last executing test programs: 8.873803863s ago: executing program 4: prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) 7.055797788s ago: executing program 4: r0 = syz_usb_connect(0x2, 0x2d, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 4.091568931s ago: executing program 4: syz_mount_image$f2fs(&(0x7f0000000680), &(0x7f0000000080)='./file2\x00', 0x2000000, &(0x7f0000000740)=ANY=[], 0x1, 0x54f9, &(0x7f0000002a80)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYogbSQBqiB3FJCBBEeB4WIRJE8thX0fZIZxoIfMwgO80YaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS3fVenFz9fu6bc5u306e2QAAAADnbKv1on4yS/2vzf3vza2fTb+IiDIizq3dR/HpJHPU5FSvvL56MYbbiDrh8BmT5voSEX+a6+FH198CAAAAXK7NcjVPq/X0MBt6QPQpFW3Kb38z5RURUc3uM6WVh7xfmcLq3/c4/mdKqwtY00xhqeQ2zpX2LvXf/Vi1mz5ritSUb78/29wBAIAejU6aflchAAAA9Onf0ANgGEU8bWUetwInqWm29z6f9AAAAIAPqBh6AAAAAEDn6vW/8/8AAADgsqXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjStlovNsvVvG3Obt9OntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXIxZvknIvoUURQ4i3/Q84J5BJvOewhgmdlZmeSyQ9w/dGZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLo3YM4yQ6dcRwX5zb3Hi9k/daRPrO+sj2btSyO6kz6dHi5+iHqNpcIAAAA50dS1vchhJ10bS7r405e/6flNVnN/92z47is54/W/WVf1v5Z+/WX3Rf3B+qMx8luentxOLhyPJXWk5vldHvub69o5U8+f/eS5F9I/MHyC6M0f57RNxsb77Xz8EId2QIA/8blsi+C8vehrO83mRgA50arUniX9X/SaTYnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDqMlsPTZRyFEGZbB3Fma+/xwkn9+sr2bNlurK6uVO+Z3SINIdxeHA6u1DiXaffg4aO788Ph4H79wSshhKZGf6eY/t2PJrg4hEaej+B/CuLiy56WfE5H0OAPJQAAzqS0aFldv5OuzWXnopkQ/vz+cP3/eiUOE9b/ux/f2KyOVa3/+7XNcPr1lu593nvw8NGbi/fm7wzuDD5962r/7f61m9ev3+zl70p63pgAAADw37SLVq3/45nj6/+XKnGYsP7/4tv+V9WxEvX/iQ4W/ZrOBAAA4Hx7/tU/fo9OOB+12+HL+aWl+/3xcf/z1fGxgVT/sQtFq9b/yUzTWQEAAAB1GC1Hh9b/b1XiMOH6/zM/vPRT9Z5JCOFisf5/eeGz4a36pjPV6vhz4qbnCAAAQLMuFq26/p/m+//j/S0PcQjhjdfGcfFvACeq/5P3v/6xOlZ1//+1+qY4leLu+HnkfTeEVrfpjAAAADjLnipaVuz/lq7NffLzpQ/b9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2vAAAA//+END5e") r0 = open(&(0x7f0000000400)='./file0\x00', 0x14937e, 0x0) r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0) pwritev2(r2, &(0x7f0000000000)=[{&(0x7f0000000200)='_', 0x1}], 0x1, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={r0}) 3.601435087s ago: executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@can_delroute={0x3c, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_CS_XOR={0x8, 0x5, {0x0, 0x0, 0xfc}}, @CGW_MOD_UID={0x8}, @CGW_MOD_SET={0x15, 0x4, {{{}, 0x0, 0x0, 0x0, 0x0, "a34b5669cd2fb891"}, 0x2}}]}, 0x3c}}, 0x0) 3.050067494s ago: executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f350768090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07420936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006) 2.425258042s ago: executing program 4: r0 = syz_usb_connect(0x2, 0x2d, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 2.418514682s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_read_part_table(0x5bc, &(0x7f0000000000)="$eJzs279rNEUYB/Dv7t3t3oFy2ljqwdtY+RbW4Y3KmxCwCIKdoK2NiGAhKNlD0UatbCz8B9KkEKysg+g/IEKIhaCdiIVamJG9X7nE8gojfD7F8jzPzDMzxWw54f+tTAfJ4FZxWNfVOp7+ncxffS5pZ4t8tKr3E14+fXhwNDuumk2tSn7tknq1Tv9pkic3C2e2ir4e5pPTw48+/ezdJl26y5MkXyRdUtr10Ra9+bz516H/rNaL8996+lZebT69Lo9lvIjuZ3XLBoty2j5qPtx5/7O98/mDPijLTSfN9e5J9tdBKaX01/Lk3jIf5berjOrZZubqNj1YHu+mdtE/2uT15i8Ybe327Dc/nmTeLEcGW729i0ny5sVLz1RbawAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPeUlUWyn8fHSZUM++zL56tuOWm4rLzQDJf5X9tNuznbO5++/8Fbdd7Ze/37N9776fCX8e9JBrl/+Ehp282819JudQ2T+irJE5Nd9y/rZd9+Zbs8yzzf3vvhqXqQUqbX9VHVf79Kurx43QsAAAAAAAAAAAAAAAAAAAA7enhwNDuuJ+vX9fW6XjJOqlsP3MsfpZT9lOZGdZLku8tUSX5OqbaHmmT6aJL24yargS7ezd8h/wQAAP//eKJe6g==") r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000005c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000600)={0x0, 0x4000}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000640)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbLe0wI8fFREFURfR2GhsoaBw8ILRxAMmRjzosWkLQQo1tCZCiJTE4NGQeDcevXrwqt6MJxOveDQxJMRwATytmd2Z7e52t//Y7oL7+STbfW/mzb733Zk3+2bebgPoW6X0TzHifxFxMyJ2RkShuUCp+nTvzpWp+3euTMViuXzq7ySSiLib5jNJ9rw9y4wWIgpfJEsr6sxfunxucnZ25mKWH184/8n4/KXLr549P3lm5szMhYnjx48eOXzs9YnX1h9Ui/rSuO7u+3xu/953Prrx7lQxXz6cPdfH0SmlKLVqSsWLna6sx3bUpZNiDxvCugxUu38MVvr/zhgIOw/6RblcLg+1X71YbnZt2RLgkZVEr1sA9Eb+QZ9e/+aPLg09Hgq3T1QvgNK472WP6ppi7T7IYNP1bScNR8SHi/98kz5ik+5DAADU++lEPhJsHv8VYk9duf9ncygjEfFYROyKiMcjYndEPBFRKftkRDzV9PqliCivUH+pKb98/FO49UABriId/72RzW01jv9qs2AjA1luR0Q+YJ45lL0nozE4dPrs7MzhFer4+a3fv2q3rlQ3/ksfaf35WDBrx61i0w266cmFyQ0H3OT2tYh9xeb4k2JEUpsJSCJib0TsW8frjtSlz7783f5aZrCx3OrxV5RbzqN1YKqi/G3ES9X9vxgN+3+pxmTl+cnx4ZidOTSeHgWHWtbx62/X32tX/6rx//Bn8yZvH/vx1IOGXZPu/211x3/k87dL8Y8kEUltvnZ+/XVc/+PLttc0azv+rzZskx7/W5IPKukt2bLPJhcWLh6O2JKcXL58YmnbPJ+XT+MfPdi6/+/KtknfiacjIj2In4mIZyPiuaztByLi+Yg4uEL8v7z5wscbj39zpfFPtzz/Nez/pfn6+ZN54tJaEwPnDty83+bksbb9f7SSGs2WtD7/JQ2niLU2sANvIQAAADz0ClH57n9hrJYuFMbGqveAdse2wuzc/MIrp+c+vTBd/Y3ASAwW8jtd1fvBg0l+/3OkLj/RlD+S3Tf+emBrJT82NTc73evgoc9tr/T5ZFn/T/010OvWAZvOT36gf63W//fc6FJDgK7z+Q/9q67/L7YpsuibMvDf1Przf7Dr7QC6r1X/v7qBbYBHS1lfhr6m/0P/Ksb7tXShpy0Bus3nP/Sltf+KfyOJ8lDrVcOxvHAMb04ztraoqyeJdGTVk9q3bmSr/L8ptC0ThdVep9hwjA3F8jID0ZN9cWZPxw/+cvZd+U439fuV+2k+XN+EN6q75yEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDN8m8AAAD//2Kk19c=") 2.378770079s ago: executing program 2: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000140)=ANY=[], 0x11, 0x693, &(0x7f0000000880)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVQQEYkdK4VwSUAIBalCVThwthqnseKkwXFR2gNxAYkrB/6AcggXOIEQEhJSpHKGW8XN4lQJiUtPaQ8MmtlZe+3u2ptXO/TziWaf55ln5pnf/OZlXyJrAnxuXTiR9t10cuHEa7eq9sadhZWNOwvXevUkk0laSbtbpLieFB8k59Od8oVqZjNcMWw7v14+e/HDjzc+6rba2RqveukMD7A9yl6sN1Nmk4w15UPYNt4bDzbe5Fa12MxMlbDjvcTBfhtPUm7z46NbPYOUY32Nodc78PQouu+bfbrX/0xyKMlU7w1tvdvZevIR7um+7kXrjy8OAAAAODAO37ud3Mr0fscBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT5Pm+f9FM7V69dkUvef/T/Q9Y39in8MdbvfIpnqVu60nEQwAAAAAAAAAPF5fupffXSzL6V67LOr/83+5bhypX5/J27mZpazmZG5lMWtZy2rmk8z0DTRxa3FtbXW+t+anZVkOWfP0wDVPjxhw51HsNQAAAAAAAAD83zjXlD/LhUzvcywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBNkYx1i3o60qvPpNVOMpVkolpuPflHr/40u7vfAQAAAMATcPhe7uVWpnvtsqi/8x+tv/dP5e1cz1qWs5aVLOVS/VtA91t/a+POwsrGnYVr1fTZcb/9n636H6f3DKMeMd3fHgZv+Vi9RCeXs1zPOZk38lZWcimtes3KsV48g+N6r4qpONdVlqMl6FJTVnv+q6Y8GGbqjIxvZmSuia3KxrO7Z6L/6DzAlubT2vzl58h95Pzcrlsp/ts7Jod6c5Jnvr93zsfva2ceys5MnO47+47unonkK3/6/Y+urFy/eqVYP3FwTqP7MPmvratmZyYW+jLx4siZuHzz6czETq28sFm/kO/lhzmR2bye1SznJ1nMWpYym+/WtcXmfK5eZ3bP1Pltrdf3imKiOS5jO2L68uFuuVtML9frTmc5P8hbuZSlvFr/O535fCNnciZn+47wCyNc9a0BV/2fhwd//KtNpZPkl015MFR5fbYvr/333Jm6r39OK+Vkd73nHtm9cVP7i02lOhI/b8qDYTMTU9l8l+hF93wvA+MDM/Gb+rZyc+X61dUrizd2jFusD97eK9m++wfnRlKdL89VB6tubT87qr7nB/bN131HNvtaO/t+29ns2+tKnWg+w312pNN134sD+xbqvmN9fVuftz4ty7L7eQuAA+/Q1w5NdP7d+Xvn/c4vOlc6r019Z/Kbky9NZPxv499qz4290nqp+EPez0+z9zd0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTzffeffq4srK0uqOSlmWt4d0PZZK2sm2OX/9S98ySeqHAY0+YLX0+VZSz2mnqdxfYLcfbHfee9Ak/LM5Jk8k4Y+kMjX0/NlZ+aQsy4MR8yiVsnFQ4tmPyr7eloAn4NTatRunbr7z7teXry2+ufTm0vWzZ86cnTt75tWFU5eXV5bmuq/7HSXwOPR9AgcAAAAAAAAAAACeEqP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpxI+26KzM+dnKvaG3cWVqqpV99a8pMkrSTFbFJ8kJxPd8pM33DFsO2sJxc//Hjjo26r3Uz18q3d1hvNejNlNslYUw4wNWhmeXvYeEU9zo3h442o2NzDKmHHe4mD/fa/AAAA///tbhq7") truncate(&(0x7f0000000340)='./file1\x00', 