last executing test programs: 2m6.740859302s ago: executing program 0 (id=184): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc)=0x4, 0x80, 0x4, &(0x7f000000b000)={0x77359400}, 0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 2m6.304559902s ago: executing program 0 (id=186): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)={[&(0x7f0000000340)='\x00']}) 2m5.837857552s ago: executing program 0 (id=190): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000007f0095765e2708000300", @ANYRES32=r2, @ANYBLOB="0a000600ffffffffffff00000500740000000000050019"], 0x38}}, 0x0) 2m5.354184546s ago: executing program 0 (id=194): syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xad8, &(0x7f0000000e00)="$eJzs3V2IXFcdAPBzd3c2u0lrJjWxaxrbxGpbP7ppNmv8CJqUBMHQFPGlUHwJaVqDMYIV1FIwyZNvtpQUfPIDn/pSqggWREKffCnYQBH6VAV9MEQs+FCjyZTMnDN752Qmd2c/ZnZ3fj+4e+bec+78z529c+d+nXsCMLLGmn/n52eKEC6+/tLRfz7wj+mbUw61S9SbfydKY7UQQhHHJ7L3e3e8lV5/7/mT3dIizDX/pvHw+NX2vFtCCOfC7nAp1MPOi5dffHPusePnj13Y89YrB6+sztIDAMBo+fqlg/M7/vrne7Zde/Xew2FTe3raP6+nCVOt/f7Dccc/7f+Phc7xojSUTWblJuIwNt1ZbrxLuXKcWlZuokf8ySx+rUe5TeH28cdL07otN6xnaT2uh2JsNoSwuT0+NjY72zomD83j+sli9uzpM08/O6SKAivuP/eFEHaXhiMXOsfX2nBoDdRhiUNjDdRhXQ6HBxfrWqNl6Ms8oKGxddhbIICW/HrhLc7lZxaWp/1uE4uLf/XRse7zwwoY9PrfV/zJIccP4v/6vC0OK2ejrk1pudL36I44nl9HyO9fevkPnfMtyK90dE7Nr0fUFlnPXtcR1sv1hV71HB9wPZaqV/3z9WKj+nJM0+fwlY7c+zq+P/n/dL38j4Hu3s/P/xsMhrU9hI7x2nLeqzHk7Q+wduX3zTXS9dEov68vz99UkT9VkT9dkb+5In9LRT6Mst9+/6fhhWLhfFd+TN/v+fB0nu3OmH6oz/rk5yP7jZ/f99uv5cbP7yeGtez3J5449YWnnrzcuv+/aK//N+L6ng436vG7dSkWSOcL8/Pq7Xv/651xxnqUuyurz51dyjdfb+8sV2xfeJ9Q2s7cUo+Zzvm29iq3q7NcPSs3HYeprL75/snmbL60/5G2q+nzmsiWt5Ytx2RWj7Rd2RbTvB6wFGl9TPf/L7QHaN3/n9bPmVArnj595tQjcTytp38ar226OX3fgOsNLF/e/if//qffr5nQ2f7njvb02lh5u7B1YXrR2i68Ft+vc/pcO05peulHLf3OfWt8ull+9uR3zzy1wssOo+7ZHz337RNnzpz6nhdLfvHVtVGNfl6kw5a1Uh8v+n2xe7VDDHnDBKy6vT9u7QQ8fPo7J5459cyps/sPHNg/N3fgi/vn9zb36/eW9+7Lzg2htsBKWvjRH3ZNAAAAAAAAAAAAgMX6wbGjl99+4/PvtNr/L7T/S+3/052/qf3/T7L2/3k7+dQOPrUD3NYlv1kme8DqZFauFocPZ/XdnsXZkc33kZi2+/GL7f9TuPy5rqk+d2fTaz1Gs8cJ3PK8lMnsGSR5f4Efj+mFmP4qwBAV090nx/Q2z7cu3i+t6+n5FKUmvA3PB14/0v+tuTaUHmmU2n93fa5Tl/barC+DaLE47GUEuvvXSD3/+98LCz70uhh6DxODjfez0V0nGj330hfbgw3Ayhh2/59/D6246fzn2T9+bermkIpdfbRze5k/vxT68Ze3O8fXev+Tqx0/77dv0PGHvfyD7v+z3f9d3P6l7V7v7V/WY159aXH/+/Mr75TChp2LjZ8vf3oO9Pb+4l+L8dPSPBgWF7/xyyx+fkFokf6Xxd+8yPi3LP+upcX/f4yfPraH7l9s/FaNi7HOekxny5Gu/+XnjZPr2fKnZ3veJv43nuu2/EvsqPFGjA+jbL30M9uvbD+ivdNe1f9vv7//y+3/t13ZbLOW34fxuTieNsTpPoe8v5N+65/ur0i/Azuy9y8qft/0/7u+fSmmVd+H1P9vWh/r8Se/NN78LNN4rctnu1G3NbBevTtS1/8GNVxpHQYtbf6p4dff0MfQGF/CfO1+4oZc/0ajsbontCoMNThD//yHfZww7PjD/vyr5P3/5vvwef+/eX7e/2+en/f/m+dPx/9Qr/y8/9/888z7/83z787eN+8feKYi/6MV+Tu757cP2++pmH9XRf7HKvL3tPMPdZRI+ffedv6Fcr3e/66K/Psr8j9Rkf/JivwHKvIfKuWX+4BO+Z/K5i+y/I0utUfp9fkBG1fePs/3H0ZHuv7T6/u/fSF/slxksLUEVsPLr+478uRvvllvtf+fbJ8PSdfxDsfxWjw2+mEcz697h9L4zbw34vjfsvy1fr4DRkn+/Iz89//Binxg/Ur3efl+wwgqprpPjmnVc6t67eezvnw6pp+J6Wdj+nBMZ2O6N6b7Yjo3oPqxOo689ruDLxQLx/tbs/zF3k+etwfqeE5UCGH/IuuTnx/o9372/Dl+/Vpu/CU2BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiasebf+fmZIoSLr7909Injp/fenHKoXaLe/DtRGqu15wvhkZiOx/QX8cX1954/WU5vxLQIc6EIRXt6ePxqO9KWEMK5sDtcCvWw8+LlF9+ce+z4+WMX9rz1ysErq/cJAAAAwMb3QQAAAP//rA0HrQ==") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) 2m4.744742195s ago: executing program 0 (id=210): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/igmp\x00') 2m3.795852179s ago: executing program 0 (id=203): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x1, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) 2m3.052851751s ago: executing program 32 (id=203): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x1, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) 4.904986302s ago: executing program 3 (id=1020): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x63dcbf62d8600606, r1, 0x1, 0x8, 0x6, @remote}, 0x14) bind$packet(r0, &(0x7f0000000100)={0x11, 0x606, r1, 0x1, 0x1, 0x6, @multicast}, 0x14) 4.873400732s ago: executing program 2 (id=1022): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x40000, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000001340)={0x722, @tick=0x65757100, 0x0, {0x0, 0xfc}, 0x40, 0x0, 0x1}) 4.592571204s ago: executing program 3 (id=1026): prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') preadv(r0, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200) 4.330643596s ago: executing program 2 (id=1030): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xffffffffffffffff, r1, 0x1) 4.275210864s ago: executing program 3 (id=1031): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c0002800500010000000000080008400000000814000580080001"], 0x5c}}, 0x0) 4.052802744s ago: executing program 2 (id=1033): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000001940), r0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r2, 0x303, 0x70bd28, 0x0, {0xa}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0) 3.811294905s ago: executing program 1 (id=1037): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x41000000}], 0x0) 3.810684841s ago: executing program 3 (id=1038): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x210042, &(0x7f00000001c0)={[{@discard_size={'discard', 0x3d, 0xf4}}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@noquota}, {@uid}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@uid={'uid', 0x3d, 0xee01}}, {@usrquota}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x24, 0x6297, &(0x7f00000089c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jzE53vXYS76wzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6I7eZ4PiKGSxHV9tv/PBvxekR8fDzi/oM769Xi8/vsx/f//I8//OTYj/7+p+GZ//7lVv+Naevdvv3b//z17qPvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk5eqFqzcXrD9qtVqtPoJ1XTnZ3XoREZv1bar3DE7HA8ARsxmftN0FWiT/ThtExLG2OwEstKLtDnAo7j+4s16kfIv668HaTnu+FmQs/81i9/6OadNZmteYzOv5tRX9eG5Kf1bm1IdFkvPvNfO/stM+Susddv7zMi3/0c6tT52T8+838294evLvTcy/q3L+gwPl35c/AAAAAAAssPz7/xMtn/9devxd2Ze9zv+uzakPAAAAAAAAAPCkHXT8v0Fj/L9dxv8DAACAhVV9Vq/87vjDZdP+Flu1/HIR8UxjfaBj0s0yq233AwAAAAAAAAAAAAC6ZLBzDe/lImIYEc+srpZlWX3VNeuDetztj7qu7z90Wds/5AEAYMfHxxv38hcRyxFxOf2tv+Hq6mpZLq+slqvlylJ+PztaWi5Xap9r87RatjTaxxviwaisvtlybbu6WZ+XZ7U3v1/1WKOyv4+OzUeLgQNAROy8Gt2f9or0P69XR1NZPhstv8nhiNjj+OeIcvyzH20/TwEAAIDDV5ZlWaQ/530ynfPvtd0pAGAu8ut/87yAWq1Wq9Xqp6+uKye7Wy8iYrO+TfWewXD8AHDEbMYnbXeBFsm/0wYR8ULbnQAWWtF2BzgU9x/cWS9SvkX99SCN756vBRnLf7PY3i5vP2k6S/Mak3k9v7aiH89N6c/zc+rDIsn595r5X9lpH6X1Hj//cuzXhG1dYzQt/2o/T7TQn7bl/PvN/BsO+/ifl63oTcy/q3L+gwPl35c/AAAAAAAssPz7/xMLdf539Ki7M9Ne53/XJm5xeH0BAAAAAAAAgCfl/oM76/m+13z+/wsT1nP/59Mp51/Iv5Ny/r1G/l9trNevzd97+2H+/35wZ/2Pt/71+Tzdb/5LeaZIz6wiPSOK9EjFIE0fZ+8+a2vYH1WPNCx6/UG65qccvhvX4npsxNmxdXvp/+Nh+7mx9qqnw+32sr/Tfn6sfbDbnre/MNY+TFcXlSu5/XSsx8/jeryz3V61Lc3Y/+UZ7eWM9px/3/HfSTn/Qe2ryn81tReNaeXeR73PHPf16aTHeevaF39z9vB3Z6at6O/uW121fy+10J/t/5Njo/jlzY0bp29fvXXrxrlIk7Gl5yNNnrCc/zB97f78f3mnPf/crx+v9z4aHTj/RbEVg6n5v1ybr/b3lTn3rQ05/1H6yvm/k9onH/9HOf/px/+rLfQHAAAAAAAAAAAAAAAA9lKW5fYtom9FxMV0/09b92YCAPOVX//LJC+fV92f8+Op1YdWF8U8Hq9YmP1tof60nPPjD8YXtL3/avWTqOvKyd6sFxHxt/o21XuGX0/6ZgDAIvs0Iv7Zdidojfw7LP+9v2p6qu3OAHN184MPf3r1+vWNGzfb7gkAAAAAAAAA8Kjy+J9rtfGfT5Vlebex3tj4r2/H2uOO/5lvp3k4wOiUgar7B9+nvWz1Rv1ebbjxF2Pa+N/D3bm9xv8ezHi84Yz20Yz2pRntyzPaJ97oUZPzf7E23vmpiDjZGH69C+O/Nse874Kc/0u153OV/1ca69XzL39/lPPvjeV/5tb7vzhz84MPX7v2/tX3Nt7b+NmFc+fOXrh48dKlS2fevXZ94+zOvy32+HDl/PPY164D7Zacf85c/t2S8/9SquXfLTn/L6da/t2S88/v9+TfLTn//NlH/t2S838l1fLvlpz/11It/27J+b+aavl3S87/66mWf7fk/F9Ltfy7Jed/OtXy75ac/5lU7zP/lcPuF/OR889nuBz/3ZLzz1c2yL9bcv7nUy3/bsn5X0i1/Lsl5/96quXfLTn/b6Ra/t2S87+Yavl3S87/m6mWf7fk/C+lWv7dkvP/Vqrl3y05/2+nWv7dkvN/I9Xy75ac/3dSLf9uyfl/N9Xy75ac//dSLf9uyfm/mWr5d8vDv/9vxowZM3mm7Z9MAAAAAAAAAAAAAEDTPC4nbnsfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgp79xoj11nfD/zM3rx2IDEQ8nfyN7BxTGKcTXZ9iS+0LiZcG24lEAq9YLvetVnwDa9dAo1k00CJhFFRRdtQqS0g1OZNhV/wglaA8gK1QqoE7Qv6BlGh8iJCAQWkSrSCbDXnPM+zM7Nz2fWu1zPnfD6S/fOeOTPnmTPPOTu/XX/nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAoztfN/upWpZl9T/5X5uz7AX1f2+c2Jwve/WNHiEAAACwWr/K/37ulrTg8DLu1LDOv7z8O19dWFhYyN47/Oejn1tYSDdMZNnohizLb4uu/vB9tcZ1gsez8dpQw9dDPTY/3OP2kR63j/a4fazH7Rt63D7e4/YlO2CJjcXPY/IH257/c3OxS7Nbs9H8tu1t7vV4bcPQUPxZTq6W32dh9EQ2l53KZrPppvWLdWv5+l+/s76tN2dxW0MN29panyE/e+x4HEMt7OPtTdtafMzoJ6/NJn7+s8eO/92FZ29vV3vuhqbHK8a5Y1t9nJ8IS4qx1rINaZ/EcQ41jHNrm9dkuGmctfx+9X+3jvO5ZY5zeHGY66r1NR/PhvJ/fzffTyONP9ZL+2lrWPaLu7Isu7w47NZ1lmwrG8o2NS0ZWnx9xosZWX+M+lR6cTayonl65zLmab3ObG+ep63HRHz97wz3G+kwhsaX6ScfH2t43X+5cC3zNKo/607HSuscXOtjpV/mYJwX382f9BNt5+D28Pwfu7vzHGw7d9rMwfS8G+bgtl5zcGhsOB9zehFq+X0W5+CupvWH8y3V8vrM3d3n4NSF0+em5j/6sfvmTh87OXty9syeXbum9+zbd+DAgakTc6dmp4u/r3Fv979N2VA6BraFfRePgXta1m2cqgtfHFty/r3W43C8y3G4uWXdtT4OR1qfXG19Dsilc7o4Nt5d3+njV4ayDsdY/vrsXP1xmJ53w3E40nActv2e0uY4HFnGcVhf59zO5b1nGWn4024Mnb8XrG4Obm6Yg63vR1rn4Fq/H+mXOTge5sX3d3b+XrA1jPeJyZW+HxnONjV9Ux1afLrh3FNfkt7vjx/IS7t5eUf9hpvGsovzs+fvf/TYhQvnd2WhrIuXNMyV1vm6qeE5ZUvm69CK5+vhuZc/cUeb5ZvDvhq/r/7XeMfXqr7O3vu7v1b5d7f2+7Np6e4slDW23vuz3Xfz+v4cy7LPf+vjD3/jsc+/ruP+rPebn5ha/Xvx1Jc2nH9HO5x/Y9//fLG99FCPD4+OFMfvcNo7o03n4+aXaiQ/d9XybT83tbzz8Wj4s97n41u7nI+3tKy71ufj0dYnF8/HtV4/7Vid1tdzPMyTU9Pdz8f1dbbsXumcHFkyJxuPsbtCrYX9/6rQKaRTeMPc6TRv07ZGRkbD8xqJW2iep3ua1h8NvVl9W0/tDm8K0yiXN0933FWsP9xwv2i95ulEy7prPU/Tz746zdNar5++XZvW13M8zItb93Sfp/V1nt67+nPnxvjPhnPnWK85ODo8Vh/zaJqE+fk+W9gY5+D92fHsbHYqm8lvHcvnUy3f1uQDyztXjoU/632u3NJlDu5oWXet52D6PtZp7tVGlj75NdD6eo6HefHkA93nYH2d1++/hveuTUuaz5U7wpK0TsN719afr3X6mdcdLbvpes2VkTDOb+3v/rPZ+jqnDqy0z+y+n+4NS25qs59aj99Ox9RMtj77aUsY57MHOu+n+njq63zu4DLn0+Esyy59+MH8573h9yuXLn7vq02/d2n3O51LH37wpy888c8rGT8Ag+/5omwqvtc1/BBtOb//BwAAAAZC7PuHQk30/wAAAFAase+P/ys80f8DAABAacS+fyTUpAz9/x/3XmXL65+de/5SlpL5C0G8Pe2Gh4r1YsZ1Onw9sbCovvzBL8/+9z9dWt7whrIs++VDf9R2/S0PxXEVJsI4r76hefkSX71vWds++siltN3G/PoXwuPH57PcadAugjudZdnXb/lMvp2J913J69MPHc3rw5efeLy+znMHi6/j/Z95SbH+X4fw7+ETx5ru/0zYDz8Kdfot7fdHvN9Xrrxq6/73LG4v3q+27eb8aT/5/uJx4+fkfPbxYv24nzuN/xuffuor9fUffWX78V8aaj/+p8LjfjnU/3lZsX7ja1D/Ot7vk2H8cXvxfvd/6Zttx3/1U8X6595YrHc01Lj9HeHr7W98dq5xfz1aO9b0vLI3FevF7U9/70/z2+PjxcdvHf/4kStN+6N1fjz978XjTLWsH5fH7UT/2LL9+uM0zs+4/af+5GjTfu61/asPP/Oy+uO2bv/elvXOfXhnvv3Fx2v+xKa/+eRn2m4vjufwP5xrej6H3xmO47D9J98f5mO4/X+vFo/X+ukKR9/ZfP6J639h86Wm5xO9+efF9q++5mReN4xv3HTTC1548+VX1Pddln13Q/F4vbZ/8m/PNo3/i7cV+yPeHjP6rdvvJG7//Ecmz5ydvzg3k/bqY7fkn53z1mI8cby3hHNr69dHzl74wOz5iemJ6SybKO9H6F2zL4X606Jc7r72wpIz6M5Hwut5x19+fdPd//bpuPw/3l0sv/KW4vvWPWG9z4blm8Prt7LtL/Xknbflx3ft6TDChaWfF7waW7f/+MCyVgzPv/V9QZzv5176gXw/1G/Lv2/E43qV4//BTPE4Xwv7dSF8MvO22xa317h+/GyEK+8qjvdV779wmouv69+H1/ttPyoeP44rPt8fhPcx39zSfL6L8+Nrl4ZaHz//FI/L4XySXS5uj2vF/X3ludvaDi9+Dkl2+fb86z9Lj3P7ip5mJ/MfnZ86NXfm4qNTF2bnL0zNf/RjR06fvXjmwpH8szyPfLDLXf/qnizLFs9Pm/Lz08zsvr1ZfrY6W5TrbBXjz612/OceOT6zf/rumdkTxy6euPDIudnzJ4/Pzx+fnZm/+9iJE7Mf6XX/uZlDu3Yf3LN/9+TJuZlDBw4e3HNwcu7M2fowikH1sG/6Q5Nnzh/J7zJ/aO/BXQ88sHd68vTZmdlD+6enJy/2un/+vWmyfu8/nDw/e+rYhbnTs5Pzcx+bPbTr4L59u3t+GuDpcyfmJ6bOXzwzdXF+9vxU8VwmLuSL69/7et2fcpr/z+L9bKta8UF82Tvu3Zc+n7Xuyx/v+FDFKi0fIPps+Cyab7/o3IHlfB37/tFQkzL0/wAAAEAu9v1joSb6fwAAACiN2PdvCDXR/wMAAEBpxL5/PNT0XwIq0v+XLv+/5dKyti//L//fuL/k/yuW/39Xv+X/i/OF/P/aWG3+Xv4/kP+X/0/5+bEsy9YnP399xi//L//PjdRv+f/Y92/MMr//BwAAgJKKff+mUBP9PwAAAJRG7PtvCjXR/wMAAEBpxL7/BaEmFen/5f/l/+X/5f/l/9tvX/5/MMn/dyf/30nxidDy//NT2Q3Mz6/F+FeY/7+8luO/Afn/jY1fyP/Tj/ot/x/7/heGmlSk/wcAAIAqiH3/zaEm+n8AAAAojdj33xJqov8HAACA0oh9/+ZQk4r0//L/q8r/p8yV/H/z+OX/m8n/h/kg/y//vw7k/7uT/+9B/v+GXj9/0Mfv+v/y/yzVb/n/2Pe/KNSkIv0/AAAAlNbo4j9j3//iUBP9PwAAAPSfkWu7W+z7XxJqsqT/v8YNAAAAADdc7PtvzVqC4BX5/b/8v+v/y//L/8v/t9/+8vP/w5n8f/+Q/+9O/r8H+X/5/+rm/8cz+X+ug37L/+d9fzaevTTUpCL9PwAAAFRB7PtvCzXR/wMAAEBpxL7//4Wa6P8BAACgNGLfvyXUpCL9v/x/afL/v2h86eT/5f+7bV/+3/X/y0z+vzv5/x7k/+X/q5v/d/1/rot+y//Hvv/2UJOK9P8AAABQBbHvvyPURP8PAAAApRH7/v8faqL/BwAAgNKIff/WUJOK9P/y/32e/4/JUdf/l/+X/+/L/P+4/H/fkf/vTv6/B/l/+X/5f/l/1lS/5f9j3/+yUJOK9P8AAABQBbHvf3moif4fAAAASiP2/a8INdH/AwAAQGnEvn8i1KQi/f9K8v+1y/L/nVzn6/+PLeP6/03k/+X/u21f/t/1/8tM/r87+f8e5P/l/+X/5f9ZU/2W/499/52hJhXp/wEAAKAKYt+/LdRE/w8AAAClEfv+u0JN9P8AAABQGrHv3x5qUpH+3/X/ByL/n8n/y//L/8v/y/8vj/x/d/L/Pcj/y//L/8v/s6bWOP8/1Lpwpfn/2Pe/MtSkIv0/AAAAVEHs++8ONdH/AwAAQGnEvv+eUBP9PwAAAJRG7Pt3hJpUpP+X/5f/l/+X/5f/b799+f/BJP/fnfx/D/L/8v/y//L/rKl+u/5/7PtfFWpSkf4fAAAAqiD2/TtDTfT/AAAAUBqx77831ET/DwAAAKUR+/7JUJOK9P/y//L/8v/y//L/7bcv/z+Y5P+7k//vQf5f/l/+X/6fNdVv+f/Y998XalKR/h8AAACqIPb994ea6P8BAACgNGLfPxVqov8HAACA0oh9/3SoSUX6f/l/+X/5f/n/FeX/X7H4uPL/Bfn//iL/3538fw/y//L/Nzz/Pyr/T6n0W/4/9v27Qk0q0v8DAABAFcS+f3eoif4fAAAASiP2/XtCTfT/AAAAUBqx798balKR/l/+X/5f/l/+3/X/229f/n8wyf93t/b5//gU5f/l/+X/Xf9f/p+l+i3/H/v+B0JNKtL/AwAAQBXEvn9fqIn+HwAAAEoj9v37Q030/wAAAFAase8/EGpSkf5f/l/+X/5f/l/+v/325f8Hk/x/d67/34P8v/z/AOf/63NL/p9+02/5/9j3Hww1qUj/DwAAAFUQ+/5Xh5ro/wEAAKA0Yt//a6Em+n8AAAAojdj3/3qoSUX6f/l/+X/5f/n/fs//j8n/y/+vgPx/d/L/Pcj/y/8PcP7f9f/pR/2W/499/6FQk4r0/wAAAFAFse//jVAT/T8AAACURuz7XxNqov8HAACA0oh9/+FQk4r0//L/65T/jwvl/+X/5f9d/1/+/7qS/+9O/r8H+X/5f/l/+X/WVL/l/2Pf/9pQk4r0/wAAAFAFse9/MNRE/w8AAAClEfv+14Wa6P8BAACgNGLf//pQk4r0//L/rv9/4/P/o01jl/9fvJ/8f0H+X/5/JeT/u5P/70H+X/5f/l/+nzXVb/n/2Pe/IdSkIv0/AAAAVEHs+98YaqL/BwAAgNKIff+bQk30/wAAAFAase9/c6hJRfp/+X/5/xuf/3f9f/n/gvy//P9akP/vbjDz//XdKP+fyf/3/fjl/+X/Warf8v+x7//NUJOK9P8AAABQBbHvfyjURP8PAAAApRH7/reEmuj/AQAAoDRi3//WUJOK9P/y//L/8v/y//L/7bcv/z+Y5P+7G7D8/69uDstd/78g/9/f419p/n+k5evrkv//Yaf8/8KG1vvL/3M99Fv+P/b9bws1qUj/DwAAAFUQ+/63h5ro/wEAAKA0Yt//jlAT/T8AAACURuz7fyvUpCL9v/x/fRyL6WX5f/n/fIH8v/y//P/Akv/vbsDy/+H6//L/kfx/f4/f9f/l/1mq3/L/se9/Z6hJRfp/AAAAqILY9z8caqL/BwAAgNKIff+7Qk30/wAAAFAase9/d6hJRfp/+X/X/5f/l/+X/2+/ffn/wbQ2+f9h+X/5f/l/+f/+yP//l/w/g63f8v+x738k1KQi/T8AAABUQez73xNqov8HAACA0oh9/2+Hmuj/AQAAoDRi3//eUJOK9P/y/4OS/5+Q/19h/n8sLJP/l/+X/68W1//vbuv2H3dOVjaS/5f/l//vj/y/6/8z4Pot/x/7/veFmiy//x9f9poAAADADRH7/t8JNanI7/8BAACgCmLf/7uhJvp/AAAAKI3Y9/9eqElF+n/5/0HJ/7v+f+b6//L/Lc9H/l/+v531y//HM8/A5f9d/78b+X/5f/n/jvn/oR73l/+nnX7L/8e+//dDTSrS/wMAAEAVxL7//aEm+n8AAAAYCO3+T3ar2PcfCTXR/wMAAEBpxL7/aKhJRfp/+X/5f/n/Ps3//8W2f/3+d95+dJf8v/y//P+KrOv1/+sH/+Bd/1/+vxv5f/l/+X/X/2dN9Vv+P/b9x0JNFhu/t7rAPwAAAAy22Pf/QahJRX7/DwAAAFUQ+/7joSb6fwAAACiN2PfPhJpUpP+X/5f/l//v0/z/AF//P+6PQcr/T24YoPx/POnK/7e1rvn/9yzmxOX/V5r/H2u7tDX/X5P/byL/v+LxfzvLMvl/+X9uoH7L/8e+fzbUpCL9PwAAAFRB6PuHThR18Qb9PwAAAJRG7PtPhpro/wEAAKA0Yt//gVCTivT/8v/y//L/8v+u/99++32b/3f9/67k/7vrn/x/e67/L/8/yOOX/5f/Z6l+y//Hvn8u1KQi/T8AAABUQez7Pxhqov8HAACA0oh9/4dCTfT/AAAAUBqx7z8V6v+xd2dPltflHcdPk6aYKSpUKje5yAW5z5/ARbhO/oBccJOLpCqVqoCK+8bgvuK+L6i44IILKOKG4i64obiLivsu4o5aY8308zwz3f3r3+mePqfP73y/r9dFHmkdTxunkA/Dm2/pZP/r//X/+n/9v/5/+PP1/+tJ/z9O/z+H/l//r//X/7NQU+v/c/f/f9zSyf4HAACAHuTuvzxusf8BAACgGbn7r4hb7H8AAABoRu7+B8Qta7n/N+49aCWo/9f/N9v//5v+f6/P1//r/1um/x+n/5/jqPr/i2b6/yVY9fev/9f/s9vU+v/c/Q+MW9Zy/wMAAABDcvc/KG6x/wEAAKAZufuvjFvsfwAAAGhG7v4Hxy2d7P8d/f/GrM/+PzNe/X9L/f+ZXn9zpv/f9vn6f/1/y462/7/61O/59P/6f+//B/2//l//z05T6/9z9z8kbulk/wMAAEAPcvc/NG6x/wEAAKAZufsfFrfY/wAAANCM3P0Pj1s62f8TfP//9H8J3v/f+m39/0L6f+//7/h8/b/+v2Xe/x/XU/9/5V0XXn7fzf98y0E+X/+v/9f/6/9ZrKn1/7n7HxG3dLL/AQAAoAe5+x8Zt9j/AAAA0Izc/Y+KW+x/AAAAWEPHB7+au//RcUsn+3+C/f/W96X/P03/f4T9/zH9v/5f/98C/f+4nvr/c/n8Tvr/4T8onkA/f1gL+/6vm+n/9f8syNT6/9z9j4lbOtn/AAAA0IPc/Y+NW+x/AAAAmK6hvxB7RO7+q+IW+x8AAACakbv/RNzSyf7X/y+///+r/n89+n/v/+v/9f9N0P+P0//P0Uf/vyf9v/f/9f8s2tT6/9z9V8ctnex/AAAA6EHu/sfFLfY/AAAANCN3/+PjFvsfAAAAmpG7/wlxSyf7X//v/X/9v/5f/z/8+fr/9aT/H6f/n0P/f9h+/nz9v/5f/8/ZDtj/3z/yu+2F9P+5+58Yt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v/5f/6//P+f+f/dPvdP0/8P0/0dD/z9uMv3/xubgl/X/a9//e/9f/6//Z5upvf+fu/+pcUsn+x8AAAB6kLv/aXHLyP4/8J/MBwAAAFYqd//T4xa//g8AAABrL6uz3P3PiFs62f/6f/2//l//7/3/4c8f6/9vOev70/9Pi/5/3GT6/z3o//X/6/z96//1/+w2tf4/d/8z45ZO9j8AAAD0IHf/NXGL/Q8AAADNyN3/rLjF/gcAAIBm5O5/dtzSyf4f7v/P/PP6//3R/2///vX/wz8/FtX/57+j/n+0/7/U+/990v+P0//Pof/X/+v/9+r/j8/78fp/hkyt/8/d/5y4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/3v/X/+v/1+//t/7/1tW+f7/7Mj7/039/z7p/8fp/+fQ/+v/9f/j7/+P/F0A9P8MmVr/n7v/BXFLJ/sfAAAAepC7/4Vxi/0PAAAA6+Hsv3Zg519QGnL3vyhusf8BAACgGbn7Xxy3tLP/R9/q1P/r//X/+n/9//DnT6v/9/7/fun/x+n/59D/L6Of32ys/792rx8/hf7/qmX3/yP0/wzZ1v/feubrq+r/c/e/JG5pZ/8DAABA93L3vzRusf8BAACgGbn7Xxa32P8AAADQjNz9L49bOtn/S+//R/7uA/p//b/+X/+v/9f/L5r+f5z+fw79v/f/vf+v/2ehtvX/Z1lV/5+7/xVxSyf7HwAAAHqQu/+VcYv9DwAAAM3I3X9t3GL/AwAAQDNy978qbulk/3v/X/+v/9f/6/+HP1//v54O1d+fp/8v+n/9v/5f/6//ZwGm1v/n7n913NLJ/gcAAIAe5O5/Tdxi/wMAAEAzcvdfF7fY/wAAANCM3P2vjVs62f/6/+X2//l1/b/+f6b/1//r/49Et+//bwz9L9Fue/T/d/zvif/Y/hX9v/5f/6//1/+zT/8w8s9Nov8/eeaPLnP3vy5u6WT/AwAAQA9y978+brH/AQAAoBm5+98Qt9j/AAAA0Izc/dfHLQfc/2PNw7B7Lz7wD1kC/b/3//X/+n/9//Dn6//XU7f9/z55/38O/b/+X/+v/2ehJtH/n/XbufvfGLf49X8AAABoRu7+N8Ut9j8AAAA0I3f/m+MW+x8AAACakbv/LXFLJ/tf/6//1//r//X/w5+v/19P+v9x+v851qn/v/4Q/f/m8JdX3c8f1qq/f/2//p/dptb/5+6/IW7pZP8DAABAD3L3vzVusf8BAACgGbn73xa32P8AAADQjNz9b49bOtn/+n/9v/5f/6//H/58/f960v+P0//PZrMbR76Bof7/5AXT7P+9/z+571//r/9nt6n1/7n73xG3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pviFvsfAAAAmpG7/51xSyf7X/+v/9f/6/8X0P9v62v1/8P0/0dD/z9O/z/HOr3/r/+f3Pev/9f/s9vU+v/c/e+KWzrZ/wAAANCD3P03xy32PwAAADQjd/+74xb7HwAAAJqRu/+WuKWT/a//1//r//X/3v8f/nz9/3paXv8/0//r//X/c+j/9f/6f3aaWv+fu/89cUsn+x8AAAB6kLv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6/2n0/6d+H6T/1/8fnvf/x+n/59D/6//1//p/Fmq4/79qZf1/7v4PxC2d7H8AAADoQe7+W+MW+x8AAACakbv/g3GL/Q8AAADNyN3/obilk/2v/9f/b+//ZzP9v/7f+/9bjqD/PzbT/y+c/n+c/n8O/X+b/f95s4b6/+N7/nj9P1M0tff/c/ffFrd0sv8BAACgB7n7Pxy32P8AAADQjNz9H4lb7H8AAABoRu7+j8Ytnex//b/+3/v/+n/9//Dne/9/Pen/x+n/59D/t9n/e/9f/8/KTK3/z93/sbilk/0PAAAAPcjd//G4xf4HAACAZuTu/0TcYv8DAABAM3L3fzJu6WT/6//1//p//b/+f/jz9f/rSf8/Tv8/h/5f/6//1/+zUFPr/3P3fypu6WT/AwAAQA9y998et9j/AAAA0Izc/XfELfY/AAAANCN3/6fjlk72v/5f/6//X8/+/5j+X/+v/x80lf7/kkv+/U79v/5f/6//1//r/3s3tf4/d/9n4pZO9j8AAAD0IHf/Z+MW+x8AAACakbv/c3GL/Q8AAADNyN3/+bilk/2/u/8/f7ZVqG4Z6v+jUdP/n0X/v/371/8P//zw/r/+X/+/fFPp/73/f27fv/5f/7/O3/+B+v9/2f3j9f+0aGr9f+7+O+OWTvY/AAAA9CB3/xfiFvsfAAAAmpG7/4txi/0PAAAAzcjdf1fc0sn+9/6//l//r//X/w9/vv5/Pen/x+n/59D/6/+9/3/Ff/+d/p/FmVr/n7v/S3FLJ/sfAAAAepC7/8txi/0PAAAAzcjd/5W4xf4HAACAZuTu/2rc0sn+1//r//X/S+j/N4d/fuj/9f/6/+XT/4/T/5ed/9G29NP/Hxv64qr7+cNa9fe/pP7/tgu9/88am1r/n7v/a3FLJ/sfAAAAepC7/+txi/0PAAAAzcjd/424xf4HAACAZuTu/2bc0sn+1/833v+f+o3u+///8v7/js/X/+v/W6b/z/9FH6b/n6Of/n/Qqvv5df/+m3n/X//PAk2t/8/df3fc0sn+BwAAgB7k7v9W3GL/AwAAQDNy9387brH/AQAAoBm5+78Tt3Sy//X/jff/O97/35j12P+v4P3/PX5+6P/1//r/5dP/j9P/z6H/1//r//X/LNTU+v/c/fdsbHa5/wEAAGBd/ee//t/d+/3X3nP6/x6bfTduuXR2cp+/jA0AAABM3Kndv7E5m33v9G/59X8AAABoUe7+78ctnex//X9f/X+f7/8vsf8/9cH6f/2//n9S9P/j9P9z6P/1//p//T8LNbX+P3f/D+KWs4bf5oH/UwIAAABTkrv/h3FLJ7/+DwAAAD3I3f+juGXX/ve3AwQAAIB1lbv/x3FLJ7/+r/+feP8/W1L/H/86/f8W7//r/4c+X/+/nvT/4w7Z/5/c0P/r/0fo//X/+n92mlr/n7v/J3FLJ/sfAAAAGrXtzyjk7v9p3GL/AwAAQDNy9/8sbrH/AQAAoBm5+38et3Sy//X/R97/Z6q+xPf/j9c/8v5/5/3/NccGP1//r/9vmf5/nPf/59D/t9L/X6D/1/8zDVPr/3P3/yJu6WT/AwAAQA9y9/8ybrH/AQAAoBm5+38Vt9j/AAAA0Izc/feeOn/f3/5fSf8f/yad9v8He/9/n/3/P160/bPnvv+v/++j/9/j89vp///pwhO3X/Y/N92g/+eMo+z/8+eC/l//r//fMqH+3/v/+n8mYvH9/+a2Lx60/z+9+2fHZr+OWzrZ/wAAANCD3P33xS32PwAAADQjd/9v4hb7HwAAAJqRu/+3cUsn+9/7/230/zutY/+f/79eQf9/4pz7/+Oz2Wwl/X82xb33/97/1//v5v3/cfr/OfT/+n/9v/6fhVp8/7/9iwft/3P3/y5u6WT/AwAAQA9y9/8+bsn9v3HgP3UPAAAATEzu/j/ELX79HwAAAJqRu/+PcUsn+1//r/+fSv+fvP9/5se19f7/ZRWn9tn/X1z/SP+/XPr/cfr/OfT/+n/9v/6fhZpa/5+7/09xSyf7HwAAAHqQu//+uMX+BwAAgGbk7v9z3GL/AwAAQDNy9/8lbulk/+v/W+3/s4jX/+v/p9L/e//f+/9HQ/8/Tv8/h/5/zfv/+Akz0//r/5mKqfX/ufv/FgAA///MwW5u") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) unlink(&(0x7f0000000000)='./file1\x00') pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) 3.810213585s ago: executing program 2 (id=1040): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81}) write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6) 