last executing test programs: 3.843741905s ago: executing program 3 (id=4): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002680)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c7379735f696d6d757461626c652c636f6465706167653d3835372c756e695f786c6174653d312c756e695f786c6174653d312c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030352c696f636861727365743d6b6f69382d752c00c766f0a5f3b215e672fadc4e1254d5552d54e8933859fbaa6e765cdbc6081b26cee6a815099e1abfd24253beef4ce763868a5955ca"], 0x66, 0x339, &(0x7f0000000a40)="$eJzs3T1sG2UYAODXvTROIxV7QKpgMmxIqGqCGGBKVBWpIgMUWfwtWDTlJzaVYmEpDHG9gBhBLEgwsXWAsTNiQIiNgZUioQJioVulIg7Zd7HPP0lTCaf8PM8QvXq/7/W9390pvkTJ51fWYuvi8bh08+aNWFoqxcLa2bW4VYpqHIskMlcCAPgvuZWm8XuaufPsD5f3osU59wUAzM/g/f+1k6NE+V52AwAchYN+/i88Cjwzs/jyXFsDAOZk6v3/4bHhiV/zLwz/JgAA+Pd67sWXnl7fiLhQqy1FtN7r1Dv1eHI0vn4p3ohmbMaZqMQfEdmDQva00P/61PmNc2dqfT9Xo96v6NQjWt1OPXtSWE8G9eVYiUpU8/p0WJ/061cG9bWIuNIdHD9apU79eCznx/9hOTZjNSpx/1R9xPmNc6u1/AXqrb36bkQvlvYW0e//dFTiu1fjcjTjYvRrR/3vrtRqZ9ONsfrO1fJgHgAAAAAAAAAAAAAAAAAAAAAAzMPp2lB1uP9N2up23r0wOaE6tj9OPRvO9wfqZfsDpeW93XneTyb3Bxrfn6dTX4hj93TlAAAAAAAAAAAAAAAAAAAA8M/R3lmMRrO5ud3eeWerGHQLmbe++fyrEzE5581klImF7OXG5uS5KFQlMSxPh+VpMjYnD5KI0eSr14YdF+eUh6uYKu8H5amhUt5To9k8+dBPn8yq+nOUSWLqtIwHpfz4haHWfVnqgKr9g9U7zLmepul+5bsfT1dFKWJh6sL9HcHXN15/4LH2qccHmS/zTR8eebTy/PWPPvt1q9GM/NQ0m4vb7dLBl+mgICncP6X8PJdm3Amzg94o09tu7zSS73974cEPvp2YnMxuLC1m3t7/WF9MZhazoN/mYVZ6fMbNPzt4+fbw7r37C3fq07XGtd0ffzlsVeGbhI06AAAAAAAAAAAAAAAAAADgSBT+V/wuPPHs/DoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKM3+vz/QtCbyhwmuN2N6aHy5nZ734OfONKlAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP/ZXAAAA//+TC3R+") creat(0x0, 0x40) creat(&(0x7f0000000b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x104) 3.203171047s ago: executing program 3 (id=5): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mq_notify(0xffffffffffffffff, 0x0) 2.852911553s ago: executing program 3 (id=6): syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f55, &(0x7f000000efc0)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4AlD6tIEArVzDl2TU2Pexx7urrn/H7SuOrr0zV9yv+pqe6pywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL733R+f7kXE5V+nBw5HfCYGEf2I5bo+FvXMxfz8YUQcic3meC4iBosR9fKb/zwTcS4iPjoUcW/j1mr98Jk99uP8qZvXP/n+d/7xuz/dOfLTN3/yQbv9R589++Hvb0cc/uFrH35y+8msOwAAAJSiqqqqlz7mH02f7/tddwoAmIq8/6+S/LharVarn2j9x/5s9UddaN1UjXe7WUTEenOZ+j2Dw/EAMGfW4+Ouu0CH5F+0YUQ81XUngJnW67oD7It7G7dWeynfXnN/cGyrPf+dclv+673713fsNp2kfY7JtH6+7sQgnt2lP8tT6sMsyfn32/lf3mofpeftd/7Tslv+o61Ln4qT8x+082/Zlv+fI2Ju8++Pzb9UOf/ho+S/Ppjj7V/+AAAAAAAcfPnv/4c7Pv67+PirsicPO/57bEp9AAAAAAAAAIAn7XHH/7vP+H8AAAAws+rP6rW/HHrw2G73Yqsfv9SLeLr1fKAw6WKZla77AQAAAAAAAAAAAAAlGW6dw3upF7EQEU+vrFRVVX81tetH9bjLz7vS1x9K1vUveQAA2PLRoda1/L2IpYi4lO71t7CyslJVS8sr1Uq1vJjfz44Wl6rlxufaPK0fWxzt4Q3xcFTV32ypsVzTpM/Lk9rb369+rVE12EPHpqPDwAEgIrb2RvfskQ6Yqnomun6Xw3yw/R88tn/2ouufUwAAAGD/VVVV9dLtvI+mY/79rjsFAEzDUt7/t48LqNVqtVqtPnh1UzXe7WYREevNZer3DIbjB4A5sx4fd90FOiT/og0j4kjXnQBmWq/rDrAv7m3cWu2lfHvN/UEa3z2fC7It//Xe5nJ5+XHTSdrnmEzr5+tODOLZXfrz3JT6MEty/v12/pe32kfpefud/7Tsln+9noc76E/Xcv6Ddv4tByf//tj8S5XzHz5S/gP5AwAAAADADMt//z9c/PFfdz0AAAAAAAAAYH7d27i1mq97zcf/Pz/meb3mnOs/D4ycf2/P+bv+9yDJ+ffb+bdOyBk05u++8SD/f2/cWv3g5r8+l6czn//CYFS/9kKvPxim05yqhbfialyLtTi14/nDbe2nd7QvbGs/M6H97I72Ud2+nNtPxGr8Iq7Fm/fbFyecGLU0ob2a0J7zH9j+i5TzHza+6vxXUnuvNa3dfb+/Y7tvTse9zsW//ffFnVvX9N2Jwf11a6rX73gH/dn8P3lqFL+6sXb9xG+u3Lx5/XSkybZHz0SaPGE5/4X0lfN/6YWt9vx7v7m93n1/9Mj5z4o7Mdw1/xca8/X6vjzlvnUh5z9KXzn/vAcav/3Pc/67b/+vdNAfAAAAAAAAAAAAAAAAeJiqqjYvEb0YERfS9T/uhA8ARfjDD9JMlYRarVar1eoDWzdV473eLGJp+zIXIuK3474ZADDL/hcR/+y6E3RG/gXL9/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z83zwNqjRu9bfzXN+LY3I7/2R8NNsc6Tyv0fDx8/O/j8fDxv4cTXm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2o9r5l/9dd5zr+/Lf+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp7b+7bDH+yvnn8e+dh5oWXL+OXP5lyXn/8VUy78sOf8XUy3/suT88/s9+Zcl558/+8i/LDn/l1Mt/7Lk/L+cavmXJef/SqrlX5ac/1dSLf+y5PxfTbX8y5LzP5Fq+Zcl538y1fIvS84/H+GSf1ly/vnMBvmXJed/JtXyL0vO/2yq5V+WnP+5VMu/LDn/86mWf1ly/hdSLf+y5Py/mmr5lyXn/7VUy78sOf/XUi3/suT8v55q+Zcl5/+NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/q+nWv5leXD/fzNTnvnP3yNmoBtmzIyb6fo3EwAAAAAAAAAAAADQNo3TibteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjiAOLd9df4BCDSUJKSZtSEtKmJTWOvTZO/FXvOgGEylJoSxSkIrUX9KJpEqVRpLYCRZGaSjRCaqT2rlwl4iZqJS4sFSoHJZVSBbY6M+/77szs7Mz6Y+3z8fsh/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBWGz42/ecDWZbl/zf+WJdll+d/X5Ptyb+c23mpVwgAAACcr7caf/7DFemEPcu4UMs2//aB//j+/Pz8fPaFN0+//Zfz8+mMsSwbWp1ljfOif//lL+ZbtwmeykYHBlu+Huxz80N9zh/uc/5In/NX9Tl/dZ/zR/ucv2gHLLKm+fuYxpVtavx1XXOXZldlI43zNnW51FMDqwcH4+9yGgYal5kfOZgdzo5k09nkossMNP7Lspc25Ld1TxZva7DlttZnWXbmZ4/vj2sYCPt4U9Z2Yw2tj90bd2Vjb/7s8f3fmX39vd1m392waKVZtnljvs6ns2zh11XZQLY67ZO4zsGWda7vss6htnUONC6X/71znWeWuc54v0fDOl/psc714bRHrs+ybC5bcptOT2WD2dqOW037e7R5ROTXkT+U78qGz+o42bCM4yS/zGvXtx8nncdk3P8bwj4ZXmINrQ/HG0+uWrTfz/U4ye91EY7V/Lrvy290dLT1V6ttx2q+zeM3LH0MdH3suhwD6VhuOQY29jsGBlcNNY6BwYU1b2w7BqYWXWYwG2jc1ukbeh8DE7NHT0zMPPrYLYeP7js0fWj62NTkzu3bdmzftmPHxMHDR6Ynm3+e3S4tkbXZYDoGN4bXmngMfrBj29ZDcv6bF+55MFqQ50F+3z9zY76gywezJY7xfJunN5//8yB93295Hgy3PA+6vqZ2eR4ML+N5kG9zZvPyvmcOt/zfbQ0r9Vq4ruUYuJTfD/PbfPBDS78Wrg/reuams/1+OLToGIh3ayA89/JT0s97o7eF/bL4uLg2P+OyVdmpmemTWx7ZNzt7cioL46K4suWx6jxe1rbcp2zR8TJ41sfLnr//1Y3Xdjl9XdhXozf3fqzybbaP936sGq/u7ftzVdbcn22nbs3CuMAu9v7s9t0s358pS/TYn/k2T99y/j8LplzS8vo30u/1b2hkuPn6N5T2xkjb69/ih2aosbIsO3PL8l7/RsL/F/v176qCvP7l++rBLb2PgXybZybO9hgY7vn6d32YA2E9HwqJYbQl97/dOH+ueZi2PJZ9j5vh4ZFw3AzHW2w/brYtukx+bfltb548t+Nm8/Xtj1Xbzy0VPG7yffVXk72Pm3ybl6fO/7VjTfxry2vHqn7HwMjQqny9I+kgaL7eza+Jx8CWbH92PDuSHUiXyR/l/LbGty7vGFgV/r/Yrx3XFOQYyPfV81t7HwP5Nj/admF/dtocTknbtPzs1Pn7haUy/7XDC9fXudsudObP1/nxH38qndYtQ+TbvL79bHNG7/10czjlsi77qfP5s9QxfSC7OPvpmrDOIzt6/24q3+aqncs8nvZkWfbq1KuN33eF3+9+79SPv9/2e99uv1N+derVeyfu/8nZrB8AgHP3duPPuVXNnzVb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o7ld7HjPha/H5hfkp3/02yMvfPWJ5d32YJZlv7r3fV23f/iOuK6mE3GdH24/fZFrrlvW7T/0wMJ2re+fcGZX8/rj/VnuYRC7yi9NbG1c79ijU4358r1ZY94/98xTzetvfh23P72tuf3fhDct2XNwoO3ym8N6NoU5Ft5T5r49C/shn/FyL6z/wL9e+dmF24uXG9j4zsbdfP6Pm9cb3yPquSub28f7vdT6/+Vr330h3/6RG7qv/4nB7us/Ha73tTB/ubu5fes+/2rL+v80rD/eXrzclm/9sOv6X3xPc/sXw3HxjTA713/XX7z/rW6PV7ydPbc3Lxdvf/J/tzcuF68vXn/n+kefmGrbH53X//KbzevZ/eWfD7VuH0+PtxM9dHv78T0QHt+2HnmWZd/9s6xtP2cfaV7unzvWH6/vxO3d139zxzpPDFzXuPzC/VnXdr++/ndbu97fuJ49/7iu7f48d3fYf29O/Ci/3tP3h+MxnP9/rzSvr/O9TF+8u/31Jm7/jXXN5228vomO9T/Xsf656/J913/997zZXP+Ld65uW/+eT4Tj6Z7m7Lf+Q397Rdvlv/md5uNx8ivjx47PnDp8oGWvtj6PV4+uWXvZ5e945xXhtbTz673HZx+ePjk2OTaZZWMlfMvAlV7/t8L8n+aYu/C30PSTnzePu2c/2fy+9cFfNL9+Lpz+UHg84/fHr//1SNvx2vm4z93ZnOe7/pvCOpbrPV/7r+uWteHpz7906p/+5PXOnwvi/Tnx7tHG/Xt+w9WN8wZebp7f+XrVz3++u/15/dPhycb8Qdiv8+GdmTde3by9zuuP703y7Kebz9/4k1y8fNbxfiLrhtrvx/mu/6fh55gfXtP++hePjx880fFuzuuygXwJc+H1IZtrnh+3ivv72TNXd729+D482dx7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jv8gvP77WN5/eB6Z3bs8az/XhzrLBLvf4TD+w/cOvkjQemD+47dXD2gRPTJw/tn5nZP31g5sZ9Bw9Of6Xf5Q8f2D21dde2W7eOHzp8YPdtu3Zt2zV++NjxfBnNRfWxc/JL48dO7m1cZGb39l1TO3Zsnxw/evzA9O5bJyfHT/W7fON703h+6S+Pn5w+sm/28NHp8ZnDj03vntq1c+fWvu/+ePTEwZmxiZOnjk2cGp4+OdG8L2OzjZPz7339Lk89zBwPr3cdBsJP55+7eWd6f9zct59c8qqam7T/eJq9Ed4LKn5/6/d1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/M/mPpo9/r0v+v1D9/yf1/xv0//X/M/3/RP9f/z/T/9f/70P/X/+/zOvX/0/9/xn9f5ZStP5/yP3Zmizz7/8AAABQUTH3rw0zkf8BAACgMmLuvyzMRP4HAACAyoi5//Iwk5rkf5//r/+v/9+r/x+31f/P9P+L0P/f9N/6/4vo/+v/Z/r/5+xS9+fLvv4C9v/X6P9TNEXr/8fc/44wk5rkfwAAAKiDmPvfGWYi/wMAAEBlxNx/RZiJ/A8AAACVEXP/ujCTmuR//X/9f/1/n/+v/1+a/r/P/+9C/1//P9P/P2eXuj9f9vUXsP/v8/8pnKL1/2Pu/7Uwk5rkfwAAAKiDmPvfFWYi/wMAAEBlxNx/ZZiJ/A8AAACVEXP/VWEmNcn/9ez/v5Zlmf5/pv+v/9+xTv1//f+VoP+v/9+L/r/+f5nXr/+v/09/Rev/x9z/7jCTmuR/AAAAqIOY+68OM5H/AQAAoDJi7n9PmIn8DwAAAJURc/81YSY1yf/17P/7/H/9/yb9//Z16v/r/68E/X/9/170/5fR/x9e+Kv+f7HWr/+v/09/Rev/x9z/3jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9fmIn8DwAAAJURc//6MJOa5H/9f/1//X/9f/1//f+VVK7+/+CS5+j/N+n/t7tw/f+5hQX4/P/SrF//X/+f/orW/4+5//1hJjXJ/wAAAFAHMfd/IMxE/gcAAIDKiLn/ujAT+R8AAAAqI+b+sTCTmuR//