0xfe0) truncate(&(0x7f00000000c0)='./file1\x00', 0x2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.625488507s ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) futimesat(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={{}, {0x0, 0x31a8eb60}}) 1.60042249s ago: executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c2337", 0x89}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c", 0x53}], 0x2}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendmsg$inet(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000000)="14fafa37bf25f04bda99eefbbdd8d76b8136ee6cfdee25bdb2d1873ce347c7b6", 0x20}, {&(0x7f0000000580)="c3e361cabaa484b0c035139c64932a377f926342f6b052b6a3b273c187a5e0c26fe049092a54eb9b6be2ac2df69e6a36fad43d88851aa162b6aa0d4734e36aad318ea99586ca9f642920068473af2e996703149f0c13bcfae9beeb8d0db1a62525fe8d35518c4f382090dae83362e60a49eb899e5a2a", 0x76}, {&(0x7f0000000800)="8434335f698d91a2a3efe5291f7ebbc2424bb7ee30459376efe5541dc546f93c4ad4f9343e78f0ab4905fd5197956540e7a587c2be6b3d04eb4e90b3f388e9a908", 0x41}, {&(0x7f0000000980)="dfc56286b56ecc486c04bc14504d983be1f4ef618879be74e47bb41ea0ec8db85da5cfdb43e07b8cc7860bc152943651075c35a9e715afc516b3c84a77236602539578c21fa41ba1a52740bba9669431751337c09fb0f778ede72a7ea175b5a4b75731f0995db9a4c6b3697af718c4bd83bc52de", 0x74}], 0x4}, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 1.313720585s ago: executing program 3: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000b00), r0) sendmsg$NLBL_CALIPSO_C_ADD(r1, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000500)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001000200000008000200020000000800020002000000080002"], 0x44}}, 0x0) 1.306387797s ago: executing program 2: syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x8000, &(0x7f0000000040)=ANY=[@ANYRES64=0x0, @ANYRESDEC=0x0, @ANYRES64, @ANYRES32=0x0, @ANYRESOCT=0x0], 0x3, 0x276, &(0x7f00000008c0)="$eJzs3E9LHGccB/DfdlddhbIeCtJS6JReelrU0rtSFEoXWlqWUumhUldadqzggrB78M+pb6Kl76A55hrIIeSSQ95ACAQTyCXeQghscHc1KquzMeiG+Plc5mH8fef3zDjMKOw+v326Vl9Zb6zu7+9FsZiLwlzMxYuIyfgg8tG1EwDA++R5ux3P2l3DngsAcDW8/wHg+hnw/f9Dd7N9VdMCAC6R//8B4Pr56Zel7+YrlYUfk6QYsfb3ZnWz2tmO9wpW489IoxbTUYqXEe0j3fHit5WF6eTA48morm338tub1e6nB+cP8zNRisl++dzCTNJ1Mj8SE738g4moxWyU4qP+/Wf75kfjyy+O9S9HKe7/HuuRxkocZF/nt2aS5JvvK0kU4lh+rFPXMd730vl7CQAAAAAAAAAAAAAAAAAAAACACysnR/qu31Mun/Xzbn7+7PWBiifXBzq9Pk8hPimEZQcBAAAAAAAAAAAAAAAAAAAgIhrNVn05TWsb5w3+uvv/7aya5t69nZ+zalr1XK9vdtPLHnz4+aN/zq7ZzWVfn1xGi3zvGG84sVufndrza36A4+R2BmhR7F397GnkM6Z6Z++Pj79qTH3dvyYfQ/idjpx3az0tRfRN7b519xtDvY0PzzqzeOrfueWbWw+fDHrkk8+JpbFLfhABAAAAAAAAAAAAAAAAAACd77cXLxK8UAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k2NZqu+nKa10Wi2/os0rW0c7jl3sDhAzdFg2OcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACvAgAA///E5ZZq") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0) 1.303906097s ago: executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b3d090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f350768090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07420936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006) 1.08914138s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendto$llc(r1, &(0x7f0000000d80)="5ca02049a8825024892f61601e3137d09d6e5d0e54d55be9d6d460eb78e3eb94c0b3866b091d34dc3ed67172ae1e7f390d505c084609e4491d372fe4888a3c3e660cc6fc3fd9b97c6c923389653eb074d96a3f1768e30f818adf94780feeab011de24785dd6cf88777a7806c05d0ed88fa985d77aab6996fa1af1190d1620732d9f2f9712e1182b815f0d415c12e6c42021b43e26578db3f2b475ea0ebb199323d", 0xfffffda9, 0x0, &(0x7f0000000380), 0x10) 1.040428198s ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000003540)={0xa, 0x0, 0x0, @mcast2, 0x80000000}, 0x1c) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 981.635457ms ago: executing program 2: syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x0, [{@empty}, {}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 854.449627ms ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x1}, 0x90) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000001a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x2, [{0x0, 0x2}, {}]}, @struct]}}, &(0x7f0000001b80)=""/227, 0x42, 0xe3, 0x5, 0xfffffffc}, 0x20) symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') r0 = socket$inet6_udp(0xa, 0x2, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000280), 0x18da00, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000008f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) syz_emit_ethernet(0x42, &(0x7f00000000c0)={@random="e1000000000a", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "0164ca", 0xc, 0x11, 0x0, @rand_addr=' \x01\x00', @local, {[], {0x0, 0xe22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) 821.086482ms ago: executing program 0: syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x20108c0, &(0x7f0000002ac0)=ANY=[@ANYRES8=0x0], 0x1, 