3.592135792s ago: executing program 4 (id=1043): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000040000003b00000008000300", @ANYRES32=r1, @ANYBLOB="26003300b098030008021100000108021100000050505050500000f91000c280010003005c020000080057"], 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 3.467301368s ago: executing program 2 (id=1045): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x8, &(0x7f0000000300)={[{@errors_continue}, {@discard_unit_section}, {@alloc_mode_def}, {@six_active_logs}, {@acl}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@compress_cache}, {@background_gc_off}, {@nobarrier}, {@compress_cache}, {@lfs_mode}, {@errors_remount}, {@nocheckpoint_merge}, {@segment_mode}, {@inline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x163) fallocate(r0, 0x0, 0x0, 0x2000402) lseek(r0, 0xfff, 0x4) 3.149081374s ago: executing program 6 (id=1046): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f0000000040)=ANY=[], 0xfd, 0x1502, &(0x7f00000002c0)="$eJzs3Au0TlX3MPA511qb4+TyJLnvuebmSS6LJAklySVJkpA7CUmSJEnikFsSkpDrSXIPuZN03O+X3JNOXkmShIQk6xuny+ffe/l73/fr/+n/nvkbY4+z5rP3XHuuM8dznr33GOf5usvQqg2qVarLzPDv0L8N8JcfSQCQAAADACAbAAQAUDp76exp+zNpTPq3TiL+h9SbfrUrEFeT9D99k/6nb9L/9E36n75J/9M36X/6Jv1P36T/QqRrM/NcK1v63eT5//9y6v8lWT7/0wX8Rzuk//9p9L90tPQ/fZP+p2/S//RN+p+eBVe7AHGVyfs/fZP+C5Gu/eHPlDeev9rPtGX7FzYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g/P+MgMAv42vdl1CCCGEEEIIIYT44/j3rnYFQgghhBBCCCGE+J+HoECDgQAyQEZIgEyQCNdAZsgCWSEbxOBayA7XQQ64HnJCLsgNeSAv5IP8EAKBBYYICkBBiMMNUAhuhMJQBIpCMXBQHErATVASboZScAuUhluhDNwGZaHcz+dMcydUhLugEtwNlaEKVIVqcA9Uh3uhBtwHNeF+qAUPQG14EOrAQ1AX6kF9eBgaQENoBI2hCTSFZtAcWlwhPznb38t/AbrDi9ADekIS9ILe8BL0gb7QD/rDAHgZBsIrMAhehcEwBIbCazAMXofh8AaMgJEwCt6E0TAGxsI4GA8TIBnegonwNkyCdxpmgSkwFabBdJgBM+FdmAWzYQ68B3NhHsyH5EwLYREshiWwFN6HZfABLIcPIQVWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHT6CHbATdsFu2AN7YR98DPvhEzgAn0IqfvYv5p/7fT50RUBAhQoNGsyAGTABEzAREzEzZsasmBVjGMPsmB1zYA7MiTkxN+bGJMyL+TE/EhIyMhbAAhjHOBbCQlgYC2NRLIoOHZbAElgSb8ZSWApLY2ksg2WwLJbDcng73o4VsAJWxIpYCSthZayMVbEq3oP34L1YA2tgTayJtbAW1sbaWAfrYF2si/WxPjbABtgIG2ETbILNsBm2wBbYEltiK2yFbbANtsW22A7bYXtsjx2wA3bEjtgJO2Fn7IxdsAt2xefxeXwBX8AX8UXsiZVVL+yNvbEP9sF+2B/748s4EF/BV/BVHIxDcCi+hq/h6zgcz+IIHImjcBRWUGNwLI5DVhMwGZMxI0zESTgJJ+MUnILTcDrOwJk4E2fhbJyN7+FcnIfzcAEuwEW4GBfrtDfAMlyGy/EcpuAKXImrcDWuwdW4DtfjOtyIm3AjbsEtuA234Uf4Ee7Enbgbd+Ne3Isf48f4CX6CgzEVU/EgHsRDeAgP42E8gkfwKB7FY3gMj+NxPIEn8CSewtN4Cs/gGTyL5/A8AFzAC3gRL+IlvJT25ldpjDIqg8qgElSCSlSJKrPKrLKqrCqmYiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaRKqAKqLiKq0KqkCqsCquiqqhyyqkSqoQqqUqqUqqUKq1uVWXUbaqsKqdau9vV7aqCauMqqrtUJVVJVVZVVFVVTVVT1VV1VUPVUDVVTVVL1VK11YOqjuqF/bCeSutMAzUEG6mh2EQ1Vc1Uc/U6PqJaquHYSrVWbdRjaiSOwHaqpWuvnlQd1FjsqJ5W4/AZ1VlNwC7qOdVVPa+6qRdUd9XK9VA91WTspXqradhH9VX9VH81C6uotI5VVa+qFzIOUUPVa2oRvq6GqzfUCDVSjVJvqtFqjBqrxqnxaoJKVm+pieptNUm9oyarKWqqmqamqxlqpnpXzVKz1Rz1npqr5qn5aoFaqBapxWqJWqreV8vUB2q5+lClqBVqpVqlVqs1aq1ap9arDWqj2qQ2qy1qq9qmtquP1A61U+1Su9UetVftUx+r/eoTdUB9qlLVZ+qg+os6pD5Xh9UX6oj6Uh1VX6lj6mt1XH2jTqhv1Ul1Sp1W36kz6nt1Vp1T59UP6oL6UV1UP6lLyivQqJXW2uhAZ9AZdYLOpBP1NTqzzqKz6mw6pq/V2fV1Ooe+XufUuXRuk0fn1fl0fh1q0lazjnQBXVDH9Q26kL5RF9ZFdFFdTDtdXJfQN+mS+mZdSt+iS+tbdRl9my6ry+nyHvQduoK+U1fUd+lK+m5dWVfRVXU1fY+uru/VNfR9uqa+X9fSD+ja+kFdRz+k6+p6ur5+WDfQDXUj3Vg30U11M91ct9CP6Jb6Ud1Kt9Zt9GO6rX5ct9NP6Pb6Sd1BP6U76qd1J/2M7qyf1V30c7qrfl530z/pS9rrHrqnTtK9dG/9ku6j++p+ur8eoF/WA/UrepB+VQ/WQ/RQ/Zoepl/Xw/UbeoQeqUfpN/VoPUaP1eP0eD1BJ+u39ET9tp6k39GT9RQ9VU/T0/UM3e/Xmeb8E/lv/538QT+ffZverj/SO/ROvUvv1nv0Xr1P79P79X59QB/QqTpVH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Qp/Up/QP+jt9Rn+vz+pz+pz+QV/QF/TFX38HYNAoo40xgclgMpoEk8kkmmtMZpPFZDXZTMxca7Kb60wOc73JaXKZ3CaPyWvymfwmNGSsYROZAqagiZsbTCFzoylsipiixoMzxU0Jc9O/mV/M/JZ/pfpamBampWlpWplWpo1pY9qatqadaWfam/amg+lgOpqOppPpZDqbzqaL6WK6mq6mm+lmupvupofpYZJMkultXjJ9TF/Tz/Q3AwDMQDPQDDKDzGAz2Axd8pQZZoaZ4Wa4GWFGmFFmlBltRpuxZqwZb8abZJ/NTDQTzSQzyUw2k83UAdnMdDPdzDQzzSwzy8wxc8xcM9fMN/PNQrPQLDaLzVKz1Cwzy8xys9ykmBVmhVllVpk1Zo1ZZ9aZDWaD2WQ2mS1mi0kx2812s8PsMLvMLrPH7DH7zD6z3+w3B8wBk2pSzUFz0Bwyh8xhc9gcMUfMUXPUHDPHzHFz3JwwJ8xJc9KcNqfNGXPGnDVnzXlz3lwwF8xFc9FcMpfSLvsCFajABCbIEGQIEoKEIDFIDDIHmYOsQdYgFsSC7EH2IEdwfZAzyBXkDvIEeYN8Qf4gDCiwAQdRUCAoGMSDG4JCwY1B4aBIUDQoFrigeFAiuCkoGdwclApuCUoHtwZlgtuCskG5oHxwe3BHUCG4M6gY3BVUCu4OKgdVgqpBteCeoHpwb1AjuC+oGdwf1AoeCGoHDwZ1goeCukG9oH7wcNAgaBg0ChoHTYKmQbOgedDiD53f+7O5HnU9wp5hUtgr7B2+FPYJ+4b9wv7hgPDlcGD4SjgofDUcHA4Jh4avhcPC18Ph4RvhiHBkOCp8MxwdjgnHhuPC8eGEMDl8K5wYvh1OCt8JJ4dTwqnBtHB6OCOcGb4bzgpnh3PC98K54bxwfrggXBguCvGXS2JYFn4QLg8/DFPCFeHKcFW4OlwTrg3XhevDDeHGcFO4OdxSeuAvh4Y7wp3hrnB3uCfcG+4LPw73h5+EB8JPw9Tws/Bg+JfwUPh5eDj8IjwSfhkeDb8Kj4Vfh8fDb8IT4bfhyfBUeDr8LjwTfh+eDc+F58Mfwgvhj+HF8KfwUujTLu7TPt7JkKEMlIESKIESKZEyU2bKSlkpRjHKTtkpB+WgnJSTclNuykt5KT/lpzRMTAWoAMUpToWoEBWmwlSUipIjRyWoBJWkklSKSlFpKk1lqAyVpbJUnsrTHXQH3Ul30l10F91Nd1MVqkLVqBpVp+pUg2pQTapJtagW1abaVIfqUF2qS/WpPjWgBtSIGlETakLNqBm1oBbUklpSK2pFbagNtaW21I7aUXtqTx2oA3WkjtSJOlFn6kxdqAt1pa7UjbpRd+pOPagHJVES9abe1If6UD/qRwNoAA2kgTSIBtFgGkxDaSgNo2E0nIbTCBpJo+hNGk1jaCyNo/E0gZIpmSbSRJpEk2gyTaapNJWm03SaSTNpFs2iOTSH5tJcmk/zaSEtpMW0mJbSUlpGy2g5LacUSqGVtJJW02paS2tpPa2njbSRNtNm2kpbaTttpx20g3bRLtpDe2gf7aP9tJ8O0AFKpVQ6SAfpEB2iw3SYjtAROkpH6Rgdo+N0nE7QCTpJJ+k0naYzdIbO0lk6T+fpAv1IF+knukSeEmwmm2ivsZltFpvVZrN/Hee2eWxem8/mt6HNaXP9LiZrbWFbxBa1xayzxW0Je9PfxGVtOVve3m7vsBXsnbaiLWszwX+Nq9t7bQ17n61p77fV7D2/i2vZB2xt29DWsY1tXdvU1rfNbQPb0DayjW0T29Q2s81tW/u4bWefsO3tk7aDfepv4qX2fbvebrAb7Sa7335iz9sf7DH7tb1gf7Q9bE87wL5sB9pX7CD7qh1sh/w+BrCj7Jt2tB1jx9pxdryd8DfxVDvNTrcz7Ez7rp1lZ/9NvNgusXPtMjvfLrAL7aKf47SaltkP7HL7oU2xK+xKu8qutmvsWrvu/9a6ym6xW+02u89+bHfYnXaX3W332L0/x2nrOGA/tan2M3vUfmUP2c/tYXvcHrFf/hynre+4/caesN/ak/aUPW2/s2fs9/asPffz+tPW/p39yV6y3gIjK9ZsOOAMnJETOBMn8jWcmbNwVs7GMb6Ws/N1nIOv55yci3NzHs7L+Tg/h0xsmTniAlyQ43wDF+IbuTAX4aJcjB0X5xJ8E5fkm7kU38Kl+VYuw7dxWS7H5fl2voMr8J1cke/iSnw3V+YqXJWr8T1cne/lGnwf1+T7uRY/wLX5Qa7DD3Fdrsf1+WFuwA25ETfmJtyUm3FzbsGPcEt+lFtxa27Dj3Fbfpzb8RPcnp/kDvwUd+SnuRM/w535We7Cz3FXfp678QvcnV/kHtyTk7gX9+aXuA/35X7cnwfwyzyQX+FB/CoP5iE8lF/jYfw6D+c3eASP5FH8Jo/mMTyWx/F4nsDJ/BZP5Ld5Er/Dk3kKT+VpPJ1n8Ex+l2fxbJ7D7/FcnsfzeQEv5EW8mJfwUn6fl/EHvJw/5BRewSt5Fa/mNbyW1/F63sAbeRNv5i28lbfxdv6Id/BO3sW7eQ/v5X38Me/nT/gAf8qp/Bkf5L/wIf6cD/MXfIS/5KP8FR/jr/k4f8Mn+Fs+yaf4NH/HZ/h7Psvn+Dz/wBf4R77IP/El9gwRRirSkYmCKEOUMUqIMkWJ0TVR5ihLlDXKFsWia6Ps0XVRjuj6KGeUK8od5YnyRvmi/FEYUWQjjqKoQFQwikc3RIWiG6PCUZGoaFQsclHxqER0U1QyujkqFd0SlY5ujcpEt0Vlo3JR+ej26I6oQnRnVDG6K6oU3R1VjqpEVaNq0T1R9ejeqEZ0X1Qzuj8qFT0Q1Y4ejOpED0V1o3pR/ejhqEHUMGoUNY6aRE2jZlHzqEX0SNQyejRqFbWO2kSPRW2jx6N20RNR++jJqEP01OX9RYJfPk3/an9S1CvSvz4hu08vjC+KL44viS+Nvx9v2OWXV1PiK+Ir46viq+Nr4mvj6+Lr4xviG+Ob4pvjW+Jb49vi3lfLCA7TboTBuMBlcBldgsvkEt01LrPL4rK6bC7mrnXZ3XUuh7ve5XS5XG6Xx+V1+Vx+Fzpy1rGLXAFX0MXdDa6Qu9EVdkVcUVfMOVfclXDNXQvXwrV0j7pWrrVr4x5zj7nH3ePuiYRfC3cd3dOuk3vGdXbPumfdc66re951cy+47u5F18P1dEkuyfV2vV0f18f1c/3cADfADXQD3SA3yA12g91QN9QNc8PccDfcjXAj3Cg3yo12o91YN9aNd+Ndskt2E91EN8lNcpPdZDfVTXXT3XQ30810s9wsN8fNcXPdXDffzXcL3UK32C12S91St8wtc8vdcpfiUtxKt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7XK73B63x+1z+9x+t98dcAdcqkt1B91Bd8gdcofdF+6I+9IddV+5Y+5rd9x94064b91Jd8qddl6fcd+7s+6cO+9+cBfcj+6i+8ldct4lx96KTYy9HZsUeyc2OTYlNjU2LTY9NiM2M/ZubFZsdmxO7L3Y3Ni82PzYgtjC2KLY4tiS2NLY+7FlsQ9iy2MfxlJiK2IrY6tiq2NrYt7n2xH5Ar6gj/sbfCF/oy/si/iivph3vrgv4W/yJf3NvpS/xZf2t/oy/jZf1pfz5X1j38Q39c18c9/CP+Jb+kd9K9/at/GP+bb+cd/OP+Hb+yd9B/+U7+if9p38M76zf9Z38c/N+7XLvrt/0ffwPX2S7+V7+5d8H9/X9/P9/QD/sh/oX/GD/Kt+sB/ih/rX/DD/uh/u3/Aj/Eg/yr/pR/sxfqwf58f7CT7Zv+Un+rf9JP+On+yn+Kl+mp/uZ/iZ/l0/y8/2c/x7fq6f5+f7BX6hX+QX+yV+qX/fL/Mf+OX+Q5/iV/iVfpVf7df4tX6dX+83+I1+k9/st/itfpvf7j/yO/xOv8vv9nv8Xr/Pf+z3+0/8Af+pT/Wf+YP+L/6Q/9wf9l/4I/5Lf9R/5Y/5r/1x/40/4b/1J/0pf9p/58/47/1Zf86f9z/4C/5Hf9H/5C/J/6wJIYQQQvxT9BX29/o7r6lftzS9ASDLzjxH/nrOzTl/GfdV+zvEAODJnl3q/bbVq5eUlPTrsSkagoILACB2Of/n7x/4NV4BbeBxaA+toeTfra+vKv/zdd9/N3/8VoBEgEy/5aTdHiXCX89/8z+Yv/ESvtL8CwAKF7yck3ai3+LL85f6B/PvbXuF+TN9ngzQ6r/kZIbL8eX5S8Cj8BS0/92RQgghhBBCCCHEL/qqC12vdH+bdn+e11zOyQiX4yvdn19BxT9iDUIIIYQQQgghhPjvPfN8tycead++daf/5EHGP0cZf4IBAsCfoAwZ/PkHV/svkxBCCCGEEOKPdvmi/2pXIoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF///jeEqX/64Ku9RiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOJq+z8BAAD//1zoUn8=") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 3.134084881s ago: executing program 4 (id=1047): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0xffffffffffffff0e, 0x2, {0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x40014) 2.74335577s ago: executing program 4 (id=1049): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x41460, 0x0) 2.593543601s ago: executing program 6 (id=1050): r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000280)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@local, 0x0, 0x0, 0x4e23, 0x0, 0xa, 0x0, 0x0, 0x88, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x10000000, 0x0, 0x0, 0x1, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012000007a18208"], 0x50}}, 0x0) 2.397892504s ago: executing program 4 (id=1051): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.280313711s ago: executing program 1 (id=1052): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x6, 0x2, 0x7, "ea7174ddb80fc70000020000000000d3a2d975", 0x2, 0x4}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)) 2.116417418s ago: executing program 6 (id=1053): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0) pwrite64(r0, &(0x7f0000000280)="9b", 0x1, 0x8080c61) fallocate(r0, 0x3, 0x8619, 0x8000c5e) 2.113818182s ago: executing program 3 (id=1065): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020722500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) stat(&(0x7f0000001840)='./file0\x00', &(0x7f0000001880)) 2.091472944s ago: executing program 5 (id=1054): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x30, r2, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_MAC={0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000004}, 0xc000) 2.032506288s ago: executing program 4 (id=1055): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_clone(0x42080000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 1.960694857s ago: executing program 1 (id=1056): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='-1'], 0x27) 1.894264757s ago: executing program 5 (id=1057): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) setpriority(0x2, 0xff, 0x0) 1.662978838s ago: executing program 1 (id=1058): unshare(0xa020480) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200), 0x25, 0x4be, &(0x7f0000001080)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZa+ttM2jzL3pfP5JCf3nnvKfL+H4Z5zOZ3MCaBvXYqIjYg4FRGPImK8cz3plLjbLtnPvX3zbHbzzbPZJJrNB/9NWu3ZtdjxZzJnOq85EhE/+3HEL5O9cetr64szlUp5pVMvNqrLxfra+vWF6sx8eb68VCpNT01P3r5xq3Rsfb1Y/ePrHy3c+/lf/vzNV3/b+MGvs7TGOm07+3Gc2l0f2o6TGYyIex8iWA4GOv05lXcifC5pRHwpIi5n938z72wAgF5oNsejOb6zDgCcdGlrDSxJC521gLFI00KhvYZ3IUbTSq3euPa4tro0114rm4ih9PFCpTzZWSuciKEkq0+1zt/VS7vqNyLifET8Zvh0q16YrVXm8nzwAYA+dmbX/P/RcHv+BwBOuJG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWn9+9npbnZ+f7ruSdrq4u1J9fnyvXFQnV1tjBbW1kuzNdq863v7Kke9nqVWm156masPi02yvVGsb62/rBaW11qPGx9r/fD8lBPegUAHOT8xZf/SCJi487pVokdezmYq+FkS/NOAMjNQN4JALkZzDsBIDf+jw9979DHgK4fEXpx7LkAPXL1a9b/oV9Z/4f+Zf0f+pf1f+hfzWZiz38A6DPW+IHkkHa//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9xlolSQudvcDHIk0LhYizETERQ8njhUp5MiLORcTfh4eGs/pU3kkDAO8p/XfS2f/r6viVsd2tp5KPh1vHiPjV7x789ulMo7EylV3/3/b1xovO9VIe+QMAh9map7fm8S1v3zyb3Sq9zOf1D9ubi2ZxNzul3TIYg63jSAxFxOj/k069LXteGTiG+BvPI+Kr+/U/aa2NTHR2Pt0dP4t9tqfx08/ET1tt7WP2d/HlY8gF+s3LbPy5u9/9l8al1nH/+3+kNUK9v63xb3PP+Jduj38DXca/S0eNcfOvP+na9jzi64P7xU+24ydd4l85Yvx/fuNbl7u1NX8fcTX2j78zVrFRXS7W19avL1Rn5svz5aVSaXpqevL2jVulYmuNuri1Ur3Xf+5cO3dQ/0e7xB85pP/fPWL///DJo198+4D43//O/u//hQPiZ3Pi944Yf2b0T123787iz3Xp/2Hv/7Ujxn/1r/W5I/4oANAD9bX1xZlKpbzipGcn2bPbFyANJ7mdZP8CjuN1vvIBU817ZAI+tHc3fd6ZAAAAAAAAAAAAAAAA3bz7/H+ysfvKcZ3k3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOrk8DAAD//20p074=") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)={@cgroup=r0, r0, 0x2f, 0x18, 0x4, @void, @value=r0}, 0x20) 1.662671539s ago: executing program 5 (id=1059): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x6, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) clock_getres(0xa24995bb17609221, 0x0) 1.542575276s ago: executing program 6 (id=1060): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x54, 0x8, 0x7, {0x80c, 0x1}, {0x49, 0x400}, @rumble={0xdd, 0x8}}) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000000)=""/32) 1.426813572s ago: executing program 5 (id=1061): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)={0x54, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x24, 0x51, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DEFAULT={0x4}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x48000) 1.157626451s ago: executing program 6 (id=1062): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x44000) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2}) 1.067897047s ago: executing program 1 (id=1063): r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r2 = fanotify_init(0x20, 0x0) fanotify_mark(r2, 0x445, 0x1003, r1, 0x0) 936.624607ms ago: executing program 2 (id=1064): syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 936.255647ms ago: executing program 5 (id=1066): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000ec0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x3, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x9d}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 423.977137ms ago: executing program 4 (id=1067): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000001200000008000300", @ANYRES32=r2, @ANYBLOB="0a00060008021100000100001e001f"], 0x58}}, 0x0) 218.048974ms ago: executing program 6 (id=1068): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13) write(r0, &(0x7f0000000280)="f6", 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000340)={0x7f, 0x4f34, 0x800, 0x6, 0x4, "5f730000a9003f00"}) 216.231409ms ago: executing program 5 (id=1069): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x34, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0) recvfrom(r0, &(0x7f00000000c0)=""/10, 0xa, 0x0, 0x0, 0x0) 199.258295ms ago: executing program 3 (id=1070): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000180)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00598f2f223a0a12f76404ad3bd59a04fbd75d1008c039c51a2a013e63af1c9ed7416faa1e2ea98d0f1c7337a5c81920988a4299a77054cdb12285fd7a0e5b43382d962372b73042593a5bd6b7db4a1b3721c62f11018727c29f3a1bd1e554474ea0d1da2a20b205df342a04a34b65e16a23e8e7811a984963073ebcbead85f9e4332bdef4c1ce54a1c6f7a47b75aa95b9e8cb616be40a0000b1309ee426d1803ef09abb9509846c34b9ac0bf109cedbd12c850effda9ae677566159f9c83da7ff6e247e3ac43c0a663c8c83650692e474bac2c047b238601bd5187d6bed82fe2034512ef11b74a98252198c4402bcf3165561157678e9d50831c27d1094a04d8c7607d7164033cda7a8170482"], 0x1, 0x4446, &(0x7f00000088c0)="$eJzs3c9vE9kdAPA3k1ASSiChVKJSpVoqUqu2ihJObYPUEAIhgZSKFlT1YpzEQFonRolT9cAhvSH1VKmHqgdEJW45IQ690j+hlx7Z0x6Qdg97WWklpKxsjxPPxN6YyE427OdzyHjeb/s78/yMNLw4UXm0vJ5bXs8VVnPlxQfrl3J/Lpc2VoohPiQt+z9xeP3TmV5cJ0d97X2T3b56/bf3LoXw36X/v93e3t4OVf2hpfGm159/9mSx+dgQZ+pU223dWrf8IYRwfs+4qvpCCL//TwhRCOFKkjaVHAdDCEOhnnfvyd/u57o0mpdvipfz7+afvpq4OLf17FX79x6F8K/S9372cOWTH/ZNfPSTLnUPAAAAAAAAAAAAAAAAAMAxN3Pn9t3fjI2H11Ho34r2Pq87kxzbPR+73TU/6P2bBQAAAAAAAAAAAAAAAAAAgK+p3ef/c9G5Fs//TyfHyTb1t3/V+zHSO7O/vj19bWw82f892pP/8yTp0yt9YaTFvu/Z/d+vZOq33v99bz8H1Rhfo9/hEMWjzefV/NEQ/p1s/H4hOhWXyuuVnz4ob6wudW0Yx1Y6/vXd+1PRSTb07zT+U5n2e7///3f2XE3V8/vdu8Q+aOn497Ut9+KvUUfxv5qpdxjxP7CBbo7jeErHv7+WNthcYLI+AVTj//f+/eM/nWm/V/E/E0LIRdWx5lIzQHUNU01vt14hLR3/E7W01NSZfJDt7v8vMvG/lmn/qOb/zewXES2l4/+tWlp6Wty9/0fi/e//65n2jyL+1fFv+v7vSDr+J+uJ/akitU/yxdnO5v+ZTPu9iv/dOBnnmSh1BWxF9fR2/18daen4710Q7f7+izta/93I1D+s33+Nfhu//xrT/4+jOB4d7Vp3H5x0/Afblut0/Tebqdfr+X+ytv7joNLxP1VLS6+dh2t/O43/XKb9bPw//nZ3xl1blQw04r87nwydrKc/t/7rSDr+SXDi5hKbtb+19V+0//r/Zqb9o1j/Vce/Gfe21w9FOv6ns9nfnUheVOP/vw6+/29lGvjq+Lf/96b3MWatf2Dp+A+1LVe7/wf2j/98pl6v7/8f9bJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGNgKjkOhygeTZ3H8ehoCFeT8wvhVLRQWMovlMqLf1oPYTpJz4Vz0cNSeaFQyi+vlpeK+UKpVF4M4VqSfz4MROulciW/Unh8faetwehRsbBWWSgWKiGEmST9+2Go0dbCcmWl8DiEcGMn72xcXnv8qLCaX1pe++XY2NhYmN0Zw0hU/EuluFqp917PDWFup+5w1DS4WvbNnbGcjv5Y3lhbLZRq6bea6pTKi4VSU535JO8fYSSqrG2sLhYqxXyp/LDR31GaTI7Ts3d+d+fW+J78+1H9OHW4wwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPb2e+MU/Qwj99bM4hDDZeBG1Kv/yTfFy/t3801cTF+e2nj1/264cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCX7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEiBqIwAL8ZC2PnMaxC0tlGFNHCiOAJ9BgeRo/iJbyDhYWthQg6A5KdwDa71fc1D/IT3oP5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYzuXdfH87jBEpuu/DiNfHt/f/+XWZz2ft/w/2cCO7c3Uzn18MY3n3tJGflk8fU/5Nvz6fHqIxq5dFT5Z9+lP3HK3e1epb1yhbva/uPY6U+4iYSn6Scu771TUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+Vtn0bUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKwAA///XDB6/") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) unlink(&(0x7f0000000080)='./file1\x00') lseek(r0, 0x6, 0x4) 0s ago: executing program 1 (id=1071): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0xff, 0x71, 0x20, 0x9c4, 0x11, 0xb01c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x4, 0x10, 0x0, [{{0x9, 0x4, 0x7e, 0x10, 0x2, 0x26, 0xd5, 0x18, 0x8, [], [{{0x9, 0x5, 0x6, 0x2, 0x3ff}}, {{0x9, 0x5, 0x82, 0x2, 0x8}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000880)={0x2c, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0003f4000000f403"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f00000004c0)={0x14, 0x0, &(0x7f0000000e00)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="400b13"], 0x0, 0x0, 0x0, 0x0}, 0x0) kernel console output (not intermixed with test programs): t/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fee5d58e929 code=0x7fc00000 [ 185.456858][ T5845] udevd[5845]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 185.467802][ T6166] udevd[6166]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 185.529222][ T7084] BTRFS info (device loop5): rebuilding free space tree [ 185.676825][ T7160] loop6: detected capacity change from 0 to 8 [ 185.814433][ T7160] SQUASHFS error: lzo decompression failed, data probably corrupt [ 185.876093][ T7160] SQUASHFS error: Failed to read block 0x91: -5 [ 185.897379][ T7160] SQUASHFS error: Unable to read metadata cache entry [8f] [ 185.960102][ T7160] SQUASHFS error: Unable to read inode 0x13f [ 186.003777][ T7167] loop1: detected capacity change from 0 to 256 [ 186.316617][ T6819] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 186.423503][ T7173] loop4: detected capacity change from 0 to 256 [ 186.550082][ T7173] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 186.583092][ T9] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 186.665574][ T7179] loop1: detected capacity change from 0 to 64 [ 186.775827][ T9] usb 3-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 186.803913][ T7180] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode [ 186.807691][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.845654][ T7173] exFAT-fs (loop4): start_clu is invalid cluster(0x400) [ 186.874683][ T7180] macsec1: entered allmulticast mode [ 186.912914][ T7180] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode [ 186.914838][ T9] usb 3-1: config 0 descriptor?? [ 