X/9f/1//X/9f/3/lVSu/v/S9P+b9P/bXZTP/2+h/1+s9ev/6//TX9H6/zH3bwgzqUn+BwAAgDqIuX9jmIn8DwAAAJURc//1YSbyPwAAAFRGzP2bwkxqkv/1//X/9f/1//X/9f9Xkv6//n8v+v/6/2Vev/6//j/9Fa3/H3P/DWEmNcn/AAAAUAcx998YZiL/AwAAQGXE3P/BMBP5HwAAACoj5v7NYSY1yf/6//r/+v8l7v8P6f9n+v+Fp/+v/9+L/r/+f5nXr/+v/09/Rev/x9z/oTCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7r85zET+BwAAgMqIuX88zKQm+V//X/9f/7/E/X+f/9+2fv3/YtL/1//vRf9f/7/M69f/1/+nv6L1/2PuvyXMpCb5HwAAAOog5v4tYSbyPwAAAFRGzP0TYSbyPwAAAFRGzP2TYSY1yf/6//r/+v/6//r/+v8rSf9f/78X/X/9/zKvX/9f/5/+itb/j7l/KsykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/dvCTOR/AAAAqIyY+7eHmdQk/5ek/78lFaD0//X/9f/1//X/S0X/X/+/F/1//f8yr1//X/+fdoNdTita/z/m/h1hJjXJ/wAAAFAHMffvDDOR/wEAAKAyYu6/NcxE/gcAAIDKiLn/tjCTmuT/kvT/ff6//r/+fwv9f/3/MtH/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUun0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fe/36/ytL/1//vxf9f/3/Mq9f/1//n/6K1v+PuX93mElN8j8AAADUQcz9d4SZyP8AAABQGTH33xlmIv8DAABAZcTcvyfMpCb5X/+/6v1/n/+v/6//32/9+v8rS/9f/78X/f9y9v/Djy36/wXq/+fHkP4/RVS0/n/M/XeFmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3fzzMpCb5X/9f/1//X/9f/1//fyXp/69Y/7/xUljk/v+aZdyM/n85+/+R/n9x+v8+/5+iKlr/P+b+u8NMapL/AQAAoA5i7v9EmIn8DwAAAJURc/+vh5nI/wAAAFAZMfffE2ZSk/yv/6//r/+v/6//r/+/kvT/ff5/L/r/+v9lXr/+v/4//RWt/x9z/2+EmdQk/wMAAEAdxNx/b5iJ/A8AAACVEXP/J8NM5H8AAAAomVVLnhNz/2+GmdQk/5ev/z9Wyv7/YLp+/X/9f/1//X/9/wtJ/1//P9P/P2eXuj9f9vXr/+v/01/R+v8x9/9WmElN8j8AAADUQcz9nwozkf8BAACgMmLu/+0wE/kfAAAAKiPm/vvCTGqS/y90/7/z8r34/H/9/0z/X/9f/1///zzp/+v/Z/r/5+xS9+fLvn79f/1/+ita/z/m/t8JM6lJ/gcAAIA6iLn//jAT+R8AAAAK6uGzvkTM/Z8OM5H/AQAAoDJi7v9MmElN8n/5Pv9f/1//X/9f/1//v0z0//X/e9H/1/8v8/r1//X/6a9o/f+Y+x8IM6lJ/gcAAIA6iLn/s2Em8j8AAABURsz9vxtmIv8DAABAZcTc/3thJj3y/9KVhPLR/9f/1//X/9f/1/9fSfr/i/v/+WuY/n+T/r/+f5nXr/+v/09/Rev/x9z/uTAT//4PAAAAlRFz/++Hmcj/AAAAUBkx9/9BmIn8DwAAAJURc/+DYSY1yf/6//r/+v/6//r/+v8rSf/f5//3ov+v/1/m9ev/6//TX9H6/zH3fz7MpCb5HwAAAOog5v4/DDOR/wEAAKAyYu7fG2Yi/wMAAEBlxNz/UJhJTfK//r/+v/6//r/+v/7/StL/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xdmsqf9ZgAAAIDyirn/C2EmNfn3fwAAAKiDmPv3h5nI/wAAAFAZMfcfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v+96P/r/5d5/fr/+v/0V7T+f8z902EmNcn/AAAAUAcx9x8MM5H/AQAAoDJi7j8UZiL/AwAAQGXE3P9wmElN8r/+v/6//n9t+/+vfK9jnfr/+v8rQf9f/78X/X/9/zKvX/9f/5/+itb/j7n/cJhJTfI/AAAA1EHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc/+RMJOa5H/9f/1//f/a9v+X9/n/axZuV/9f//9c6P/r//ei/6//X+b16//r/9Nf0fr/MfcfDTOpSf4HAACAOoi5/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/hNhJjXJ//r/Z9X/XzWwRDdQ/7/7+vX/K9D/b6H/r/9/LvT/9f970f/X/y/z+vX/9f/pr2j9/5j7/yjMpCb5HwAAAOog5v6TYSbyPwAAAFRGzP0zYSbyPwAAAFRGzP2zYSY1yf/6/z7/X/9f/1//X/9/Jen/6//3ov+v/1/m9ev/6//TX9H6/zH3nwozqUn+B4D/Z+8+c/U6qz4OP6/zOiRCwBTCEGACDIExIDEGeknooUPovYXeQofQe++99x4IvUpB8VlrhWPsvW2f8/jc+17X9SELTpB8RzEf/kp+2gAAHeTuv1/cYv8DAADANHL33z9usf8BAABgGrn7HxC3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9g3NJk/wMAAEAHufsfFLfY/wAAADCN3P0PjlvsfwAAAJhG7v6HxC1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAATCN3/8PjFvsfAAAAppG7/9q4pcn+1//r//X/G+z//1//r//fDv2//n+J/l//v+X36//1/6wbrf/P3X9d3NJk/wMAAEAHufsfEbfY/wAAADCN3P2PjFvsfwAAAJhG7v5HxS1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2Pjlua7H8AAADoIHf/Y+IW+x8AAACmkbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lt+v/9f/s27v/f+9rz9zL7T/z91/fdzSZP8DAABAB7n7Hx+32P8AAAAwjdz9T4hb7H8AAACYRu7+J8YtTfa//l//f0f/f9v/6f/1//r/O36u/z8e+n/9/xL9v/5/y+/X/+v/Wbf3/n+l9z/7v+fuf1Lc0mT/AwAAQAe5+58ct9j/AAAAMI3c/U+JW+x/AAAAmEbu/qfGLU32v/5f/+/7//p//b/+f5/0/8P2/2f/X+8w/f8F0f/r/8/X/9/rAt6v/6eD0fr/3P1Pi1ua7H8AAADoIHf/0+MW+x8AAACmkbv/hrjF/gcAAIBp5O5/RtzSZP/r//X/+n/9/+H+/1TL/v/2n+n/90P/P2z/v0z/f0H0//p/3//X/7NstP4/d/8z45Ym+x8AAAA6yN3/rLjF/gcAAIBp5O5/dtxi/wMAAMA0cvc/J25psv/1//p//b/+/0jf/79ijv7f9//3R/+v/1+i/9f/b/n9+n/9P+tG6/9z9z83bmmy/wEAAGB6p3a1+58Xt9j/AAAAMI3c/c+PW+x/AAAAmEbu/hfELU32v/5f/6//1/8fqf+f5Pv/+v/90f/r/5dcaP+/0//XX4v+f5z36//1/6wbrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAauftfHLfY/wAAADCN3P0viVua7H/9v/5f/6//1//r//dJ/6//X+L7//r/Lb9f/6//Z91o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HL2/j91OV91+ej/9f/6f/2//l//v0/6f/3/Ev3/ufv/q87z6+n/x3q//l//z7rR+v/c/TfGLf75PwAAAEwjd/8r4xb7HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j9f/3/rnQ/+vP7/wuj/z/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/NXFLk/0PAAAAHeTuf23cYv8DAADANHL3vy5usf8BAABgGrn7Xx+3NNn/x//9/2v0//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xC3NNn/AAAA0EHu/jfGLfY/AAAATCN3/5viFvsfAAAAppG7/81xS5P9f/z9v+//6/8vsv8/pf9P+v/4+6r/1/9fBP2//n+n/79kJ93Pb/39+n/9P+tG6/9z9990Zur12/8AAADQwU1n/njV7i1xi/0PAAAA08jd/9a4xf4HAACAaeTuf1vc0mT/6//1/yfe//v+f9H/x99X/b/+/yLo//X/O/3/JTvpfn7r79f/6/9ZN1r/n7v/7XFLk/0PAAAAHeTuf0fcYv8DAADANGL3H/zL7/Y/AAAATOmdZ/541e5dcUuT/d+4/7/mqP3/1f/1n/X/536//v9Y+v+bzv69p//X/2+J/l//v0T/r//f8vvH6f/jB9fq/xnPaP1/7v53xy1N9j8AAAB0kLv/PXGL/Q8AAADTyN1/c9xi/wMAAMA0cve/N25psv8b9/+TfP//PrfEC/T/8/b/vv8fV/+v/z8X/b/+f6f/v2Qn3c9v/f3j9P++/8+4Ruv/c/e/L25psv8BAACgg9z9749b7H8AAACYRu7+D8Qt9j8AAABMI3f/B+OWJvtf/7/1/t/3//X/+n/9/9j0//r/Jfp//f+W36//1/+zbrT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/9f/6/331/7f/Ivr/Jv3/dfr/nf7/vPT/+v8l+n/9/5bfr//X/7NutP4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBp5O7/RNxi/wMAAMA0cvd/Mm64x11O7knH6/R5fh69uf5f/+/7//p/3//X/++T/l//v0T/r//f8vv1//p/1o3W/+fu/1Tc4p//AwAAwDRy9386brH/AQAAYBq5+z8Tt9j/AAAAMI3c/Z+NW5rsf/2//l//v9n+/2r9/+H36//HpP/X/y/R/+v/t/x+/b/+n3Wj9f+5+z8XtzTZ/wAAANBB7v7Pxy32PwAAAEwjd/8X4hb7HwAAAKaRu/+LcUuT/a//1//r/zfb//v+/1nv1/+PSf+v/1+i/9f/b/n9+n/9P+tG6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAAJhG7v6vxC32PwAAAEwjd/9X45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+n7n/X/qf6f8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7NutP4/d/+34pYm+x8AAAA6yN3/7bjF/gcAAIBp5O7/Ttxi/wMAAMA0cvd/N25psv9n7v+X6P8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07vz9P+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+Hccs8+/++Ny/8Sf3/sff/Z34T6f/1/7sh+//Th96p/z+g/98v/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9O/f89r9j5/r/+/zLT/+v/l+j/9f9bfr/+X//PutH6/9z9P4tbmux/AAAA6CB3/8/jFvsfAAAAppG7/xdxi/0PAAAA08jd/8u4pcn+1//r//X/rfr/Q+/X/x/Q/++X/l//v0T/r//f8vuz/8/fd/p//T//a7T+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/1/m/7/trvtdvp//f9lN1D/f+VRfh39/wH9/2H6f/2/7//r/1k2Wv+fu/+WuKXJ/gcAAIAOcvf/Lm6x/wEAAGAauft/H7fY/wAAADCN3P23xi1N9r/+X/8/Zf9/J/2/7//r/0cxUP9/JPr/A/r/w/T/+n/9v/6fZaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+6/rqH7f99/1//r/8fxrz9/5X6f/3/kfv/G248+LH+f5vv1//r/1k3Wv+fu/8vcUuT/Q8AAAAd5O7/a9xi/wMAAMA0cvf/LW6x/wEAAGAaufv/Hrc02f/T9P93v+vB1f/7/r/+X/8fP9f/j2He/t/3//X/vv+v/9f/6/9ZM1r/n7v/H3FLk/0PAAAAHeTu/2fcYv8DAADANHL3/ytusf8BAABgGrn7/x23NNn/0/T/Sf+v/9f/6//j5/r/Mej/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BAAA//9RaTCH") syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20000, 0x0, 0x0, 0x0, &(0x7f0000000100)) r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 2.421659688s ago: executing program 0 (id=1): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0xfffffffffffffec4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x28002) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) r3 = pidfd_getfd(r2, r2, 0x0) setns(r3, 0x66020000) mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0) r4 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) fsetxattr$security_ima(r4, 0x0, &(0x7f0000000480)=@v2={0x6, 0x3, 0x12, 0x5, 0x1, "0f"}, 0xa, 0x0) syz_clone(0x3038a400, 0x0, 0x0, 0x0, 0x0, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0/../file0\x00', 0x89901) syz_open_procfs(0x0, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000100)={'wpan4\x00'}) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 1.883255987s ago: executing program 2 (id=3): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, 0x3, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8008000}, 0x8010) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d43a"], 0x340a) 264.837556ms ago: executing program 0 (id=7): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x150, 0x65, 