0x6257, &(0x7f0000002b00)="$eJzs3U9vHGcdB/Df/vWf0NTqoSoRQm5aoKU0iZMSAgXaHuDApQeUK0rkulVECigJKK0s4spC4sCJVwBC4ogQR8SBF9ADV26cOBHJRgL1xKCxnyeZnezWTmzvrD2fj+TM/OaZ2X0m3x3vrndmnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4nvf/f5KJyKu/SwtWIr4TPQiuhELZb0cEQvLS3n9fkQ8FzvN8WxEDOYiyu13/nk64rWI+Ph0xNb2+mq5+OI++/GdP/79dz849fbf/jA4/98/3em9Pmm9u3d/9Z8/3zvYPgMAAEDbFEVRdNLb/DPp/X236U4BAFORn/+LJC8/8fWv//n2X2apP2q1Wq1WT6GuKsa7Vy0iYqO6TfmawcfxAHDMbMQnTXeBBsm/1foRcarpTgAzrdN0BzgSW9vrq52Ub6f6fLC8257PBRnJf6Pz4PqOSdO91M8xmdbjazN68cyE/ixMqQ+zJOffred/bbd9mNY76vynZVL+w91Ln1on59+r519zcvLvjs2/rXL+/cfKvyd/AAAAAACYYfnv/0sNf/47d/Bd2ZdP+/x3eUp9AAAAAAAAAIDDdtDx/x4w/h8AAADMrPK9euk3px8um/RdbOXyq52Ip2rrAy2TLpZZbLofAAAAAAAAAAAAANAm/d1zeK92IgYR8dTiYlEU5U9VvX5cB93+uGv7/kObNf1LHgAAdn18Ol/LP9hd0ImYj4ir6bv+BouLi0Uxv7BYLBYLc/n17HBuvliovK/N03LZ3HAfL4j7w6K8sfnKdlV7vV/eq71+e+V9DYvePjp2SNJ/ZkxobjBwAEhPUBFbnpFOmKJ4etKLDxjh+D+BlmKp6ccVs6/phykAAABw9IqiKDrp67zPpM/8u013CgCYivz8X/9c4EB1d0J7xOHcvlqtVqvV6ieqq4rx7lWLiNioblO+ZjAcPwAcMxvxSdNdoEHyb7V+RDzXdCeAmdZpugMcia3t9dVOyrdTfT5I47vnc0FG8t/o7GyXtx833Uv9HJNpPb42oxfPTOjPs1PqwyzJ+Xfr+V/bbR+m9Y46/2mZlP9w55K59sn59+r515yc/Ltj82+rnH//sfLvyR8AAAAAAGZY/vv/ks9/8y4DAAAAAAAAwLGztb2+mq97zZ//f27Meq7/PJly/p3HzX8hzcv/WMv571z/n0Iu83+ptl6vMn//rYfH/7+311d/f+dfn83T/eY/l2fynXbSI6KT7qnTT9Mn3rWxNge9YXlPg06310/n/BSDd+NG3Iy1uDCybjcdDw/bV0bay54ORtovjrT3H2m/NNI+SN87UCzk9nOxGj+Om/HOTnvZNrfH/s/v0V7s0Z7z7/n930o5/37lp8x/MbV3atPS/Y+6jxz31em4+3nzxud/eeHod6fe1UdsRu/BvtU3Ont0fZpo5//k1DB+envt1rm71+/cubUSaTKy9GKkySHL+Q92fuYe5P/SC7vt+fd+9Xi9/9HwsfOfFZvRn5j/C5X5cn9fnnLfmpDzH6afnP87qX388X+c8598/L/SQH8AAAAAAAAAAAAAAADg0xRFsXOJ6JsRcTld/9PUtZkAwHTl5/8iycvVarVarVafvLqqGO+NahERf61uU75m+Pm4GwMAZtn/IuIfTXeCxsi/xfL3/ZXTF5vuDDBVtz/48IfXb95cu3W76Z4AAAAAAAAAAE8qj/+5XBn/+cWIWKqtNzL+61uxfNDxP/t55sEAo4c80PcEm91hr1sZbvz52Bmf+9yk8b/PxqPjf+cxcXvV/ZhgsEf7cI/2uT3a58cufZjW2As9KnL+z1fGOy/zP1Mbfr0N47/Wx7xvg5z/2crjucz/S7X1qvkXv525/Df2u+JmdEfyP3/n/Z+cv/3Bh6/eeP/6e2vvrf3o0srKhUuXL1+5cuX8uzdurl3Y/fdoej0Dcv557GvngbZLzj9nLv92yfl/IdXyb5ec/xdTLf92yfnn13vyb5ecf37vI/92yfm/nGr5t0vO/8upln+7bG2vz5X5v5Jq+bdLPv6/kmr5t0vO/9VUy79dcv7nUi3/dsn5n0/1PvL39fAnSM4/f8Ll+G+XnP9KquXfLjn/i6mWf7vk/C+lWv7tkvN/LdXyb5ec/1dTLf92yflfTrX82yXn/7VUy79dcv5XUi3/dsn5fz3V8m+XnP83Ui3/dsn5v55q+bdLzv+bqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T830i1/Nvl4ff/mzEzCzO/ONwb7MWM7Ndxm2n6NxMAAAAAAAAAAAAAUDeN04mb3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1bjFx3fQfwM3vz2iHEQAhOamDjGGOcJbu+xBdaFxOuDVBuCYVesF3v2iz4htcugSLZNFAiYVRUgeo+tAWE2khVhVXxQCtK81D18lTaB/pSUVVCalSFKKAitRXNVjPn//97ZnZ2Ztcer2fP//OR7N/uzJk5Z86cmd3v2t89AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAze594+znakVR1P80/tpYFC+of7x+YmPjstfd6i0EAAAAbtT/Nf5+7o50waFl3Khpmb97xT9+c2FhYaH4wPCXR7+0sJCumCiK0XVF0bguuvrvH6w1LxM8XozXhpo+H+qx+uEe14/0uH60x/VjPa5f1+P68R7XL9oBi6wvfx7TuLOtjQ83lru0uLMYbVy3tcOtHq+tGxqKP8tpqDVuszB6vJgrThazxXTL8uWytcby3763vq63FXFdQ03r2lw/Qn70qWNxG2phH29tWde1+4x++IZi4sc/+tSxPz7/zN2dZs/d0HJ/5XZu31Lfzs+ES8ptrRXr0j6J2znUtJ2bOzwnwy3bWWvcrv5x+3Y+t8ztHL62mauq/TkfL4YaH3+3sZ9Gmn+sl/bT5nDZf99XFMWla5vdvsyidRVDxYaWS4auPT/j5RFZv4/6ofTiYmRFx+m9yzhO63Nma+tx2v6aiM//veF2I0tsQ/PT9MNPjy163ld6nEb1R73Ua6X9GOz3a2VQjsF4XHy38aCf6HgMbg2P/1Pblj4GOx47HY7B9LibjsEtvY7BobHhxjanJ6HWuM21Y3Bny/LDjTXVGvPpbd2Pwanzp85OzX/ik6+dO3X0xOyJ2dO7d+6c3r137/79+6eOz52cnS7/vs69Pfg2FEPpNbAl7Lv4Gnh127LNh+rCV/v3Ohzv8jrc2LZsv1+HI+0PrrY6L8jFx3T52nikvtPHLw8VS7zGGs/Pjht/HabH3fQ6HGl6HXb8mtLhdTiyjNdhfZmzO5b3PctI059O23CzvhZsbDoG278faT8G+/39yKAcg+PhuPjXHUt/LdgctveJyZV+PzK86BhMDze899QvSd/vj+9vjE7H5T31K24bKy7Mz5574LGj58+f21mEsSpe0nSstB+vG5oeU7HoeB1a8fF6aO4VT9zT4fKNYV+Nv7b+1/iSz1V9mT0PdH+uGl/dOu/Plkt3FWH02Wrvz05fzev7M2XJLvuzvsxnpm78e/GUS5vef0eXeP+Nuf/5cn3prh4fHh0pX7/Dae+Mtrwftz5VI433rlpj3c9NLe/9eDT8We334zu7vB9valu23+/Ho+0PLr4f13r9tOPGtD+f4+E4OTnd/f24vsymXSs9Jke6vh/fF2Yt7P/XhKSQclHTsbPUcZvWNTIyGh7XSFxD63G6u2X50ZDN6ut6ctf1Hafb7yvvazg9umtW6zidaFu238dper9a6jit9frp2/Vpfz7Hw3Fx5+7ux2l9maf23Ph75/r4YdN751ivY3B0eKy+zaPpICzf7xfWx2PwgeJYcaY4Wcw0rh1rHE+1xromH1zeMTgW/qz2e+WmLsfg9rZl+30Mpq9jSx17tZHFD74P2p/P8XBcXHmw+zFYX+ZN+/r7vev2cElapul71/afry31M6972nbTzfyZV307/2Zf95/N1pc5uX+lObP7fro/XHJbh/3U/vpd6jU1U6zOftoUtvOZ/Uvvp/r21Jf50oFlHk+HiqK4+LGHGj/vDf++8ucXvvfNln936fRvOhc/9tCztx//25VsPwBr3/Pl2FB+rWv6l6nl/Ps/AAAAsCbE3D8UZiL/AwAAQGXE3B//V3gi/wMAAEBlxNw/EmaSSf7f9KZn5p6/WKRm/kIQr0+74eFyudhxnQ6fTyxcU7/8oa/P/uQvLy5v3UNFUfz04d/suPymh+N2lSbCdl59c+vli294cVnrP/LoteWa++tfCfcfH89yD4NOFdzpoii+fccXGuuZ+ODlxnzq4SON+d5LTzxeX+a5A+Xn8fZPv6Rc/g9C+ffQ8aMtt3867IcfhDn99s77I97uG5dfs3nf+6+tL96utuWFjYd95UPl/cbfk/PFx8vl435eavv/6vNPfqO+/GOv6rz9F4c6b/+T4X6/Hub/vLxcvvk5qH8eb/fZsP1xffF2D3ztOx23/+rnyuXPvqVc7kiYcf3bw+db3/LMXPP+eqx2tOVxFW8tl4vrn/7e7zSuj/cX7799+8cPX27ZH+3Hx1P/XN7PVNvy8fK4nugv2tZfv5/m4zOu/8nfPtKyn3ut/+p7n355/X7b139/23LDbbdv/41Nf/jZL3RcX9yeQ392tuXxHHpPeB2H9V/5UDgew/X/e/ULLeuNjryn9f0nLv+VjRdbHk/0th+X67/6+hON+R8TP/n9215w+wsvvbK+74riu+8r76/X+k/80ZmW7f/qXTsaz0e8Pnb029e/lLj+cx+fPH1m/sLcTNNebfzunHeU27NufP2G+vbeEd5b2z8/fOb8h2fPTUxPTBfFRHV/hd51+1qYz5bj0kpvv+PR8Hze83vf3rDtnz4fL/+XR8rLL7+9/Lr16rDcF8PlG8vnb6F2g+u/cu9djdd37any85Yeex9s3vqf+5e1YHj87d8XxOP97Es/3NgP9esaXzfi6/oGt//7M+X9fCvs14Xwm5m33HVtfc3Lx9+NcPl95ev9hvdfeJuLz+ufhOf7nT8o7z9uV3y83w/fx3xnU+v7XTw+vnVxqP3+G7/F41J4PykuldfHpeL+vvzcXR03L/4ekuLS3Y3Pfzfdz90rephLmf/E/NTJudMXHps6Pzt/fmr+E588fOrMhdPnDzd+l+fhj/S6/bX3pw2N96eZ2b17iun1RVGcKaZX4Q3r5mx//aPlbf/ZR4/N7JveNjN7/OiF4+cfPTt77sSx+fljszPz244ePz778V63n5s5uHPXgd37dk2emJs5uP/Agd0HJudOn6lvRrlRPeyd/ujk6XOHGzeZP7jnwM4HH9wzPXnqzMzswX3T05MXet2+8bVpsn7r35g8N3vy6Pm5U7OT83OfnD2488Devbt6/jbAU2ePz09MnbtweurC/Oy5qfKxTJxvXFz/2tfr9lTT/L+V38+2q5W/iK941/170+9nrfv6p5e8q3KRtl8g+kz4XTT/8KKz+5fzecz9o2EmmeR/AAAAyEHM/WNhJvI/AAAAVEbM/evCTOR/AAAAqIyY+8fDTDLJ//r/+v/L6/+X1+v/59X/P/uxsle61vv/sT+v/5+HW9z/v+H16//f1P7/SM8N0P+/pf35tb79+v/6/yw2aP3/mPvXF0WW+R8AAAByEHP/hjAT+R8AAAAqI+b+28JM5H8AAACojJj7XxBmkkn+z6H//+4Oi62w/7+rV+Gqj/3/x+4cyP7/mjn///pC/1//v7n/H58c/f9srLh///5HWj7V/w+q2f/vTf9f/1//X/+fPhpd8ppb1f+Puf/2MJNM8j8AAADkIOb+F4aZyP8AAABQGTH33xFmIv8DAABAZcTcvzHMJJP8n0P/vxPn/69s/9/5//X/+3v+/6aN0f9fGwbj/P/r1lj/f+y2RRfp/6+w/z+u/78W+/+j/d3+we7/99x8/X9uikE7/3/M/S8KM8kk/wMAAEAOYu5/cZiJ/A8AAACVEXP/S8JM5H8AAACojJj77wwzyST/6//r/+v/6//r/3def+/z/5cf6f8PlsHo/zv/f379f+f/L9Zi/7/P2z/Y/f9+n/9/9M3tt9f/p5NB6//H3P/SMJNM8j8AAADkIOb+u8JM5H8AAACojJj7XxZmIv8DAABAZcTcvynMJJP8r/+v/6//r/+v/995/b37/yX9/8Gi/9+d/n8P+v/6//r/y+v/d/jmV/+fTgat/x9z/91hJpnkfwAAAMhBzP33hJnI/wAAAFAZMff/TJiJ/A8AAACVEXP/5jCTTPK//r/+v/5/Xv3/+8f0//X/q03/vzv9/x70//X/9f+Xef7/xVbS/1/X686ojEHr/8fc//Iwk0zyPwAAAOQg5v5XhJnI/wAAAFAZMfe/MsxE/gcAAIDKiLl/Iswkk/yv/1+t/v+f/vWVVxb6//r/PdZf0f5/PAz0/zOn/9+d/n8P+v/6//r/q9L/Jx+D1v+Puf/eMJNM8j8AAADkIOb+LWEm8j8AAABURsz994WZyP8AAABQGTH3bw0zyST/6/9Xq/8f6f/r/3dbf0X7/4n+f970/ztoepHq//eg/6//n33/P373q/9Pfwxa/z/m/leFmWSS/wEAACAHMfdvCzOR/wEAAKAyYu5/dZiJ/A8AAACVEXP/9jCTTPK//r/+v/6//r/+f+f16/+vTfr/3a20/z+m/6//r/+fWf/f+f/pr0Hr/8fc/5owk0zyPwAAAOQg5v4dYSbyPwAAAFRG/P+b5f97lf8BAACgimLunwwzyST/6//r/+fU/6/p/+v/6/9Xnv5/d87/34P+v/6//r/+P301aP3/mPtfG2aSSf4HAACAHMTc/0CYifwPAAAAlRFz/1SYifwPAAAAlRFz/3SYSSb5X