187.012030][ T9] usb 3-1: invalid MIDI EP [ 187.030771][ T7180] mac80211_hwsim hwsim16 wlan0: left allmulticast mode [ 187.037624][ T9] usb 3-1: snd-bcd2000: error during probing [ 187.047763][ T9] snd-bcd2000 3-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 187.062149][ T5929] kernel write not supported for file /amidi2 (pid: 5929 comm: kworker/0:5) [ 187.085967][ T7180] mac80211_hwsim hwsim16 wlan0: left promiscuous mode [ 187.238522][ T5841] hfs: node 4:3 still has 1 user(s)! [ 187.251494][ T5929] usb 3-1: USB disconnect, device number 4 [ 187.496401][ T30] audit: type=1326 audit(1749564003.049:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7185 comm="syz.1.337" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9211f8e929 code=0x0 [ 187.746267][ T7193] loop6: detected capacity change from 0 to 1024 [ 187.840447][ T7193] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.207047][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.008749][ T7221] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 189.008749][ T7221] program syz.6.351 not setting count and/or reply_len properly [ 189.224599][ T7200] loop5: detected capacity change from 0 to 40427 [ 189.261602][ T7200] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 189.302243][ T7200] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 189.362632][ T7200] F2FS-fs (loop5): invalid crc value [ 189.751718][ T7200] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 189.771196][ T7200] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 189.840919][ T7205] loop4: detected capacity change from 0 to 40427 [ 189.903909][ T7205] F2FS-fs (loop4): build fault injection rate: 690 [ 189.938874][ T7205] F2FS-fs (loop4): heap/no_heap options were deprecated [ 189.975153][ T7205] F2FS-fs (loop4): Image doesn't support compression [ 190.020591][ T7215] loop1: detected capacity change from 0 to 32768 [ 190.049743][ T7205] F2FS-fs (loop4): invalid crc value [ 190.066033][ T7215] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.348 (7215) [ 190.168481][ T7215] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 190.233646][ T6819] syz-executor: attempt to access beyond end of device [ 190.233646][ T6819] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 190.263429][ T7215] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 190.293901][ T6819] CPU: 0 UID: 0 PID: 6819 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 190.293951][ T6819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 190.293973][ T6819] Call Trace: [ 190.293984][ T6819] [ 190.293998][ T6819] dump_stack_lvl+0x16c/0x1f0 [ 190.294066][ T6819] f2fs_handle_critical_error+0x621/0x9f0 [ 190.294116][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.294161][ T6819] ? f2fs_build_fault_attr+0x53/0x1f0 [ 190.294211][ T6819] f2fs_write_end_io+0x785/0xc20 [ 190.294266][ T6819] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 190.294323][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.294380][ T6819] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 190.294428][ T6819] bio_endio+0x70d/0x850 [ 190.294472][ T6819] submit_bio_noacct+0x56d/0x1eb0 [ 190.294537][ T6819] __submit_merged_bio+0x33c/0x770 [ 190.294594][ T6819] __submit_merged_write_cond+0x319/0x3f0 [ 190.294666][ T6819] f2fs_write_cache_pages+0x2067/0x2570 [ 190.294755][ T6819] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 190.294821][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.294864][ T6819] ? __lock_acquire+0x622/0x1c90 [ 190.294934][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295075][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295118][ T6819] ? mod_memcg_lruvec_state+0x394/0x610 [ 190.295181][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295223][ T6819] ? __mod_zone_page_state+0xcc/0x1a0 [ 190.295280][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295333][ T6819] f2fs_write_data_pages+0x4ad/0xd90 [ 190.295400][ T6819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 190.295477][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295524][ T6819] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 190.295586][ T6819] do_writepages+0x27a/0x600 [ 190.295666][ T6819] ? __pfx_do_writepages+0x10/0x10 [ 190.295722][ T6819] ? do_raw_spin_unlock+0x172/0x230 [ 190.295763][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.295807][ T6819] ? _raw_spin_unlock+0x28/0x50 [ 190.295869][ T6819] filemap_fdatawrite_wbc+0x104/0x160 [ 190.295935][ T6819] __filemap_fdatawrite_range+0xb2/0xf0 [ 190.295981][ T6819] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 190.296095][ T6819] ? find_held_lock+0x2b/0x80 [ 190.296144][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296190][ T6819] ? do_raw_spin_unlock+0x172/0x230 [ 190.296230][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296239][ T7215] BTRFS info (device loop1): using free-space-tree [ 190.296283][ T6819] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 190.296365][ T6819] block_operations+0x2a3/0xfd0 [ 190.296420][ T6819] ? __pfx_stack_trace_save+0x10/0x10 [ 190.296474][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296525][ T6819] ? __pfx_block_operations+0x10/0x10 [ 190.296655][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296697][ T6819] ? down_write+0x14d/0x200 [ 190.296737][ T6819] ? __pfx_down_write+0x10/0x10 [ 190.296779][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296822][ T6819] ? rcu_is_watching+0x12/0xc0 [ 190.296875][ T6819] f2fs_write_checkpoint+0x2b8/0x4c60 [ 190.296942][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.296985][ T6819] ? kfree+0x2b4/0x4d0 [ 190.297040][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.297083][ T6819] ? lockdep_hardirqs_on+0x7c/0x110 [ 190.297139][ T6819] ? f2fs_stop_gc_thread+0x79/0xd0 [ 190.297177][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.297234][ T6819] kill_f2fs_super+0x3c2/0x470 [ 190.297295][ T6819] ? __pfx_kill_f2fs_super+0x10/0x10 [ 190.297352][ T6819] ? lockdep_hardirqs_on+0x7c/0x110 [ 190.297433][ T6819] deactivate_locked_super+0xc1/0x1a0 [ 190.297473][ T6819] deactivate_super+0xde/0x100 [ 190.297513][ T6819] cleanup_mnt+0x225/0x450 [ 190.297559][ T6819] task_work_run+0x150/0x240 [ 190.297599][ T6819] ? __pfx_task_work_run+0x10/0x10 [ 190.297639][ T6819] ? srso_alias_return_thunk+0x5/0xfbef5 [ 190.297686][ T6819] ? __pfx___x64_sys_umount+0x10/0x10 [ 190.297744][ T6819] exit_to_user_mode_loop+0xeb/0x110 [ 190.297786][ T6819] do_syscall_64+0x3f6/0x4c0 [ 190.297826][ T6819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.297863][ T6819] RIP: 0033:0x7f6dff78fc57 [ 190.297892][ T6819] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 190.297926][ T6819] RSP: 002b:00007ffec5871518 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 190.297959][ T6819] RAX: 0000000000000000 RBX: 00007f6dff810925 RCX: 00007f6dff78fc57 [ 190.297982][ T6819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec58715d0 [ 190.298004][ T6819] RBP: 00007ffec58715d0 R08: 0000000000000000 R09: 0000000000000000 [ 190.298026][ T6819] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec5872660 [ 190.298049][ T6819] R13: 00007f6dff810925 R14: 000000000002e5e1 R15: 00007ffec58726a0 [ 190.298101][ T6819] [ 190.298115][ T6819] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 190.867461][ T7217] loop2: detected capacity change from 0 to 40427 [ 190.924187][ T7217] F2FS-fs (loop2): build fault injection rate: 771 [ 190.962579][ T7205] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 191.060756][ T7217] F2FS-fs (loop2): invalid crc value [ 191.334998][ T7219] loop3: detected capacity change from 0 to 40427 [ 191.395839][ T7219] F2FS-fs (loop3): heap/no_heap options were deprecated [ 191.440361][ T7219] F2FS-fs (loop3): build fault injection rate: 19 [ 191.485887][ T7219] F2FS-fs (loop3): build fault injection type: 0x3bfe8c [ 191.535996][ T7219] F2FS-fs (loop3): invalid crc value [ 191.586051][ T6068] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 191.684799][ T7219] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x207/0xfe0 [ 191.712586][ T7217] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 192.267325][ T7219] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0x532/0xec0 [ 192.334615][ T7219] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 192.498401][ T5841] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 192.774662][ T7268] capability: warning: `syz.5.353' uses deprecated v2 capabilities in a way that may be insecure [ 193.429266][ T7275] input: syz0 as /devices/virtual/input/input8 [ 194.212979][ T1997] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 194.321819][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.5.363'. [ 194.447435][ T1997] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 194.499644][ T1997] usb 5-1: config 0 has no interface number 0 [ 194.538318][ T1997] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 194.609842][ T1997] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 194.669554][ T1997] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 194.732857][ T1997] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.799425][ T1997] usb 5-1: config 0 descriptor?? [ 194.862950][ T7289] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 194.934298][ T1997] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 195.214461][ C1] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1 [ 195.297681][ T9] usb 5-1: USB disconnect, device number 6 [ 195.325742][ T7316] loop2: detected capacity change from 0 to 512 [ 195.336548][ T7316] EXT4-fs: Ignoring removed nomblk_io_submit option [ 195.413544][ T7316] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 195.463458][ T7316] EXT4-fs (loop2): orphan cleanup on readonly fs [ 195.512562][ T7316] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5 [ 195.600592][ T7316] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 195.620933][ T7316] EXT4-fs error (device loop2): ext4_acquire_dquot:6931: comm syz.2.370: Failed to acquire dquot type 1 [ 195.635301][ T7282] loop1: detected capacity change from 0 to 32768 [ 195.649124][ T7323] loop3: detected capacity change from 0 to 16 [ 195.702961][ T7282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.356 (7282) [ 195.751675][ T7323] erofs (device loop3): mounted with root inode @ nid 36. [ 195.813096][ T7316] EXT4-fs (loop2): 1 truncate cleaned up [ 195.821911][ T7316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 195.835409][ T7282] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 195.836758][ T7325] loop6: detected capacity change from 0 to 1024 [ 195.949138][ T7282] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 195.951879][ T7316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.025051][ T7282] BTRFS info (device loop1): using free-space-tree [ 196.398570][ T7344] syz_tun: entered promiscuous mode [ 196.520287][ T7349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.377'. [ 196.876878][ T7354] loop5: detected capacity change from 0 to 128 [ 197.011445][ T5841] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 197.235068][ T7354] syz.5.378: attempt to access beyond end of device [ 197.235068][ T7354] loop5: rw=2049, sector=129, nr_sectors = 8 limit=128 [ 197.366995][ T7354] syz.5.378: attempt to access beyond end of device [ 197.366995][ T7354] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 197.432839][ T7363] loop6: detected capacity change from 0 to 2048 [ 197.631425][ T7363] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.578780][ T7408] loop6: detected capacity change from 0 to 4096 [ 199.625751][ T7408] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 199.813802][ T7408] ntfs3(loop6): Failed to load $Extend (-22). [ 199.852556][ T7408] ntfs3(loop6): Failed to initialize $Extend. [ 200.157184][ T30] audit: type=1800 audit(1749564015.709:7): pid=7430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.397" name="file0" dev="loop6" ino=0 res=0 errno=0 [ 201.099858][ T7452] netlink: 830 bytes leftover after parsing attributes in process `syz.3.415'. [ 201.141507][ T7452] netlink: 830 bytes leftover after parsing attributes in process `syz.3.415'. [ 201.480871][ T7419] loop5: detected capacity change from 0 to 32768 [ 201.574936][ T7419] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 201.768183][ T6819] ocfs2: Unmounting device (7,5) on (node local) [ 202.338137][ T1997] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 202.506071][ T1997] usb 6-1: Using ep0 maxpacket: 8 [ 202.529530][ T1997] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 202.563270][ T1997] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.657426][ T1997] pvrusb2: Hardware description: Terratec Grabster AV400 [ 202.719230][ T1997] pvrusb2: ********** [ 202.747881][ T1997] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 202.814714][ T1997] pvrusb2: Important functionality might not be entirely working. [ 202.857963][ T1997] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 202.941641][ T1997] pvrusb2: ********** [ 203.004769][ T2339] pvrusb2: Invalid write control endpoint [ 203.107311][ T7505] loop6: detected capacity change from 0 to 64 [ 203.210902][ T1997] usb 6-1: USB disconnect, device number 5 [ 203.450998][ T2339] pvrusb2: Invalid write control endpoint [ 203.462791][ T7510] Context (ID=0x1) not attached to queue pair (handle=0x4d5:0x0) [ 203.502539][ T2339] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 203.561275][ T2339] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 203.593503][ T7515] loop4: detected capacity change from 0 to 64 [ 203.613805][ T2339] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 203.706121][ T2339] pvrusb2: Device being rendered inoperable [ 203.754895][ T2339] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 203.809266][ T2339] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 203.881601][ T2339] pvrusb2: Attached sub-driver cx25840 [ 203.919991][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.932463][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.968249][ T2339] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 204.026572][ T2339] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 204.849619][ T7546] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 205.093295][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.3.451'. [ 205.371470][ T7555] bond1: entered promiscuous mode [ 205.414359][ T7555] 8021q: adding VLAN 0 to HW filter on device bond1 [ 205.459927][ T7560] netlink: 'syz.1.453': attribute type 4 has an invalid length. [ 205.950887][ T7578] loop1: detected capacity change from 0 to 1024 [ 206.138813][ T30] audit: type=1800 audit(1749564021.689:8): pid=7578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.460" name="file2" dev="loop1" ino=22 res=0 errno=0 [ 206.174359][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.302574][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.311482][ T7578] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.443091][ T7578] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.513986][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.517264][ T7593] loop5: detected capacity change from 0 to 1024 [ 206.560108][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.692065][ T7593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.693776][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.782644][ T7593] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.805458][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.854785][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.890055][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.918164][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 206.992875][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.000308][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.079531][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.105287][ T6819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.189247][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.201878][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.234058][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.274942][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.352522][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.413506][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.462563][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.497256][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.552555][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.590756][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.622202][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.650976][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.674528][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.700572][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.726470][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.758538][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.808262][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.872913][ T7583] hfsplus: request for non-existent node 16777216 in B*Tree [ 207.953032][ T30] audit: type=1800 audit(1749564023.489:9): pid=7583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.460" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 208.640681][ T7646] netlink: 76 bytes leftover after parsing attributes in process `syz.3.487'. [ 209.413176][ T7666] binder: 7664:7666 ioctl 400c620e 200000000400 returned -22 [ 209.829835][ T7678] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 210.290062][ T7691] CIFS: VFS: Malformed UNC in devname [ 211.725699][ T1997] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 211.925268][ T1997] usb 2-1: Using ep0 maxpacket: 8 [ 211.957308][ T1997] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 211.969268][ T7744] netlink: 8 bytes leftover after parsing attributes in process `syz.5.520'. [ 211.987228][ T1997] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.003857][ T1997] usb 2-1: Product: syz [ 212.008104][ T1997] usb 2-1: Manufacturer: syz [ 212.022702][ T7744] netlink: 4 bytes leftover after parsing attributes in process `syz.5.520'. [ 212.052752][ T1997] usb 2-1: SerialNumber: syz [ 212.091456][ T7746] loop3: detected capacity change from 0 to 1024 [ 212.109347][ T1997] usb 2-1: config 0 descriptor?? [ 212.150074][ T7746] EXT4-fs: inline encryption not supported [ 212.165710][ T1997] gspca_main: se401-2.14.0 probing 047d:5003 [ 212.169279][ T7749] netlink: 8 bytes leftover after parsing attributes in process `syz.6.522'. [ 212.278490][ T7746] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.574216][ T1997] gspca_se401: ExtraFeatures: 3 [ 212.647049][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.807257][ T1997] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input12 [ 212.933469][ T1997] usb 2-1: USB disconnect, device number 3 [ 213.024995][ T7766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.526'. [ 213.069788][ T7766] block nbd0: Unsupported socket: shutdown callout must be supported. [ 213.646312][ T7777] loop5: detected capacity change from 0 to 128 [ 213.714392][ T7777] EXT4-fs: inline encryption not supported [ 213.857560][ T7777] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 213.908547][ T7777] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 214.176355][ T7790] syz.6.534 uses obsolete (PF_INET,SOCK_PACKET) [ 214.384112][ T6819] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 214.420264][ T7756] loop2: detected capacity change from 0 to 32768 [ 214.534883][ T7756] (syz.2.523,7756,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 214.657624][ T7756] (syz.2.523,7756,1):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 214.919170][ T7756] JBD2: Ignoring recovery information on journal [ 215.092932][ T1997] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 215.174769][ T7756] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 215.269490][ T7817] loop3: detected capacity change from 0 to 764 [ 215.294425][ T1997] usb 7-1: Using ep0 maxpacket: 16 [ 215.323280][ T1997] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 215.352762][ T1997] usb 7-1: config 0 has no interface number 0 [ 215.360049][ T7817] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 215.361241][ T1997] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 215.469781][ T1997] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 215.535230][ T1997] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 215.582032][ T1997] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 215.652523][ T1997] usb 7-1: Product: syz [ 215.673419][ T1997] usb 7-1: SerialNumber: syz [ 215.720556][ T1997] usb 7-1: config 0 descriptor?? [ 215.769623][ T1997] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 215.848911][ T1997] input: CM109 USB driver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.8/input/input13 [ 215.932984][ T5833] ocfs2: Unmounting device (7,2) on (node local) [ 216.037134][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 216.264676][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.273331][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.280636][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.287867][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.295936][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.303154][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.310392][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.317743][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.327048][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.335555][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 216.345532][ T5922] usb 7-1: USB disconnect, device number 2 [ 216.351413][ C1] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 216.465970][ T5922] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 217.107387][ T7852] loop2: detected capacity change from 0 to 512 [ 217.324828][ T7852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 217.329178][ T7866] loop6: detected capacity change from 0 to 256 [ 217.360658][ T7866] exfat: Deprecated parameter 'utf8' [ 217.368637][ T7866] exfat: Deprecated parameter 'utf8' [ 217.382871][ T7852] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 217.473096][ T7866] exfat: Deprecated parameter 'namecase' [ 217.513198][ T30] audit: type=1800 audit(1749564033.069:10): pid=7852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.548" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 217.558568][ T7866] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 217.904445][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.432360][ T7884] loop2: detected capacity change from 0 to 1024 [ 218.613164][ T7889] loop3: detected capacity change from 0 to 4197 [ 218.640246][ T7889] F2FS-fs (loop3): build fault injection rate: 771 [ 218.644950][ T7884] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.740116][ T7889] syz.3.568: attempt to access beyond end of device [ 218.740116][ T7889] loop3: rw=12288, sector=8192, nr_sectors = 8 limit=4197 [ 218.835430][ T7889] syz.3.568: attempt to access beyond end of device [ 218.835430][ T7889] loop3: rw=12288, sector=12288, nr_sectors = 8 limit=4197 [ 218.903751][ T7889] syz.3.568: attempt to access beyond end of device [ 218.903751][ T7889] loop3: rw=12288, sector=12288, nr_sectors = 8 limit=4197 [ 218.984250][ T7889] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-5) [ 219.019808][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.623912][ T7911] loop3: detected capacity change from 0 to 512 [ 219.664519][ T7911] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 219.724246][ T30] audit: type=1326 audit(1749564035.289:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7912 comm="syz.1.577" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9211f8e929 code=0x0 [ 219.763069][ T7911] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ce01c, mo2=0002] [ 219.771165][ T7911] System zones: 1-12 [ 219.807977][ T7911] EXT4-fs (loop3): orphan cleanup on readonly fs [ 219.846511][ T7911] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #11: comm syz.3.575: invalid indirect mapped block 12 (level 1) [ 219.934324][ T7911] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #11: comm syz.3.575: invalid indirect mapped block 2 (level 2) [ 219.950257][ T7922] loop4: detected capacity change from 0 to 256 [ 220.000318][ T7911] EXT4-fs (loop3): 1 truncate cleaned up [ 220.059133][ T7911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 220.258475][ T7926] loop5: detected capacity change from 0 to 128 [ 220.301211][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 220.395171][ T30] audit: type=1326 audit(1749564035.939:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 220.419078][ T7926] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 220.543145][ T7926] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 220.568875][ T30] audit: type=1326 audit(1749564035.939:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 220.603034][ T30] audit: type=1326 audit(1749564036.009:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 220.643541][ T30] audit: type=1326 audit(1749564036.019:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 220.674434][ T7926] fscrypt (loop5, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS [ 220.782639][ T30] audit: type=1326 audit(1749564036.019:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 220.927973][ T30] audit: type=1326 audit(1749564036.059:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 221.052277][ T6819] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 221.071816][ T30] audit: type=1326 audit(1749564036.059:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 221.184029][ T30] audit: type=1326 audit(1749564036.059:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.6.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f191738e929 code=0x7ffc0000 [ 221.222571][ T5930] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 221.334151][ T7940] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.381250][ T7948] loop3: detected capacity change from 0 to 64 [ 221.422593][ T5930] usb 7-1: Using ep0 maxpacket: 32 [ 221.436209][ T5930] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 221.453852][ T7948] hfs: unable to locate alternate MDB [ 221.471653][ T5930] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.481856][ T7948] hfs: continuing without an alternate MDB [ 221.517373][ T7949] tun0: tun_chr_ioctl cmd 2147767520 [ 221.527317][ T5930] usb 7-1: config 0 descriptor?? [ 221.785692][ T5930] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 221.824044][ T5930] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 221.875628][ T5930] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 221.922501][ T5930] usb 7-1: media controller created [ 222.025366][ T5930] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 222.192315][ T5930] az6027: usb out operation failed. (-71) [ 222.201395][ T7963] loop1: detected capacity change from 0 to 256 [ 222.234633][ T5930] az6027: usb out operation failed. (-71) [ 222.240480][ T5930] stb0899_attach: Driver disabled by Kconfig [ 222.282602][ T5930] az6027: no front-end attached [ 222.282602][ T5930] [ 222.311765][ T5930] az6027: usb out operation failed. (-71) [ 222.346553][ T5930] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 222.370310][ T5930] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input14 [ 222.384918][ T7964] loop2: detected capacity change from 0 to 2048 [ 222.460990][ T5930] dvb-usb: schedule remote query interval to 400 msecs. [ 222.482059][ T7964] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 222.506808][ T5930] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 222.538186][ T5930] usb 7-1: USB disconnect, device number 3 [ 222.924347][ T5930] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 223.005591][ T7974] loop1: detected capacity change from 0 to 1024 [ 223.194058][ T7974] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.292486][ T5922] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 223.403198][ T7991] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 223.409795][ T7991] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 223.435477][ T7991] vhci_hcd vhci_hcd.0: Device attached [ 223.459504][ T7992] vhci_hcd: connection closed [ 223.469865][ T2933] vhci_hcd: stop threads [ 223.499381][ T5922] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 223.513591][ T2933] vhci_hcd: release socket [ 223.518119][ T2933] vhci_hcd: disconnect device [ 223.531639][ T5922] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 223.556419][ T5922] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 223.591422][ T5922] usb 6-1: config 220 has no interface number 2 [ 223.602237][ T5922] usb 6-1: config 220 interface 1 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 32 [ 223.606054][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.632371][ T5922] usb 6-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 223.646327][ T5922] usb 6-1: config 220 interface 0 has no altsetting 0 [ 223.654115][ T5922] usb 6-1: config 220 interface 76 has no altsetting 0 [ 223.661117][ T5922] usb 6-1: config 220 interface 1 has no altsetting 0 [ 223.716067][ T5922] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 223.776533][ T5922] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.803196][ T5922] usb 6-1: Product: syz [ 223.807431][ T5922] usb 6-1: Manufacturer: syz [ 223.813669][ T5922] usb 6-1: SerialNumber: syz [ 223.838186][ T5930] hid-generic 0005:0C45:1010.0003: item fetching failed at offset 0/1 [ 223.937523][ T5930] hid-generic 0005:0C45:1010.0003: probe with driver hid-generic failed with error -22 [ 224.068007][ T5922] uvcvideo 6-1:220.1: Unknown video format 00000000-0000-0000-0000-000000000000 [ 224.112872][ T5922] usb 6-1: Found UVC 7.01 device syz (8086:0b07) [ 224.119311][ T5922] usb 6-1: No valid video chain found. [ 224.182821][ T5922] usb 6-1: selecting invalid altsetting 0 [ 224.213106][ T8010] netlink: 16255 bytes leftover after parsing attributes in process `syz.6.617'. [ 224.214688][ T8002] loop2: detected capacity change from 0 to 4096 [ 224.284873][ T5922] usb 6-1: selecting invalid altsetting 0 [ 224.305727][ T5922] usbtest 6-1:220.1: probe with driver usbtest failed with error -22 [ 224.322473][ T8002] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 224.376240][ T5922] usb 6-1: USB disconnect, device number 6 [ 224.611417][ T8016] netlink: 20 bytes leftover after parsing attributes in process `syz.3.619'. [ 224.720895][ T8002] ntfs3(loop2): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 224.879889][ T8002] ntfs3(loop2): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 225.222855][ T5929] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 225.422536][ T5929] usb 6-1: Using ep0 maxpacket: 8 [ 225.451773][ T5929] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 225.454174][ T8037] loop2: detected capacity change from 0 to 512 [ 225.508935][ T5929] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 225.532036][ T8039] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'. [ 225.544525][ T8037] EXT4-fs: Ignoring removed orlov option [ 225.566764][ T5929] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 225.567666][ T8037] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 225.622230][ T5929] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 225.679430][ T8037] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 225.681596][ T5929] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 225.714679][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.739865][ T8037] EXT4-fs error (device loop2): ext4_iget_extra_inode:5034: inode #15: comm syz.2.628: corrupted in-inode xattr: e_value size too large [ 225.797022][ T8046] loop1: detected capacity change from 0 to 1024 [ 225.815069][ T8037] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.628: couldn't read orphan inode 15 (err -117) [ 225.837908][ T8046] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 225.917471][ T8037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.977504][ T5929] usb 6-1: GET_CAPABILITIES returned 0 [ 225.992518][ T5929] usbtmc 6-1:16.0: can't read capabilities [ 226.070826][ T8046] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm syz.1.632: Invalid block bitmap block 0 in block_group 0 [ 226.140807][ T8046] __quota_error: 2 callbacks suppressed [ 226.140833][ T8046] Quota error (device loop1): write_blk: dquota write failed [ 226.198297][ T8046] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 226.205406][ C1] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 226.230018][ T8025] usbtmc 6-1:16.0: Unable to send data, error -71 [ 226.270403][ T5922] usb 6-1: USB disconnect, device number 7 [ 226.280900][ T8046] EXT4-fs error (device loop1): ext4_acquire_dquot:6931: comm syz.1.632: Failed to acquire dquot type 0 [ 226.335271][ T8046] EXT4-fs error (device loop1): ext4_free_blocks:6586: comm syz.1.632: Freeing blocks not in datazone - block = 0, count = 4096 [ 226.416680][ T8046] EXT4-fs error (device loop1): ext4_read_inode_bitmap:138: comm syz.1.632: Invalid inode bitmap blk 0 in block_group 0 [ 226.420442][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.459918][ T6056] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-8 [ 226.479011][ T8046] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 226.527379][ T6056] EXT4-fs error (device loop1): ext4_release_dquot:6967: comm kworker/u8:10: Failed to release dquot type 0 [ 226.532023][ T8046] EXT4-fs (loop1): 1 orphan inode deleted [ 226.551429][ T8046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.837129][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.200926][ T8074] vxcan3: entered allmulticast mode [ 227.221586][ T8072] loop4: detected capacity change from 0 to 4096 [ 227.952630][ T8093] program syz.6.650 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 228.011906][ T8093] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 228.248215][ T8099] loop2: detected capacity change from 0 to 2048 [ 228.356536][ T8100] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 228.744810][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 228.885143][ T8083] loop3: detected capacity change from 0 to 32768 [ 228.902117][ T8083] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.645 (8083) [ 228.934566][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 228.966320][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.987964][ T8083] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 229.011713][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.032252][ T8083] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm [ 229.045345][ T10] usb 2-1: config 0 interface 0 has no altsetting 0 [ 229.071349][ T8083] BTRFS info (device loop3): using free-space-tree [ 229.079150][ T10] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 229.123425][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.156558][ T10] usb 2-1: config 0 descriptor?? [ 229.333586][ T8131] netlink: 'syz.2.662': attribute type 1 has an invalid length. [ 229.600629][ T8105] loop1: detected capacity change from 0 to 256 [ 229.625061][ T8105] vfat: Unknown parameter 'uni_xý' [ 229.689153][ T10] hid (null): invalid report_size 1953394281 [ 229.712552][ T10] hid (null): unknown global tag 0xe [ 229.717936][ T10] hid (null): unknown global tag 0xc [ 229.793323][ T5835] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 229.803943][ T10] hid (null): nested delimiters [ 229.808864][ T10] hid (null): unknown global tag 0xd [ 229.846965][ T10] hid (null): unknown global tag 0xe [ 229.902486][ T10] hid (null): unknown global tag 0xc [ 229.907864][ T10] hid (null): global environment stack overflow [ 230.039539][ T10] usb 2-1: USB disconnect, device number 4 [ 230.306865][ T8155] capability: warning: `syz.6.672' uses 32-bit capabilities (legacy support in use) [ 230.323826][ T8152] netem: incorrect gi model size [ 230.372492][ T8152] netem: change failed [ 230.753169][ T10] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 230.949318][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 231.002502][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.067321][ T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 231.112524][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.171785][ T10] usb 3-1: config 0 descriptor?? [ 231.570601][ T8146] loop5: detected capacity change from 0 to 32768 [ 231.598321][ T5854] Bluetooth: hci3: command 0x0406 tx timeout [ 231.598688][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 231.604597][ T5854] Bluetooth: hci0: command 0x0406 tx timeout [ 231.616883][ T5854] Bluetooth: hci4: command 0x0406 tx timeout [ 231.686290][ T10] isku 0003:1E7D:319C.