ 601.405365][ T5284] 8021q: adding VLAN 0 to HW filter on device eth8 [ 601.522881][T18415] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 601.552017][ T5633] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 601.577938][T18415] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 601.603275][T18415] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 601.667838][T18415] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 601.717842][T18415] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 601.742189][ T5633] usb 2-1: Using ep0 maxpacket: 32 [ 601.765457][ T5633] usb 2-1: config 0 has an invalid interface number: 151 but max is 0 [ 601.776062][T18415] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 601.797571][ T5633] usb 2-1: config 0 has no interface number 0 [ 601.806879][T18415] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 601.820852][ T5633] usb 2-1: config 0 interface 151 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 601.854044][ T5633] usb 2-1: config 0 interface 151 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 601.871902][T18415] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 601.903423][ T5633] usb 2-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f [ 601.917440][ T5633] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.928145][ T5633] usb 2-1: Product: syz [ 601.969037][ T5633] usb 2-1: Manufacturer: syz [ 601.976030][ T31] audit: type=1326 audit(601.932:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18764 comm="syz.5.5463" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 602.011351][ T5633] usb 2-1: SerialNumber: syz [ 602.045025][ T5633] usb 2-1: config 0 descriptor?? [ 602.104787][ T31] audit: type=1326 audit(601.932:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18764 comm="syz.5.5463" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 602.227741][ T31] audit: type=1326 audit(601.942:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18764 comm="syz.5.5463" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 602.354939][ T31] audit: type=1326 audit(601.942:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18764 comm="syz.5.5463" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216d99ce59 code=0x7ffc0000 [ 602.388860][ T5633] usb 2-1: USB disconnect, device number 20 [ 602.434988][T18415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 602.530934][T18415] 8021q: adding VLAN 0 to HW filter on device team0 [ 602.562443][T18745] loop0: detected capacity change from 0 to 32768 [ 602.585225][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 602.592837][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 602.632542][T18745] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5454 (18745) [ 602.675281][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state [ 602.682620][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 602.713124][T18745] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 602.721359][ T5644] udevd[5644]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 602.754979][T18745] BTRFS info (device loop0): using sha256 checksum algorithm [ 602.996211][T18745] BTRFS info (device loop0): enabling ssd optimizations [ 603.053647][T18745] BTRFS info (device loop0): turning on async discard [ 603.097124][T18745] BTRFS info (device loop0): enabling free space tree [ 603.360589][T18812] loop6: detected capacity change from 0 to 64 [ 603.434095][T18815] loop1: detected capacity change from 0 to 64 [ 603.459904][T18815] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 603.513429][T18817] loop2: detected capacity change from 0 to 512 [ 603.526485][ T5624] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 603.577412][T18817] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 603.692387][T18817] EXT4-fs error (device loop2): ext4_free_branches:1020: inode #11: comm syz.2.5476: invalid indirect mapped block 4294967295 (level 1) [ 603.764623][T18817] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 603.771799][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 603.787541][ C0] EXT4-fs (loop2): initial error at time 603: ext4_free_branches:1020: inode 11 [ 603.796713][ C0] EXT4-fs (loop2): last error at time 603: ext4_free_branches:1020: inode 11 [ 603.823314][T18817] EXT4-fs error (device loop2): ext4_free_branches:1020: inode #11: comm syz.2.5476: invalid indirect mapped block 4294967295 (level 1) [ 603.847657][T18817] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 603.909884][T18817] EXT4-fs (loop2): 2 truncates cleaned up [ 604.088181][T18817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 604.451998][ T5625] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.341253][T18415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 605.355542][T18862] loop0: detected capacity change from 0 to 2048 [ 605.410891][T18869] program syz.2.5497 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 605.443275][T18862] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 606.128106][T18889] loop6: detected capacity change from 0 to 2048 [ 606.195632][T18889] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 606.315923][T18889] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.5504: bg 0: block 345: padding at end of block bitmap is not set [ 606.332042][ T24] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 606.400607][T18889] EXT4-fs (loop6): Remounting filesystem read-only [ 606.501951][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 606.531438][ T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 606.568558][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 606.576805][ T24] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 606.609502][ T24] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 606.640226][ T24] usb 3-1: Product: syz [ 606.660749][ T24] usb 3-1: Manufacturer: syz [ 606.681057][ T24] usb 3-1: SerialNumber: syz [ 606.808600][T18415] veth0_vlan: entered promiscuous mode [ 606.835512][T18912] loop0: detected capacity change from 0 to 64 [ 606.876119][T18415] veth1_vlan: entered promiscuous mode [ 606.966184][ T24] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 607.017553][ T24] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 607.055151][ T24] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2 [ 607.097666][T18415] veth0_macvtap: entered promiscuous mode [ 607.165392][T18415] veth1_macvtap: entered promiscuous mode [ 607.180789][ T24] usb 3-1: palm_os_3_probe - error -71 getting bytes available request [ 607.204516][ T24] visor 3-1:1.0: Handspring Visor / Palm OS converter detected [ 607.281323][ T24] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 607.294357][T18415] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 607.318348][ T24] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 607.331498][T18415] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 607.358470][ T24] usb 3-1: USB disconnect, device number 20 [ 607.382925][ T37] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 607.415706][ T37] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 607.442779][ T24] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 607.461410][ T37] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 607.499917][ T37] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 607.550961][T18928] loop1: detected capacity change from 0 to 128 [ 607.552939][ T24] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 607.639367][ T24] visor 3-1:1.0: device disconnected [ 608.042159][T15903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 608.080628][T15903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 608.280514][T18947] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 608.371511][T15903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 608.429163][T15903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 608.680997][T18952] bond4: Unable to set down delay as MII monitoring is disabled [ 608.692720][T18952] bond4 (unregistering): Released all slaves [ 609.097793][T18966] loop0: detected capacity change from 0 to 256 [ 609.165836][T18973] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048) [ 609.289722][T18976] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 609.605754][T18988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5546'. [ 609.640774][T18988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5546'. [ 610.013979][T19002] loop5: detected capacity change from 0 to 2048 [ 610.045967][T19002] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xa1 != 0xd4 [ 610.075140][T19002] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 610.410224][T19014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5560'. [ 611.434647][ T5773] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 611.611924][ T5773] usb 6-1: Using ep0 maxpacket: 32 [ 611.643216][ T5773] usb 6-1: config 0 has an invalid interface number: 35 but max is 0 [ 611.659117][ T5773] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 611.680021][ T5773] usb 6-1: config 0 has no interface number 0 [ 611.700860][ T5773] usb 6-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 611.732195][T17491] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 611.761165][ T5773] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 611.781709][ T5773] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 611.801248][ T5773] usb 6-1: Product: syz [ 611.815762][ T5773] usb 6-1: Manufacturer: syz [ 611.824354][T19026] loop6: detected capacity change from 0 to 32768 [ 611.831072][ T5773] usb 6-1: SerialNumber: syz [ 611.848847][T19026] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5565 (19026) [ 611.874988][ T5773] usb 6-1: config 0 descriptor?? [ 611.903175][ T5773] radio-si470x 6-1:0.35: could not find interrupt in endpoint [ 611.914798][T17491] usb 2-1: unable to get BOS descriptor or descriptor too short [ 611.946889][ T5773] radio-si470x 6-1:0.35: probe with driver radio-si470x failed with error -5 [ 611.956801][T19026] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 611.967852][T17491] usb 2-1: config 1 has too many interfaces: 35, using maximum allowed: 32 [ 611.978740][T17491] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 611.991918][T19026] BTRFS info (device loop6): using sha256 checksum algorithm [ 611.992295][T17491] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 35 [ 612.070250][T17491] usb 2-1: string descriptor 0 read error: -22 [ 612.080817][T17491] usb 2-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice= 0.40 [ 612.116733][ T5773] radio-raremono 6-1:0.35: this is not Thanko's Raremono. [ 612.126293][T17491] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.137831][ T5773] usbhid 6-1:0.35: couldn't find an input interrupt endpoint [ 612.180115][T19026] BTRFS info (device loop6): enabling ssd optimizations [ 612.202006][T19026] BTRFS info (device loop6): turning on async discard [ 612.236670][T17491] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 612.249158][T19026] BTRFS info (device loop6): enabling free space tree [ 612.360076][ T5773] usb 6-1: USB disconnect, device number 25 [ 612.481639][ T7587] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 612.784508][T17491] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -2 [ 612.857234][T17491] usb 2-1: USB disconnect, device number 21 [ 613.339376][T19102] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5596'. [ 613.994052][T19121] netlink: 45 bytes leftover after parsing attributes in process `syz.5.5603'. [ 614.288991][ T31] audit: type=1326 audit(614.252:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19133 comm="syz.1.5608" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528099ce59 code=0x7ffc0000 [ 614.424014][ T31] audit: type=1326 audit(614.282:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19133 comm="syz.1.5608" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528099ce59 code=0x7ffc0000 [ 614.542621][ T31] audit: type=1326 audit(614.292:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19133 comm="syz.1.5608" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7f528099ce59 code=0x7ffc0000 [ 614.674566][ T31] audit: type=1326 audit(614.292:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19133 comm="syz.1.5608" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528099ce59 code=0x7ffc0000 [ 615.220249][T19167] loop7: detected capacity change from 0 to 256 [ 615.592159][ T5773] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 615.772042][ T5773] usb 2-1: Using ep0 maxpacket: 8 [ 615.796840][ T5773] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 615.839466][ T5773] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 615.881034][ T5773] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 615.917386][ T5773] usb 2-1: Product: syz [ 615.946322][ T5773] usb 2-1: Manufacturer: syz [ 615.974050][ T5773] usb 2-1: SerialNumber: syz [ 616.057252][T19192] loop0: detected capacity change from 0 to 8 [ 616.177112][T19192] unable to read xattr id index table [ 616.211381][ T5773] usb 2-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 616.259942][ T5773] usb 2-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 616.320710][ T5773] usb 2-1: Handspring Visor / Palm OS: Number of ports: 2 [ 616.420113][ T5773] usb 2-1: palm_os_3_probe - error -71 getting bytes available request [ 616.458066][ T5773] visor 2-1:1.0: Handspring Visor / Palm OS converter detected [ 616.507501][ T5773] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 616.513243][T19202] loop6: detected capacity change from 0 to 256 [ 616.557823][ T5773] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 616.594357][T19205] loop5: detected capacity change from 0 to 764 [ 616.620178][ T5773] usb 2-1: USB disconnect, device number 22 [ 616.632972][ T29] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 616.642689][T19202] FAT-fs (loop6): error, clusters badly computed (0 != 128) [ 616.688741][T19202] FAT-fs (loop6): Filesystem has been set read-only [ 616.718027][T19202] FAT-fs (loop6): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 616.740560][T19205] Symlink component flag not implemented [ 616.747321][ T5773] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 616.786980][T19205] Symlink component flag not implemented (122) [ 616.819608][ T5773] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 616.834580][ T29] usb 1-1: Using ep0 maxpacket: 32 [ 616.863277][ T29] usb 1-1: config 0 has an invalid interface number: 130 but max is 0 [ 616.879994][ T5773] visor 2-1:1.0: device disconnected [ 616.899374][ T29] usb 1-1: config 0 has no interface number 0 [ 616.926187][ T29] usb 1-1: too many endpoints for config 0 interface 130 altsetting 50: 167, using maximum allowed: 30 [ 616.967669][ T29] usb 1-1: config 0 interface 130 altsetting 50 has 0 endpoint descriptors, different from the interface descriptor's value: 167 [ 617.058238][ T29] usb 1-1: config 0 interface 130 has no altsetting 0 [ 617.085517][ T29] usb 1-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01 [ 617.119890][ T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.184961][ T29] usb 1-1: config 0 descriptor?? [ 617.207686][T19180] loop7: detected capacity change from 0 to 32768 [ 617.472147][ T29] usb 1-1: string descriptor 0 read error: -71 [ 617.540846][ T29] usb 1-1: USB disconnect, device number 26 [ 617.726860][T19221] loop1: detected capacity change from 0 to 2048 [ 617.790387][T19221] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 618.423608][T19244] loop2: detected capacity change from 0 to 2048 [ 618.457501][T19244] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 618.505525][T19244] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 618.666115][T19249] netlink: 'syz.7.5655': attribute type 1 has an invalid length. [ 619.325432][T19269] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048) [ 619.403509][T19226] loop5: detected capacity change from 0 to 32768 [ 619.436593][T19226] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5646 (19226) [ 619.556872][T19226] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 619.611844][T19226] BTRFS info (device loop5): using sha256 checksum algorithm [ 619.766199][T19298] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 619.777455][T19226] BTRFS info (device loop5): enabling ssd optimizations [ 619.785927][T19226] BTRFS info (device loop5): turning on async discard [ 619.793403][T19226] BTRFS info (device loop5): enabling free space tree [ 620.021246][T19309] loop6: detected capacity change from 0 to 64 [ 620.101365][T19309] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. Mounting read-only. [ 620.126972][ T5628] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 620.167065][T19309] hfs: filesystem is marked locked, mounting read-only. [ 620.412640][ T5772] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 620.615971][ T5772] usb 3-1: config 0 has an invalid interface number: 64 but max is 0 [ 620.663417][ T5772] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 620.698172][ T5772] usb 3-1: config 0 has no interface number 0 [ 620.744387][ T5772] usb 3-1: too many endpoints for config 0 interface 64 altsetting 0: 48, using maximum allowed: 30 [ 620.777435][ T5772] usb 3-1: config 0 interface 64 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 620.802612][ T24] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 620.848381][ T5772] usb 3-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53 [ 620.904172][ T5772] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.938602][T19333] bridge4: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 620.961283][ T5772] usb 3-1: config 0 descriptor?? [ 621.023290][ T24] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 621.060341][ T24] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 621.115411][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.221334][ T24] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 621.331113][ T5633] usb 3-1: USB disconnect, device number 21 [ 621.746106][T19313] loop1: detected capacity change from 0 to 32768 [ 621.803215][T19313] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.5675 (19313) [ 621.896893][T19313] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 621.944438][T19313] BTRFS info (device loop1): using blake2b checksum algorithm [ 622.206584][T19313] BTRFS info (device loop1 state EC): setting nodatasum [ 622.265843][T19313] BTRFS info (device loop1 state EC): setting nodatacow [ 622.276708][ T24] stv0680 6-1:4.0: STV(e): camera ping failed!! [ 622.321936][T19313] BTRFS info (device loop1 state EC): disabling log replay at mount time [ 622.356533][T19313] BTRFS info (device loop1 state EC): enabling free space tree [ 622.401455][T19313] BTRFS info (device loop1 state EC): ignoring data csums [ 622.486826][ T24] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 622.521514][ T24] stv0680 6-1:4.0: last error: 90, command = 0xeb [ 622.588379][ T24] usb 6-1: USB disconnect, device number 26 [ 622.637659][T19382] loop2: detected capacity change from 0 to 1024 [ 622.727523][T19382] hfsplus: invalid length 50929 has been corrected to 255 [ 622.759753][T19379] loop6: detected capacity change from 0 to 4096 [ 622.777663][T19382] hfsplus: invalid length 50929 has been corrected to 255 [ 622.791467][T19379] EXT4-fs: Ignoring removed bh option [ 622.810517][T19382] hfsplus: invalid length 50929 has been corrected to 255 [ 622.859704][ T5627] BTRFS info (device loop1 state EC): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 622.889914][T19379] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.975632][T19382] hfsplus: invalid length 50929 has been corrected to 255 [ 623.300352][ T7587] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 623.627955][T19397] bridge_slave_0: left allmulticast mode [ 623.658071][T19397] bridge_slave_0: left promiscuous mode [ 623.708237][T19397] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.775227][T19397] bridge_slave_1: left allmulticast mode [ 623.791180][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.797928][T19397] bridge_slave_1: left promiscuous mode [ 623.819281][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 623.853823][T19397] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.948657][T19397] bond0: (slave bond_slave_0): Releasing backup interface [ 624.128996][T19397] bond0: (slave bond_slave_1): Releasing backup interface [ 624.255900][T19397] team0: Port device team_slave_0 removed [ 624.339349][T19397] team0: Port device team_slave_1 removed [ 624.376945][T19397] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 624.443289][T19397] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 624.493551][T19397] bond0: (slave batadv_slave_1): Releasing backup interface [ 624.539253][T19397] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 624.834939][T19412] bond1: Unable to set down delay as MII monitoring is disabled [ 624.881095][T19412] bond1 (unregistering): Released all slaves [ 624.958124][T19432] openvswitch: netlink: Duplicate key (type 21). [ 625.276616][T19444] xt_hashlimit: size too large, truncated to 1048576 [ 625.289873][T19442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5717'. [ 625.304287][T19444] xt_hashlimit: max too large, truncated to 1048576 [ 625.697647][T19458] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 