/9f/z+n/r/z/+v/6/9Xn/5/d/r/Pej/6/9Xrf9fFPr/3FKD1v+PuX9nmEkm+R8AAAByEHP/rjAT+R8AAAAqI+b+3WEm8j8AAABURsz9e8JMMsn/+v/6//r/+v/6/53Xr/+/NnXr3395GbfX/w/0//X/9f+r0f93/n9usUHr/8fc/2CYSSb5HwAAAHIQc//eMBP5HwAAACoj5v59YSYh/3f6f90AAADA2hJz//4wk0z+/V//vyL9/9/6+5Z16//r/3dbf3/6/+v1/8PU/x8sFT3/f/vL4rqtzf7/8+nx6//r/w/y9uv/6/+z2KD1/2PuPxBmkkn+BwAAgBzE3P+6MBP5HwAAACoj5v6fDTOR/wEAAKAyYu7/uTCTTPK//n9F+v9t9P/1/7ut3/n/9f+rrKL9/75Zm/3/Jc7/P6T/r/8/WNuv/7+c/v+6XndDxdz8/n/8aHn9/5j7D4aZZJL/AQAAIAcx9/98mIn8DwAAAJURc//rw0zkfwAAAKiMmPsPhZlkkv/1//X/9f/1/29O///1RbtB7P/XDx79/2rR/++uUv1/5//X/x+w7df/d/5/Fhu08//H3P+GMJNM8j8AAADkIOb+h8JM5H8AAACojJj73xhmIv8DAABAZcTc/6Ywk0zy/1rs/492fUD6/4X+v/5/j/U7/7/z/1eZ/n93+v896P/r/+v/6//TV7eu/7+u4/Ux9785zCST/A8AAAA5iLn/LWEm8j8AAABURsz9bw0zkf8BAACgMmLuf1uYSSb5fy32/53/X/9f/1//v9D/1/9fgv5/d/r/Pej/6//r/+v/01eDdv7/mPt/Icwkk/wPAAAAOYi5/+EwE/kfAAAAKiPm/reHmcj/AAAAUBkx978jzCST/K//r/+v/6//r//fef36/2uT/n93+v896P/r/+v/6//TV4PW/4+5/51hJpnkfwAAAMhBzP2/GGYi/wMAAEBlxNz/rjAT+R8AAAAqI+b+d4eZZJL/9f/1/wer/79wsfl2+v/6/0W/+v/1G+n/Z0H/vzv9/x469P/X6f/r/+v/6/9z3Qat/x9z/3vCTDLJ/wAAAJCDmPvfG2Yi/wMAAEBlxNz/vjAT+R8AAAAqI+b+R8JMMsn/+v9Z9v/TQx68/r/z/+v/O/+//v+N0f/vTv+/B+f/1/9fk/3/0TA/Ohm/Nun/MygGrf8fc/+jYSaZ5H8AAADIQcz97w8zkf8BAACgMmLu/6UwE/kfAAAAKiPm/g+EmWSS//X/s+z/D/D5/6vW/x9pOT5y6v+PNz2f6bjU/9f/XwX6/93p//eg/6//P8j9/3A0r1/i9s7/zyAatP5/zP0fDDPJJP8DAABADmLu/+UwE/kfAAAAKiPm/l8JM5H/AQAAoDJi7v/VMJNM8r/+v/6//r/z/zv/f+f16/+vTfr/3en/96D/n0//f6T/23/rzv9f0v9nEA1a/z/m/l8LM1ky+D37X8t4mAAAAMAAibn/Q2Emmfz7PwAAAOQg5v7DYSbyPwAAAFRGzP1Hwkwyyf/6/+39/3hGVf1//X/9f/1//f+1qH/9/5fdXhT6//r/+v+V7f/fhO0f3P7/laIo9P+5NQat/x9z/9Ewk0zyPwAAAOQg5v5fDzOR/wEAAKAyYu4/FmYi/wMAAEBlxNw/E2aSSf5f7f5/U693dDD7/87/f739/5/q/+v/B/r/nen/rw7n/+9O/78H/X/9/0r2/53/n1tn0Pr/MffPhplkkv8BAACgwtKPg2PuPx5mIv8DAABAZcTcfyLMRP4HAACAyoi5/8NhJpnkf+f/1/93/v9b0f8faVle/7+k/6//3w/6/93p//eg/6//r/+v/09fDVr/P+b+uTCTTPI/AAAA5CDm/o+Emcj/AAAAUBkx9380zET+BwAAgMqIuf9kmEkm+V//X/8/9/5/rSguOf+//n+n9ev/r036/91dd/+/Vr5U9P/1/7vR/9f/1/+n3f+zdx9Ndp3VHoePr5V6dP0RGDNiaI/sAR+AYgYjKMYmmhxskzOYaDIYMBlMjgaTc87Z5BxNMIaiKbfXWlLrnN5bUh+ds/f7Ps/griuVRR/hxtQf1a/eqfX/ufsvj1s62f8AAADQg9z9941b7H8AAABoRu7++8Ut9j8AAAA0I3f//eOWTva//l//33v/v9jK+//7//r2+/87/g7p//X/m7DU3x9Z/dcdFIUf2P/f5eIr7tVt/3+d9//1//p//b/+n3Mytf4/d/8D4qZj5/w7BAAAAKYmd/8D45ZO/vwfAAAAepC7/0Fxi/0PAAAAzcjdf0Xc0sn+1//r/1f1/5cu9P/d9v83ef9f/z9v3v8fds7v/4fN9P8X7+7u6v9X0f9P+/Pr//X/LJta/5+7/8FxSyf7HwAAAHqQu/8hcYv9DwAAAM3I3f/QuOWibX0iAAAAYN1y9z8sbunkz//1//p/7//Ppf8/NuP3/+P7Qf+v/98A/f+wefT/3v/X/8/z8+v/9f8sO/v+/8B/bK+l/8/d//C4pZP9DwAAAD3I3f+IuMX+BwAAgGbk7n9k3GL/AwAAQDNy9z8qbulk/+v/9f/6/7n0/xt6/38N/f9e8Kz/X6L/34zrFif/maD/X6b/HzHS/y8W+v8hZ9zPr/7tzefzH2B+/f8lx0/9kf6f8+Hs+/8D/6XW0v/n7n903HLZYnHsXH+TAAAAwKTk7n9M3NLJn/8DAABAD3L3Xxm32P8AAADQjNz9V8Utnex//b/+X/+v//f+/+qvr/+fJ+//Dzt8/3/niy6/T7/9v/f/h3n/f939/+3fGU2+/y+z7sjU+v/c/VfHLZ3sfwAAAOhB7v7Hxi32PwAAADQjd//j4hb7HwAAAJqRu//xcUsn+1//31r/f+G+X3dK/79Xu+j/597/31X/r//X/4/Q/w/z/v+IvX/M7dQP9f/6/7bf/9/P+/+cD1Pr/3P3PyFu6WT/AwAAQA9y9z8xbrH/AQAAoBm5+58Ut9j/AAAA0Izc/U+OWzrZ//r/1vr//b/O+/+t9f+Hf///hP5f/984/f8w/f+N/733PQc+QCvv/5/jd822+/nD2vbn1//r/1k2tf4/d/9T4pZO9j8AAAD0IHf/U+MW+x8AAACakbv/aXGL/Q8AAADNyN3/9Lilk/2v/9f/z6P/z6+g//f+//nv/5P+f570/8P0/yNa6f/P0bb7+bl/fv2//p9lU+v/c/c/I27pZP8DAABAD3L3PzNusf8BAACgGbn7nxW32P8AAADQjNz9z45bOtn/+n/9/zz6f+//6/+9/6//PzP6/2H6/xH6f/2//l//z1pNrf/P3X9N3NLJ/gcAAIAe5O5/Ttxi/wMAAEAzcvc/N26x/wEAAKAZufufF7d0sv/1//p//b/+X/+/+uvr/+dJ/z9M/z9C/6//1//r/1mrCfX/p/yqE4vnxy2d7H8AAADoQe7+F8Qt9j8AAAA0I3f/C+MW+x8AAACakbv/2rilk/2v/59M/7+X87XV/+8sFgv9/6LT/n/nlL+f9X2p/9f/b4D+f5j+f4T+X/+v/9f/s1YT6v/3fpy7/0VxSyf7HwAAAHqQu//FcYv9DwAAAM3I3f+SuMX+BwAAgGbk7n9p3NLJ/tf/T6b/39NW/+/9/9O/P3rq/73/v0z/vxn6/2H6/xH6f/2//l//z1pNrf/P3f+yuOnY0XP+LQIAAAATk7v/5XFLJ3/+DwAAAD3I3f+KuMX+BwAAgJm6Zulncve/Mm7pZP/r/9fb/x875ef0//r/078/9P/6f/3/+af/H6b/H6H/1//r//X/rNXU+v/c/a+KWzrZ/wAAANCD3P3XxS32PwAAADQjd/+r4xb7HwAAAJqRu/81cUsn+1//7/1//b/+X/+/+uvr/+dJ/z9M/z9C/39gP38mT2Pr/w/d/x8/+f/q/2nDWfT/u7u7V573/j93/2vjlk72PwAAAPQgd//1cYv9DwAAAM3I3f+6uMX+BwAAgGbk7n993NLJ/tf/d9r/57f6vPr/qxYL/b/+X/+v/x+m/x+m/x+h//f+v/f/9f+s1dTe/8/d/4a4pZP9DwAAAD3I3f/GuMX+BwAAgGbk7n9T3GL/AwAAQDNy9785bulk/+v/O+3/vf+v/9f/b7r/v22h/9+IWfT/Owd//an3/1fr//X/A7rr/+92yb4f6v/1/yybWv+fu/8tcUsn+x8AAAB6kLv/rXGL/Q8AAADNyN3/trjF/gcAAIBm5O6/IW460sn+1//r//X/+n/9/+qvv+H3/48tFgv9/xrMov8fMPX+fz3v/5/+n/KT9P/6/zl/fv2//p9lU+v/c/e/PW7pZP8DAABAD3L3vyNusf8BAACgGbn73xm32P8AAADQjNz974pbOtn/+n/9v/5f/998/3/1LPp/7/+vif5/2DT6/4Pp//X/c/78+n/9P2fuLPr/nfwle//3kP1/7v53xy2d7H8AAADoQe7+98Qt9j8AAAA0I3f/e+MW+x8AAACakbv/fXFLJ/tf/6//P5v+Pz+n/r+t/v/45Pr/E/v+9Tp5/1//vyb6/2H6/xH6f/2//v8a/T/rNLX3/3P3vz9u6WT/AwAAQA9y938gbv1Pt/Y/AAAANCN3/wfjFvsfAAAAmpG7/0NxSyf7X/+v//f+v/6/+ff/9f9d0f8P0/+P0P/r//X/3v9nrabW/+fuvzFu6WT/AwAAQA9y9384brH/AQAAoBm5+z8St9j/AAAA0Izc/TfFLZ3sf/2//l//r//X/9/x91D/3wb9/7DN9P87+n/9f/XzF8R/CvT/+v+xX0+bptb/5+7/aNzSyf4HAACA1hxd8XO5+z8Wt9j/AAAA0Izc/R+PW+x/AAAAmKUjK34ud/8n4pZZ7v9VFfow/b/+X/+v/9f/r/76+v952kr/n98U+n/v/4d++v877fvR3N7/P/2/vy5c6P/1/6zb1Pr/3P2fjFtmuf8BAACAVXL3fypusf8BAACgGbn7Px232P8AAADQjNz9n4lbOtn/+n/9v/5f/6//X/319f/z5P3/Yfr/Efr/rb6fP/fPr//X/7Nsav1/7v7Pxi2d7H8AAADoQe7+z8Ut9j8AAAA0I3f/5+MW+x8AAACasbf7My7rcP/r//X/+n/9v/5/9dfX/8+T/n+Y/n+E/l//r//X/7NWU+v/v7D3q04svhi3dLL/AQAAoAe5+78Ut9j/AAAA0Izc/V+OW+x/AAAAaEbu/q/ELZ3sf/2//n8e/f/u7u6V+v9V/f8FC/3/DXe/ecb9/7X6/zXT/w/T/4/Q/+v/J9//n/7fkifp/5miqfX/ufu/Grd0sv8BAACgB7n7vxa32P8AAADQjNz9X49b7H8AAABoRu7+b8Qtnex//f8E+v8T+n/v/3v/f+H9f/3/muj/h+n/R7TY/58489/+tvv5w9r25/f+v/6fZVPr/3P3fzNu6WT/AwAAQA9y938rbrH/AQAAoBm5+78dt9j/AAAA0Izc/d+JWzrZ//r/zfX/t/9718v7/zuL1Z9/u/3/Bfp//b/+vwP6/2H6/xEt9v9nYdv9/Nw/v/5f/8+yqfX/ufu/G7fsH35Hz+53CQAAAExJ7v7vxS2d/Pk/AAAA9CB3//fjFvsfAAAAmpG7/wdxSyf7X/8/gff/G+z/vf+/+vtD/z/p/v//Dtv/n1b5LtH/b4b+f5j+f4T+X/+v/19T/5/fzfr/3k2t/8/d/8O4pZP9DwAAAD3I3f+juOWynW19JAAAAGDNcvf/OG7x5/8AAADQjNz9N8ctp+z/VW13K/T/+n/9v/5f/7/663v/f570/8POtP8/vjhc/5/0//p//X+v/b/3/7nDhvv/q8b6/9z9P4lb/Pk/AAAAzM7RA34+d/9P4xb7HwAAAJqRu/9ncYv9DwAAAM3I3f/zuOWWsZec26D/1//r/0f6/1vjG1z/r//X/8+C/n+Y9/9H6P/X0c9fqv9vo/9fLPT/HN6G+//RH+fu/0Xc4s//AQAAoBm5+38Zt9j/AAAA0Izc/b+KW+x/AAAAaEbu/l/HLZ3sf/2//v+Q/f9emtl0/+/9f/1/0P/Pg/5/2Pb7/+sHv6z+v4n+3/v/jfT/3v9nHabW/+fu/03c0sn+BwAAgB7k7v9t3GL/AwAAQDNy9/8ubrH/AQAAoBm5+38ft3Sy/7fW/8e/1fr/2ff/7b//P9j/7y70//p//f+06P+Hbb//H6b/1//P+fPr//X/LJta/5+7/w9xSyf7HwAAAHqQu/+PcYv9DwAAAM3I3f+nuMX+BwAAgGbk7v9z3NLJ/vf+v/5f/+/9f/3/6q+v/58n/f8w/f9q9TdK/6//1//r/1mrqfX/ufv/Erd0sv8BAACgB7n7/xq32P8AAADQjNz9t8Qt9j8AAAA0I3f/3+KWJvb/kdG/Qv8/y/6/8mj9v/5f/6//Zz/9/7Bt9v/3+P/xL+v9/633//kR9P/6f/0/azG1/j93/9/jlib2PwAAAHC73P3/iFvsfwAAAGhG7v5/xi32PwAAADQjd/+tcUsn+3+k/z9ef6H+f5D3//d/fv3/6u8P/b/+X/9//un/h3n/f4T+3/v/+n/9P2s1tf4/d/+/4pZO9j8AAAD0IHf/bXGL/Q8AAADNyN3/77jF/gcAAIBm5O7/T9zSyf73/v+c+v9L9f/6f/2//l//P0L/P0z/P0L/r//X/+v/Waup9f+5+/8XAAD//2gJTCE=") r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 