0x800, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x114, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0xfc, 0x1, [@m_ct={0xc8, 0xa, 0x0, 0x0, {{0x7}, {0x50, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e22}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @loopback}, @TCA_CT_LABELS={0x14, 0x7, "efe7377efb339bc59f350c7b025a3b71"}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x9}, @TCA_CT_ACTION={0x6, 0x3, 0x1}, @TCA_CT_PARMS={0x18, 0x1, {0xf, 0x101, 0x10000000, 0x0, 0x2}}]}, {0x51, 0x6, "a9b0373813e0f2da6e8f5cd5c2f0e993b814de8645c7545f5f50c5380480ed4ef5013ca2d00164d47399225c275c36df8b272a85bb6c9c930de5c21cfca20d72ffe99adec2667fa15f5dc9985c"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_mirred={0x30, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x150}, 0x1, 0x0, 0x0, 0x81}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 119.040045ms ago: executing program 1 (id=2): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a0000000b0000004200000002"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000880), 0x1006, r0, 0x0, 0xd88d02a0}, 0x38) 0s ago: executing program 2 (id=8): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x837, &(0x7f0000000540)={0x0, 0x2b94, 0x80, 0x7, 0x3cf}, &(0x7f0000000140)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000100)=@IORING_OP_LINK_TIMEOUT={0xf, 0x40, 0x0, 0x0, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 55.322359][ T5437] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.342324][ T5437] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.184' (ED25519) to the list of known hosts. syzkaller login: [ 81.168202][ T5761] cgroup: Unknown subsys name 'net' [ 81.305630][ T5761] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.981153][ T5761] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.253167][ T5786] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.261404][ T5786] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.271504][ T5786] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.279475][ T5786] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.294449][ T5786] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.302445][ T5786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.310641][ T5786] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.318252][ T5786] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.320660][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.326561][ T5786] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.337773][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.349287][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.357379][ T5786] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.361233][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.377734][ T5786] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.383101][ T5783] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.392766][ T5786] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.393206][ T5783] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.400854][ T5786] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.411726][ T5783] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.422664][ T5783] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.431194][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.450797][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.459018][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.917326][ T5776] chnl_net:caif_netlink_parms(): no params data found [ 86.002366][ T5775] chnl_net:caif_netlink_parms(): no params data found [ 86.129602][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.137621][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.145069][ T5776] bridge_slave_0: entered allmulticast mode [ 86.153381][ T5776] bridge_slave_0: entered promiscuous mode [ 86.163788][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.171324][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.178909][ T5776] bridge_slave_1: entered allmulticast mode [ 86.186454][ T5776] bridge_slave_1: entered promiscuous mode [ 86.194362][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 86.264394][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.294719][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.304135][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 86.316548][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.323831][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.331503][ T5775] bridge_slave_0: entered allmulticast mode [ 86.338908][ T5775] bridge_slave_0: entered promiscuous mode [ 86.385784][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.394452][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.402016][ T5775] bridge_slave_1: entered allmulticast mode [ 86.409515][ T5775] bridge_slave_1: entered promiscuous mode [ 86.458814][ T5776] team0: Port device team_slave_0 added [ 86.502312][ T5776] team0: Port device team_slave_1 added [ 86.512752][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.525355][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.573901][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.581316][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.589093][ T5773] bridge_slave_0: entered allmulticast mode [ 86.596315][ T5773] bridge_slave_0: entered promiscuous mode [ 86.631882][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.639209][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.646389][ T5773] bridge_slave_1: entered allmulticast mode [ 86.654207][ T5773] bridge_slave_1: entered promiscuous mode [ 86.672833][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.680218][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.707036][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.720726][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.727810][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.753877][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.770190][ T5775] team0: Port device team_slave_0 added [ 86.822339][ T5775] team0: Port device team_slave_1 added [ 86.843563][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.853237][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.860702][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.868282][ T5774] bridge_slave_0: entered allmulticast mode [ 86.875710][ T5774] bridge_slave_0: entered promiscuous mode [ 86.884713][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.891986][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.899925][ T5774] bridge_slave_1: entered allmulticast mode [ 86.907867][ T5774] bridge_slave_1: entered promiscuous mode [ 86.925084][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.984600][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.991798][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.032397][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.083083][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.106407][ T5776] hsr_slave_0: entered promiscuous mode [ 87.119811][ T5776] hsr_slave_1: entered promiscuous mode [ 87.150768][ T5773] team0: Port device team_slave_0 added [ 87.157610][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.164598][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.191852][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.220425][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.233653][ T5773] team0: Port device team_slave_1 added [ 87.321552][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.328831][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.355419][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.369108][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.376096][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.402557][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.414453][ T5087] Bluetooth: hci0: command tx timeout [ 87.478108][ T5775] hsr_slave_0: entered promiscuous mode [ 87.485994][ T5775] hsr_slave_1: entered promiscuous mode [ 87.492075][ T5087] Bluetooth: hci3: command tx timeout [ 87.498250][ T5087] Bluetooth: hci2: command tx timeout [ 87.504858][ T5775] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.513184][ T5775] Cannot create hsr debugfs directory [ 87.547990][ T5774] team0: Port device team_slave_0 added [ 87.567406][ T51] Bluetooth: hci1: command tx timeout [ 87.588337][ T5774] team0: Port device team_slave_1 added [ 87.696609][ T5773] hsr_slave_0: entered promiscuous mode [ 87.703505][ T5773] hsr_slave_1: entered promiscuous mode [ 87.711409][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.719285][ T5773] Cannot create hsr debugfs directory [ 87.725612][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.736854][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.776983][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.802839][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.810641][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.837253][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.074472][ T5774] hsr_slave_0: entered promiscuous mode [ 88.080927][ T5774] hsr_slave_1: entered promiscuous mode [ 88.087668][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.095391][ T5774] Cannot create hsr debugfs directory [ 88.212186][ T5776] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.224657][ T5776] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.236404][ T5776] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.276563][ T5776] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.413113][ T5775] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.447485][ T5775] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.459323][ T5775] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.474659][ T5775] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.574806][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.586495][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.610471][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.646978][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.722647][ T5774] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.741402][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.765330][ T5774] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.776477][ T5774] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.798685][ T5774] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.821787][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.888113][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.895887][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.905769][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.913074][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.012322][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.044968][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.075449][ T5775] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.117808][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.140727][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.147993][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.183958][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.191132][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.217757][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.225031][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.276424][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.283683][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.352773][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.487615][ T51] Bluetooth: hci0: command tx timeout [ 89.504917][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.540253][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.547490][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.567534][ T51] Bluetooth: hci2: command tx timeout [ 89.573011][ T51] Bluetooth: hci3: command tx timeout [ 89.592786][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.599971][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.647412][ T51] Bluetooth: hci1: command tx timeout [ 89.673223][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.870107][ T5776] veth0_vlan: entered promiscuous mode [ 89.912129][ T5776] veth1_vlan: entered promiscuous mode [ 90.000484][ T5776] veth0_macvtap: entered promiscuous mode [ 90.026617][ T5776] veth1_macvtap: entered promiscuous mode [ 90.045380][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.092751][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.113183][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.133559][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.191937][ T5776] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.203640][ T5776] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.223764][ T5776] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.232758][ T5776] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.294892][ T5775] veth0_vlan: entered promiscuous mode [ 90.373733][ T5773] veth0_vlan: entered promiscuous mode [ 90.383052][ T5775] veth1_vlan: entered promiscuous mode [ 90.422348][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.435949][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.449192][ T5773] veth1_vlan: entered promiscuous mode [ 90.465965][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.525575][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.542167][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.600100][ T5775] veth0_macvtap: entered promiscuous mode [ 90.615415][ T5775] veth1_macvtap: entered promiscuous mode [ 90.638441][ T5773] veth0_macvtap: entered promiscuous mode [ 90.675342][ T5773] veth1_macvtap: entered promiscuous mode [ 90.699768][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.711257][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.724687][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.763578][ T5775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.776421][ T5775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.794562][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.813709][ T5774] veth0_vlan: entered promiscuous mode [ 90.837607][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.855167][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.867719][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.881152][ T5870] syz.3.4[5870]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 90.881603][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.905101][ T5870] loop3: detected capacity change from 0 to 256 [ 90.912934][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.949173][ T5775] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.959185][ T5775] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.969615][ T5775] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.979433][ T5775] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.992608][ T5774] veth1_vlan: entered promiscuous mode [ 91.025538][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.043016][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.054417][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.056325][ T5870] FAT-fs (loop3): Directory bread(block 64) failed [ 91.065080][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.070216][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.106370][ T5870] FAT-fs (loop3): Directory bread(block 65) failed [ 91.115166][ T5870] FAT-fs (loop3): Directory bread(block 66) failed [ 91.123253][ T5870] FAT-fs (loop3): Directory bread(block 67) failed [ 91.130443][ T5870] FAT-fs (loop3): Directory bread(block 68) failed [ 91.138715][ T5870] FAT-fs (loop3): Directory bread(block 69) failed [ 91.145480][ T5870] FAT-fs (loop3): Directory bread(block 70) failed [ 91.152783][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.157809][ T5870] FAT-fs (loop3): Directory bread(block 71) failed [ 91.172365][ T5870] FAT-fs (loop3): Directory bread(block 72) failed [ 91.172910][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.179678][ T5870] FAT-fs (loop3): Directory bread(block 73) failed [ 91.197427][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.206306][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.324876][ T5774] veth0_macvtap: entered promiscuous mode [ 91.336606][ T5774] veth1_macvtap: entered promiscuous mode [ 91.501853][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.515880][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.574149][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.579239][ T51] Bluetooth: hci0: command tx timeout [ 91.596969][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.607054][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.617953][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.628447][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.639586][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.649853][ T51] Bluetooth: hci3: command tx timeout [ 91.655303][ T51] Bluetooth: hci2: command tx timeout [ 91.664084][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.701267][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.720385][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.720430][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.740235][ T51] Bluetooth: hci1: command tx timeout [ 91.767399][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.792137][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.831152][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.841108][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.851965][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.863918][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.876143][ T5774] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.894203][ T5774] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.903454][ T5774] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.917001][ T5774] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.008490][ T2974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.033598][ T2974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.113935][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.132752][ T23] cfg80211: failed to load regulatory.db [ 92.152494][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.275852][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.315553][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.962524][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.029049][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.057391][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 94.225055][ T51] Bluetooth: hci0: command tx timeout [ 94.225074][ T5087] Bluetooth: hci2: command tx timeout [ 94.231746][ T51] Bluetooth: hci3: command tx timeout [ 94.237173][ T5783] Bluetooth: hci1: command tx timeout [ 94.296844][ T5880] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET) [ 94.308816][ T5874] loop3: detected capacity change from 0 to 32768 [ 94.486370][ T5874] ERROR: (device loop3): duplicateIXtree: [ 94.486370][ T5874] [ 94.524671][ T5874] ERROR: (device loop3): remounting filesystem as read-only [ 94.598811][ T5874] BUG: Bad page state in process syz.3.6 pfn:54825 [ 94.607304][ T5874] page:ffffea0001520940 refcount:0 mapcount:0 mapping:0000000000000000 index:0x33 pfn:0x54825 [ 94.643883][ T5874] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 94.677207][ T5874] page_type: 0xffffffff() [ 94.686227][ T5874] raw: 00fff0000000800c ffffea0001520988 ffffc90004b8f960 0000000000000000 [ 94.708052][ T5874] raw: 0000000000000033 ffff8880548304d8 00000000ffffffff 0000000000000000 [ 94.721428][ T5874] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 94.736903][ T5874] page_owner tracks the page as allocated [ 94.747557][ T5874] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94559197967, free_ts 94552333262 [ 94.776953][ T5874] post_alloc_hook+0x1c1/0x200 [ 94.784168][ T5874] get_page_from_freelist+0x1951/0x19e0 [ 94.791375][ T5874] __alloc_pages+0x1f0/0x460 [ 94.796157][ T5874] folio_alloc+0x1e/0x30 [ 94.802243][ T5874] filemap_alloc_folio+0xdf/0x490 [ 94.808064][ T5874] __filemap_get_folio+0x3ea/0xbb0 [ 94.815271][ T5874] pagecache_get_page+0x2a/0x250 [ 94.825753][ T5874] __get_metapage+0x2a8/0xfa0 [ 94.840240][ T5874] diNewExt+0xa82/0x3120 [ 94.845069][ T5874] diAllocAG+0xea5/0x1da0 [ 94.857260][ T5874] diAlloc+0x1d5/0x1660 [ 94.863829][ T5874] ialloc+0x8c/0x950 [ 94.872470][ T5874] jfs_mkdir+0x1df/0xac0 [ 94.881651][ T5874] vfs_mkdir+0x296/0x440 [ 94.891607][ T5874] do_mkdirat+0x1dc/0x450 [ 94.896057][ T5874] __x64_sys_mkdirat+0x89/0xa0 [ 94.922241][ T5874] page last free stack trace: [ 94.936818][ T5874] free_unref_page_prepare+0x7b2/0x8c0 [ 94.942393][ T5874] free_unref_page+0x32/0x2e0 [ 94.952859][ T5874] tlb_finish_mmu+0x112/0x1d0 [ 94.957687][ T5874] exit_mmap+0x428/0xb90 [ 94.962011][ T5874] __mmput+0x118/0x3c0 [ 94.966209][ T5874] exit_mm+0x1f2/0x2c0 [ 94.970451][ T5874] do_exit+0x8dd/0x2460 [ 94.974672][ T5874] do_group_exit+0x21b/0x2d0 [ 94.986756][ T5874] get_signal+0x12fc/0x13f0 [ 94.991359][ T5874] arch_do_signal_or_restart+0xc2/0x800 [ 94.997494][ T5874] exit_to_user_mode_loop+0x70/0x110 [ 95.016750][ T5874] exit_to_user_mode_prepare+0xee/0x180 [ 95.022449][ T5874] syscall_exit_to_user_mode+0x1a/0x50 [ 95.028165][ T5874] do_syscall_64+0x61/0xa0 [ 95.032805][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.050322][ T5874] Modules linked in: [ 95.054413][ T5874] CPU: 1 PID: 5874 Comm: syz.3.6 Not tainted syzkaller #0 [ 95.061580][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 95.071861][ T5874] Call Trace: [ 95.075201][ T5874] [ 95.078264][ T5874] dump_stack_lvl+0x18c/0x250 [ 95.083000][ T5874] ? show_regs_print_info+0x20/0x20 [ 95.088258][ T5874] ? swiotlb_print_info+0x70/0x70 [ 95.093361][ T5874] ? dump_page+0xba3/0x14a0 [ 95.098028][ T5874] bad_page+0x14b/0x170 [ 95.102266][ T5874] free_unref_page_prepare+0x85f/0x8c0 [ 95.107809][ T5874] free_unref_page_list+0xbe/0x860 [ 95.112994][ T5874] ? __folio_memcg+0x63/0x160 [ 95.117729][ T5874] ? folio_memcg+0x127/0x480 [ 95.122380][ T5874] release_pages+0x1f7a/0x2200 [ 95.127218][ T5874] ? lru_cache_disable+0x30/0x30 [ 95.132304][ T5874] ? mlock_drain_local+0x79/0x490 [ 95.137395][ T5874] ? mlock_drain_local+0x79/0x490 [ 95.142489][ T5874] ? mlock_drain_local+0x28d/0x490 [ 95.147755][ T5874] __folio_batch_release+0x71/0xe0 [ 95.152924][ T5874] truncate_inode_pages_range+0x3b9/0xfb0 [ 95.158714][ T5874] ? mapping_evict_folio+0x510/0x510 [ 95.164085][ T5874] ? __static_call_return0+0x9/0x10 [ 95.169348][ T5874] ? shrink_dentry_list+0x685/0x6a0 [ 95.174624][ T5874] ? sync_filesystem+0x107/0x220 [ 95.179633][ T5874] jfs_remount+0x341/0x5b0 [ 95.184117][ T5874] ? jfs_statfs+0x550/0x550 [ 95.188685][ T5874] ? hook_sb_remount+0x1b/0xc0 [ 95.193508][ T5874] ? bpf_lsm_sb_remount+0x9/0x10 [ 95.198517][ T5874] reconfigure_super+0x21e/0x8a0 [ 95.203522][ T5874] vfs_fsconfig_locked+0x16c/0x320 [ 95.208708][ T5874] __se_sys_fsconfig+0x70d/0x850 [ 95.213719][ T5874] ? __x64_sys_fsconfig+0xc0/0xc0 [ 95.218821][ T5874] ? lockdep_hardirqs_on+0x98/0x150 [ 95.224076][ T5874] ? __x64_sys_fsconfig+0x20/0xc0 [ 95.229173][ T5874] do_syscall_64+0x55/0xa0 [ 95.233648][ T5874] ? clear_bhb_loop+0x40/0x90 [ 95.238384][ T5874] ? clear_bhb_loop+0x40/0x90 [ 95.243130][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.249084][ T5874] RIP: 0033:0x7f8fe6b9acb9 [ 95.253567][ T5874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.273229][ T5874] RSP: 002b:00007f8fe798e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 95.281796][ T5874] RAX: ffffffffffffffda RBX: 00007f8fe6e15fa0 RCX: 00007f8fe6b9acb9 [ 95.289822][ T5874] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000004 [ 95.297847][ T5874] RBP: 00007f8fe6c08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 95.305879][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.313906][ T5874] R13: 00007f8fe6e16038 R14: 00007f8fe6e15fa0 R15: 00007ffd41c0ac38 [ 95.321955][ T5874] [ 