625.885765][T19464] loop0: detected capacity change from 0 to 256 [ 626.214043][T19478] loop6: detected capacity change from 0 to 64 [ 626.314394][T19478] syz.6.5734: attempt to access beyond end of device [ 626.314394][T19478] loop6: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 626.372345][T19478] Buffer I/O error on dev loop6, logical block 512, async page read [ 626.435957][T19478] syz.6.5734: attempt to access beyond end of device [ 626.435957][T19478] loop6: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 626.528405][T19478] Buffer I/O error on dev loop6, logical block 56576, async page read [ 626.743529][T19492] loop5: detected capacity change from 0 to 256 [ 626.846318][T19496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5744'. [ 627.023107][ T5773] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 627.225087][ T5773] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 627.258968][ T5773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.289271][ T5773] usb 1-1: Product: syz [ 627.309609][ T5773] usb 1-1: Manufacturer: syz [ 627.341333][ T5773] usb 1-1: SerialNumber: syz [ 627.423792][ T5773] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 627.477338][ T5633] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 627.659216][T19518] loop2: detected capacity change from 0 to 512 [ 627.669725][T19518] EXT4-fs: Ignoring removed mblk_io_submit option [ 627.704403][T19518] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 627.778461][T19518] EXT4-fs error (device loop2): ext4_free_branches:1020: inode #13: comm syz.2.5755: invalid indirect mapped block 33554432 (level 0) [ 627.794153][T19518] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 627.799754][T19518] EXT4-fs (loop2): Remounting filesystem read-only [ 627.809072][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 627.809108][ C1] EXT4-fs (loop2): initial error at time 627: ext4_free_branches:1020: inode 13 [ 627.809161][ C1] EXT4-fs (loop2): last error at time 627: ext4_free_branches:1020: inode 13 [ 627.841011][T19518] EXT4-fs (loop2): 1 truncate cleaned up [ 627.872506][T19518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 627.937968][ T5772] usb 1-1: USB disconnect, device number 27 [ 627.977938][T19526] openvswitch: netlink: Message has 4 unknown bytes. [ 628.027195][T19526] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 628.088752][ T5625] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 628.116795][T19528] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5759'. [ 628.597417][ T5633] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 628.622394][ T5633] ath9k_htc: Failed to initialize the device [ 628.651914][ T5772] usb 1-1: ath9k_htc: USB layer deinitialized [ 628.665092][T19514] loop1: detected capacity change from 0 to 32768 [ 628.698375][T19542] loop5: detected capacity change from 0 to 2048 [ 628.737510][T19542] EXT4-fs: Ignoring removed nomblk_io_submit option [ 628.813740][T19544] loop0: detected capacity change from 0 to 256 [ 628.891023][T19542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.940772][T19544] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf4f528c0, utbl_chksum : 0xe619d30d) [ 629.000228][T19551] QAT: failed to copy from user cfg_data. [ 629.065453][ T5628] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 629.215784][T19556] netlink: 'syz.1.5770': attribute type 2 has an invalid length. [ 630.002137][ T5633] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 630.198857][ T5633] usb 3-1: config 8 has an invalid interface number: 7 but max is 0 [ 630.237406][ T5633] usb 3-1: config 8 has no interface number 0 [ 630.258155][ T5633] usb 3-1: string descriptor 0 read error: -22 [ 630.278640][ T5633] usb 3-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=d9.bb [ 630.299900][ T5633] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 630.324540][T19586] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5786'. [ 630.370146][ T5633] usb 3-1: Expected 3 endpoints, found: 0 [ 630.653458][ T5633] usb 3-1: USB disconnect, device number 22 [ 630.744771][T19564] loop6: detected capacity change from 0 to 32768 [ 630.777107][T19564] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5776 (19564) [ 630.841502][T19564] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 630.879141][T19564] BTRFS info (device loop6): using sha256 checksum algorithm [ 631.000147][T19564] BTRFS info (device loop6): enabling ssd optimizations [ 631.029681][T19564] BTRFS info (device loop6): turning on async discard [ 631.045938][T19564] BTRFS info (device loop6): enabling free space tree [ 631.252533][ T31] audit: type=1400 audit(631.212:190): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=19624 comm="syz.1.5799" [ 631.294567][ T7587] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 631.496971][T19630] loop7: detected capacity change from 0 to 64 [ 632.313463][T19652] program syz.2.5812 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 632.410589][ T31] audit: type=1326 audit(632.372:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.547386][ T31] audit: type=1326 audit(632.372:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.660180][ T31] audit: type=1326 audit(632.452:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.776487][ T31] audit: type=1326 audit(632.452:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.831931][ T31] audit: type=1326 audit(632.462:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.888536][ T31] audit: type=1326 audit(632.462:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 632.985872][ T31] audit: type=1326 audit(632.462:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 633.117907][ T31] audit: type=1326 audit(632.462:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 633.234685][ T31] audit: type=1326 audit(632.462:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19653 comm="syz.7.5813" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 633.540149][T19640] loop0: detected capacity change from 0 to 32768 [ 633.580846][T19640] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5805 (19640) [ 633.646064][T19640] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 633.678715][T19640] BTRFS info (device loop0): using blake2b checksum algorithm [ 633.709259][T19676] loop2: detected capacity change from 0 to 4096 [ 633.783570][T19676] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 633.852348][T19640] BTRFS info (device loop0 state EC): setting nodatasum [ 633.915518][T19664] loop6: detected capacity change from 0 to 32768 [ 633.923973][T19640] BTRFS info (device loop0 state EC): setting nodatacow [ 633.931116][T19664] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5820 (19664) [ 633.945461][T19640] BTRFS info (device loop0 state EC): disabling log replay at mount time [ 633.956592][T19640] BTRFS info (device loop0 state EC): enabling free space tree [ 633.969509][T19676] ntfs3(loop2): ino=1a, mi_enum_attr [ 633.984162][T19664] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 633.996118][T19640] BTRFS info (device loop0 state EC): ignoring data csums [ 634.000035][T19676] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 634.030270][T19664] BTRFS info (device loop6): using sha256 checksum algorithm [ 634.085993][T19676] ntfs3(loop2): ino=1a, mi_enum_attr [ 634.119505][T19676] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 634.178226][ T29] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 634.207761][T19664] BTRFS info (device loop6): enabling ssd optimizations [ 634.275966][T19664] BTRFS info (device loop6): turning on async discard [ 634.337874][T19664] BTRFS info (device loop6): enabling free space tree [ 634.381997][ T29] usb 6-1: Using ep0 maxpacket: 16 [ 634.406241][ T29] usb 6-1: unable to get BOS descriptor or descriptor too short [ 634.436517][ T29] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 634.495002][ T29] usb 6-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40 [ 634.519821][ T5624] BTRFS info (device loop0 state EC): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 634.532088][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.576688][ T29] usb 6-1: Product: syz [ 634.597614][ T29] usb 6-1: Manufacturer: syz [ 634.620762][ T29] usb 6-1: SerialNumber: syz [ 634.822247][ T7587] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 634.964890][T19719] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 635.105105][ T29] snd-ua101 6-1:1.1: sample format descriptor not found [ 635.171894][ T29] snd-ua101 6-1:1.0: invalid bNumEndpoints [ 635.297588][ T29] usb 6-1: USB disconnect, device number 27 [ 635.696993][T19679] loop1: detected capacity change from 0 to 32768 [ 635.856532][T19679] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 636.122551][T19679] XFS (loop1): Ending clean mount [ 636.327102][T19679] XFS (loop1): Quotacheck needed: Please wait. [ 636.760718][T19766] xt_nfacct: accounting object `syz0' does not exist [ 637.017723][T19679] XFS (loop1): Quotacheck: Done. [ 637.188304][ T5627] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 637.517313][T19787] netlink: 5 bytes leftover after parsing attributes in process `syz.5.5861'. [ 637.885319][T19799] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method [ 638.206051][T19804] loop7: detected capacity change from 0 to 8 [ 638.365834][T19805] bond3: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 638.365834][T19812] loop5: detected capacity change from 0 to 1764 [ 638.403572][T19805] bond3 (unregistering): Released all slaves [ 638.434532][T19812] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 638.730258][T19819] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5875'. [ 638.785471][T19819] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5875'. [ 638.948306][ T31] audit: type=1326 audit(638.912:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19824 comm="syz.7.5878" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 639.076739][ T31] audit: type=1326 audit(638.912:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19824 comm="syz.7.5878" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 639.187442][ T31] audit: type=1326 audit(638.952:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19824 comm="syz.7.5878" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 639.229236][T19793] loop0: detected capacity change from 0 to 32768 [ 639.280042][T19793] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5864 (19793) [ 639.306786][ T31] audit: type=1326 audit(638.952:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19824 comm="syz.7.5878" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 