738.764385ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7d}, @printk={@u, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='timer_start\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000200)) 591.941808ms ago: executing program 2: mkdir(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r0 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f00000002c0)='./file0\x00', 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) shutdown(r1, 0x1) r2 = dup(r1) r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}}) 566.127762ms ago: executing program 1: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000580)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqa0XlFa9xO2h6BBKcA+h0Iuw5Vh4rQRJKUoorfp+7SF/QHrQodBLC70bUuip7S30JnoogUIvOemmMrOz0sp6ya6sF6v5fMzsPDPP6/x25hnNLmYDfG7NXk/zUYrMXn99tdzeWJ9qbaxPXaizW0nKdCNptlcpFpPio+RW2ku+WO6syxcH9fPBwsztjz/d+KS91ayXqnzjsHq9WauXjCUZqNd7DR6pvTsHtne4ue1UsX2EZcCudQIHZ21rj7V+qj/hdQs8DYr2fXOP0eRikuH674DUs0PjdEd3/Pqa5QAAAOCcemYzm1nNpbMeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJwnxe5ko14XYyk6v/8/1FWsTN9unNVg+7J1Yb+9j05/IAAAAAAAAABw7L68mc2s5lJne6v9zf7L1evl6vULeTfLmc9SbmQ1c1nJSpYykWS0q6Gh1bmVlaWJHmpO7ltz8mjj/+PRqgEAAAAAAADA/5ufZ3bn+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgaFMlAe1Utlzvp0TSaSYaTDJXl1pJ/dNLnRLHfzkenPw4AAAB4IsNHqPPMZjazmkud7a2ieua/Wj0vD+fdLGYlC1lJK/O5Wz9Dl0/9jY31qdbG+tTDjfWpquMfbrW12/n2f/saRtVi2p897N/zi1WJkdzLQrXnRu5Ug7mbRlWz9GI9nu1ldyc/K8c08lqtx5HdrddlZ7896FOE49Dot8JoVWlwOyLj9djKhp49PBKf+e40D+1pIo3tT34uH9JT55CKPmN+sVMvya8fi/lr//79D3ps5gRsR6KRKhKTXWff1cNjnnzlz394835r8cH9e8vXT+w0Oi2PnxNTXZF44VxHotln+fEqEle2t2fz3Xw/1zOWN7KUhfwoc1nJfOqZMXP1+Vy+jnZFKdkTqVu7tt74rJEM1e9LexbtZUxjuVCl5vJyVfdSFlLk7dzNfF6t/k1mIt/IdKYz0/UOXznwHa6OrZppG/1d9de+mp1L/TflTN1bveSvvRbsX/uWWsb12a64ds+5o1Ve956dKD3Xw/2oz7mx+aU6Ufbxi6PcNk7M45GY6IrE84dH4nfVtbHcWnywdH/unQPaX3ts+5XBnfSvTvLO3LfyfHkuw/VMsvvsKPOe355ldsdrqP7GpZ3X2JN3pcoris6V+r19rtQy4jNV6av7tjRZ5b2wN2+gHvk//9WVt+vvrbz9t7OJJwB9uvi1i0Mj/xn5+8iHI78cuT/y+vB3LnzzwktDGfzL4Lea4wOvNF4q/pQP85Od538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODolt97/8FcqzW/tH+icXDW8SaK+od8DirTzEhOYRinmSiStWNvOWd/XD0kOj8i+KTtvHnrqTicc50YSFLv+Wmyc/7Ub9FRflwUOBdurjx85+bye+9/feHh3Fvzb80vDk5Pz4zPTL86dfPeQmt+vP161qMETsLO3wNnPRIAAAAAAAAAAACgV6fxPw26uhs7w0MFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqnZ62kOpsjE+I3xcntjfapVLp30TslmkkYjKX6cFB8lt9JeMtrVXHFQPx8szNz++NONT3baanbKNw6r15u1eslYkoF6vcfQ0dq7c1B7PSu2j7AM2LVO4OCs/S8AAP//tyUHyQ==") removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000f40)=ANY=[@ANYBLOB="6f73782ea686fe95511a68c72a4d5e98e6919f181affd979edf304460bf63c2cce31a76455c965ea9314b97d5d67553a5352fc8046857a7562132607ca648d623b1fd5ed8c6e7c14b69cbf7641852ae8e4866e8c336a4f28e7496a0d4d139d166810351e9f167f1b84db576b17e389ff552dd5083347e8f9c94099fa07d8ed741bbb69805c50"]) 548.734305ms ago: executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5380, 0x0) 404.812108ms ago: executing program 2: syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000140)=ANY=[], 0x11, 0x693, &(0x7f0000000880)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVQQEYkdK4VwSUAIBalCVThwthqnseKkwXFR2gNxAYkrB/6AcggXOIEQEhJSpHKGW8XN4lQJiUtPaQ8MmtlZe+3u2ptXO/TziWaf55ln5pnf/OZlXyJrAnxuXTiR9t10cuHEa7eq9sadhZWNOwvXevUkk0laSbtbpLieFB8k59Od8oVqZjNcMWw7v14+e/HDjzc+6rba2RqveukMD7A9yl6sN1Nmk4w15UPYNt4bDzbe5Fa12MxMlbDjvcTBfhtPUm7z46NbPYOUY32Nodc78PQouu+bfbrX/0xyKMlU7w1tvdvZevIR7um+7kXrjy8OAAAAODAO37ud3Mr0fscBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT5Pm+f9FM7V69dkUvef/T/Q9Y39in8MdbvfIpnqVu60nEQwAAAAAAAAAPF5fupffXSzL6V67LOr/83+5bhypX5/J27mZpazmZG5lMWtZy2rmk8z0DTRxa3FtbXW+t+anZVkOWfP0wDVPjxhw51HsNQAAAAAAAAD83zjXlD/LhUzvcywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBNkYx1i3o60qvPpNVOMpVkolpuPflHr/40u7vfAQAAAMATcPhe7uVWpnvtsqi/8x+tv/dP5e1cz1qWs5aVLOVS/VtA91t/a+POwsrGnYVr1fTZcb/9n636H6f3DKMeMd3fHgZv+Vi9RCeXs1zPOZk38lZWcimtes3KsV48g+N6r4qpONdVlqMl6FJTVnv+q6Y8GGbqjIxvZmSuia3KxrO7Z6L/6DzAlubT2vzl58h95Pzcrlsp/ts7Jod6c5Jnvr93zsfva2ceys5MnO47+47unonkK3/6/Y+urFy/eqVYP3FwTqP7MPmvratmZyYW+jLx4siZuHzz6czETq28sFm/kO/lhzmR2bye1SznJ1nMWpYym+/WtcXmfK5eZ3bP1Pltrdf3imKiOS5jO2L68uFuuVtML9frTmc5P8hbuZSlvFr/O535fCNnciZn+47wCyNc9a0BV/2fhwd//KtNpZPkl015MFR5fbYvr/333Jm6r39OK+Vkd73nHtm9cVP7i02lOhI/b8qDYTMTU9l8l+hF93wvA+MDM/Gb+rZyc+X61dUrizd2jFusD97eK9m++wfnRlKdL89VB6tubT87qr7nB/bN131HNvtaO/t+29ns2+tKnWg+w312pNN134sD+xbqvmN9fVuftz4ty7L7eQuAA+/Q1w5NdP7d+Xvn/c4vOlc6r019Z/Kbky9NZPxv499qz4290nqp+EPez0+z9zd0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTzffeffq4srK0uqOSlmWt4d0PZZK2sm2OX/9S98ySeqHAY0+YLX0+VZSz2mnqdxfYLcfbHfee9Ak/LM5Jk8k4Y+kMjX0/NlZ+aQsy4MR8yiVsnFQ4tmPyr7eloAn4NTatRunbr7z7teXry2+ufTm0vWzZ86cnTt75tWFU5eXV5bmuq/7HSXwOPR9AgcAAAAAAAAAAACeEqP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpxI+26KzM+dnKvaG3cWVqqpV99a8pMkrSTFbFJ8kJxPd8pM33DFsO2sJxc//Hjjo26r3Uz18q3d1hvNejNlNslYUw4wNWhmeXvYeEU9zo3h442o2NzDKmHHe4mD/fa/AAAA///tbhq7") truncate(&(0x7f0000000340)='./file1\x00', 0xfe0) truncate(&(0x7f00000000c0)='./file1\x00', 0x2) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 339.704467ms ago: executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) r2 = fcntl$dupfd(r0, 0x0, r1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r2) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r6}, 0x10) r7 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f00000005c0)) r8 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$EXT4_IOC_MIGRATE(r8, 0x6609) 335.909598ms ago: executing program 0: r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_QUERYMENU(r0, 0xc040564a, &(0x7f0000000140)={0x0, 0x0, @name="9f84e91da3aedc5a90a03372150d29fa00502f46023ab87b551659eb8e55e389"}) 333.511038ms ago: executing program 3: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000400)='./file0\x00', 0x8, &(0x7f0000000740)={[{@shortname_win95}, {@shortname_winnt}, {@rodir}, {@fat=@check_strict}, {@numtail}, {@uni_xlateno}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@fat=@usefree}, {@iocharset={'iocharset', 