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0 [ 231.716060][ T8146] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.669 (8146) [ 231.758871][ T8146] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 231.798857][ T8177] loop6: detected capacity change from 0 to 512 [ 231.813593][ T8146] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm [ 231.878667][ T8177] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 231.901977][ T8146] BTRFS info (device loop5): using free-space-tree [ 231.913512][ T5922] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 231.978203][ T8180] loop4: detected capacity change from 0 to 512 [ 232.057224][ T8177] EXT4-fs (loop6): 1 truncate cleaned up [ 232.088451][ T5930] usb 3-1: USB disconnect, device number 5 [ 232.099004][ T8177] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.112976][ T8180] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 232.151242][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 232.216405][ T5922] usb 2-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00 [ 232.247906][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.307706][ T5922] usb 2-1: config 0 descriptor?? [ 232.343459][ T8180] Quota error (device loop4): v2_read_file_info: Free block number 58381 out of range (1, 6). [ 232.436677][ T8180] EXT4-fs warning (device loop4): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 232.500359][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.840089][ T5836] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 232.846917][ T5922] nzxt-kraken2 0003:1E71:170E.0006: unexpected long global item [ 232.912165][ T5922] nzxt-kraken2 0003:1E71:170E.0006: hid parse failed with -22 [ 232.954035][ T5922] nzxt-kraken2 0003:1E71:170E.0006: probe with driver nzxt-kraken2 failed with error -22 [ 233.045417][ T5922] usb 2-1: USB disconnect, device number 5 [ 233.088200][ T6819] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 233.254859][ T8215] netlink: 'syz.3.690': attribute type 1 has an invalid length. [ 234.604365][ T5990] kernel read not supported for file /dsp (pid: 5990 comm: kworker/1:7) [ 235.199726][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.5.705'. [ 235.217343][ T8246] loop4: detected capacity change from 0 to 4096 [ 235.492885][ T8253] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.932260][ T8235] loop6: detected capacity change from 0 to 32768 [ 236.230835][ T8265] netlink: 20 bytes leftover after parsing attributes in process `syz.3.713'. [ 236.253149][ T8266] netlink: 32 bytes leftover after parsing attributes in process `syz.5.714'. [ 236.689977][ T8235] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc [ 236.689977][ T8235] allowing incompatible features above 0.0: (unknown version) [ 236.689977][ T8235] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 236.734474][ T8271] loop5: detected capacity change from 0 to 4096 [ 236.796071][ T8235] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0 [ 236.852836][ T8235] bcachefs (loop6): recovering from clean shutdown, journal seq 10 [ 236.873886][ T8235] bcachefs (loop6): Version upgrade required: [ 236.873886][ T8235] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 236.873886][ T8235] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 236.873886][ T8235] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 236.970833][ T8271] NILFS (loop5): invalid segment: Checksum error in segment payload [ 237.000337][ T8235] bcachefs (loop6): dropping and reconstructing all alloc info [ 237.032765][ T8271] NILFS (loop5): trying rollback from an earlier position [ 237.161991][ T8271] NILFS (loop5): recovery complete [ 237.192347][ T8279] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.269079][ T8278] loop4: detected capacity change from 0 to 2048 [ 237.289471][ T8271] NILFS error (device loop5): nilfs_readdir: zero-length directory entry [ 237.301217][ T8235] bcachefs (loop6): accounting_read... done [ 237.321427][ T8235] bcachefs (loop6): alloc_read... done [ 237.363105][ T8271] Remounting filesystem read-only [ 237.368275][ T8235] bcachefs (loop6): snapshots_read... done [ 237.379585][ T8278] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 237.403750][ T8235] bcachefs (loop6): done starting filesystem [ 237.602120][ T8283] netlink: 132 bytes leftover after parsing attributes in process `syz.1.720'. [ 237.792809][ T6628] bcachefs (loop6): shutting down [ 238.000481][ T6628] bcachefs (loop6): shutdown complete [ 238.614748][ T8270] loop2: detected capacity change from 0 to 40427 [ 238.662325][ T8270] F2FS-fs (loop2): build fault injection rate: 690 [ 238.669169][ T8270] F2FS-fs (loop2): heap/no_heap options were deprecated [ 238.710711][ T8270] F2FS-fs (loop2): Image doesn't support compression [ 238.951161][ T8270] F2FS-fs (loop2): invalid crc value [ 239.360978][ T8270] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 239.659141][ T5833] syz-executor: attempt to access beyond end of device [ 239.659141][ T5833] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 239.679589][ T8293] loop3: detected capacity change from 0 to 40427 [ 239.723103][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 239.723156][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 239.723178][ T5833] Call Trace: [ 239.723190][ T5833] [ 239.723204][ T5833] dump_stack_lvl+0x16c/0x1f0 [ 239.723270][ T5833] f2fs_handle_critical_error+0x621/0x9f0 [ 239.723320][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.723365][ T5833] ? f2fs_build_fault_attr+0x53/0x1f0 [ 239.723414][ T5833] f2fs_write_end_io+0x785/0xc20 [ 239.723477][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 239.723533][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.723588][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 239.723636][ T5833] bio_endio+0x70d/0x850 [ 239.723679][ T5833] submit_bio_noacct+0x56d/0x1eb0 [ 239.723740][ T5833] __submit_merged_bio+0x33c/0x770 [ 239.723794][ T5833] __submit_merged_write_cond+0x319/0x3f0 [ 239.723857][ T5833] f2fs_write_cache_pages+0x2067/0x2570 [ 239.723943][ T5833] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 239.724010][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724054][ T5833] ? __lock_acquire+0x622/0x1c90 [ 239.724123][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724251][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724296][ T5833] ? mod_memcg_lruvec_state+0x394/0x610 [ 239.724364][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724417][ T5833] f2fs_write_data_pages+0x4ad/0xd90 [ 239.724488][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 239.724543][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724599][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724649][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 239.724710][ T5833] do_writepages+0x27a/0x600 [ 239.724776][ T5833] ? __pfx_do_writepages+0x10/0x10 [ 239.724832][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 239.724872][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.724917][ T5833] ? _raw_spin_unlock+0x28/0x50 [ 239.724977][ T5833] filemap_fdatawrite_wbc+0x104/0x160 [ 239.725043][ T5833] __filemap_fdatawrite_range+0xb2/0xf0 [ 239.725089][ T5833] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 239.725190][ T5833] ? find_held_lock+0x2b/0x80 [ 239.725236][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.725281][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 239.725321][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.725371][ T5833] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 239.725457][ T5833] block_operations+0x2a3/0xfd0 [ 239.725514][ T5833] ? __pfx_stack_trace_save+0x10/0x10 [ 239.725568][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.725619][ T5833] ? __pfx_block_operations+0x10/0x10 [ 239.725732][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.725782][ T5833] ? down_write+0x14d/0x200 [ 239.725821][ T5833] ? __pfx_down_write+0x10/0x10 [ 239.725863][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.725909][ T5833] ? rcu_is_watching+0x12/0xc0 [ 239.725961][ T5833] f2fs_write_checkpoint+0x2b8/0x4c60 [ 239.726028][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.726073][ T5833] ? kfree+0x2b4/0x4d0 [ 239.726130][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.726174][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 239.726232][ T5833] ? f2fs_stop_gc_thread+0x79/0xd0 [ 239.726271][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.726328][ T5833] kill_f2fs_super+0x3c2/0x470 [ 239.726391][ T5833] ? __pfx_kill_f2fs_super+0x10/0x10 [ 239.726458][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 239.726537][ T5833] deactivate_locked_super+0xc1/0x1a0 [ 239.726578][ T5833] deactivate_super+0xde/0x100 [ 239.726618][ T5833] cleanup_mnt+0x225/0x450 [ 239.726662][ T5833] task_work_run+0x150/0x240 [ 239.726702][ T5833] ? __pfx_task_work_run+0x10/0x10 [ 239.726737][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 239.726784][ T5833] ? __pfx___x64_sys_umount+0x10/0x10 [ 239.726841][ T5833] exit_to_user_mode_loop+0xeb/0x110 [ 239.726885][ T5833] do_syscall_64+0x3f6/0x4c0 [ 239.726925][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.726962][ T5833] RIP: 0033:0x7fce7678fc57 [ 239.726992][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 239.727029][ T5833] RSP: 002b:00007ffdac3fec58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 239.727064][ T5833] RAX: 0000000000000000 RBX: 00007fce76810925 RCX: 00007fce7678fc57 [ 239.727089][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdac3fed10 [ 239.727112][ T5833] RBP: 00007ffdac3fed10 R08: 0000000000000000 R09: 0000000000000000 [ 239.727135][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdac3ffda0 [ 239.727160][ T5833] R13: 00007fce76810925 R14: 000000000003a760 R15: 00007ffdac3ffde0 [ 239.727209][ T5833] [ 239.727224][ T5833] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 239.795309][ T8292] loop1: detected capacity change from 0 to 40427 [ 239.838484][ T8293] F2FS-fs (loop3): build fault injection rate: 690 [ 240.182673][ T8292] F2FS-fs (loop1): Image doesn't support compression [ 240.281846][ T8292] F2FS-fs (loop1): build fault injection rate: 4 [ 240.290116][ T8292] F2FS-fs (loop1): build fault injection type: 0x5288 [ 240.331797][ T8293] F2FS-fs (loop3): invalid crc value [ 240.402855][ T8292] F2FS-fs (loop1): invalid crc value [ 240.698435][ T8329] loop4: detected capacity change from 0 to 512 [ 240.776341][ T8293] F2FS-fs (loop3): Start checkpoint disabled! [ 240.800269][ T8329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 240.828181][ T8329] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 240.839197][ T8293] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 240.861750][ T8292] F2FS-fs (loop1): Start checkpoint disabled! [ 240.879544][ T8292] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 240.949685][ T30] audit: type=1800 audit(1749564056.509:22): pid=8329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.740" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 241.005233][ T8292] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x236/0x1090 [ 241.035083][ T8292] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x24d/0xc30 [ 241.072489][ T30] audit: type=1800 audit(1749564056.549:23): pid=8329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.740" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 241.119578][ T6078] kworker/u8:19: attempt to access beyond end of device [ 241.119578][ T6078] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 241.178038][ T6078] CPU: 0 UID: 0 PID: 6078 Comm: kworker/u8:19 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 241.178092][ T6078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 241.178118][ T6078] Workqueue: writeback wb_workfn (flush-7:3) [ 241.178162][ T6078] Call Trace: [ 241.178175][ T6078] [ 241.178188][ T6078] dump_stack_lvl+0x16c/0x1f0 [ 241.178253][ T6078] f2fs_handle_critical_error+0x621/0x9f0 [ 241.178302][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.178346][ T6078] ? f2fs_build_fault_attr+0x53/0x1f0 [ 241.178394][ T6078] f2fs_write_end_io+0x785/0xc20 [ 241.178453][ T6078] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 241.178508][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.178563][ T6078] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 241.178610][ T6078] bio_endio+0x70d/0x850 [ 241.178652][ T6078] submit_bio_noacct+0x56d/0x1eb0 [ 241.178712][ T6078] __submit_merged_bio+0x33c/0x770 [ 241.178767][ T6078] __submit_merged_write_cond+0x319/0x3f0 [ 241.178829][ T6078] f2fs_write_cache_pages+0x2067/0x2570 [ 241.178915][ T6078] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 241.178970][ T6078] ? ret_from_fork+0x5d7/0x6f0 [ 241.179030][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179076][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179121][ T6078] ? unwind_get_return_address+0x59/0xa0 [ 241.179184][ T6078] ? arch_stack_walk+0x88/0x100 [ 241.179244][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179354][ T6078] ? __pfx___page_table_check_zero+0x10/0x10 [ 241.179400][ T6078] ? mark_held_locks+0x49/0x80 [ 241.179464][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179508][ T6078] ? lockdep_hardirqs_on+0x7c/0x110 [ 241.179571][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179623][ T6078] f2fs_write_data_pages+0x4ad/0xd90 [ 241.179689][ T6078] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 241.179759][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.179804][ T6078] ? __lock_acquire+0xb8a/0x1c90 [ 241.179861][ T6078] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 241.179922][ T6078] do_writepages+0x27a/0x600 [ 241.179988][ T6078] ? __pfx_do_writepages+0x10/0x10 [ 241.180045][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.180090][ T6078] ? reacquire_held_locks+0xcd/0x1f0 [ 241.180149][ T6078] ? writeback_sb_inodes+0x3a4/0xf90 [ 241.180214][ T6078] __writeback_single_inode+0x160/0xfb0 [ 241.180279][ T6078] ? __pfx___writeback_single_inode+0x10/0x10 [ 241.180338][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.180382][ T6078] ? do_raw_spin_unlock+0x172/0x230 [ 241.180421][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.180477][ T6078] writeback_sb_inodes+0x601/0xf90 [ 241.180559][ T6078] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 241.180617][ T6078] ? __lock_acquire+0xb8a/0x1c90 [ 241.180738][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.180782][ T6078] ? rcu_is_watching+0x12/0xc0 [ 241.180827][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.180871][ T6078] ? queue_io+0x3f6/0x520 [ 241.180930][ T6078] wb_writeback+0x419/0xb70 [ 241.181000][ T6078] ? __pfx_wb_writeback+0x10/0x10 [ 241.181057][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181115][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181159][ T6078] ? mark_held_locks+0x49/0x80 [ 241.181223][ T6078] wb_workfn+0x14d/0xbe0 [ 241.181261][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181305][ T6078] ? try_to_wake_up+0x157/0x1680 [ 241.181350][ T6078] ? __pfx_wb_workfn+0x10/0x10 [ 241.181414][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181469][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181519][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181563][ T6078] ? rcu_is_watching+0x12/0xc0 [ 241.181615][ T6078] process_one_work+0x9cf/0x1b70 [ 241.181667][ T6078] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 241.181721][ T6078] ? __pfx_process_one_work+0x10/0x10 [ 241.181759][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181815][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.181859][ T6078] ? assign_work+0x1a0/0x250 [ 241.181926][ T6078] worker_thread+0x6c8/0xf10 [ 241.181986][ T6078] ? __pfx_worker_thread+0x10/0x10 [ 241.182025][ T6078] kthread+0x3c5/0x780 [ 241.182087][ T6078] ? __pfx_kthread+0x10/0x10 [ 241.182150][ T6078] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.182194][ T6078] ? rcu_is_watching+0x12/0xc0 [ 241.182239][ T6078] ? __pfx_kthread+0x10/0x10 [ 241.182302][ T6078] ret_from_fork+0x5d7/0x6f0 [ 241.182355][ T6078] ? __pfx_kthread+0x10/0x10 [ 241.182442][ T6078] ret_from_fork_asm+0x1a/0x30 [ 241.182505][ T6078] [ 241.789600][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.814567][ T6078] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 241.823880][ T2933] F2FS-fs (loop1): inject checkpoint error in f2fs_balance_fs of __write_node_folio+0x951/0x13c0 [ 241.860634][ T2933] kworker/u8:6: attempt to access beyond end of device [ 241.860634][ T2933] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 241.889402][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: kworker/u8:6 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 241.889461][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 241.889488][ T2933] Workqueue: writeback wb_workfn (flush-7:1) [ 241.889535][ T2933] Call Trace: [ 241.889547][ T2933] [ 241.889562][ T2933] dump_stack_lvl+0x16c/0x1f0 [ 241.889629][ T2933] f2fs_handle_critical_error+0x621/0x9f0 [ 241.889679][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.889725][ T2933] ? f2fs_build_fault_attr+0x53/0x1f0 [ 241.889776][ T2933] f2fs_write_end_io+0x785/0xc20 [ 241.889831][ T2933] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 241.889889][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.889947][ T2933] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 241.889996][ T2933] bio_endio+0x70d/0x850 [ 241.890041][ T2933] submit_bio_noacct+0x56d/0x1eb0 [ 241.890106][ T2933] __submit_merged_bio+0x33c/0x770 [ 241.890164][ T2933] __submit_merged_write_cond+0x319/0x3f0 [ 241.890230][ T2933] f2fs_flush_merged_writes+0x3e/0x60 [ 241.890281][ T2933] f2fs_stop_checkpoint+0x5a/0x60 [ 241.890339][ T2933] f2fs_balance_fs+0x7fa/0xa00 [ 241.890395][ T2933] ? __write_node_folio+0x951/0x13c0 [ 241.890442][ T2933] ? __pfx_f2fs_balance_fs+0x10/0x10 [ 241.890498][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890549][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890597][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890642][ T2933] ? __up_read+0x1f8/0x750 [ 241.890680][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890731][ T2933] ? __pfx___up_read+0x10/0x10 [ 241.890770][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890815][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.890873][ T2933] __write_node_folio+0x951/0x13c0 [ 241.890929][ T2933] ? __pfx___write_node_folio+0x10/0x10 [ 241.890973][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.891046][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.891092][ T2933] ? folio_clear_dirty_for_io+0x112/0x810 [ 241.891159][ T2933] f2fs_sync_node_pages+0x10bc/0x1c30 [ 241.891226][ T2933] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 241.891340][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.891395][ T2933] f2fs_write_node_pages+0x27d/0x7a0 [ 241.891451][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 241.891511][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.891556][ T2933] ? __lock_acquire+0xb8a/0x1c90 [ 241.891617][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 241.891666][ T2933] do_writepages+0x27a/0x600 [ 241.891732][ T2933] ? __pfx_do_writepages+0x10/0x10 [ 241.891789][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.891834][ T2933] ? reacquire_held_locks+0xcd/0x1f0 [ 241.891893][ T2933] ? writeback_sb_inodes+0x3a4/0xf90 [ 241.891961][ T2933] __writeback_single_inode+0x160/0xfb0 [ 241.892027][ T2933] ? __pfx___writeback_single_inode+0x10/0x10 [ 241.892087][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892131][ T2933] ? do_raw_spin_unlock+0x172/0x230 [ 241.892172][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892225][ T2933] writeback_sb_inodes+0x601/0xf90 [ 241.892312][ T2933] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 241.892375][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892421][ T2933] ? find_held_lock+0x2b/0x80 [ 241.892545][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892590][ T2933] ? rcu_is_watching+0x12/0xc0 [ 241.892635][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892678][ T2933] ? queue_io+0x3f6/0x520 [ 241.892738][ T2933] wb_writeback+0x419/0xb70 [ 241.892810][ T2933] ? __pfx_wb_writeback+0x10/0x10 [ 241.892866][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892923][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.892966][ T2933] ? mark_held_locks+0x49/0x80 [ 241.893022][ T2933] wb_workfn+0x14d/0xbe0 [ 241.893055][ T2933] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 241.893108][ T2933] ? __pfx_wb_workfn+0x10/0x10 [ 241.893164][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893207][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893251][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893289][ T2933] ? rcu_is_watching+0x12/0xc0 [ 241.893337][ T2933] process_one_work+0x9cf/0x1b70 [ 