639.387200][ T31] audit: type=1326 audit(638.952:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19824 comm="syz.7.5878" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 639.425949][T19793] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 639.440331][T19793] BTRFS info (device loop0): using sha256 checksum algorithm [ 639.620388][T19793] BTRFS info (device loop0): enabling ssd optimizations [ 639.636913][T19856] loop5: detected capacity change from 0 to 64 [ 639.667514][T19793] BTRFS info (device loop0): turning on async discard [ 639.731166][T19860] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 639.734615][T19793] BTRFS info (device loop0): enabling free space tree [ 639.888973][T19859] loop1: detected capacity change from 0 to 2048 [ 639.949120][T19859] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 640.026158][T19867] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 640.109462][ T5624] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 640.222642][T19871] libceph: resolve '400' (ret=-3): failed [ 640.857884][T19888] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.5900'. [ 641.597680][T19911] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5909'. [ 641.640767][T19913] loop7: detected capacity change from 0 to 256 [ 642.280450][T19929] loop0: detected capacity change from 0 to 2048 [ 642.287091][T19886] loop1: detected capacity change from 0 to 32768 [ 642.339694][T19929] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 642.455384][T19937] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 642.460790][T19886] ERROR: (device loop1): dbAllocNext: Corrupt dmap page [ 642.460790][T19886] [ 642.532176][T19939] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5923'. [ 642.551712][T19929] NILFS error (device loop0): nilfs_lookup: deleted inode referenced: 12 [ 642.621245][T19886] ERROR: (device loop1): remounting filesystem as read-only [ 642.739176][T19929] Remounting filesystem read-only [ 643.056489][T19948] netlink: 'syz.1.5926': attribute type 10 has an invalid length. [ 643.076149][T19950] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5929'. [ 643.122243][T19950] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048) [ 643.309977][T19951] bond1: down delay (32768) is not a multiple of miimon (100), value rounded to 32700 ms [ 643.364517][T19951] bond1: entered promiscuous mode [ 643.404744][T19951] 8021q: adding VLAN 0 to HW filter on device bond1 [ 643.473427][T19948] 8021q: adding VLAN 0 to HW filter on device team0 [ 643.542959][T19948] bond0: (slave team0): Enslaving as an active interface with an up link [ 643.764772][T19934] loop2: detected capacity change from 0 to 32768 [ 643.835446][T19934] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5920 (19934) [ 643.912000][T19934] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 643.949655][T19934] BTRFS info (device loop2): using sha256 checksum algorithm [ 643.963395][T19974] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 643.992217][ T29] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 644.192459][ T29] usb 6-1: Using ep0 maxpacket: 32 [ 644.204649][T19934] BTRFS info (device loop2): enabling ssd optimizations [ 644.208826][ T29] usb 6-1: New USB device found, idVendor=084f, idProduct=0001, bcdDevice=e0.b8 [ 644.248278][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 644.271382][T19934] BTRFS info (device loop2): turning on async discard [ 644.281381][ T29] usb 6-1: Product: syz [ 644.302561][T19993] openvswitch: netlink: Message has 4 unknown bytes. [ 644.305677][ T29] usb 6-1: Manufacturer: syz [ 644.316453][T19934] BTRFS info (device loop2): enabling free space tree [ 644.351949][ T29] usb 6-1: SerialNumber: syz [ 644.407083][ T29] empeg 6-1:1.0: empeg converter detected [ 644.638529][ T5625] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 644.669746][T20002] kAFS: unable to lookup cell '' [ 644.697199][T20003] netlink: 'syz.6.5947': attribute type 21 has an invalid length. [ 644.715282][ T29] usb 6-1: empeg converter now attached to ttyUSB0 [ 644.738115][T20003] IPv6: NLM_F_CREATE should be specified when creating new route [ 644.942124][ T5773] usb 6-1: USB disconnect, device number 28 [ 645.001516][ T5773] empeg ttyUSB0: empeg converter now disconnected from ttyUSB0 [ 645.035897][ T5773] empeg 6-1:1.0: device disconnected [ 645.112753][T20011] netlink: 830 bytes leftover after parsing attributes in process `syz.6.5952'. [ 645.158419][T17491] bond_slave_0: entered promiscuous mode [ 645.167198][T17491] bond_slave_1: entered promiscuous mode [ 645.540540][T20024] loop2: detected capacity change from 0 to 512 [ 645.640383][T20024] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 645.693017][T20024] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 645.701203][T20024] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.5957: bad orphan inode 13 [ 645.717209][T20024] loop2: lost filesystem error report for type 5 error -117 [ 645.721796][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 645.735725][ C0] EXT4-fs (loop2): initial error at time 645: ext4_orphan_get:1423 [ 645.743727][ C0] EXT4-fs (loop2): last error at time 645: ext4_orphan_get:1423 [ 645.775794][T20024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 645.894124][T20037] openvswitch: netlink: Tunnel attr 148 out of range max 16 [ 645.989380][T20043] netlink: 'syz.0.5965': attribute type 12 has an invalid length. [ 646.021204][ T5625] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.312047][ T29] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 647.497480][ T29] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 647.538418][ T29] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 647.560867][T20052] loop7: detected capacity change from 0 to 32768 [ 647.569991][ T29] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.596652][T20057] loop6: detected capacity change from 0 to 32768 [ 647.632404][ T29] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 647.688370][T20057] ERROR: (device loop6): dbAllocNext: Corrupt dmap page [ 647.688370][T20057] [ 647.748771][T20057] ERROR: (device loop6): remounting filesystem as read-only [ 648.140145][T20089] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 66052 out of range (51000000..2150000000) [ 648.311691][T20094] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5990'. [ 648.382364][ T5773] usb 7-1: new full-speed USB device number 15 using dummy_hcd [ 648.557083][ T5773] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 64 [ 648.616590][T20099] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5992'. [ 648.617685][ T5773] usb 7-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 648.662410][T20099] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5992'. [ 648.686007][ T5773] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 648.696614][T20099] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 648.750430][ T5773] usb 7-1: Product: syz [ 648.750469][ T5773] usb 7-1: Manufacturer: syz [ 648.750505][ T5773] usb 7-1: SerialNumber: syz [ 648.759768][ T5773] usb 7-1: config 0 descriptor?? [ 648.762407][T20088] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 648.762602][T20088] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22 [ 648.838577][ C0] port100 7-1:0.0: NFC: Urb failure (status -71) [ 648.870071][ C0] port100 7-1:0.0: NFC: Urb failure (status -71) [ 648.886237][ T29] gspca_stv0680: usb_control_msg error 2, request = 0x6, error = -71 [ 648.886677][ T29] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 648.886707][ T29] stv0680 2-1:4.0: last error: 86, command = 0x78 [ 648.892516][ T5773] port100 7-1:0.0: NFC: Could not get supported command types [ 648.913104][ T29] usb 2-1: USB disconnect, device number 23 [ 649.017479][ T5773] usb 7-1: USB disconnect, device number 15 [ 649.566124][T20122] netlink: 'syz.7.6004': attribute type 10 has an invalid length. [ 649.645180][T20122] 8021q: adding VLAN 0 to HW filter on device team0 [ 649.683713][T20122] bond0: (slave team0): Enslaving as an active interface with an up link [ 649.696268][T20125] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6005'. [ 650.238410][T20140] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6013'. [ 650.548702][T20112] loop0: detected capacity change from 0 to 32768 [ 650.655623][T20112] ERROR: (device loop0): dbAllocNext: Corrupt dmap page [ 650.655623][T20112] [ 650.703460][T20112] ERROR: (device loop0): remounting filesystem as read-only [ 650.766187][T20157] tmpfs: Bad value for 'mpol' [ 651.101397][T20167] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6027'. [ 651.189135][T20168] loop7: detected capacity change from 0 to 2048 [ 651.928930][T20198] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6042'. [ 652.334310][T20214] netlink: 260 bytes leftover after parsing attributes in process `syz.6.6049'. [ 652.697667][T20226] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6054'. [ 653.376366][T20252] loop7: detected capacity change from 0 to 256 [ 653.433759][T20252] vfat: Deprecated parameter 'posix' [ 653.471829][T20252] FAT-fs: "posix" option is obsolete, not supported now [ 653.814207][T20267] netlink: 'syz.6.6075': attribute type 2 has an invalid length. [ 654.000479][T20269] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 654.375552][T20281] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 654.689908][T20292] loop0: detected capacity change from 0 to 64 [ 654.721508][T20294] openvswitch: netlink: Unexpected mask (mask=2200040, allowed=2010048) [ 654.765016][T20298] netlink: 'syz.5.6090': attribute type 2 has an invalid length. [ 655.226599][T20311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6095'. [ 655.418477][T20316] No source specified [ 655.609554][T20319] pim6reg: entered allmulticast mode [ 655.638978][T20322] loop5: detected capacity change from 0 to 2048 [ 655.735857][T20327] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 655.961027][T20327] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 656.011725][T20327] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 656.098153][T20327] Remounting filesystem read-only [ 656.115161][ T5628] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer [ 656.259252][T20341] netlink: 'syz.0.6111': attribute type 2 has an invalid length. [ 656.302432][T17491] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 656.495940][T20345] netlink: 'syz.7.6113': attribute type 2 has an invalid length. [ 656.498917][T17491] usb 3-1: unable to get BOS descriptor or descriptor too short [ 656.553561][T17491] usb 3-1: config 63 has an invalid interface number: 66 but max is 0 [ 656.586287][T17491] usb 