0x3d, 'macroman'}}]}, 0x1, 0x217, &(0x7f0000000480)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==") mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) 178.241693ms ago: executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendto$llc(r1, &(0x7f0000000d80)="5ca02049a8825024892f61601e3137d09d6e5d0e54d55be9d6d460eb78e3eb94c0b3866b091d34dc3ed67172ae1e7f390d505c084609e4491d372fe4888a3c3e660cc6fc3fd9b97c6c923389653eb074d96a3f1768e30f818adf94780feeab011de24785dd6cf88777a7806c05d0ed88fa985d77aab6996fa1af1190d1620732d9f2f9712e1182b815f0d415c12e6c42021b43e26578db3f2b475ea0ebb199323d", 0xfffffda9, 0x0, &(0x7f0000000380), 0x10) 81.472818ms ago: executing program 3: syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000280)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9d}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) fchown(r3, 0x0, 0xee01) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000003c0)=0x70, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000157000/0x2000)=nil, 0x1fffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r2, 0x0, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) inotify_init() sendto$inet6(r4, &(0x7f00000004c0)="819716edb897367e12d20882f5b0cfa1e1816bb500d6d6505e2f58729ff2b5d48462f9e49ed691b1c6e1cd2106a261febcf17725baa9d28d8da3ff26ca79c719031578919037bf74efdf72d63a1b66e5bb5de8a45db1b4e5d1114cc88300c2baaea3c1b30373a9b9b937756c398bf6b1cabdca9565a2e4bb0fb0b2d3a62c773d09617f6a18543f27753a9da4c51e3a8254c8ae143040cc4cc90b53e79419af4769ec27e686888043bbc4e2e0146dc2ed84ae7fbf86b884522c8a2e30722ae93ca86ac5", 0xc3, 0x24004800, &(0x7f0000000040)={0xa, 0x4e21, 0x1f, @private0, 0xf36d}, 0x1c) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) sendto$inet(r2, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93) 25.378646ms ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000003540)={0xa, 0x0, 0x0, @mcast2, 0x80000000}, 0x1c) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) 0s ago: executing program 4: r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4) kernel console output (not intermixed with test programs): : block 255: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0 [ 122.817185][ T5440] user requested TSC rate below hardware speed [ 122.833217][ T5445] EXT4-fs error (device loop4) in do_split:2092: Corrupt filesystem [ 122.845867][ T5452] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 255: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0 [ 122.926006][ T3572] EXT4-fs (loop4): unmounting filesystem. [ 123.001893][ T5459] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 123.136390][ T14] usb 1-1: New USB device found, idVendor=07ca, idProduct=a309, bcdDevice= 9.3e [ 123.156604][ T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.166508][ T14] usb 1-1: config 0 descriptor?? [ 123.214655][ T14] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 123.241823][ T14] dvb_usb_af9015: probe of 1-1:0.0 failed with error -22 [ 123.254272][ T5469] loop1: detected capacity change from 0 to 2048 [ 123.294584][ T5471] loop4: detected capacity change from 0 to 1024 [ 123.341474][ T3620] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 123.492325][ T5475] Bluetooth: MGMT ver 1.22 [ 123.520771][ T5475] loop3: detected capacity change from 0 to 256 [ 123.615864][ T5475] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 123.983854][ T5422] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.0'. [ 124.088192][ T5476] loop4: detected capacity change from 0 to 512 [ 124.100880][ T3625] usb 1-1: USB disconnect, device number 5 [ 124.144867][ T5476] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 124.177247][ T5476] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=a002e018, mo2=0000] [ 124.188431][ T5476] EXT4-fs (loop4): failed to initialize system zone (-117) [ 124.197982][ T5476] EXT4-fs (loop4): mount failed [ 124.312334][ T5371] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 65: padding at end of block bitmap is not set [ 124.760103][ T3954] EXT4-fs (loop0): unmounting filesystem. [ 124.827900][ T5491] loop0: detected capacity change from 0 to 512 [ 124.848292][ T5491] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz-executor.0: casefold flag without casefold feature [ 124.875501][ T5488] loop1: detected capacity change from 0 to 1024 [ 124.890743][ T5491] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.0: missing EA_INODE flag [ 124.911102][ T5488] hfsplus: extend alloc file! (8192,65536,366) [ 124.920589][ T5491] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 12 err=-117 [ 124.939634][ T5491] EXT4-fs (loop0): 1 orphan inode deleted [ 124.943779][ T5498] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 124.948053][ T5491] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 124.971204][ T3620] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 124.980293][ T3620] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.981284][ T3624] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 124.997801][ T3620] usb 3-1: config 0 descriptor?? [ 125.019659][ T5488] user requested TSC rate below hardware speed [ 125.031611][ T5491] EXT4-fs error (device loop0): dx_make_map:1327: inode #2: block 255: comm syz-executor.0: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0 [ 125.052807][ T3620] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 125.058202][ T5491] EXT4-fs error (device loop0) in do_split:2092: Corrupt filesystem [ 125.070852][ T5491] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 255: comm syz-executor.0: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0 [ 125.107912][ T3954] EXT4-fs (loop0): unmounting filesystem. [ 125.234793][ T5508] loop1: detected capacity change from 0 to 64 [ 125.374490][ T3624] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 125.388578][ T3624] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.409055][ T3624] usb 4-1: config 0 descriptor?? [ 125.473168][ T5504] loop0: detected capacity change from 0 to 32768 [ 125.480682][ T5504] XFS: ikeep mount option is deprecated. [ 125.486551][ T3620] gspca_sunplus: reg_w_riv err -71 [ 125.491819][ T3620] sunplus: probe of 3-1:0.0 failed with error -71 [ 125.499494][ T5504] XFS: ikeep mount option is deprecated. [ 125.505417][ T3620] usb 3-1: USB disconnect, device number 8 [ 125.535023][ T5504] XFS (loop0): Mounting V5 Filesystem [ 125.611211][ T5504] XFS (loop0): Ending clean mount [ 125.618267][ T5504] XFS (loop0): Quotacheck needed: Please wait. [ 125.663315][ T5504] XFS (loop0): Quotacheck: Done. [ 125.727580][ T3954] XFS (loop0): Unmounting Filesystem [ 125.730147][ T5512] loop1: detected capacity change from 0 to 32768 [ 126.280973][ T5533] loop0: detected capacity change from 0 to 2048 [ 126.356758][ T5533] loop0: p1 < > p3 [ 126.384027][ T5533] loop0: p3 size 134217728 extends beyond EOD, truncated [ 126.586759][ T5533] loop0: detected capacity change from 0 to 2048 [ 126.610076][ T5533] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 126.732095][ T3624] pegasus: probe of 4-1:0.0 failed with error -71 [ 126.867131][ T3624] usb 4-1: USB disconnect, device number 4 [ 127.005773][ T5541] loop2: detected capacity change from 0 to 1024 [ 127.065562][ T5541] hfsplus: extend alloc file! (8192,65536,366) [ 127.165689][ T5539] user requested TSC rate below hardware speed [ 127.168282][ T5550] loop4: detected capacity change from 0 to 64 [ 127.175590][ T5548] loop0: detected capacity change from 0 to 512 [ 127.228770][ T5548] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 127.256621][ T5548] ext4 filesystem being mounted at /root/syzkaller-testdir3604125915/syzkaller.OznBhB/107/file0 supports timestamps until 2038 (0x7fffffff) [ 127.407432][ T5535] loop1: detected capacity change from 0 to 32768 [ 127.414147][ T26] audit: type=1804 audit(1718640393.854:148): pid=5548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3604125915/syzkaller.OznBhB/107/file0/bus" dev="loop0" ino=15 res=1 errno=0 [ 127.489409][ T3954] EXT4-fs (loop0): unmounting filesystem. [ 127.498868][ T26] audit: type=1804 audit(1718640393.864:149): pid=5548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir3604125915/syzkaller.OznBhB/107/file0/bus" dev="loop0" ino=15 res=1 errno=0 [ 127.534199][ T5535] XFS (loop1): Mounting V5 Filesystem [ 127.539249][ T26] audit: type=1326 audit(1718640393.984:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5564 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc1b2a7cf29 code=0x0 [ 127.640691][ T5535] XFS (loop1): Ending clean mount [ 127.696954][ T5555] loop4: detected capacity change from 0 to 32768 [ 127.715313][ T5555] XFS: ikeep mount option is deprecated. [ 127.727341][ T3898] XFS (loop1): Unmounting Filesystem [ 127.736442][ T5555] XFS: ikeep mount option is deprecated. [ 127.819620][ T5555] XFS (loop4): Mounting V5 Filesystem [ 127.922417][ T5572] loop0: detected capacity change from 0 to 32768 [ 127.930496][ T5555] XFS (loop4): Ending clean mount [ 127.941247][ T5555] XFS (loop4): Quotacheck needed: Please wait. [ 127.976459][ T5555] XFS (loop4): Quotacheck: Done. [ 128.061538][ T3572] XFS (loop4): Unmounting Filesystem [ 128.511666][ T5593] loop1: detected capacity change from 0 to 2048 [ 128.593173][ T5593] loop1: p1 < > p3 [ 128.601048][ T5593] loop1: p3 size 134217728 extends beyond EOD, truncated [ 128.818356][ T5593] loop1: detected capacity change from 0 to 2048 [ 128.853509][ T5593] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 129.112808][ T5596] loop4: detected capacity change from 0 to 512 [ 129.219165][ T5596] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz-executor.4: Parent and EA inode have the same ino 15 [ 129.262210][ T5596] EXT4-fs (loop4): Remounting filesystem read-only [ 129.299093][ T5596] EXT4-fs (loop4): 1 orphan inode deleted [ 129.338318][ T5596] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 129.366716][ T5602] loop3: detected capacity change from 0 to 512 [ 129.376539][ T5602] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 129.535576][ T5612] loop2: detected capacity change from 0 to 256 [ 129.856795][ T5612] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 130.460589][ T5602] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=a002e018, mo2=0000] [ 130.471863][ T5602] EXT4-fs (loop3): failed to initialize system zone (-117) [ 130.521424][ T5602] EXT4-fs (loop3): mount failed [ 130.752865][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 130.761553][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 130.820519][ T3572] EXT4-fs (loop4): unmounting filesystem. [ 131.052283][ T5611] loop0: detected capacity change from 0 to 40427 [ 131.082418][ T5611] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 131.090516][ T26] audit: type=1326 audit(1718640397.534:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5634 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe02367cf29 code=0x0 [ 131.104935][ T5611] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 131.203720][ T5644] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 131.221150][ T5644] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.3'. [ 131.247811][ T5611] F2FS-fs (loop0): invalid crc value [ 131.333404][ T5611] F2FS-fs (loop0): Found nat_bits in checkpoint [ 131.354747][ T5654] netlink: 'syz-executor.3': attribute type 13 has an invalid length. [ 131.376711][ T5654] device veth0_macvtap left promiscuous mode [ 131.518018][ T5656] loop1: detected capacity change from 0 to 2048 [ 132.077941][ T5654] device macvtap0 entered promiscuous mode [ 132.086391][ T5656] loop1: p1 < > p3 [ 132.091342][ T5656] loop1: p3 size 134217728 extends beyond EOD, truncated [ 132.156037][ T5661] loop4: detected capacity change from 0 to 256 [ 132.157318][ T5654] macvtap0: refused to change device tx_queue_len [ 132.170635][ T5661] MINIX-fs: mounting file system with errors, running fsck is recommended [ 132.179905][ T5611] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 132.208709][ T5611] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 132.364005][ T5664] loop3: detected capacity change from 0 to 512 [ 132.378733][ T5664] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 132.430653][ T3664] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 132.457921][ T5664] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=a002e018, mo2=0000] [ 132.476728][ T3664] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 132.519205][ T5664] EXT4-fs (loop3): failed to initialize system zone (-117) [ 132.561214][ T5664] EXT4-fs (loop3): mount failed [ 132.608906][ T5687] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 132.618126][ T5687] netlink: 148 bytes