241.893397][ T2933] ? __pfx_process_one_work+0x10/0x10 [ 241.893441][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893491][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893529][ T2933] ? assign_work+0x1a0/0x250 [ 241.893587][ T2933] worker_thread+0x6c8/0xf10 [ 241.893643][ T2933] ? __pfx_worker_thread+0x10/0x10 [ 241.893677][ T2933] kthread+0x3c5/0x780 [ 241.893736][ T2933] ? __pfx_kthread+0x10/0x10 [ 241.893791][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 241.893830][ T2933] ? rcu_is_watching+0x12/0xc0 [ 241.893873][ T2933] ? __pfx_kthread+0x10/0x10 [ 241.893936][ T2933] ret_from_fork+0x5d7/0x6f0 [ 241.893989][ T2933] ? __pfx_kthread+0x10/0x10 [ 241.894052][ T2933] ret_from_fork_asm+0x1a/0x30 [ 241.894113][ T2933] [ 242.399686][ T8328] loop5: detected capacity change from 0 to 32768 [ 242.591109][ T2933] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 242.598363][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: kworker/u8:6 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 242.598415][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.598441][ T2933] Workqueue: writeback wb_workfn (flush-7:1) [ 242.598497][ T2933] Call Trace: [ 242.598509][ T2933] [ 242.598523][ T2933] dump_stack_lvl+0x16c/0x1f0 [ 242.598592][ T2933] f2fs_handle_critical_error+0x621/0x9f0 [ 242.598644][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.598691][ T2933] ? f2fs_build_fault_attr+0x53/0x1f0 [ 242.598744][ T2933] f2fs_write_end_io+0x785/0xc20 [ 242.598800][ T2933] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 242.598860][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.598919][ T2933] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 242.598970][ T2933] bio_endio+0x70d/0x850 [ 242.599015][ T2933] submit_bio_noacct+0x56d/0x1eb0 [ 242.599083][ T2933] __submit_merged_bio+0x33c/0x770 [ 242.599142][ T2933] __submit_merged_write_cond+0x319/0x3f0 [ 242.599210][ T2933] f2fs_flush_merged_writes+0x3e/0x60 [ 242.599260][ T2933] f2fs_stop_checkpoint+0x5a/0x60 [ 242.599319][ T2933] f2fs_balance_fs+0x7fa/0xa00 [ 242.599377][ T2933] ? __write_node_folio+0x951/0x13c0 [ 242.599418][ T2933] ? __pfx_f2fs_balance_fs+0x10/0x10 [ 242.599482][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599533][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599579][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599625][ T2933] ? __up_read+0x1f8/0x750 [ 242.599663][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599708][ T2933] ? __pfx___up_read+0x10/0x10 [ 242.599748][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599795][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.599853][ T2933] __write_node_folio+0x951/0x13c0 [ 242.599913][ T2933] ? __pfx___write_node_folio+0x10/0x10 [ 242.599954][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.600031][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.600075][ T2933] ? folio_clear_dirty_for_io+0x112/0x810 [ 242.600143][ T2933] f2fs_sync_node_pages+0x10bc/0x1c30 [ 242.600212][ T2933] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 242.600333][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.600390][ T2933] f2fs_write_node_pages+0x27d/0x7a0 [ 242.600441][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 242.600507][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.600551][ T2933] ? __lock_acquire+0xb8a/0x1c90 [ 242.600612][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 242.600660][ T2933] do_writepages+0x27a/0x600 [ 242.600729][ T2933] ? __pfx_do_writepages+0x10/0x10 [ 242.600787][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.600834][ T2933] ? reacquire_held_locks+0xcd/0x1f0 [ 242.600893][ T2933] ? writeback_sb_inodes+0x3a4/0xf90 [ 242.600964][ T2933] __writeback_single_inode+0x160/0xfb0 [ 242.601035][ T2933] ? __pfx___writeback_single_inode+0x10/0x10 [ 242.601093][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601137][ T2933] ? do_raw_spin_unlock+0x172/0x230 [ 242.601179][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601233][ T2933] writeback_sb_inodes+0x601/0xf90 [ 242.601327][ T2933] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 242.601388][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601436][ T2933] ? find_held_lock+0x2b/0x80 [ 242.601581][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601628][ T2933] ? rcu_is_watching+0x12/0xc0 [ 242.601676][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601724][ T2933] ? queue_io+0x3f6/0x520 [ 242.601787][ T2933] wb_writeback+0x419/0xb70 [ 242.601866][ T2933] ? __pfx_wb_writeback+0x10/0x10 [ 242.601926][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.601990][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602035][ T2933] ? mark_held_locks+0x49/0x80 [ 242.602104][ T2933] wb_workfn+0x14d/0xbe0 [ 242.602146][ T2933] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 242.602213][ T2933] ? __pfx_wb_workfn+0x10/0x10 [ 242.602282][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602331][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602389][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602460][ T2933] ? rcu_is_watching+0x12/0xc0 [ 242.602517][ T2933] process_one_work+0x9cf/0x1b70 [ 242.602583][ T2933] ? __pfx_process_one_work+0x10/0x10 [ 242.602623][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602686][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.602733][ T2933] ? assign_work+0x1a0/0x250 [ 242.602807][ T2933] worker_thread+0x6c8/0xf10 [ 242.602878][ T2933] ? __pfx_worker_thread+0x10/0x10 [ 242.602919][ T2933] kthread+0x3c5/0x780 [ 242.602986][ T2933] ? __pfx_kthread+0x10/0x10 [ 242.603056][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 242.603104][ T2933] ? rcu_is_watching+0x12/0xc0 [ 242.603153][ T2933] ? __pfx_kthread+0x10/0x10 [ 242.603223][ T2933] ret_from_fork+0x5d7/0x6f0 [ 242.603280][ T2933] ? __pfx_kthread+0x10/0x10 [ 242.603348][ T2933] ret_from_fork_asm+0x1a/0x30 [ 242.603415][ T2933] [ 242.609901][ T8328] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 242.619370][ T2933] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 243.007977][ T8328] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 243.019821][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: kworker/u8:6 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 243.019873][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 243.019898][ T2933] Workqueue: writeback wb_workfn (flush-7:1) [ 243.019944][ T2933] Call Trace: [ 243.019956][ T2933] [ 243.019969][ T2933] dump_stack_lvl+0x16c/0x1f0 [ 243.020033][ T2933] f2fs_handle_critical_error+0x621/0x9f0 [ 243.020100][ T2933] f2fs_balance_fs+0x7fa/0xa00 [ 243.020154][ T2933] ? __write_node_folio+0x951/0x13c0 [ 243.020195][ T2933] ? __pfx_f2fs_balance_fs+0x10/0x10 [ 243.020249][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020299][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020345][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020389][ T2933] ? __up_read+0x1f8/0x750 [ 243.020426][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020472][ T2933] ? __pfx___up_read+0x10/0x10 [ 243.020510][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020554][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020611][ T2933] __write_node_folio+0x951/0x13c0 [ 243.020666][ T2933] ? __pfx___write_node_folio+0x10/0x10 [ 243.020714][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020786][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.020829][ T2933] ? folio_clear_dirty_for_io+0x112/0x810 [ 243.020894][ T2933] f2fs_sync_node_pages+0x10bc/0x1c30 [ 243.020960][ T2933] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 243.021072][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.021126][ T2933] f2fs_write_node_pages+0x27d/0x7a0 [ 243.021174][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 243.021233][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.021276][ T2933] ? __lock_acquire+0xb8a/0x1c90 [ 243.021333][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 243.021381][ T2933] do_writepages+0x27a/0x600 [ 243.021446][ T2933] ? __pfx_do_writepages+0x10/0x10 [ 243.021501][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.021544][ T2933] ? reacquire_held_locks+0xcd/0x1f0 [ 243.021600][ T2933] ? writeback_sb_inodes+0x3a4/0xf90 [ 243.021667][ T2933] __writeback_single_inode+0x160/0xfb0 [ 243.021737][ T2933] ? __pfx___writeback_single_inode+0x10/0x10 [ 243.021793][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.021837][ T2933] ? do_raw_spin_unlock+0x172/0x230 [ 243.021880][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.021932][ T2933] writeback_sb_inodes+0x601/0xf90 [ 243.022018][ T2933] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 243.022073][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022116][ T2933] ? find_held_lock+0x2b/0x80 [ 243.022235][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022279][ T2933] ? rcu_is_watching+0x12/0xc0 [ 243.022323][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022366][ T2933] ? queue_io+0x3f6/0x520 [ 243.022451][ T2933] wb_writeback+0x419/0xb70 [ 243.022523][ T2933] ? __pfx_wb_writeback+0x10/0x10 [ 243.022577][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022637][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022679][ T2933] ? mark_held_locks+0x49/0x80 [ 243.022752][ T2933] wb_workfn+0x14d/0xbe0 [ 243.022791][ T2933] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 243.022853][ T2933] ? __pfx_wb_workfn+0x10/0x10 [ 243.022918][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.022967][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.023017][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.023061][ T2933] ? rcu_is_watching+0x12/0xc0 [ 243.023114][ T2933] process_one_work+0x9cf/0x1b70 [ 243.023176][ T2933] ? __pfx_process_one_work+0x10/0x10 [ 243.023214][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.023272][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.023315][ T2933] ? assign_work+0x1a0/0x250 [ 243.023381][ T2933] worker_thread+0x6c8/0xf10 [ 243.023445][ T2933] ? __pfx_worker_thread+0x10/0x10 [ 243.023482][ T2933] kthread+0x3c5/0x780 [ 243.023543][ T2933] ? __pfx_kthread+0x10/0x10 [ 243.023605][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 243.023649][ T2933] ? rcu_is_watching+0x12/0xc0 [ 243.023700][ T2933] ? __pfx_kthread+0x10/0x10 [ 243.023762][ T2933] ret_from_fork+0x5d7/0x6f0 [ 243.023815][ T2933] ? __pfx_kthread+0x10/0x10 [ 243.023875][ T2933] ret_from_fork_asm+0x1a/0x30 [ 243.023943][ T2933] [ 243.024077][ T2933] F2FS-fs (loop1): Stopped filesystem due to reason: 1 [ 243.138113][ T8328] XFS (loop5): Starting recovery (logdev: internal) [ 243.142725][ T5930] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 243.298563][ T8328] XFS (loop5): Ending recovery (logdev: internal) [ 243.482979][ T5930] usb 3-1: Using ep0 maxpacket: 8 [ 243.491539][ T5930] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 243.608690][ T8356] loop6: detected capacity change from 0 to 1024 [ 243.625360][ T5930] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 243.640836][ T5930] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 243.652290][ T5930] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 243.655353][ T8356] EXT4-fs: quotafile must be on filesystem root [ 243.755179][ T5930] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 243.796233][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.961948][ T6819] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 244.052566][ T5930] usb 3-1: GET_CAPABILITIES returned 0 [ 244.058153][ T5930] usbtmc 3-1:16.0: can't read capabilities [ 244.293500][ T5930] usb 3-1: USB disconnect, device number 6 [ 244.916461][ T8371] loop1: detected capacity change from 0 to 4096 [ 245.016077][ T8379] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 245.740002][ T8391] netlink: 64 bytes leftover after parsing attributes in process `syz.2.762'. [ 246.069690][ T8400] netlink: 20 bytes leftover after parsing attributes in process `syz.1.760'. [ 246.615421][ T30] audit: type=1326 audit(1749564062.179:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8413 comm="syz.2.771" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce7678e929 code=0x0 [ 246.771552][ T8416] loop6: detected capacity change from 0 to 512 [ 246.868711][ T8423] netlink: 596 bytes leftover after parsing attributes in process `syz.3.773'. [ 246.896746][ T8416] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.922171][ T8426] xt_hashlimit: max too large, truncated to 1048576 [ 246.992676][ T8416] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.039464][ T8416] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.620041][ T8397] loop5: detected capacity change from 0 to 32768 [ 247.641858][ T8397] XFS: ikeep mount option is deprecated. [ 247.668489][ T8397] XFS: noikeep mount option is deprecated. [ 247.726099][ T8397] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 247.867878][ T8451] loop1: detected capacity change from 0 to 256 [ 247.899659][ T8451] exfat: Deprecated parameter 'utf8' [ 247.919537][ T8397] XFS (loop5): Ending clean mount [ 247.969313][ T8397] XFS (loop5): Quotacheck needed: Please wait. [ 247.974331][ T8451] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 248.096584][ T8397] XFS (loop5): Quotacheck: Done. [ 248.351641][ T30] audit: type=1800 audit(1749564063.909:25): pid=8457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.786" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 248.426956][ T6819] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 249.348488][ T1997] hid-generic 0005:10CF:0007.0007: unknown main item tag 0x0 [ 249.378573][ T1997] hid-generic 0005:10CF:0007.0007: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa [ 249.522570][ T8486] loop6: detected capacity change from 0 to 512 [ 249.530207][ T8486] EXT4-fs: Ignoring removed oldalloc option [ 249.577303][ T8486] EXT4-fs: Ignoring removed mblk_io_submit option [ 249.610982][ T8486] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 249.688308][ T8486] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 249.757028][ T8486] System zones: 1-12 [ 249.810710][ T8486] EXT4-fs error (device loop6): ext4_iget_extra_inode:5034: inode #15: comm syz.6.803: corrupted in-inode xattr: e_value size too large [ 249.933580][ T8486] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.803: couldn't read orphan inode 15 (err -117) [ 250.013396][ T8486] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.223205][ T8507] loop4: detected capacity change from 0 to 1024 [ 250.230748][ T8507] udf: Unknown parameter 'y•^7ÍÙY‘yÍöçŽ){Üm«_(q¼ŒèS#X00000000000000000000ÿÿ' [ 250.371070][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.567550][ T8512] netlink: 44 bytes leftover after parsing attributes in process `syz.1.811'. [ 250.632441][ T8512] netlink: 43 bytes leftover after parsing attributes in process `syz.1.811'. [ 250.672583][ T8512] netlink: 'syz.1.811': attribute type 6 has an invalid length. [ 250.737395][ T8512] netlink: 'syz.1.811': attribute type 5 has an invalid length. [ 250.788185][ T8512] netlink: 43 bytes leftover after parsing attributes in process `syz.1.811'. [ 251.260765][ T8534] loop1: detected capacity change from 0 to 2048 [ 251.359539][ T8534] Alternate GPT is invalid, using primary GPT. [ 251.397738][ T8534] loop1: p2 p3 p7 [ 251.462586][ T8541] loop3: detected capacity change from 0 to 128 [ 251.519203][ T8541] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 251.622152][ T8541] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 251.631247][ T1997] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 251.843202][ T1997] usb 6-1: Using ep0 maxpacket: 8 [ 251.884266][ T1997] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 251.923350][ T1997] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 251.962555][ T1997] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 252.000420][ T1997] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.127651][ T7986] udevd[7986]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 252.128599][ T6614] udevd[6614]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 252.147424][ T5845] udevd[5845]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 252.222708][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 252.278861][ T5811] usb 6-1: USB disconnect, device number 8 [ 252.333681][ T8553] loop6: detected capacity change from 0 to 512 [ 252.351770][ T8553] EXT4-fs: Ignoring removed mblk_io_submit option [ 252.382544][ T8553] EXT4-fs: inline encryption not supported [ 252.388647][ T8553] EXT4-fs: Ignoring removed mblk_io_submit option [ 252.398590][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 252.416345][ T8557] vxcan0: tx address claim with dlc 0 [ 252.429783][ T9] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 252.451891][ T8553] EXT4-fs (loop6): Test dummy encryption mode enabled [ 252.473107][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.503264][ T8553] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 252.511846][ T8559] netlink: 'syz.4.832': attribute type 1 has an invalid length. [ 252.521531][ T8559] netlink: 172 bytes leftover after parsing attributes in process `syz.4.832'. [ 252.531877][ T9] usb 2-1: Product: syz [ 252.552122][ T9] usb 2-1: Manufacturer: syz [ 252.575117][ T9] usb 2-1: SerialNumber: syz [ 252.590582][ T8553] EXT4-fs (loop6): 1 truncate cleaned up [ 252.598517][ T8553] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.647868][ T9] usb 2-1: config 0 descriptor?? [ 252.713509][ T8553] EXT4-fs (loop6): Online defrag not supported for encrypted files [ 252.760508][ T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 252.794877][ T9] usb 2-1: setting power ON [ 252.811709][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 252.873996][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 252.915295][ T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 252.956997][ T9] usb 2-1: media controller created [ 252.968199][ T8565] loop3: detected capacity change from 0 to 512 [ 253.005204][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.055535][ T8565] EXT4-fs (loop3): Test dummy encryption mode enabled [ 253.100068][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 253.117003][ T8565] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 253.168442][ T8565] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #11: comm syz.3.834: invalid indirect mapped block 117440512 (level 2) [ 253.243337][ T5811] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 253.294319][ T9] usb 2-1: selecting invalid altsetting 6 [ 253.343694][ T9] usb 2-1: digital interface selection failed (-22) [ 253.350408][ T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 253.381521][ T8565] EXT4-fs (loop3): 1 truncate cleaned up [ 253.405343][ T8565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.421211][ T9] usb 2-1: setting power OFF [ 253.423100][ T5811] usb 5-1: Using ep0 maxpacket: 8 [ 253.451376][ T9] dvb-usb: bulk message failed: -22 (2/0) [ 253.484604][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 253.542424][ T9] (NULL device *): no alternate interface [ 253.596692][ T8565] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 253.743021][ T8565] EXT4-fs error (device loop3): htree_dirblock_to_tree:1077: inode #2: block 13: comm syz.3.834: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 253.766254][ T8578] loop6: detected capacity change from 0 to 32768 [ 253.778076][ T5811] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 253.789504][ T5811] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 253.799792][ T5811] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 253.815231][ T5811] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 253.828872][ T5811] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 253.859118][ T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 253.906779][ T9] usb 2-1: USB disconnect, device number 6 [ 253.910152][ T5811] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.017042][ T8578] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 254.017042][ T8578] allowing incompatible features above 0.0: (unknown version) [ 254.017042][ T8578] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 254.056852][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.064390][ T8578] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0 [ 254.073044][ T8578] bcachefs (loop6): recovering from clean shutdown, journal seq 10 [ 254.081342][ T8578] bcachefs (loop6): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 254.081342][ T8578] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 254.081342][ T8578] running recovery passes: check_extents_to_backpointers,check_inodes [ 254.110417][ C1] vkms_vblank_simulate: vblank timer overrun [ 254.119319][ T8578] bcachefs (loop6): dropping and reconstructing all alloc info [ 254.164860][ T8578] bcachefs (loop6): accounting_read... done [ 254.258207][ T8578] bcachefs (loop6): alloc_read... done [ 254.265196][ T8578] bcachefs (loop6): snapshots_read... done [ 254.272620][ T8578] bcachefs (loop6): done starting filesystem [ 254.306196][ T8587] loop2: detected capacity change from 0 to 1024 [ 254.319042][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.353016][ T30] audit: type=1800 audit(1749564069.899:26): pid=8578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.837" name="file2" dev="loop6" ino=536870913 res=0 errno=0 [ 254.394592][ T5811] usb 5-1: GET_CAPABILITIES returned 0 [ 254.400184][ T5811] usbtmc 5-1:16.0: can't read capabilities [ 254.571559][ T6628] bcachefs (loop6): shutting down [ 254.614833][ T5811] usb 5-1: USB disconnect, device number 7 [ 254.755264][ T2933] hfsplus: b-tree write err: -5, ino 4 [ 254.798012][ T6628] bcachefs (loop6): shutdown complete [ 254.993028][ T30] audit: type=1326 audit(1749564070.539:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dff7858e7 code=0x7ffc0000 [ 255.022490][ T5990] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 255.105114][ T30] audit: type=1326 audit(1749564070.539:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6dff72ab19 code=0x7ffc0000 [ 255.223615][ T30] audit: type=1326 audit(1749564070.539:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dff7858e7 code=0x7ffc0000 [ 255.262490][ T5990] usb 2-1: Using ep0 maxpacket: 8 [ 255.284421][ T5990] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 255.299211][ T30] audit: type=1326 audit(1749564070.539:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6dff72ab19 code=0x7ffc0000 [ 255.321575][ T5990] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 255.321626][ T5990] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 255.321666][ T5990] usb 2-1: config 250 has no interface number 0 [ 255.321743][ T5990] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 255.321793][ T5990] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 255.432850][ T30] audit: type=1326 audit(1749564070.539:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dff7858e7 code=0x7ffc0000 [ 255.443000][ T5990] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 255.481002][ T30] audit: type=1326 audit(1749564070.539:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6dff72ab19 code=0x7ffc0000 [ 255.504082][ T8601] loop5: detected capacity change from 0 to 512 [ 255.515172][ T5990] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 255.535400][ T5990] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 255.554008][ T5990] usb 2-1: config 250 interface 228 has no altsetting 0 [ 255.561678][ T8601] EXT4-fs error (device loop5): ext4_iget_extra_inode:5034: inode #15: comm syz.5.852: corrupted in-inode xattr: invalid ea_ino [ 255.576539][ T8601] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.852: couldn't read orphan inode 15 (err -117) [ 255.581703][ T30] audit: type=1326 audit(1749564070.539:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dff7858e7 code=0x7ffc0000 [ 255.592908][ T5990] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 255.621958][ T5990] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 255.633755][ T5990] usb 2-1: Product: syz [ 255.638041][ T5990] usb 2-1: SerialNumber: syz [ 255.643192][ T8601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.677796][ T5990] hub 2-1:250.228: bad descriptor, ignoring hub [ 255.685025][ T5990] hub 2-1:250.228: probe with driver hub failed with error -5 [ 255.699358][ T8607] loop4: detected capacity change from 0 to 2048 [ 255.722537][ T30] audit: type=1326 audit(1749564070.539:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6dff72ab19 code=0x7ffc0000 [ 255.769138][ T30] audit: type=1326 audit(1749564070.539:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8592 comm="syz.5.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6dff7858e7 code=0x7ffc0000 [ 255.816868][ T8607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.841202][ T8607] EXT4-fs (loop4): shut down requested (0) [ 255.907959][ T5990] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 7 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 255.917804][ T6819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.044387][ T8614] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 256.101486][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.138903][ T5990] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 256.187221][ T5990] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 256.252836][ T5929] usb 2-1: USB disconnect, device number 7 [ 256.290947][ T5929] usblp0: removed [ 256.559523][ T8626] input: syz0 as /devices/virtual/input/input15 [ 256.612544][ T5990] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 256.802584][ T5990] usb 5-1: Using ep0 maxpacket: 32 [ 256.816185][ T5990] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 256.839937][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.874224][ T5990] usb 5-1: config 0 descriptor?? [ 257.050051][ T8618] loop5: detected capacity change from 0 to 32768 [ 257.113155][ T5990] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 257.159191][ T8618] (syz.5.856,8618,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 257.170312][ T5990] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 257.214366][ T5990] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 257.224274][ T8618] (syz.5.856,8618,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 257.246438][ T5990] usb 5-1: media controller created [ 257.444389][ T5990] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 257.540271][ T5990] az6027: usb out operation failed. (-71) [ 257.557917][ T8645] loop2: detected capacity change from 0 to 256 [ 257.581439][ T5990] az6027: usb out operation failed. (-71) [ 257.610066][ T5990] stb0899_attach: Driver disabled by Kconfig [ 257.631125][ T5990] az6027: no front-end attached [ 257.631125][ T5990] [ 257.650646][ T5990] az6027: usb out operation failed. (-71) [ 257.680992][ T5990] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 257.722685][ T5990] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input16 [ 257.816850][ T5990] dvb-usb: schedule remote query interval to 400 msecs. [ 257.862519][ T5990] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 257.951150][ T5990] usb 5-1: USB disconnect, device number 8 [ 257.958792][ T8651] netlink: 20 bytes leftover after parsing attributes in process `syz.6.868'. [ 258.170929][ T5990] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 258.237191][ T8658] loop5: detected capacity change from 0 to 1024 [ 258.253853][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.869'. [ 258.281157][ T8658] hfsplus: bad catalog folder entry [ 258.366012][ T8659] loop1: detected capacity change from 0 to 4096 [ 258.382086][ T8659] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 258.457460][ T8665] loop3: detected capacity change from 0 to 1024 [ 258.538046][ T8665] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 258.892887][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.235996][ T8688] Failed to get privilege flags for destination (handle=0x2:0xd) [ 259.315680][ T8690] loop2: detected capacity change from 0 to 64 [ 259.399712][ T8692] netlink: 32 bytes leftover after parsing attributes in process `syz.6.884'. [ 259.654140][ T8660] loop4: detected capacity change from 0 to 32768 [ 259.977627][ T8660] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=/dev/loop4,noinodes_use_key_cache,fsck,norecovery,nojournal_transaction_names [ 259.977627][ T8660] allowing incompatible features above 0.0: (unknown version) [ 259.977627][ T8660] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 260.020259][ C1] vkms_vblank_simulate: vblank timer overrun [ 260.059397][ T8660] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 260.071893][ T8660] bcachefs (loop4): recovering from clean shutdown, journal seq 13 [ 260.130878][ T8660] bcachefs (loop4): Version upgrade required: [ 260.130878][ T8660] Version upgrade from 0.32: (unknown version) to 1.7: mi_btree_bitmap incomplete [ 260.130878][ T8660] Doing incompatible version upgrade from 0.32: (unknown version) to 1.28: inode_has_case_insensitive [ 260.130878][ T8660] running recovery passes: check_allocations,check_extents_to_backpointers,check_snapshots,check_subvols,check_inodes,check_dirents,set_fs_needs_rebalance [ 260.237578][ T5846] Bluetooth: hci5: command tx timeout [ 260.245678][ T8660] bcachefs (loop4): accounting_read... done [ 260.277088][ T8660] bcachefs (loop4): alloc_read... done [ 260.277600][ T8660] bcachefs (loop4): snapshots_read... done [ 260.278737][ T8660] bcachefs (loop4): done starting filesystem [ 260.332568][ T5929] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 260.480062][ T5836] bcachefs (loop4): shutting down [ 260.485628][ T5929] usb 4-1: Using ep0 maxpacket: 8 [ 260.496110][ T5929] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 260.522617][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10 [ 260.567773][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024 [ 260.569831][ T5836] bcachefs (loop4): shutdown complete [ 260.589379][ T5929] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 260.619019][ T5929] usb 4-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00 [ 260.660624][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.713866][ T5929] usb 4-1: config 0 descriptor?? [ 261.168665][ T5929] redragon 0003:0C45:760B.0009: unknown main item tag 0x6 [ 261.192738][ T5929] redragon 0003:0C45:760B.0009: item fetching failed at offset 7/133 [ 261.233540][ T5929] redragon 0003:0C45:760B.0009: probe with driver redragon failed with error -22 [ 261.271229][ T8717] loop6: detected capacity change from 0 to 32768 [ 261.307708][ T8717] XFS: attr2 mount option is deprecated. [ 261.317937][ T8722] loop2: detected capacity change from 0 to 32768 [ 261.355699][ T5990] usb 4-1: USB disconnect, device number 4 [ 261.367185][ T8722] JBD2: Ignoring recovery information on journal [ 261.410983][ T8717] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 261.434072][ T8724] loop5: detected capacity change from 0 to 32768 [ 261.465851][ T8722] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 261.482303][ T8717] XFS (loop6): Ending clean mount [ 261.509881][ T8717] XFS (loop6): Quotacheck needed: Please wait. [ 261.529863][ T8724] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 261.558377][ T8717] XFS (loop6): Quotacheck: Done. [ 261.562910][ T5929] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 261.641727][ T5833] ocfs2: Unmounting device (7,2) on (node local) [ 261.654589][ T8724] XFS (loop5): Ending clean mount [ 261.695734][ T6628] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 261.726236][ T5929] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 261.748241][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.776671][ T5929] usb 2-1: config 0 descriptor?? [ 261.822105][ T5929] cp210x 2-1:0.0: cp210x converter detected [ 261.890233][ T6819] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 262.239468][ T5929] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 262.272762][ T5929] usb 2-1: cp210x converter now attached to ttyUSB0 [ 262.432496][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 262.463780][ T5990] usb 2-1: USB disconnect, device number 8 [ 262.483373][ T5990] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 262.520282][ T5990] cp210x 2-1:0.0: device disconnected [ 262.552559][ T5929] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 262.584159][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 262.596357][ T9] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 262.615499][ T9] usb 4-1: config 179 has no interface number 0 [ 262.621914][ T9] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 262.662541][ T9] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 262.702708][ T9] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 262.722619][ T5929] usb 3-1: Using ep0 maxpacket: 8 [ 262.734524][ T5929] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 262.752686][ T5929] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 262.763050][ T9] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 262.782439][ T5929] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 262.802479][ T9] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 262.817601][ T5929] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 262.837991][ T9] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 262.847603][ T5929] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 262.871085][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.886698][ T5929] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 262.914783][ T5929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.924924][ T8750] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 263.164929][ T8750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 263.172611][ T8768] netlink: 24 bytes leftover after parsing attributes in process `syz.5.912'. [ 263.184843][ T8750] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 263.202888][ T5929] usb 3-1: GET_CAPABILITIES returned 0 [ 263.222878][ T5929] usbtmc 3-1:16.0: can't read capabilities [ 263.408859][ T5811] usb 4-1: USB disconnect, device number 5 [ 263.408885][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 263.423181][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 263.440402][ T9] usb 3-1: USB disconnect, device number 7 [ 263.517833][ T8777] loop5: detected capacity change from 0 to 256 [ 263.592714][ T5929] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 263.616971][ T8778] loop1: detected capacity change from 0 to 4096 [ 263.632503][ T8778] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 263.742731][ T5929] usb 5-1: Using ep0 maxpacket: 32 [ 263.766170][ T5929] usb 5-1: config 0 interface 0 has no altsetting 0 [ 263.791677][ T5929] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 263.804636][ T8778] ntfs3(loop1): ino=1b, "file0" ntfs_readdir [ 263.811296][ T8778] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 263.832489][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.841792][ T5929] usb 5-1: Product: syz [ 263.857812][ T5929] usb 5-1: Manufacturer: syz [ 263.866348][ T5929] usb 5-1: SerialNumber: syz [ 263.874800][ T5929] usb 5-1: config 0 descriptor?? [ 264.262537][ T5811] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 264.310012][ T5929] gs_usb 5-1:0.0: Configuring for 1 interfaces [ 264.413335][ T5811] usb 6-1: Using ep0 maxpacket: 32 [ 264.424981][ T5811] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 264.440955][ T5811] usb 6-1: config 0 has no interface number 0 [ 264.468351][ T5811] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 264.531098][ T5811] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 264.572754][ T5811] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 264.582032][ T5811] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.595803][ T5811] usb 6-1: config 0 descriptor?? [ 264.634719][ T8805] loop6: detected capacity change from 0 to 256 [ 264.643560][ T8805] exfat: Deprecated parameter 'utf8' [ 264.649613][ T8805] exfat: Deprecated parameter 'utf8' [ 264.677387][ T8805] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 264.699182][ T1997] kernel read not supported for file /dsp (pid: 1997 comm: kworker/1:2) [ 264.712181][ T5929] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 264.810368][ T5929] usb 5-1: USB disconnect, device number 9 [ 265.133157][ T8816] loop1: detected capacity change from 0 to 1024 [ 265.226962][ T5811] uclogic 0003:28BD:0094.000A: pen parameters not found [ 265.254169][ T5811] uclogic 0003:28BD:0094.000A: interface is invalid, ignoring [ 265.295907][ T5811] usb 6-1: USB disconnect, device number 9 [ 265.358516][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.365335][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.814984][ T8842] loop3: detected capacity change from 0 to 128 [ 265.851470][ T8842] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 265.922588][ T8842] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.094538][ T8848] loop2: detected capacity change from 0 to 2048 [ 266.155195][ T8848] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.397767][ T8859] netlink: 'syz.1.955': attribute type 1 has an invalid length. [ 266.452571][ T8859] netlink: 'syz.1.955': attribute type 4 has an invalid length. [ 266.460319][ T8859] netlink: 188 bytes leftover after parsing attributes in process `syz.1.955'. [ 266.556482][ T8859] NCSI netlink: No device for ifindex 0 [ 267.167802][ T8880] loop2: detected capacity change from 0 to 4096 [ 267.214521][ T8880] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 267.242301][ T8890] loop6: detected capacity change from 0 to 512 [ 267.283151][ T8890] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 267.364041][ T8890] EXT4-fs (loop6): 1 truncate cleaned up [ 267.387807][ T8890] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.623045][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.771761][ T8903] netlink: 28 bytes leftover after parsing attributes in process `syz.5.978'. [ 268.251278][ T8909] loop2: detected capacity change from 0 to 32768 [ 268.304687][ T8909] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 268.509717][ T8932] sctp: [Deprecated]: syz.4.987 (pid 8932) Use of int in maxseg socket option. [ 268.509717][ T8932] Use struct sctp_assoc_value instead [ 268.556290][ T8909] XFS (loop2): Ending clean mount [ 268.565334][ T8909] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x26/0xe0, xfs_finobt block 0x20 [ 268.578192][ T8909] XFS (loop2): Unmount and run xfs_repair [ 268.584427][ T8909] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 268.591894][ T8909] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 268.602337][ T8909] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 268.611320][ T8909] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 268.620312][ T8909] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 268.629966][ T8909] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 268.639177][ T8909] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 268.648149][ T8909] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 268.660605][ T8909] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 268.669931][ T8909] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x20 len 8 error 74 [ 268.681573][ T8909] XFS (loop2): Failed to initialize disk quotas, err -117. [ 268.690808][ T8884] loop1: detected capacity change from 0 to 32768 [ 268.719663][ T8884] XFS: attr2 mount option is deprecated. [ 268.785116][ T5833] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 268.835797][ T8884] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 268.864155][ T5833] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair. [ 269.046911][ T8884] XFS (loop1): Ending clean mount [ 269.136957][ T8884] XFS (loop1): Quotacheck needed: Please wait. [ 269.213280][ T8884] XFS (loop1): Quotacheck: Done. [ 269.534414][ T5841] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 269.822801][ T8969] C: renamed from team_slave_0 (while UP) [ 269.866393][ T8969] netlink: 'syz.2.989': attribute type 4 has an invalid length. [ 269.897482][ T8969] netlink: 88 bytes leftover after parsing attributes in process `syz.2.989'. [ 269.920411][ T8969] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 270.054577][ T8978] loop6: detected capacity change from 0 to 524287999 [ 270.094252][ T8978] buffer_io_error: 7 callbacks suppressed [ 270.094278][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.133235][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.160703][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.222861][ T8979] Invalid logical block size (3) [ 270.229093][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.253246][ T8982] loop5: detected capacity change from 0 to 512 [ 270.267461][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.280452][ T8982] EXT4-fs: Ignoring removed nobh option [ 270.286693][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.302810][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.312150][ T8982] EXT4-fs (loop5): Test dummy encryption mode enabled [ 270.331035][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.361498][ T8982] EXT4-fs error (device loop5): __ext4_iget:5379: inode #11: block 1: comm syz.5.1006: invalid block [ 270.374254][ T8978] ldm_validate_partition_table(): Disk read failed. [ 270.383323][ T8982] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1006: couldn't read orphan inode 11 (err -117) [ 270.393912][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.418996][ T8982] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.464034][ T8978] Buffer I/O error on dev loop6, logical block 0, async page read [ 270.482940][ T8978] Dev loop6: unable to read RDB block 0 [ 270.492022][ T8978] loop6: unable to read partition table [ 270.511444][ T8978] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 270.742590][ T6819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.924871][ T9002] loop4: detected capacity change from 0 to 512 [ 270.970100][ T9002] EXT4-fs error (device loop4): ext4_validate_block_bitmap:431: comm syz.4.1016: bg 0: block 5: invalid block bitmap [ 271.122860][ T9002] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 271.152503][ T9002] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #11: comm syz.4.1016: invalid indirect mapped block 3 (level 2) [ 271.261097][ T9002] EXT4-fs (loop4): 1 orphan inode deleted [ 271.305949][ T9002] EXT4-fs (loop4): 1 truncate cleaned up [ 271.343941][ T9002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 271.487662][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.811921][ T9039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1031'. [ 271.841107][ T9039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1031'. [ 271.919713][ T9042] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1032'. [ 272.995662][ T9072] loop6: detected capacity change from 0 to 256 [ 273.001828][ T9073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1047'. [ 273.062058][ T9072] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d) [ 273.576029][ T9053] loop3: detected capacity change from 0 to 32768 [ 273.911619][ T9085] loop6: detected capacity change from 0 to 512 [ 273.999618][ T9085] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.1053: casefold flag without casefold feature [ 274.081586][ T9085] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1053: couldn't read orphan inode 15 (err -117) [ 274.115987][ T9066] loop2: detected capacity change from 0 to 40427 [ 274.124740][ T9066] F2FS-fs (loop2): build fault injection rate: 690 [ 274.131407][ T9066] F2FS-fs (loop2): Image doesn't support compression [ 274.143570][ T9066] F2FS-fs (loop2): Image doesn't support compression [ 274.158703][ T9066] F2FS-fs (loop2): invalid crc value [ 274.159716][ T9085] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.418436][ T9103] loop1: detected capacity change from 0 to 512 [ 274.451700][ T6628] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.454409][ T9066] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 274.525526][ T9103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.583900][ T9103] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.784269][ T9103] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.012952][ T5833] syz-executor: attempt to access beyond end of device [ 275.012952][ T5833] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 275.037637][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 275.037690][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.037713][ T5833] Call Trace: [ 275.037724][ T5833] [ 275.037743][ T5833] dump_stack_lvl+0x16c/0x1f0 [ 275.037813][ T5833] f2fs_handle_critical_error+0x621/0x9f0 [ 275.037862][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.037909][ T5833] ? f2fs_build_fault_attr+0x53/0x1f0 [ 275.037961][ T5833] f2fs_write_end_io+0x785/0xc20 [ 275.038015][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 275.038071][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.038128][ T5833] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 275.038177][ T5833] bio_endio+0x70d/0x850 [ 275.038220][ T5833] submit_bio_noacct+0x56d/0x1eb0 [ 275.038282][ T5833] __submit_merged_bio+0x33c/0x770 [ 275.038339][ T5833] __submit_merged_write_cond+0x319/0x3f0 [ 275.038403][ T5833] f2fs_write_cache_pages+0x2067/0x2570 [ 275.038490][ T5833] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 275.038557][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.038602][ T5833] ? __lock_acquire+0x622/0x1c90 [ 275.038673][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.038771][ T5833] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 275.038864][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.038910][ T5833] ? mod_memcg_lruvec_state+0x394/0x610 [ 275.038980][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.039034][ T5833] f2fs_write_data_pages+0x4ad/0xd90 [ 275.039101][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 275.039157][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.039215][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.039266][ T5833] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 275.039328][ T5833] do_writepages+0x27a/0x600 [ 275.039400][ T5833] ? __pfx_do_writepages+0x10/0x10 [ 275.039458][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 275.039498][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.039543][ T5833] ? _raw_spin_unlock+0x28/0x50 [ 275.039604][ T5833] filemap_fdatawrite_wbc+0x104/0x160 [ 275.039671][ T5833] __filemap_fdatawrite_range+0xb2/0xf0 [ 275.039717][ T5833] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 275.039828][ T5833] ? find_held_lock+0x2b/0x80 [ 275.039876][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.039923][ T5833] ? do_raw_spin_unlock+0x172/0x230 [ 275.039963][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.040016][ T5833] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 275.040100][ T5833] block_operations+0x2a3/0xfd0 [ 275.040165][ T5833] ? __pfx___schedule+0x10/0x10 [ 275.040225][ T5833] ? __pfx_block_operations+0x10/0x10 [ 275.040342][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.040388][ T5833] ? down_write+0x14d/0x200 [ 275.040427][ T5833] ? __pfx_down_write+0x10/0x10 [ 275.040470][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.040515][ T5833] ? rcu_is_watching+0x12/0xc0 [ 275.040568][ T5833] f2fs_write_checkpoint+0x2b8/0x4c60 [ 275.040646][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.040691][ T5833] ? rcu_is_watching+0x12/0xc0 [ 275.040745][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.040790][ T5833] ? kthread_stop+0x273/0x650 [ 275.040856][ T5833] kill_f2fs_super+0x3c2/0x470 [ 275.040919][ T5833] ? __pfx_kill_f2fs_super+0x10/0x10 [ 275.040979][ T5833] ? lockdep_hardirqs_on+0x7c/0x110 [ 275.041061][ T5833] deactivate_locked_super+0xc1/0x1a0 [ 275.041102][ T5833] deactivate_super+0xde/0x100 [ 275.041143][ T5833] cleanup_mnt+0x225/0x450 [ 275.041188][ T5833] task_work_run+0x150/0x240 [ 275.041228][ T5833] ? __pfx_task_work_run+0x10/0x10 [ 275.041263][ T5833] ? srso_alias_return_thunk+0x5/0xfbef5 [ 275.041312][ T5833] ? __pfx___x64_sys_umount+0x10/0x10 [ 275.041370][ T5833] exit_to_user_mode_loop+0xeb/0x110 [ 275.041413][ T5833] do_syscall_64+0x3f6/0x4c0 [ 275.041454][ T5833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.041493][ T5833] RIP: 0033:0x7fce7678fc57 [ 275.041522][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 275.041559][ T5833] RSP: 002b:00007ffdac3fec58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 275.041594][ T5833] RAX: 0000000000000000 RBX: 00007fce76810925 RCX: 00007fce7678fc57 [ 275.041619][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdac3fed10 [ 275.041643][ T5833] RBP: 00007ffdac3fed10 R08: 0000000000000000 R09: 0000000000000000 [ 275.041667][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdac3ffda0 [ 275.041691][ T5833] R13: 00007fce76810925 R14: 000000000004317e R15: 00007ffdac3ffde0 [ 275.041746][ T5833] [ 275.490719][ C1] vkms_vblank_simulate: vblank timer overrun [ 275.499750][ T5833] F2FS-fs (loop2): Remounting filesystem read-only [ 275.718222][ T2933] page: refcount:3 mapcount:0 mapping:ffff88805447c0b0 index:0xb pfn:0x475dd [ 275.737690][ T2933] memcg:ffff888052c12700 [ 275.741982][ T2933] aops:f2fs_node_aops ino:1 [ 275.818417][ T2933] flags: 0xfff2800000403c(referenced|uptodate|dirty|lru|private|node=0|zone=1|lastcpupid=0x7ff) [ 275.898296][ T2933] raw: 00fff2800000403c ffffea0000d1ae08 ffffea000126fa48 ffff88805447c0b0 [ 275.972455][ T2933] raw: 000000000000000b 0000000000000009 00000003ffffffff ffff888052c12700 [ 275.981213][ T2933] page dumped because: VM_BUG_ON_FOLIO(!folio_test_locked(folio)) [ 276.033796][ T9124] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1067'. [ 276.048614][ T2933] page_owner tracks the page as allocated [ 276.068303][ T2933] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 9066, tgid 9065 (syz.2.1045), ts 274772167733, free_ts 274766648344 [ 276.068398][ T2933] post_alloc_hook+0x1c0/0x230 [ 276.068438][ T2933] get_page_from_freelist+0x1321/0x3890 [ 276.068477][ T2933] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 276.068556][ T2933] alloc_pages_mpol+0x1fb/0x550 [ 276.068603][ T2933] folio_alloc_noprof+0x20/0x2d0 [ 276.068655][ T2933] filemap_alloc_folio_noprof+0x3a1/0x470 [ 276.068715][ T2933] __filemap_get_folio+0x5e1/0xc30 [ 276.068760][ T2933] f2fs_new_node_folio+0xbc1/0x1090 [ 276.068805][ T2933] f2fs_get_dnode_of_data+0x598/0x29a0 [ 276.072847][ T2933] f2fs_reserve_block+0x4d/0x500 [ 276.072902][ T2933] f2fs_get_new_data_folio+0x145/0xe80 [ 276.072955][ T2933] f2fs_add_regular_entry+0x515/0x1030 [ 276.072992][ T2933] f2fs_add_dentry+0x1e2/0x240 [ 276.073026][ T2933] f2fs_do_add_link+0x23d/0x370 [ 276.073060][ T2933] f2fs_create+0x386/0x5f0 [ 276.073115][ T2933] lookup_open.isra.0+0x11d3/0x1580 [ 276.073151][ T2933] page last free pid 9108 tgid 9107 stack trace: [ 276.073173][ T2933] __free_frozen_pages+0x7fe/0x1180 [ 276.073234][ T2933] tlb_finish_mmu+0x237/0x7c0 [ 276.073268][ T2933] exit_mmap+0x403/0xb90 [ 276.073322][ T2933] __mmput+0x12a/0x410 [ 276.073364][ T2933] mmput+0x62/0x70 [ 276.073405][ T2933] do_exit+0x7bc/0x2bd0 [ 276.073455][ T2933] do_group_exit+0xd3/0x2a0 [ 276.073507][ T2933] get_signal+0x2673/0x26d0 [ 276.073549][ T2933] arch_do_signal_or_restart+0x8f/0x7d0 [ 276.073591][ T2933] exit_to_user_mode_loop+0x84/0x110 [ 276.073631][ T2933] do_syscall_64+0x3f6/0x4c0 [ 276.073667][ T2933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.073951][ T2933] ------------[ cut here ]------------ [ 276.073967][ T2933] kernel BUG at mm/filemap.c:1498! [ 276.073999][ T2933] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 276.074035][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: kworker/u8:6 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 276.074083][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 276.074109][ T2933] Workqueue: writeback wb_workfn (flush-7:2) [ 276.074156][ T2933] RIP: 0010:folio_unlock+0xb3/0xd0 [ 276.074219][ T2933] Code: 13 a4 c9 ff 48 89 ef 31 f6 e8 f9 ed ff ff 5b 5d e9 02 a4 c9 ff e8 fd a3 c9 ff 48 c7 c6 20 0b b9 8b 48 89 ef e8 ee e4 11 00 90 <0f> 0b 48 89 df e8 23 6c 2f 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00 [ 276.074257][ T2933] RSP: 0018:ffffc9000b347248 EFLAGS: 00010293 [ 276.074287][ T2933] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 276.074311][ T2933] RDX: ffff88803050da00 RSI: ffffffff81f27812 RDI: ffff88803050de44 [ 276.074337][ T2933] RBP: ffffea00011d7740 R08: 0000000000000001 R09: 0000000000000001 [ 276.074362][ T2933] R10: ffffffff90a82957 R11: 1ffff1100fa7980a R12: ffffc9000b347350 [ 276.074388][ T2933] R13: 0000000000000002 R14: 0000000000000000 R15: dffffc0000000000 [ 276.074419][ T2933] FS: 0000000000000000(0000) GS:ffff88812475b000(0000) knlGS:0000000000000000 [ 276.074453][ T2933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 276.074479][ T2933] CR2: 0000001b30812ff8 CR3: 0000000058f2a000 CR4: 0000000000350ef0 [ 276.074504][ T2933] Call Trace: [ 276.074515][ T2933] [ 276.074530][ T2933] f2fs_sync_node_pages+0x184c/0x1c30 [ 276.074585][ T2933] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 276.074651][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.074698][ T2933] ? lockdep_hardirqs_on+0x7c/0x110 [ 276.074760][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.074814][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.074864][ T2933] f2fs_write_node_pages+0x27d/0x7a0 [ 276.074909][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 276.074959][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075005][ T2933] ? __lock_acquire+0xb8a/0x1c90 [ 276.075064][ T2933] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 276.075110][ T2933] do_writepages+0x27a/0x600 [ 276.075176][ T2933] ? __pfx_do_writepages+0x10/0x10 [ 276.075229][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075271][ T2933] ? reacquire_held_locks+0xcd/0x1f0 [ 276.075325][ T2933] ? writeback_sb_inodes+0x3a4/0xf90 [ 276.075383][ T2933] __writeback_single_inode+0x160/0xfb0 [ 276.075440][ T2933] ? __pfx___writeback_single_inode+0x10/0x10 [ 276.075496][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075537][ T2933] ? do_raw_spin_unlock+0x172/0x230 [ 276.075574][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075619][ T2933] writeback_sb_inodes+0x601/0xf90 [ 276.075686][ T2933] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 276.075739][ T2933] ? __lock_acquire+0xb8a/0x1c90 [ 276.075824][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075866][ T2933] ? rcu_is_watching+0x12/0xc0 [ 276.075907][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.075949][ T2933] ? queue_io+0x3f6/0x520 [ 276.075998][ T2933] wb_writeback+0x419/0xb70 [ 276.076056][ T2933] ? __pfx_wb_writeback+0x10/0x10 [ 276.076109][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076155][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076197][ T2933] ? mark_held_locks+0x49/0x80 [ 276.076251][ T2933] wb_workfn+0x14d/0xbe0 [ 276.076283][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076324][ T2933] ? try_to_wake_up+0x157/0x1680 [ 276.076364][ T2933] ? __pfx_wb_workfn+0x10/0x10 [ 276.076421][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076465][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076509][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076550][ T2933] ? rcu_is_watching+0x12/0xc0 [ 276.076595][ T2933] process_one_work+0x9cf/0x1b70 [ 276.076636][ T2933] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 276.076686][ T2933] ? __pfx_process_one_work+0x10/0x10 [ 276.076721][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076768][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.076822][ T2933] ? assign_work+0x1a0/0x250 [ 276.076879][ T2933] worker_thread+0x6c8/0xf10 [ 276.076922][ T2933] ? __pfx_worker_thread+0x10/0x10 [ 276.076957][ T2933] kthread+0x3c5/0x780 [ 276.077022][ T2933] ? __pfx_kthread+0x10/0x10 [ 276.077077][ T2933] ? srso_alias_return_thunk+0x5/0xfbef5 [ 276.077119][ T2933] ? rcu_is_watching+0x12/0xc0 [ 276.077160][ T2933] ? __pfx_kthread+0x10/0x10 [ 276.077216][ T2933] ret_from_fork+0x5d7/0x6f0 [ 276.077266][ T2933] ? __pfx_kthread+0x10/0x10 [ 276.077321][ T2933] ret_from_fork_asm+0x1a/0x30 [ 276.077366][ T2933] [ 276.077379][ T2933] Modules linked in: [ 276.077409][ T2933] ---[ end trace 0000000000000000 ]--- [ 276.077425][ T2933] RIP: 0010:folio_unlock+0xb3/0xd0 [ 276.077486][ T2933] Code: 13 a4 c9 ff 48 89 ef 31 f6 e8 f9 ed ff ff 5b 5d e9 02 a4 c9 ff e8 fd a3 c9 ff 48 c7 c6 20 0b b9 8b 48 89 ef e8 ee e4 11 00 90 <0f> 0b 48 89 df e8 23 6c 2f 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00 [ 276.077522][ T2933] RSP: 0018:ffffc9000b347248 EFLAGS: 00010293 [ 276.077552][ T2933] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 276.077575][ T2933] RDX: ffff88803050da00 RSI: ffffffff81f27812 RDI: ffff88803050de44 [ 276.077601][ T2933] RBP: ffffea00011d7740 R08: 0000000000000001 R09: 0000000000000001 [ 276.077626][ T2933] R10: ffffffff90a82957 R11: 1ffff1100fa7980a R12: ffffc9000b347350 [ 276.077652][ T2933] R13: 0000000000000002 R14: 0000000000000000 R15: dffffc0000000000 [ 276.077679][ T2933] FS: 0000000000000000(0000) GS:ffff88812475b000(0000) knlGS:0000000000000000 [ 276.077713][ T2933] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 276.077739][ T2933] CR2: 0000001b30812ff8 CR3: 0000000058f2a000 CR4: 0000000000350ef0 [ 276.077767][ T2933] Kernel panic - not syncing: Fatal exception [ 276.078043][ T2933] Kernel Offset: disabled