3-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config [ 656.626691][T17491] usb 3-1: config 63 has no interface number 0 [ 656.635847][T20314] loop1: detected capacity change from 0 to 32768 [ 656.652401][T17491] usb 3-1: config 63 interface 66 has no altsetting 0 [ 656.680481][T17491] usb 3-1: string descriptor 0 read error: -22 [ 656.697183][T17491] usb 3-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4 [ 656.727056][T17491] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.745215][T20314] dmapctl: nleafs 0 != 2^0 [ 656.782373][T20314] ERROR: (device loop1): dbFindCtl: Corrupt dmapctl page [ 656.782373][T20314] [ 656.836062][T17491] uvcvideo 3-1:63.66: Found UVC 0.07 device (174f:8acf) [ 656.846716][T20314] ERROR: (device loop1): remounting filesystem as read-only [ 656.864784][T17491] uvcvideo 3-1:63.66: No valid video chain found. [ 656.881988][T20314] ialloc: diAlloc returned -5! [ 657.163801][T20362] loop7: detected capacity change from 0 to 1764 [ 657.192649][ T29] usb 3-1: USB disconnect, device number 23 [ 657.233461][T20362] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 657.245154][T20368] netlink: 260 bytes leftover after parsing attributes in process `syz.1.6122'. [ 657.639235][T20378] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 657.643436][T20379] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 657.742799][T20379] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 657.813368][T20382] netlink: 104 bytes leftover after parsing attributes in process `syz.6.6130'. [ 657.946935][T20386] loop1: detected capacity change from 0 to 8 [ 658.381591][T20397] loop7: detected capacity change from 0 to 2048 [ 658.654424][T20407] [U] [ 658.657220][T20407] [U] [ 658.659955][T20407] [U] [ 658.662692][T20407] [U] [ 658.683466][T20407] [U] [ 658.686296][T20407] [U] [ 658.689125][T20407] [U] [ 658.691874][T20407] [U] [ 658.744654][T20407] [U] [ 658.747444][T20407] [U] [ 658.750178][T20407] [U] [ 658.762191][ T24] usb 7-1: new full-speed USB device number 16 using dummy_hcd [ 658.795376][T20405] [U] [ 658.949511][ T24] usb 7-1: unable to get BOS descriptor or descriptor too short [ 658.984153][ T24] usb 7-1: not running at top speed; connect to a high speed hub [ 659.019536][ T24] usb 7-1: New USB device found, idVendor=18d1, idProduct=2d05, bcdDevice= 0.40 [ 659.046663][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.060890][T20421] netlink: 'syz.7.6150': attribute type 49 has an invalid length. [ 659.079097][ T24] usb 7-1: Product: syz [ 659.091806][ T24] usb 7-1: Manufacturer: syz [ 659.107522][ T24] usb 7-1: SerialNumber: syz [ 659.126829][T20421] bond0: (slave bond_slave_0): Releasing backup interface [ 659.233268][T20421] bond_slave_0: entered promiscuous mode [ 659.251968][T20421] bond_slave_0: entered allmulticast mode [ 659.408174][ T24] usb 7-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 659.492041][ T24] usb 7-1: found format II with max.bitrate = 9, frame size=0 [ 659.525660][ T24] usb 7-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 659.694911][T20437] ipt_rpfilter: unknown options [ 659.779983][ T24] usb 7-1: USB disconnect, device number 16 [ 659.975205][ T31] audit: type=1326 audit(659.942:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20446 comm="syz.7.6162" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 660.035733][ T5644] udevd[5644]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 660.076860][ T31] audit: type=1326 audit(659.942:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20446 comm="syz.7.6162" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 660.091601][T20449] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 660.127005][T20451] loop1: detected capacity change from 0 to 512 [ 660.163060][T20451] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 660.182054][ T31] audit: type=1326 audit(659.972:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20446 comm="syz.7.6162" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 660.256608][T20451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 660.284973][ T31] audit: type=1326 audit(660.022:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20446 comm="syz.7.6162" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe491f9ce59 code=0x7ffc0000 [ 660.526121][T20439] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 660.587221][T20471] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 660.789106][T20476] netlink: 'syz.0.6172': attribute type 1 has an invalid length. [ 660.803171][T17491] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 660.987819][T17491] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 661.055234][T17491] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 661.136056][T17491] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 661.204995][T17491] usb 7-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 661.252570][T17491] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 661.305904][T17491] usb 7-1: Product: syz [ 661.328134][T17491] usb 7-1: Manufacturer: syz [ 661.354950][T17491] usb 7-1: SerialNumber: syz [ 661.383382][T17491] usb 7-1: config 0 descriptor?? [ 661.405209][T20470] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 661.441996][T20470] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 661.487974][T17491] usb 7-1: ucan: probing device on interface #0 [ 661.711672][T20494] bond2: option arp_validate: invalid value (2048) [ 661.750441][T17491] usb 7-1: ucan: device protocol version 0 is not supported [ 661.763994][T20494] bond2 (unregistering): Released all slaves [ 661.781469][T17491] usb 7-1: ucan: probe failed; try to update the device firmware [ 661.792136][T17962] Bluetooth: hci0: command 0x0406 tx timeout [ 661.886215][ T5627] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 662.056500][ T5772] usb 7-1: USB disconnect, device number 17 [ 662.429644][T20515] tmpfs: Bad value for 'size' [ 662.899013][T20525] xt_TCPMSS: Only works on TCP SYN packets [ 663.233832][T20536] loop7: detected capacity change from 0 to 1024 [ 663.284206][T20536] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 663.326793][T20536] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 663.384402][T20536] EXT4-fs error (device loop7): ext4_get_journal_inode:5896: inode #32: comm syz.7.6196: iget: special inode unallocated [ 663.445332][T20536] loop7: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117 [ 663.445386][T20536] EXT4-fs (loop7): Remounting filesystem read-only [ 663.488812][T20548] loop1: detected capacity change from 0 to 256 [ 663.513394][T20536] EXT4-fs (loop7): no journal found [ 663.530423][T20536] EXT4-fs (loop7): can't get journal size [ 663.568556][T20536] EXT4-fs (loop7): write access unavailable, skipping orphan cleanup [ 663.609185][T20536] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 663.701133][T20548] FAT-fs (loop1): Directory bread(block 64) failed [ 663.741951][T20548] FAT-fs (loop1): Directory bread(block 65) failed [ 663.760699][T20548] FAT-fs (loop1): Directory bread(block 66) failed [ 663.795273][T20548] FAT-fs (loop1): Directory bread(block 67) failed [ 663.830041][T20548] FAT-fs (loop1): Directory bread(block 68) failed [ 663.875992][T20548] FAT-fs (loop1): Directory bread(block 69) failed [ 663.913959][T20548] FAT-fs (loop1): Directory bread(block 70) failed [ 663.925247][T18415] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 663.946993][T20548] FAT-fs (loop1): Directory bread(block 71) failed [ 663.962395][T20548] FAT-fs (loop1): Directory bread(block 72) failed [ 664.010060][T20548] FAT-fs (loop1): Directory bread(block 73) failed [ 664.064460][T20555] loop2: detected capacity change from 0 to 4096 [ 664.108654][T20555] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 664.209799][T20555] ntfs3(loop2): ino=19, mi_enum_attr [ 664.311451][T20555] ntfs3(loop2): failed to convert "c46c" to cp855 [ 664.350332][T20555] ntfs3(loop2): ino=20, mi_enum_attr [ 664.878811][T20579] loop0: detected capacity change from 0 to 512 [ 664.931893][T20579] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 665.003159][T20579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.213108][T20592] netlink: 156 bytes leftover after parsing attributes in process `syz.2.6220'. [ 665.250082][T20592] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 665.321667][T20597] QAT: Device 7 not found [ 665.607649][T20607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6228'. [ 665.607687][T20607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6228'. [ 666.601380][ T5624] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 666.718183][T20635] loop2: detected capacity change from 0 to 128 [ 667.050414][T20646] kAFS: unable to lookup cell '/,' [ 667.548436][T20655] loop1: detected capacity change from 0 to 4096 [ 667.637923][T20655] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 667.713225][T20655] ntfs3(loop1): ino=1a, mi_enum_attr [ 667.730938][T20655] ntfs3(loop1): ino=1a, mi_enum_attr [ 667.754902][T20655] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 667.900746][T20671] netlink: 'syz.0.6257': attribute type 11 has an invalid length. [ 667.932943][T20671] netlink: 199828 bytes leftover after parsing attributes in process `syz.0.6257'. [ 667.987727][T20655] ntfs3(loop1): ino=1a, mi_enum_attr [ 668.233813][T20685] loop5: detected capacity change from 0 to 136 [ 668.686960][T17962] Bluetooth: hci4: unexpected event for opcode 0x2016 [ 669.235798][T20714] sit1: entered promiscuous mode [ 669.624722][T20730] vlan0: entered promiscuous mode [ 669.770847][T20734] overlayfs: unescaped trailing colons in lowerdir mount option. [ 670.059929][ T5633] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 670.225242][ T5633] usb 2-1: Using ep0 maxpacket: 16 [ 670.253252][ T5633] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 670.293936][ T5633] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 670.337665][ T5633] usb 2-1: config 0 descriptor?? [ 670.376995][T20752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6296'. [ 670.414808][ T5633] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 670.491752][ T5772] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 670.552275][T20758] netlink: 108 bytes leftover after parsing attributes in process `syz.0.6299'. [ 670.578849][T20758] netlink: 108 bytes leftover after parsing attributes in process `syz.0.6299'. [ 670.595604][ T5633] usb 2-1: Detected FT232B [ 670.681392][ T5772] usb 6-1: Using ep0 maxpacket: 16 [ 670.692461][ T5772] usb 6-1: unable to get BOS descriptor or descriptor too short [ 670.715432][ T5772] usb 6-1: config 1 has an invalid interface number: 93 but max is 