95.348579][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.396759][ T5874] Disabling lock debugging due to kernel taint [ 95.405162][ T5874] BUG: Bad page state in process syz.3.6 pfn:54826 [ 95.422783][ T5874] page:ffffea0001520980 refcount:0 mapcount:0 mapping:0000000000000000 index:0x32 pfn:0x54826 [ 95.442126][ T5874] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 95.461244][ T5874] page_type: 0xffffffff() [ 95.467986][ T5874] raw: 00fff0000000800c ffffea00015209c8 ffffc90004b8f960 0000000000000000 [ 95.485133][ T5874] raw: 0000000000000032 ffff8880548303e0 00000000ffffffff 0000000000000000 [ 95.503035][ T5874] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 95.519312][ T5874] page_owner tracks the page as allocated [ 95.529773][ T5874] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94559142773, free_ts 94552351355 [ 95.556405][ T5874] post_alloc_hook+0x1c1/0x200 [ 95.565651][ T5874] get_page_from_freelist+0x1951/0x19e0 [ 95.576327][ T5874] __alloc_pages+0x1f0/0x460 [ 95.584668][ T5874] folio_alloc+0x1e/0x30 [ 95.592661][ T5874] filemap_alloc_folio+0xdf/0x490 [ 95.601156][ T5874] __filemap_get_folio+0x3ea/0xbb0 [ 95.607047][ T5874] pagecache_get_page+0x2a/0x250 [ 95.612628][ T5874] __get_metapage+0x2a8/0xfa0 [ 95.620099][ T5874] diNewExt+0xa82/0x3120 [ 95.624855][ T5874] diAllocAG+0xea5/0x1da0 [ 95.629798][ T5874] diAlloc+0x1d5/0x1660 [ 95.633979][ T5874] ialloc+0x8c/0x950 [ 95.638778][ T5874] jfs_mkdir+0x1df/0xac0 [ 95.643799][ T5874] vfs_mkdir+0x296/0x440 [ 95.649569][ T5874] do_mkdirat+0x1dc/0x450 [ 95.654019][ T5874] __x64_sys_mkdirat+0x89/0xa0 [ 95.661258][ T5874] page last free stack trace: [ 95.667129][ T5874] free_unref_page_prepare+0x7b2/0x8c0 [ 95.673992][ T5874] free_unref_page+0x32/0x2e0 [ 95.680299][ T5874] tlb_finish_mmu+0x112/0x1d0 [ 95.685025][ T5874] exit_mmap+0x428/0xb90 [ 95.689610][ T5874] __mmput+0x118/0x3c0 [ 95.693770][ T5874] exit_mm+0x1f2/0x2c0 [ 95.698248][ T5874] do_exit+0x8dd/0x2460 [ 95.703015][ T5874] do_group_exit+0x21b/0x2d0 [ 95.709956][ T5874] get_signal+0x12fc/0x13f0 [ 95.717919][ T5874] arch_do_signal_or_restart+0xc2/0x800 [ 95.730081][ T5874] exit_to_user_mode_loop+0x70/0x110 [ 95.736918][ T5874] exit_to_user_mode_prepare+0xee/0x180 [ 95.750690][ T5874] syscall_exit_to_user_mode+0x1a/0x50 [ 95.761876][ T5874] do_syscall_64+0x61/0xa0 [ 95.770203][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.783064][ T5874] Modules linked in: [ 95.794137][ T5874] CPU: 1 PID: 5874 Comm: syz.3.6 Tainted: G B syzkaller #0 [ 95.802846][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 95.812981][ T5874] Call Trace: [ 95.816313][ T5874] [ 95.819254][ T5874] dump_stack_lvl+0x18c/0x250 [ 95.823958][ T5874] ? show_regs_print_info+0x20/0x20 [ 95.829181][ T5874] ? swiotlb_print_info+0x70/0x70 [ 95.834227][ T5874] ? dump_page+0xba3/0x14a0 [ 95.838767][ T5874] bad_page+0x14b/0x170 [ 95.842971][ T5874] free_unref_page_prepare+0x85f/0x8c0 [ 95.848472][ T5874] free_unref_page_list+0xbe/0x860 [ 95.853679][ T5874] ? __folio_memcg+0x63/0x160 [ 95.858506][ T5874] ? folio_memcg+0x127/0x480 [ 95.863112][ T5874] release_pages+0x1f7a/0x2200 [ 95.868002][ T5874] ? lru_cache_disable+0x30/0x30 [ 95.872979][ T5874] ? mlock_drain_local+0x79/0x490 [ 95.878054][ T5874] ? mlock_drain_local+0x79/0x490 [ 95.883253][ T5874] ? mlock_drain_local+0x28d/0x490 [ 95.888525][ T5874] __folio_batch_release+0x71/0xe0 [ 95.893682][ T5874] truncate_inode_pages_range+0x3b9/0xfb0 [ 95.899443][ T5874] ? mapping_evict_folio+0x510/0x510 [ 95.904765][ T5874] ? __static_call_return0+0x9/0x10 [ 95.909996][ T5874] ? shrink_dentry_list+0x685/0x6a0 [ 95.915254][ T5874] ? sync_filesystem+0x107/0x220 [ 95.920242][ T5874] jfs_remount+0x341/0x5b0 [ 95.924688][ T5874] ? jfs_statfs+0x550/0x550 [ 95.929253][ T5874] ? hook_sb_remount+0x1b/0xc0 [ 95.934073][ T5874] ? bpf_lsm_sb_remount+0x9/0x10 [ 95.939084][ T5874] reconfigure_super+0x21e/0x8a0 [ 95.944063][ T5874] vfs_fsconfig_locked+0x16c/0x320 [ 95.949212][ T5874] __se_sys_fsconfig+0x70d/0x850 [ 95.954229][ T5874] ? __x64_sys_fsconfig+0xc0/0xc0 [ 95.959314][ T5874] ? lockdep_hardirqs_on+0x98/0x150 [ 95.964537][ T5874] ? __x64_sys_fsconfig+0x20/0xc0 [ 95.969591][ T5874] do_syscall_64+0x55/0xa0 [ 95.974069][ T5874] ? clear_bhb_loop+0x40/0x90 [ 95.978826][ T5874] ? clear_bhb_loop+0x40/0x90 [ 95.983516][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.989529][ T5874] RIP: 0033:0x7f8fe6b9acb9 [ 95.993971][ T5874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.013599][ T5874] RSP: 002b:00007f8fe798e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 96.022053][ T5874] RAX: ffffffffffffffda RBX: 00007f8fe6e15fa0 RCX: 00007f8fe6b9acb9 [ 96.030043][ T5874] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000004 [ 96.038024][ T5874] RBP: 00007f8fe6c08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 96.046011][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.054022][ T5874] R13: 00007f8fe6e16038 R14: 00007f8fe6e15fa0 R15: 00007ffd41c0ac38 [ 96.062025][ T5874] [ 96.106921][ T5874] BUG: Bad page state in process syz.3.6 pfn:54827 [ 96.113724][ T5874] page:ffffea00015209c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x31 pfn:0x54827 [ 96.124587][ T5874] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 96.136131][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 96.146846][ T5874] page_type: 0xffffffff() [ 96.151351][ T5874] raw: 00fff0000000800c ffffea0001520b08 ffffc90004b8f960 0000000000000000 [ 96.160663][ T5874] raw: 0000000000000031 ffff8880548302e8 00000000ffffffff 0000000000000000 [ 96.169635][ T5874] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 96.177258][ T5874] page_owner tracks the page as allocated [ 96.183080][ T5874] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94559086536, free_ts 94552368821 [ 96.207390][ T5874] post_alloc_hook+0x1c1/0x200 [ 96.213543][ T5874] get_page_from_freelist+0x1951/0x19e0 [ 96.220838][ T5874] __alloc_pages+0x1f0/0x460 [ 96.227843][ T5874] folio_alloc+0x1e/0x30 [ 96.233787][ T5874] filemap_alloc_folio+0xdf/0x490 [ 96.239326][ T5874] __filemap_get_folio+0x3ea/0xbb0 [ 96.244558][ T5874] pagecache_get_page+0x2a/0x250 [ 96.249872][ T5874] __get_metapage+0x2a8/0xfa0 [ 96.254640][ T5874] diNewExt+0xa82/0x3120 [ 96.259254][ T5874] diAllocAG+0xea5/0x1da0 [ 96.263737][ T5874] diAlloc+0x1d5/0x1660 [ 96.269290][ T5874] ialloc+0x8c/0x950 [ 96.273295][ T5874] jfs_mkdir+0x1df/0xac0 [ 96.277989][ T5874] vfs_mkdir+0x296/0x440 [ 96.282314][ T5874] do_mkdirat+0x1dc/0x450 [ 96.287644][ T5874] __x64_sys_mkdirat+0x89/0xa0 [ 96.292567][ T5874] page last free stack trace: [ 96.298166][ T5874] free_unref_page_prepare+0x7b2/0x8c0 [ 96.303778][ T5874] free_unref_page+0x32/0x2e0 [ 96.309919][ T5874] tlb_finish_mmu+0x112/0x1d0 [ 96.315839][ T5874] exit_mmap+0x428/0xb90 [ 96.322048][ T5874] __mmput+0x118/0x3c0 [ 96.326286][ T5874] exit_mm+0x1f2/0x2c0 [ 96.331662][ T5874] do_exit+0x8dd/0x2460 [ 96.339604][ T5874] do_group_exit+0x21b/0x2d0 [ 96.346464][ T5874] get_signal+0x12fc/0x13f0 [ 96.353320][ T5874] arch_do_signal_or_restart+0xc2/0x800 [ 96.359202][ T5874] exit_to_user_mode_loop+0x70/0x110 [ 96.365743][ T5874] exit_to_user_mode_prepare+0xee/0x180 [ 96.381599][ T5874] syscall_exit_to_user_mode+0x1a/0x50 [ 96.390699][ T5874] do_syscall_64+0x61/0xa0 [ 96.395225][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 96.402845][ T5874] Modules linked in: [ 96.409185][ T5874] CPU: 1 PID: 5874 Comm: syz.3.6 Tainted: G B syzkaller #0 [ 96.417805][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 96.427868][ T5874] Call Trace: [ 96.431160][ T5874] [ 96.434134][ T5874] dump_stack_lvl+0x18c/0x250 [ 96.438823][ T5874] ? show_regs_print_info+0x20/0x20 [ 96.444029][ T5874] ? swiotlb_print_info+0x70/0x70 [ 96.449072][ T5874] ? dump_page+0xba3/0x14a0 [ 96.453594][ T5874] bad_page+0x14b/0x170 [ 96.457762][ T5874] free_unref_page_prepare+0x85f/0x8c0 [ 96.463241][ T5874] free_unref_page_list+0xbe/0x860 [ 96.468366][ T5874] ? __folio_memcg+0x63/0x160 [ 96.473051][ T5874] ? folio_memcg+0x127/0x480 [ 96.477667][ T5874] release_pages+0x1f7a/0x2200 [ 96.482473][ T5874] ? lru_cache_disable+0x30/0x30 [ 96.487419][ T5874] ? mlock_drain_local+0x79/0x490 [ 96.492458][ T5874] ? mlock_drain_local+0x79/0x490 [ 96.497487][ T5874] ? mlock_drain_local+0x28d/0x490 [ 96.502617][ T5874] __folio_batch_release+0x71/0xe0 [ 96.507733][ T5874] truncate_inode_pages_range+0x3b9/0xfb0 [ 96.513487][ T5874] ? mapping_evict_folio+0x510/0x510 [ 96.518819][ T5874] ? __static_call_return0+0x9/0x10 [ 96.524083][ T5874] ? shrink_dentry_list+0x685/0x6a0 [ 96.529299][ T5874] ? sync_filesystem+0x107/0x220 [ 96.534256][ T5874] jfs_remount+0x341/0x5b0 [ 96.538705][ T5874] ? jfs_statfs+0x550/0x550 [ 96.543243][ T5874] ? hook_sb_remount+0x1b/0xc0 [ 96.548010][ T5874] ? bpf_lsm_sb_remount+0x9/0x10 [ 96.552959][ T5874] reconfigure_super+0x21e/0x8a0 [ 96.557924][ T5874] vfs_fsconfig_locked+0x16c/0x320 [ 96.563043][ T5874] __se_sys_fsconfig+0x70d/0x850 [ 96.567989][ T5874] ? __x64_sys_fsconfig+0xc0/0xc0 [ 96.573039][ T5874] ? lockdep_hardirqs_on+0x98/0x150 [ 96.578243][ T5874] ? __x64_sys_fsconfig+0x20/0xc0 [ 96.583278][ T5874] do_syscall_64+0x55/0xa0 [ 96.587710][ T5874] ? clear_bhb_loop+0x40/0x90 [ 96.592435][ T5874] ? clear_bhb_loop+0x40/0x90 [ 96.597126][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 96.603024][ T5874] RIP: 0033:0x7f8fe6b9acb9 [ 96.607444][ T5874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.627145][ T5874] RSP: 002b:00007f8fe798e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 96.635572][ T5874] RAX: ffffffffffffffda RBX: 00007f8fe6e15fa0 RCX: 00007f8fe6b9acb9 [ 96.643576][ T5874] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000004 [ 96.651551][ T5874] RBP: 00007f8fe6c08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 96.659635][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.667611][ T5874] R13: 00007f8fe6e16038 R14: 00007f8fe6e15fa0 R15: 00007ffd41c0ac38 [ 96.675603][ T5874] [ 96.697230][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 96.715887][ T5874] BUG: Bad page state in process syz.3.6 pfn:2d580 [ 96.727826][ T5874] page:ffffea0000b56000 refcount:0 mapcount:0 mapping:0000000000000000 index:0xd pfn:0x2d580 [ 96.738755][ T5874] flags: 0xfff0800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff) [ 96.752389][ T5874] page_type: 0xffffffff() [ 96.757585][ T5874] raw: 00fff0800000820c ffffea0000bbc648 ffffea0000be6f08 0000000000000000 [ 96.766299][ T5874] raw: 000000000000000d ffff8880269b0e88 00000000ffffffff 0000000000000000 [ 96.776601][ T5874] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 96.784259][ T5874] page_owner tracks the page as allocated [ 96.792213][ T5874] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94411606254, free_ts 94340491778 [ 96.811806][ T5874] post_alloc_hook+0x1c1/0x200 [ 96.818136][ T5874] get_page_from_freelist+0x1951/0x19e0 [ 96.823852][ T5874] __alloc_pages+0x1f0/0x460 [ 96.828874][ T5874] folio_alloc+0x1e/0x30 [ 96.833173][ T5874] filemap_alloc_folio+0xdf/0x490 [ 96.838407][ T5874] do_read_cache_folio+0x364/0x7d0 [ 96.843550][ T5874] do_read_cache_page+0x32/0x250 [ 96.849237][ T5874] __get_metapage+0x31a/0xfa0 [ 96.853962][ T5874] diReadSpecial+0x25b/0x710 [ 96.858647][ T5874] jfs_mount+0x3d1/0x860 [ 96.862932][ T5874] jfs_fill_super+0x4e8/0xad0 [ 96.867868][ T5874] mount_bdev+0x221/0x2d0 [ 96.872285][ T5874] legacy_get_tree+0xea/0x180 [ 96.877145][ T5874] vfs_get_tree+0x8c/0x280 [ 96.881598][ T5874] do_new_mount+0x24b/0xa40 [ 96.886104][ T5874] __se_sys_mount+0x2e7/0x3d0 [ 96.890842][ T5874] page last free stack trace: [ 96.895535][ T5874] free_unref_page_prepare+0x7b2/0x8c0 [ 96.901143][ T5874] free_unref_page+0x32/0x2e0 [ 96.905875][ T5874] __unfreeze_partials+0x1cf/0x210 [ 96.911094][ T5874] put_cpu_partial+0x17c/0x250 [ 96.915932][ T5874] __slab_free+0x319/0x400 [ 96.920420][ T5874] qlist_free_all+0x75/0xd0 [ 96.924963][ T5874] kasan_quarantine_reduce+0x143/0x160 [ 96.931316][ T5874] __kasan_slab_alloc+0x22/0x80 [ 96.936189][ T5874] slab_post_alloc_hook+0x6e/0x4b0 [ 96.941441][ T5874] __kmem_cache_alloc_node+0x13a/0x250 [ 96.947068][ T5874] __kmalloc+0xa4/0x230 [ 96.952270][ T5874] kernfs_fop_write_iter+0x159/0x520 [ 96.957692][ T5874] vfs_write+0x46c/0x990 [ 96.961974][ T5874] ksys_write+0x150/0x260 [ 96.966436][ T5874] do_syscall_64+0x55/0xa0 [ 96.970927][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 96.976960][ T5874] Modules linked in: [ 96.980881][ T5874] CPU: 1 PID: 5874 Comm: syz.3.6 Tainted: G B syzkaller #0 [ 96.989506][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 96.999583][ T5874] Call Trace: [ 97.002871][ T5874] [ 97.005807][ T5874] dump_stack_lvl+0x18c/0x250 [ 97.010583][ T5874] ? show_regs_print_info+0x20/0x20 [ 97.015849][ T5874] ? swiotlb_print_info+0x70/0x70 [ 97.020894][ T5874] ? dump_page+0xba3/0x14a0 [ 97.025414][ T5874] bad_page+0x14b/0x170 [ 97.029608][ T5874] free_unref_page_prepare+0x85f/0x8c0 [ 97.035093][ T5874] free_unref_page_list+0xbe/0x860 [ 97.040233][ T5874] ? __folio_memcg+0x63/0x160 [ 97.044952][ T5874] ? folio_memcg+0x127/0x480 [ 97.049592][ T5874] release_pages+0x1f7a/0x2200 [ 97.054396][ T5874] ? lru_cache_disable+0x30/0x30 [ 97.059360][ T5874] ? mlock_drain_local+0x79/0x490 [ 97.064415][ T5874] ? mlock_drain_local+0x79/0x490 [ 97.069472][ T5874] ? mlock_drain_local+0x28d/0x490 [ 97.074604][ T5874] __folio_batch_release+0x71/0xe0 [ 97.079824][ T5874] truncate_inode_pages_range+0x3b9/0xfb0 [ 97.085572][ T5874] ? mapping_evict_folio+0x510/0x510 [ 97.090897][ T5874] ? __static_call_return0+0x9/0x10 [ 97.096137][ T5874] ? shrink_dentry_list+0x685/0x6a0 [ 97.101360][ T5874] ? sync_filesystem+0x107/0x220 [ 97.106330][ T5874] jfs_remount+0x341/0x5b0 [ 97.110768][ T5874] ? jfs_statfs+0x550/0x550 [ 97.115291][ T5874] ? hook_sb_remount+0x1b/0xc0 [ 97.120082][ T5874] ? bpf_lsm_sb_remount+0x9/0x10 [ 97.125053][ T5874] reconfigure_super+0x21e/0x8a0 [ 97.130013][ T5874] vfs_fsconfig_locked+0x16c/0x320 [ 97.135156][ T5874] __se_sys_fsconfig+0x70d/0x850 [ 97.140124][ T5874] ? __x64_sys_fsconfig+0xc0/0xc0 [ 97.145173][ T5874] ? lockdep_hardirqs_on+0x98/0x150 [ 97.150397][ T5874] ? __x64_sys_fsconfig+0x20/0xc0 [ 97.155459][ T5874] do_syscall_64+0x55/0xa0 [ 97.159902][ T5874] ? clear_bhb_loop+0x40/0x90 [ 97.164608][ T5874] ? clear_bhb_loop+0x40/0x90 [ 97.169313][ T5874] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 97.175236][ T5874] RIP: 0033:0x7f8fe6b9acb9 [ 97.179676][ T5874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 97.199301][ T5874] RSP: 002b:00007f8fe798e028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 97.207740][ T5874] RAX: ffffffffffffffda RBX: 00007f8fe6e15fa0 RCX: 00007f8fe6b9acb9 [ 97.215766][ T5874] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000004 [ 97.223752][ T5874] RBP: 00007f8fe6c08bf7 R08: 0000000000000000 R09: 0000000000000000 [ 97.231768][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.239754][ T5874] R13: 00007f8fe6e16038 R14: 00007f8fe6e15fa0 R15: 00007ffd41c0ac38 [ 97.247754][ T5874] [ 97.273659][ T114] BUG: Bad page state in process jfsCommit pfn:5b9f0 [ 97.280533][ T114] page:ffffea00016e7c00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x5b9f0 [ 97.291541][ T114] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 97.301802][ T114] page_type: 0xffffffff() [ 97.306175][ T114] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000 [ 97.315288][ T114] raw: 000000000000002d ffff8880548305d0 00000000ffffffff 0000000000000000 [ 97.324023][ T114] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 97.331921][ T114] page_owner tracks the page as allocated [ 97.337712][ T114] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94560236691, free_ts 94551803128 [ 97.355595][ T114] post_alloc_hook+0x1c1/0x200 [ 97.361996][ T114] get_page_from_freelist+0x1951/0x19e0 [ 97.367695][ T114] __alloc_pages+0x1f0/0x460 [ 97.372332][ T114] folio_alloc+0x1e/0x30 [ 97.376606][ T114] filemap_alloc_folio+0xdf/0x490 [ 97.381711][ T114] __filemap_get_folio+0x3ea/0xbb0 [ 97.386893][ T114] pagecache_get_page+0x2a/0x250 [ 97.391882][ T114] __get_metapage+0x2a8/0xfa0 [ 97.396588][ T114] dtSplitRoot+0x203/0x16b0 [ 97.401192][ T114] dtInsert+0xed5/0x5de0 [ 97.405473][ T114] jfs_mkdir+0x75c/0xac0 [ 97.410476][ T114] vfs_mkdir+0x296/0x440 [ 97.414777][ T114] do_mkdirat+0x1dc/0x450 [ 97.419361][ T114] __x64_sys_mkdirat+0x89/0xa0 [ 97.424179][ T114] do_syscall_64+0x55/0xa0 [ 97.428864][ T114] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 97.434795][ T114] page last free stack trace: [ 97.439540][ T114] free_unref_page_prepare+0x7b2/0x8c0 [ 97.445311][ T114] free_unref_page_list+0xbe/0x860 [ 97.450488][ T114] release_pages+0x1f7a/0x2200 [ 97.455278][ T114] tlb_flush_mmu+0x377/0x510 [ 97.460961][ T114] tlb_finish_mmu+0xc3/0x1d0 [ 97.465602][ T114] exit_mmap+0x428/0xb90 [ 97.469998][ T114] __mmput+0x118/0x3c0 [ 97.474129][ T114] exit_mm+0x1f2/0x2c0 [ 97.478309][ T114] do_exit+0x8dd/0x2460 [ 97.482607][ T114] do_group_exit+0x21b/0x2d0 [ 97.487308][ T114] get_signal+0x12fc/0x13f0 [ 97.491859][ T114] arch_do_signal_or_restart+0xc2/0x800 [ 97.497477][ T114] exit_to_user_mode_loop+0x70/0x110 [ 97.502798][ T114] exit_to_user_mode_prepare+0xee/0x180 [ 97.508427][ T114] syscall_exit_to_user_mode+0x1a/0x50 [ 97.513933][ T114] do_syscall_64+0x61/0xa0 [ 97.518452][ T114] Modules linked in: [ 97.522408][ T114] CPU: 1 PID: 114 Comm: jfsCommit Tainted: G B syzkaller #0 [ 97.531098][ T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 97.541159][ T114] Call Trace: [ 97.544445][ T114] [ 97.547382][ T114] dump_stack_lvl+0x18c/0x250 [ 97.552077][ T114] ? show_regs_print_info+0x20/0x20 [ 97.557294][ T114] ? swiotlb_print_info+0x70/0x70 [ 97.562342][ T114] ? dump_page+0xba3/0x14a0 [ 97.566916][ T114] bad_page+0x14b/0x170 [ 97.571103][ T114] free_unref_page_prepare+0x85f/0x8c0 [ 97.576579][ T114] free_unref_page+0x32/0x2e0 [ 97.581282][ T114] ? __folio_put+0xef/0x210 [ 97.585791][ T114] txUnlock+0x27e/0xcb0 [ 97.589954][ T114] jfs_lazycommit+0x56e/0xa70 [ 97.594661][ T114] ? txFreelock+0x5a0/0x5a0 [ 97.599275][ T114] ? do_task_dead+0xd0/0xd0 [ 97.603782][ T114] ? __kthread_parkme+0x7a/0x1c0 [ 97.608753][ T114] kthread+0x2fa/0x390 [ 97.612837][ T114] ? txFreelock+0x5a0/0x5a0 [ 97.617338][ T114] ? kthread_blkcg+0xd0/0xd0 [ 97.621929][ T114] ret_from_fork+0x48/0x80 [ 97.626356][ T114] ? kthread_blkcg+0xd0/0xd0 [ 97.631012][ T114] ret_from_fork_asm+0x11/0x20 [ 97.635825][ T114] [ 97.640591][ T114] page:ffffea00016e7c00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x5b9f0 [ 97.651042][ T114] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff) [ 97.661325][ T114] page_type: 0xffffffff() [ 97.666119][ T114] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000 [ 97.675065][ T114] raw: 000000000000002d ffff8880548305d0 00000000ffffffff 0000000000000000 [ 97.683825][ T114] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u)) [ 97.694207][ T114] page_owner tracks the page as allocated [ 97.699970][ T114] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 5874, tgid 5873 (syz.3.6), ts 94560236691, free_ts 94551803128 [ 97.717759][ T114] post_alloc_hook+0x1c1/0x200 [ 97.722562][ T114] get_page_from_freelist+0x1951/0x19e0 [ 97.728276][ T114] __alloc_pages+0x1f0/0x460 [ 97.732944][ T114] folio_alloc+0x1e/0x30 [ 97.738247][ T114] filemap_alloc_folio+0xdf/0x490 [ 97.743674][ T114] __filemap_get_folio+0x3ea/0xbb0 [ 97.748869][ T114] pagecache_get_page+0x2a/0x250 [ 97.753847][ T114] __get_metapage+0x2a8/0xfa0 [ 97.758672][ T114] dtSplitRoot+0x203/0x16b0 [ 97.763207][ T114] dtInsert+0xed5/0x5de0 [ 97.767856][ T114] jfs_mkdir+0x75c/0xac0 [ 97.772160][ T114] vfs_mkdir+0x296/0x440 [ 97.776455][ T114] do_mkdirat+0x1dc/0x450 [ 97.782289][ T114] __x64_sys_mkdirat+0x89/0xa0 [ 97.787141][ T114] do_syscall_64+0x55/0xa0 [ 97.791603][ T114] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 97.797562][ T114] page last free stack trace: [ 97.802260][ T114] free_unref_page_prepare+0x7b2/0x8c0 [ 97.807786][ T114] free_unref_page_list+0xbe/0x860 [ 97.812927][ T114] release_pages+0x1f7a/0x2200 [ 97.817763][ T114] tlb_flush_mmu+0x377/0x510 [ 97.822936][ T114] tlb_finish_mmu+0xc3/0x1d0 [ 97.827585][ T114] exit_mmap+0x428/0xb90 [ 97.831948][ T114] __mmput+0x118/0x3c0 [ 97.836020][ T114] exit_mm+0x1f2/0x2c0 [ 97.840167][ T114] do_exit+0x8dd/0x2460 [ 97.844396][ T114] do_group_exit+0x21b/0x2d0 [ 97.849249][ T114] get_signal+0x12fc/0x13f0 [ 97.853808][ T114] arch_do_signal_or_restart+0xc2/0x800 [ 97.859454][ T114] exit_to_user_mode_loop+0x70/0x110 [ 97.864872][ T114] exit_to_user_mode_prepare+0xee/0x180 [ 97.870664][ T114] syscall_exit_to_user_mode+0x1a/0x50 [ 97.876162][ T114] do_syscall_64+0x61/0xa0 [ 97.880997][ T114] ------------[ cut here ]------------ [ 97.886465][ T114] kernel BUG at include/linux/mm.h:1458! [ 97.892429][ T114] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 97.898529][ T114] CPU: 0 PID: 114 Comm: jfsCommit Tainted: G B syzkaller #0 [ 97.907242][ T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 97.917315][ T114] RIP: 0010:put_metapage+0x253/0x340 [ 97.922656][ T114] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 87 a6 d9 fe e9 25 ff ff ff e8 4d 7f 81 fe 48 8b 3c 24 48 c7 c6 80 f7 03 8b e8 ed de c1 fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 66 83 81 [ 97.942366][ T114] RSP: 0018:ffffc90002cb7cc0 EFLAGS: 00010246 [ 97.948453][ T114] RAX: 6b8a17471c714f00 RBX: ffff8880548305d0 RCX: 6b8a17471c714f00 [ 97.956447][ T114] RDX: 0000000000000000 RSI: ffffffff8b1c7480 RDI: ffffffff8b1c7440 [ 97.964434][ T114] RBP: 000000000000007f R08: ffffffff8e8a5f2f R09: 1ffffffff1d14be5 [ 97.972434][ T114] R10: dffffc0000000000 R11: fffffbfff1d14be6 R12: ffff8880548305f8 [ 97.980431][ T114] R13: ffffea00016e7c34 R14: 1ffff1100a9060bf R15: 1ffff1100a9060cc [ 97.988425][ T114] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 97.997374][ T114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.003974][ T114] CR2: 00007ffd41c09ebc CR3: 000000006174f000 CR4: 00000000003506f0 [ 98.011967][ T114] Call Trace: [ 98.015264][ T114] [ 98.018213][ T114] txUnlock+0x427/0xcb0 [ 98.022403][ T114] jfs_lazycommit+0x56e/0xa70 [ 98.027106][ T114] ? txFreelock+0x5a0/0x5a0 [ 98.031648][ T114] ? do_task_dead+0xd0/0xd0 [ 98.036174][ T114] ? __kthread_parkme+0x7a/0x1c0 [ 98.041145][ T114] kthread+0x2fa/0x390 [ 98.045228][ T114] ? txFreelock+0x5a0/0x5a0 [ 98.049752][ T114] ? kthread_blkcg+0xd0/0xd0 [ 98.054369][ T114] ret_from_fork+0x48/0x80 [ 98.058810][ T114] ? kthread_blkcg+0xd0/0xd0 [ 98.063417][ T114] ret_from_fork_asm+0x11/0x20 [ 98.068211][ T114] [ 98.071240][ T114] Modules linked in: [ 98.081490][ T114] ---[ end trace 0000000000000000 ]--- [ 98.087121][ T114] RIP: 0010:put_metapage+0x253/0x340 [ 98.092578][ T114] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 87 a6 d9 fe e9 25 ff ff ff e8 4d 7f 81 fe 48 8b 3c 24 48 c7 c6 80 f7 03 8b e8 ed de c1 fe <0f> 0b 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff e8 66 83 81 [ 98.112263][ T114] RSP: 0018:ffffc90002cb7cc0 EFLAGS: 00010246 [ 98.118462][ T114] RAX: 6b8a17471c714f00 RBX: ffff8880548305d0 RCX: 6b8a17471c714f00 [ 98.126467][ T114] RDX: 0000000000000000 RSI: ffffffff8b1c7480 RDI: ffffffff8b1c7440 [ 98.134908][ T114] RBP: 000000000000007f R08: ffffffff8e8a5f2f R09: 1ffffffff1d14be5 [ 98.142967][ T114] R10: dffffc0000000000 R11: fffffbfff1d14be6 R12: ffff8880548305f8 [ 98.151002][ T114] R13: ffffea00016e7c34 R14: 1ffff1100a9060bf R15: 1ffff1100a9060cc [ 98.159043][ T114] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 98.168061][ T114] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.174691][ T114] CR2: 00007ffd41c09ebc CR3: 000000006174f000 CR4: 00000000003506f0 [ 98.184289][ T114] Kernel panic - not syncing: Fatal exception [ 98.191093][ T114] Kernel Offset: disabled [ 98.195427][ T114] Rebooting in 86400 seconds..