0 [ 670.750008][ T5772] usb 6-1: config 1 has no interface number 0 [ 670.772162][ T5772] usb 6-1: config 1 interface 93 has no altsetting 0 [ 670.790870][T20764] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 670.797459][T20764] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 670.806149][ T5772] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=56.2a [ 670.815839][ T5633] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 670.841957][ T5633] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 670.860587][ T5772] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.869267][T20767] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(6) [ 670.875873][T20767] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 670.892427][ T5633] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 670.904927][ T5772] usb 6-1: Product: syz [ 670.927083][T20764] vhci_hcd vhci_hcd.0: Device attached [ 670.930322][ T5772] usb 6-1: Manufacturer: syz [ 670.944735][ T5633] usb 2-1: USB disconnect, device number 24 [ 670.951653][ T5772] usb 6-1: SerialNumber: syz [ 670.963503][T20767] vhci_hcd vhci_hcd.0: Device attached [ 671.050531][ T5633] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 671.072102][T20765] vhci_hcd: connection closed [ 671.079765][T15898] vhci_hcd vhci_hcd.2: stop threads [ 671.091945][T20768] vhci_hcd: connection closed [ 671.103116][ T5633] ftdi_sio 2-1:0.0: device disconnected [ 671.115224][T15898] vhci_hcd vhci_hcd.2: release socket [ 671.122327][T15898] vhci_hcd vhci_hcd.2: disconnect device [ 671.128819][T15898] vhci_hcd vhci_hcd.2: stop threads [ 671.137601][T15898] vhci_hcd vhci_hcd.2: release socket [ 671.148331][T15898] vhci_hcd vhci_hcd.2: disconnect device [ 671.182458][T17491] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 671.194659][T17491] usb 37-1: enqueue for inactive port 0 [ 671.262003][T20779] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 671.267817][ T5772] option 6-1:1.93: GSM modem (1-port) converter detected [ 671.283905][T17491] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 671.311156][ T5772] usb 6-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 671.357477][ T5772] usb 6-1: USB disconnect, device number 29 [ 671.438953][ T5772] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 671.483323][T20777] loop0: detected capacity change from 0 to 4096 [ 671.487280][ T5772] option 6-1:1.93: device disconnected [ 671.490208][T20783] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 671.507787][T20777] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 671.629494][T20777] ntfs3(loop0): ino=19, mi_enum_attr [ 671.700341][T20777] ntfs3(loop0): failed to convert "c46c" to cp855 [ 671.728234][T20777] ntfs3(loop0): ino=20, mi_enum_attr [ 672.326465][T20805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6319'. [ 672.591550][T20816] loop2: detected capacity change from 0 to 256 [ 672.748387][T20816] FAT-fs (loop2): Directory bread(block 64) failed [ 672.780291][T20816] FAT-fs (loop2): Directory bread(block 65) failed [ 672.821967][T20816] FAT-fs (loop2): Directory bread(block 66) failed [ 672.862367][T20816] FAT-fs (loop2): Directory bread(block 67) failed [ 672.892123][T20816] FAT-fs (loop2): Directory bread(block 68) failed [ 672.923869][T20816] FAT-fs (loop2): Directory bread(block 69) failed [ 672.957815][T20816] FAT-fs (loop2): Directory bread(block 70) failed [ 672.994156][T20816] FAT-fs (loop2): Directory bread(block 71) failed [ 673.030166][T20816] FAT-fs (loop2): Directory bread(block 72) failed [ 673.062833][T20816] FAT-fs (loop2): Directory bread(block 73) failed [ 673.096048][T20828] loop6: detected capacity change from 0 to 4096 [ 673.172225][T20828] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 673.264955][T20828] ntfs3(loop6): ino=1a, mi_enum_attr [ 673.299544][T20828] ntfs3(loop6): ino=1a, mi_enum_attr [ 673.322531][T20828] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 673.393400][ T24] usb 6-1: new full-speed USB device number 30 using dummy_hcd [ 673.487745][T20828] ntfs3(loop6): ino=1a, mi_enum_attr [ 673.585467][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 673.649452][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 96, setting to 64 [ 673.709766][ T24] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 673.786417][ T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 673.844391][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 673.886326][ T24] usb 6-1: SerialNumber: syz [ 673.938838][T20833] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 673.992497][ T24] hub 6-1:1.0: bad descriptor, ignoring hub [ 674.031646][ T24] hub 6-1:1.0: probe with driver hub failed with error -5 [ 674.230744][T20833] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 674.302769][T20859] loop1: detected capacity change from 0 to 4096 [ 674.356454][T20859] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 674.484105][ T24] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 674.555370][T20859] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 674.572410][ T24] usb 6-1: USB disconnect, device number 30 [ 675.443540][T20901] netlink: 'syz.5.6358': attribute type 7 has an invalid length. [ 675.487758][T20901] netlink: 'syz.5.6358': attribute type 8 has an invalid length. [ 675.586472][T20904] loop6: detected capacity change from 0 to 256 [ 675.594251][T20908] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 675.673709][T20904] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 675.818176][T20907] loop1: detected capacity change from 0 to 4096 [ 675.855378][T20907] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 676.005363][T20907] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 676.055185][T20907] ntfs3(loop1): ino=19, mi_enum_attr [ 676.224205][T20920] loop5: detected capacity change from 0 to 1024 [ 676.414590][T20927] loop0: detected capacity change from 0 to 16 [ 676.447191][T20927] erofs (device loop0): mounted with root inode @ nid 36. [ 676.515106][T20927] erofs (device loop0): readahead error at folio 2 @ nid 89 [ 676.523700][T20927] erofs (device loop0): readahead error at folio 1 @ nid 89 [ 676.531208][T20927] erofs (device loop0): readahead error at folio 0 @ nid 89 [ 676.540388][T20927] erofs (device loop0): read error -117 @ 0 of nid 89 [ 676.551339][ T31] audit: type=1800 audit(932.523:209): pid=20927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.6368" name="file3" dev="loop0" ino=89 res=0 errno=0 [ 676.681145][T20925] bond4: entered promiscuous mode [ 676.725439][T20925] 8021q: adding VLAN 0 to HW filter on device bond4 [ 677.348862][T20953] No such timeout policy "syz0" [ 678.077128][T20981] netlink: 'syz.2.6393': attribute type 1 has an invalid length. [ 678.281335][T20985] loop0: detected capacity change from 0 to 256 [ 678.328741][T20985] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 678.967297][ T5759] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 678.993781][ T5772] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 679.157121][ T5759] usb 3-1: Using ep0 maxpacket: 16 [ 679.178932][ T5759] usb 3-1: unable to get BOS descriptor or descriptor too short [ 679.187540][ T5772] usb 1-1: Using ep0 maxpacket: 32 [ 679.206100][ T5772] usb 1-1: unable to get BOS descriptor or descriptor too short [ 679.223146][ T5759] usb 3-1: config 1 has an invalid interface number: 93 but max is 0 [ 679.238447][ T5772] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 679.253176][ T5759] usb 3-1: config 1 has no interface number 0 [ 679.276419][ T5759] usb 3-1: config 1 interface 93 has no altsetting 0 [ 679.284339][ T5772] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 679.307746][ T5772] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.326684][ T5772] usb 1-1: Product: syz [ 679.333904][ T5759] usb 3-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=56.2a [ 679.353304][ T5772] usb 1-1: Manufacturer: syz [ 679.361015][ T5759] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 679.375218][ T5772] usb 1-1: SerialNumber: syz [ 679.390796][ T5759] usb 3-1: Product: syz [ 679.401943][ T5759] usb 3-1: Manufacturer: syz [ 679.416982][ T5759] usb 3-1: SerialNumber: syz [ 679.619296][ T5772] usb 1-1: Invalid number of CPorts: 0 [ 679.627189][ T5772] es2_ap_driver 1-1:7.0: probe with driver es2_ap_driver failed with error -22 [ 679.678691][ T5759] option 3-1:1.93: GSM modem (1-port) converter detected [ 679.715081][ T5759] usb 3-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 679.747902][ T5759] usb 3-1: USB disconnect, device number 24 [ 679.805263][ T5759] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 679.848021][ T5759] option 3-1:1.93: device disconnected [ 679.866279][ T5772] usb 1-1: USB disconnect, device number 28 [ 680.266001][T21049] loop5: detected capacity change from 0 to 64 [ 680.313739][T21049] hfs: unable to locate alternate MDB [ 680.343424][T21049] hfs: continuing without an alternate MDB [ 680.428786][ T31] audit: type=1800 audit(936.395:210): pid=21049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6427" name="file1" dev="loop5" ino=22 res=0 errno=0 [ 680.590280][ T1169] [ 680.592659][ T1169] ====================================================== [ 680.599779][ T1169] WARNING: possible circular locking dependency detected [ 680.606812][ T1169] syzkaller #0 Not tainted [ 680.611325][ T1169] ------------------------------------------------------ [ 680.618441][ T1169] kworker/u8:9/1169 is trying to acquire lock: [ 680.624607][ T1169] ffff8880568019f0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0 [ 680.635554][ T1169] [ 680.635554][ T1169] but task is already holding lock: [ 680.643109][ T1169] ffff8880363d80a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 680.652588][ T1169] [ 680.652588][ T1169] which lock already depends on the new lock. [ 680.652588][ T1169] [ 680.663005][ T1169] [ 680.663005][ T1169] the existing dependency chain (in reverse order) is: [ 680.672020][ T1169] [ 680.672020][ T1169] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 680.679979][ T1169] __mutex_lock+0x1a4/0x1b10 [ 680.685111][ T1169] hfs_find_init+0x273/0x330 [ 680.690243][ T1169] hfs_ext_read_extent+0x19d/0x9d0 [ 680.696001][ T1169] hfs_extend_file+0x4ff/0xcf0 [ 680.701409][ T1169] hfs_bmap_reserve+0x2ab/0x3a0 [ 680.706872][ T1169] hfs_cat_create+0x348/0x980 [ 680.712273][ T1169] hfs_create+0x7e/0x110 [ 680.717151][ T1169] lookup_open.isra.0+0xc47/0x11b0 [ 680.722819][ T1169] path_openat+0x2291/0x31a0 [ 680.727943][ T1169] do_file_open+0x20e/0x430 [ 680.732978][ T1169] do_sys_openat2+0x10d/0x1e0 [ 680.738193][ T1169] __x64_sys_open+0xfe/0x1d0 [ 680.743317][ T1169] do_syscall_64+0x10b/0xf80 [ 680.748546][ T1169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 680.755070][ T1169] [ 680.755070][ T1169] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 680.764348][ T1169] __lock_acquire+0x14b8/0x2630 [ 680.769747][ T1169] lock_acquire+0x1b1/0x370 [ 680.774806][ T1169] __mutex_lock+0x1a4/0x1b10 [ 680.780026][ T1169] hfs_extend_file+0xa6/0xcf0 [ 680.785341][ T1169] hfs_bmap_reserve+0x2ab/0x3a0 [ 680.790735][ T1169] __hfs_ext_write_extent+0x3c4/0x510 [ 680.796695][ T1169] hfs_ext_write_extent+0x1b7/0x200 [ 680.802730][ T1169] hfs_write_inode+0xce/0xab0 [ 680.808126][ T1169] __writeback_single_inode+0xcd4/0x1350 [ 680.814318][ T1169] writeback_sb_inodes+0x766/0x1c60 [ 680.820074][ T1169] wb_writeback+0x1bf/0xb90 [ 680.825301][ T1169] wb_workfn+0x14f/0xc00 [ 680.830103][ T1169] process_one_work+0xa0e/0x1980 [ 680.835582][ T1169] worker_thread+0x5ef/0xe50 [ 680.840718][ T1169] kthread+0x370/0x450 [ 680.845329][ T1169] ret_from_fork+0x72b/0xd50 [ 680.850459][ T1169] ret_from_fork_asm+0x1a/0x30 [ 680.855944][ T1169] [ 680.855944][ T1169] other info that might help us debug this: [ 680.855944][ T1169] [ 680.866256][ T1169] Possible unsafe locking scenario: [ 680.866256][ T1169] [ 680.873803][ T1169] CPU0 CPU1 [ 680.879250][ T1169] ---- ---- [ 680.884610][ T1169] lock(&tree->tree_lock/1); [ 680.889311][ T1169] lock(&HFS_I(tree->inode)->extents_lock); [ 680.897954][ T1169] lock(&tree->tree_lock/1); [ 680.905179][ T1169] lock(&HFS_I(tree->inode)->extents_lock); [ 680.911170][ T1169] [ 680.911170][ T1169] *** DEADLOCK *** [ 680.911170][ T1169] [ 680.919398][ T1169] 3 locks held by kworker/u8:9/1169: [ 680.924826][ T1169] #0: ffff88801eab6140 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 680.935600][ T1169] #1: ffffc90005be7d08 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 680.947624][ T1169] #2: ffff8880363d80a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 680.957449][ T1169] [ 680.957449][ T1169] stack backtrace: [ 680.963342][ T1169] CPU: 0 UID: 0 PID: 1169 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) [ 680.963383][ T1169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 680.963410][ T1169] Workqueue: writeback wb_workfn (flush-7:5) [ 680.963476][ T1169] Call Trace: [ 680.963490][ T1169] [ 680.963504][ T1169] dump_stack_lvl+0x100/0x190 [ 680.963542][ T1169] print_circular_bug.cold+0x178/0x1c7 [ 680.963608][ T1169] check_noncircular+0x146/0x160 [ 680.963645][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.963697][ T1169] __lock_acquire+0x14b8/0x2630 [ 680.963743][ T1169] ? __pfx_stack_trace_save+0x10/0x10 [ 680.963781][ T1169] lock_acquire+0x1b1/0x370 [ 680.963821][ T1169] ? hfs_extend_file+0xa6/0xcf0 [ 680.963878][ T1169] ? __pfx___might_resched+0x10/0x10 [ 680.963927][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.963969][ T1169] ? add_lock_to_list+0x99/0x110 [ 680.964005][ T1169] __mutex_lock+0x1a4/0x1b10 [ 680.964039][ T1169] ? hfs_extend_file+0xa6/0xcf0 [ 680.964094][ T1169] ? hfs_extend_file+0xa6/0xcf0 [ 680.964149][ T1169] ? hfs_write_inode+0xce/0xab0 [ 680.964182][ T1169] ? __writeback_single_inode+0xcd4/0x1350 [ 680.964240][ T1169] ? __pfx___mutex_lock+0x10/0x10 [ 680.964273][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964316][ T1169] ? lock_acquire+0x1b1/0x370 [ 680.964366][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964409][ T1169] ? trace_contention_end+0x122/0x170 [ 680.964456][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964503][ T1169] ? hfs_extend_file+0xa6/0xcf0 [ 680.964556][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964598][ T1169] hfs_extend_file+0xa6/0xcf0 [ 680.964660][ T1169] ? __pfx_hfs_extend_file+0x10/0x10 [ 680.964714][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964765][ T1169] hfs_bmap_reserve+0x2ab/0x3a0 [ 680.964819][ T1169] __hfs_ext_write_extent+0x3c4/0x510 [ 680.964874][ T1169] ? hfs_find_init+0x273/0x330 [ 680.964914][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.964959][ T1169] hfs_ext_write_extent+0x1b7/0x200 [ 680.965014][ T1169] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 680.965076][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.965118][ T1169] ? __mpage_writepages+0x1a8/0x210 [ 680.965154][ T1169] ? __pfx___mpage_writepages+0x10/0x10 [ 680.965190][ T1169] hfs_write_inode+0xce/0xab0 [ 680.965225][ T1169] ? __pfx_hfs_write_inode+0x10/0x10 [ 680.965259][ T1169] ? __lock_acquire+0x4a5/0x2630 [ 680.965312][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 680.965368][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 680.965422][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.965471][ T1169] __writeback_single_inode+0xcd4/0x1350 [ 680.965532][ T1169] ? __pfx___writeback_single_inode+0x10/0x10 [ 680.965587][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.965636][ T1169] ? do_raw_spin_unlock+0x145/0x1e0 [ 680.965686][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.965732][ T1169] writeback_sb_inodes+0x766/0x1c60 [ 680.965798][ T1169] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 680.965853][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 680.965905][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.965976][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966020][ T1169] ? rcu_is_watching+0x12/0xc0 [ 680.966073][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966120][ T1169] ? queue_io+0x287/0x540 [ 680.966168][ T1169] wb_writeback+0x1bf/0xb90 [ 680.966228][ T1169] ? __pfx_wb_writeback+0x10/0x10 [ 680.966288][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966330][ T1169] ? mark_held_locks+0x40/0x70 [ 680.966371][ T1169] ? _raw_spin_unlock_irq+0x23/0x50 [ 680.966423][ T1169] wb_workfn+0x14f/0xc00 [ 680.966480][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966522][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 680.966576][ T1169] ? __pfx_wb_workfn+0x10/0x10 [ 680.966638][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966683][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966727][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966769][ T1169] ? rcu_is_watching+0x12/0xc0 [ 680.966819][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.966865][ T1169] process_one_work+0xa0e/0x1980 [ 680.966919][ T1169] ? __pfx_process_one_work+0x10/0x10 [ 680.966961][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.967011][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.967057][ T1169] worker_thread+0x5ef/0xe50 [ 680.967105][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 680.967149][ T1169] ? kthread+0x13a/0x450 [ 680.967185][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 680.967227][ T1169] kthread+0x370/0x450 [ 680.967264][ T1169] ? __pfx_kthread+0x10/0x10 [ 680.967303][ T1169] ret_from_fork+0x72b/0xd50 [ 680.967346][ T1169] ? __pfx_ret_from_fork+0x10/0x10 [ 680.967389][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 680.967431][ T1169] ? __switch_to+0x800/0x1100 [ 680.967481][ T1169] ? __switch_to_asm+0x39/0x70 [ 680.967529][ T1169] ? __pfx_kthread+0x10/0x10 [ 680.967569][ T1169] ret_from_fork_asm+0x1a/0x30 [ 680.967634][ T1169] [ 681.174924][T21054] loop6: detected capacity change from 0 to 32768 [ 681.250950][ T1169] hfs: new node 0 already hashed? [ 681.318794][T21054] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6429 (21054) [ 681.319624][ T1169] ------------[ cut here ]------------ [ 681.338917][T21054] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 681.339667][ T1169] 1 [ 681.349833][T21054] BTRFS info (device loop6): using sha256 checksum algorithm [ 681.351174][ T1169] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create.cold+0x41/0x49, CPU#0: kworker/u8:9/1169 [ 681.471377][T21069] new mount options do not match the existing superblock, will be ignored [ 681.482231][ T1169] Modules linked in: [ 681.482267][ T1169] CPU: 0 UID: 0 PID: 1169 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) [ 681.540900][ T1169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 681.551040][ T1169] Workqueue: writeback wb_workfn (flush-7:5) [ 681.557255][ T1169] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 681.563315][ T1169] Code: 35 11 65 0a e9 97 35 d1 01 e8 1b 1f e1 00 4c 89 f7 e8 23 11 65 0a e8 0e 1f e1 00 89 ee 48 c7 c7 40 e3 d1 8b e8 50 df fa ff 90 <0f> 0b 90 e9 99 38 d1 01 e8 f2 1e e1 00 e8 8d 5b 4d 00 e9 f5 3a d1 [ 681.583143][ T1169] RSP: 0018:ffffc90005be7020 EFLAGS: 00010282 [ 681.589755][ T1169] RAX: 000000000000001f RBX: ffff888045aba700 RCX: 0000000000000000 [ 681.598095][ T1169] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000b7cdf5 [ 681.606407][ T1169] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 681.614532][ T1169] R10: 0000000080000000 R11: 303578302f333220 R12: dffffc0000000000 [ 681.622612][ T1169] R13: ffff8880363d8000 R14: ffff8880363d80d8 R15: 0000000000000000 [ 681.630663][ T1169] FS: 0000000000000000(0000) GS:ffff88812436e000(0000) knlGS:0000000000000000 [ 681.639692][ T1169] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 681.646361][ T1169] CR2: 0000001b32d20ff8 CR3: 0000000029530000 CR4: 0000000000350ef0 [ 681.654395][ T1169] Call Trace: [ 681.657942][ T1169] [ 681.660903][ T1169] ? _raw_spin_unlock+0x28/0x50 [ 681.665850][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.671570][ T1169] ? hfs_bnode_put+0x208/0x480 [ 681.676447][ T1169] hfs_bmap_alloc+0x5a7/0x6b0 [ 681.681184][ T1169] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 681.686496][ T1169] ? __asan_memcpy+0x3c/0x60 [ 681.691253][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.697330][ T1169] ? hfs_bnode_read.part.0+0x298/0x330 [ 681.703199][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.709195][ T1169] ? folio_mark_accessed+0xf3/0x1040 [ 681.714667][ T1169] hfs_btree_inc_height.isra.0+0xff/0x820 [ 681.720495][ T1169] ? rcu_is_watching+0x12/0xc0 [ 681.725338][ T1169] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 681.731763][ T1169] ? do_raw_spin_unlock+0x145/0x1e0 [ 681.737079][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.742782][ T1169] ? _raw_spin_unlock+0x28/0x50 [ 681.747735][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.753507][ T1169] ? hfs_bnode_put+0x208/0x480 [ 681.758429][ T1169] hfs_brec_insert+0x8ba/0xc20 [ 681.763272][ T1169] ? __pfx_hfs_brec_insert+0x10/0x10 [ 681.768883][ T1169] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 681.773987][ T1169] __hfs_ext_write_extent+0x3ef/0x510 [ 681.779817][ T1169] ? hfs_find_init+0x273/0x330 [ 681.784660][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.790460][ T1169] hfs_ext_write_extent+0x1b7/0x200 [ 681.795771][ T1169] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 681.801860][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.807920][ T1169] ? __mpage_writepages+0x1a8/0x210 [ 681.813215][ T1169] ? __pfx___mpage_writepages+0x10/0x10 [ 681.818946][ T1169] hfs_write_inode+0xce/0xab0 [ 681.823696][ T1169] ? __pfx_hfs_write_inode+0x10/0x10 [ 681.829085][T21054] BTRFS info (device loop6): enabling ssd optimizations [ 681.829104][ T1169] ? __lock_acquire+0x4a5/0x2630 [ 681.838456][T21054] BTRFS info (device loop6): turning on async discard [ 681.841266][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 681.854258][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 681.859509][T21054] BTRFS info (device loop6): enabling free space tree [ 681.860220][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.872708][ T1169] __writeback_single_inode+0xcd4/0x1350 [ 681.878517][ T1169] ? __pfx___writeback_single_inode+0x10/0x10 [ 681.884836][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.890625][ T1169] ? do_raw_spin_unlock+0x145/0x1e0 [ 681.895914][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.897595][T21054] BTRFS info (device loop6): enabling auto defrag [ 681.901795][ T1169] writeback_sb_inodes+0x766/0x1c60 [ 681.914315][ T1169] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 681.920080][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 681.926003][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.930985][T21054] BTRFS info (device loop6): max_inline set to 4096 [ 681.931890][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.944420][ T1169] ? rcu_is_watching+0x12/0xc0 [ 681.949303][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.955271][ T1169] ? queue_io+0x287/0x540 [ 681.959854][ T1169] wb_writeback+0x1bf/0xb90 [ 681.964546][ T1169] ? __pfx_wb_writeback+0x10/0x10 [ 681.969701][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.975411][ T1169] ? mark_held_locks+0x40/0x70 [ 681.980301][ T1169] ? _raw_spin_unlock_irq+0x23/0x50 [ 681.985579][ T1169] wb_workfn+0x14f/0xc00 [ 681.989921][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 681.995715][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 682.001657][ T1169] ? __pfx_wb_workfn+0x10/0x10 [ 682.006831][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.012521][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.018704][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.024418][ T1169] ? rcu_is_watching+0x12/0xc0 [ 682.029369][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.035044][ T1169] process_one_work+0xa0e/0x1980 [ 682.040150][ T1169] ? __pfx_process_one_work+0x10/0x10 [ 682.045808][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.051516][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.057279][ T1169] worker_thread+0x5ef/0xe50 [ 682.061925][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 682.067231][ T1169] ? kthread+0x13a/0x450 [ 682.071551][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 682.076935][ T1169] kthread+0x370/0x450 [ 682.081043][ T1169] ? __pfx_kthread+0x10/0x10 [ 682.085723][ T1169] ret_from_fork+0x72b/0xd50 [ 682.090405][ T1169] ? __pfx_ret_from_fork+0x10/0x10 [ 682.095692][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.101367][ T1169] ? __switch_to+0x800/0x1100 [ 682.106153][ T1169] ? __switch_to_asm+0x39/0x70 [ 682.111279][ T1169] ? __pfx_kthread+0x10/0x10 [ 682.116273][ T1169] ret_from_fork_asm+0x1a/0x30 [ 682.121255][ T1169] [ 682.124282][ T1169] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 682.131636][ T1169] CPU: 0 UID: 0 PID: 1169 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) [ 682.141352][ T1169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 682.151610][ T1169] Workqueue: writeback wb_workfn (flush-7:5) [ 682.157639][ T1169] Call Trace: [ 682.160971][ T1169] [ 682.163910][ T1169] dump_stack_lvl+0x100/0x190 [ 682.168686][ T1169] vpanic+0x552/0x970 [ 682.172676][ T1169] ? __pfx_vpanic+0x10/0x10 [ 682.177207][ T1169] ? lock_release+0x245/0x310 [ 682.182149][ T1169] panic+0xd1/0xe0 [ 682.186135][ T1169] ? __pfx_panic+0x10/0x10 [ 682.191142][ T1169] ? check_panic_on_warn+0x1f/0x90 [ 682.196874][ T1169] check_panic_on_warn.cold+0x19/0x34 [ 682.202299][ T1169] ? hfs_bnode_create.cold+0x41/0x49 [ 682.207618][ T1169] __warn.cold+0x191/0x328 [ 682.212056][ T1169] __report_bug+0x296/0x3d0 [ 682.216599][ T1169] ? hfs_bnode_create.cold+0x41/0x49 [ 682.221995][ T1169] ? __pfx___report_bug+0x10/0x10 [ 682.227230][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.232980][ T1169] ? preempt_schedule_thunk+0x16/0x30 [ 682.238399][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.244070][ T1169] ? preempt_count_add+0x76/0x150 [ 682.249238][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.254956][ T1169] ? __wake_up_klogd+0xe2/0x140 [ 682.259846][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.265523][ T1169] ? vprintk_emit+0x1c9/0x6b0 [ 682.270329][ T1169] ? __pfx_vprintk_emit+0x10/0x10 [ 682.275424][ T1169] ? hfs_bnode_create.cold+0x41/0x49 [ 682.280764][ T1169] report_bug+0xb2/0x220 [ 682.285051][ T1169] ? hfs_bnode_create.cold+0x41/0x49 [ 682.290360][ T1169] handle_bug+0x16a/0x2a0 [ 682.294739][ T1169] exc_invalid_op+0x17/0x50 [ 682.299265][ T1169] asm_exc_invalid_op+0x1a/0x20 [ 682.304130][ T1169] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 682.310133][ T1169] Code: 35 11 65 0a e9 97 35 d1 01 e8 1b 1f e1 00 4c 89 f7 e8 23 11 65 0a e8 0e 1f e1 00 89 ee 48 c7 c7 40 e3 d1 8b e8 50 df fa ff 90 <0f> 0b 90 e9 99 38 d1 01 e8 f2 1e e1 00 e8 8d 5b 4d 00 e9 f5 3a d1 [ 682.329769][ T1169] RSP: 0018:ffffc90005be7020 EFLAGS: 00010282 [ 682.335861][ T1169] RAX: 000000000000001f RBX: ffff888045aba700 RCX: 0000000000000000 [ 682.343859][ T1169] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000b7cdf5 [ 682.351935][ T1169] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 682.359930][ T1169] R10: 0000000080000000 R11: 303578302f333220 R12: dffffc0000000000 [ 682.368001][ T1169] R13: ffff8880363d8000 R14: ffff8880363d80d8 R15: 0000000000000000 [ 682.376077][ T1169] ? vprintk_emit+0x1c9/0x6b0 [ 682.380809][ T1169] ? _raw_spin_unlock+0x28/0x50 [ 682.385690][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.391378][ T1169] ? hfs_bnode_put+0x208/0x480 [ 682.396264][ T1169] hfs_bmap_alloc+0x5a7/0x6b0 [ 682.400977][ T1169] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 682.406285][ T1169] ? __asan_memcpy+0x3c/0x60 [ 682.410896][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.416554][ T1169] ? hfs_bnode_read.part.0+0x298/0x330 [ 682.422044][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.427702][ T1169] ? folio_mark_accessed+0xf3/0x1040 [ 682.433111][ T1169] hfs_btree_inc_height.isra.0+0xff/0x820 [ 682.438866][ T1169] ? rcu_is_watching+0x12/0xc0 [ 682.443670][ T1169] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 682.450120][ T1169] ? do_raw_spin_unlock+0x145/0x1e0 [ 682.455352][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.461016][ T1169] ? _raw_spin_unlock+0x28/0x50 [ 682.465928][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.471632][ T1169] ? hfs_bnode_put+0x208/0x480 [ 682.476437][ T1169] hfs_brec_insert+0x8ba/0xc20 [ 682.481248][ T1169] ? __pfx_hfs_brec_insert+0x10/0x10 [ 682.486572][ T1169] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 682.491844][ T1169] __hfs_ext_write_extent+0x3ef/0x510 [ 682.497271][ T1169] ? hfs_find_init+0x273/0x330 [ 682.502061][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.507730][ T1169] hfs_ext_write_extent+0x1b7/0x200 [ 682.512972][ T1169] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 682.518740][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.524398][ T1169] ? __mpage_writepages+0x1a8/0x210 [ 682.529619][ T1169] ? __pfx___mpage_writepages+0x10/0x10 [ 682.535272][ T1169] hfs_write_inode+0xce/0xab0 [ 682.539967][ T1169] ? __pfx_hfs_write_inode+0x10/0x10 [ 682.545350][ T1169] ? __lock_acquire+0x4a5/0x2630 [ 682.550326][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 682.556191][ T1169] ? __writeback_single_inode+0x454/0x1350 [ 682.562037][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.567788][ T1169] __writeback_single_inode+0xcd4/0x1350 [ 682.573474][ T1169] ? __pfx___writeback_single_inode+0x10/0x10 [ 682.579586][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.585342][ T1169] ? do_raw_spin_unlock+0x145/0x1e0 [ 682.590582][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.596682][ T1169] writeback_sb_inodes+0x766/0x1c60 [ 682.601931][ T1169] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 682.607601][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 682.613540][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.619247][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.624903][ T1169] ? rcu_is_watching+0x12/0xc0 [ 682.629734][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.635411][ T1169] ? queue_io+0x287/0x540 [ 682.639774][ T1169] wb_writeback+0x1bf/0xb90 [ 682.644500][ T1169] ? __pfx_wb_writeback+0x10/0x10 [ 682.649569][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.655343][ T1169] ? mark_held_locks+0x40/0x70 [ 682.660136][ T1169] ? _raw_spin_unlock_irq+0x23/0x50 [ 682.665375][ T1169] wb_workfn+0x14f/0xc00 [ 682.669661][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.675323][ T1169] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 682.681261][ T1169] ? __pfx_wb_workfn+0x10/0x10 [ 682.686238][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.691931][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.697678][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.703333][ T1169] ? rcu_is_watching+0x12/0xc0 [ 682.708130][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.713880][ T1169] process_one_work+0xa0e/0x1980 [ 682.718858][ T1169] ? __pfx_process_one_work+0x10/0x10 [ 682.724347][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.730010][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.735766][ T1169] worker_thread+0x5ef/0xe50 [ 682.740401][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 682.745972][ T1169] ? kthread+0x13a/0x450 [ 682.750232][ T1169] ? __pfx_worker_thread+0x10/0x10 [ 682.755367][ T1169] kthread+0x370/0x450 [ 682.759541][ T1169] ? __pfx_kthread+0x10/0x10 [ 682.764164][ T1169] ret_from_fork+0x72b/0xd50 [ 682.768780][ T1169] ? __pfx_ret_from_fork+0x10/0x10 [ 682.773920][ T1169] ? srso_alias_return_thunk+0x5/0xfbef5 [ 682.779578][ T1169] ? __switch_to+0x800/0x1100 [ 682.784296][ T1169] ? __switch_to_asm+0x39/0x70 [ 682.789088][ T1169] ? __pfx_kthread+0x10/0x10 [ 682.793699][ T1169] ret_from_fork_asm+0x1a/0x30 [ 682.798593][ T1169] [ 682.802284][ T1169] Kernel Offset: disabled [ 682.806704][ T1169] Rebooting in 86400 seconds..