leftover after parsing attributes in process `syz-executor.2'. [ 132.658306][ T5689] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 132.697308][ T5689] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 132.787472][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.794085][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.877611][ T5694] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 133.445181][ T5715] loop0: detected capacity change from 0 to 256 [ 133.537822][ T5715] MINIX-fs: mounting file system with errors, running fsck is recommended [ 133.563850][ T5717] loop4: detected capacity change from 0 to 4096 [ 133.584977][ T5717] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 133.624769][ T5691] loop2: detected capacity change from 0 to 32768 [ 133.648185][ T5691] XFS: ikeep mount option is deprecated. [ 133.777706][ T5691] XFS (loop2): Mounting V5 Filesystem [ 133.804720][ T5728] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 133.871353][ T5728] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 133.881817][ T5691] XFS (loop2): Ending clean mount [ 133.913151][ T5691] XFS (loop2): Quotacheck needed: Please wait. [ 133.986572][ T5732] loop3: detected capacity change from 0 to 512 [ 134.018781][ T5732] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 134.032560][ T5691] XFS (loop2): Quotacheck: Done. [ 134.082715][ T5732] [EXT4 FS bs=4096, gc=1, bpg=3008, ipg=32, mo=a002e018, mo2=0000] [ 134.102126][ T5740] loop4: detected capacity change from 0 to 4096 [ 134.124788][ T5732] EXT4-fs (loop3): failed to initialize system zone (-117) [ 134.132940][ T5732] EXT4-fs (loop3): mount failed [ 134.155790][ T5740] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 134.176393][ T3579] XFS (loop2): Unmounting Filesystem [ 134.186621][ T5740] ntfs3: loop4: Failed to load $MFT. [ 134.556698][ T5749] devpts: called with bogus options [ 135.208365][ T5754] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 135.262747][ T5754] device veth0_macvtap left promiscuous mode [ 135.299421][ T5754] device macvtap0 entered promiscuous mode [ 135.318162][ T5756] loop3: detected capacity change from 0 to 512 [ 135.331304][ T5754] macvtap0: refused to change device tx_queue_len [ 135.349780][ T5756] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 135.382376][ T26] audit: type=1326 audit(1718640401.834:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5757 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc05287cf29 code=0x0 [ 135.390345][ T5725] loop0: detected capacity change from 0 to 32768 [ 135.443712][ T5756] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756 [ 135.460377][ T5770] loop4: detected capacity change from 0 to 8 [ 135.474216][ T5770] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 135.487098][ T5756] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz-executor.3: couldn't read orphan inode 17 (err -117) [ 135.500937][ T5725] XFS (loop0): Mounting V5 Filesystem [ 135.514853][ T5756] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 135.529542][ T5770] cramfs: Error -3 while decompressing! [ 135.537773][ T5770] cramfs: ffffffff91e22568(26)->ffff888057add000(4096) [ 135.551472][ T5770] cramfs: Error -3 while decompressing! [ 135.557087][ T5770] cramfs: ffffffff91e22582(26)->ffff888057ade000(4096) [ 135.564705][ T5770] cramfs: Error -3 while decompressing! [ 135.571257][ T5770] cramfs: ffffffff91e22568(26)->ffff888057add000(4096) [ 135.625855][ T5725] XFS (loop0): Ending clean mount [ 135.657931][ T5725] XFS (loop0): Quotacheck needed: Please wait. [ 135.720233][ T5784] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 135.728098][ T5725] XFS (loop0): Quotacheck: Done. [ 135.737491][ T5784] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 135.773644][ T3954] XFS (loop0): Unmounting Filesystem [ 135.791511][ T5787] loop2: detected capacity change from 0 to 256 [ 135.811126][ T7] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 135.839621][ T5787] MINIX-fs: mounting file system with errors, running fsck is recommended [ 135.848299][ T5791] loop4: detected capacity change from 0 to 64 [ 136.003524][ T5795] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 136.030881][ T5795] macvtap0: refused to change device tx_queue_len [ 136.098093][ T5799] loop2: detected capacity change from 0 to 4096 [ 136.123821][ T5799] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 136.140320][ T5803] loop0: detected capacity change from 0 to 8 [ 136.153836][ T5803] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 136.169994][ T5803] cramfs: Error -3 while decompressing! [ 136.191308][ T5803] cramfs: ffffffff91e26568(26)->ffff88805554f000(4096) [ 136.205322][ T7] usb 4-1: New USB device found, idVendor=07ca, idProduct=a309, bcdDevice= 9.3e [ 136.208532][ T5803] cramfs: Error -3 while decompressing! [ 136.230480][ T5803] cramfs: ffffffff91e26582(26)->ffff8880578a4000(4096) [ 136.234584][ T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.249458][ T5803] cramfs: Error -3 while decompressing! [ 136.259151][ T5803] cramfs: ffffffff91e26568(26)->ffff88805554f000(4096) [ 136.269708][ T7] usb 4-1: config 0 descriptor?? [ 136.333135][ T7] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 136.362591][ T7] dvb_usb_af9015: probe of 4-1:0.0 failed with error -22 [ 136.373598][ T5812] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 136.460067][ T5818] sp0: Synchronizing with TNC [ 136.584276][ T5756] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.3'. [ 136.598386][ T5822] loop0: detected capacity change from 0 to 256 [ 136.620159][ T5823] loop1: detected capacity change from 0 to 64 [ 136.622368][ T7] usb 4-1: USB disconnect, device number 5 [ 136.652969][ T5822] MINIX-fs: mounting file system with errors, running fsck is recommended [ 136.702788][ T5826] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 136.736756][ T5826] macvtap0: refused to change device tx_queue_len [ 136.827912][ T5832] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 136.983084][ T5838] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 136.996352][ T5835] loop0: detected capacity change from 0 to 4096 [ 137.013636][ T5835] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 137.076140][ T5816] loop2: detected capacity change from 0 to 32768 [ 137.132836][ T5816] XFS (loop2): Mounting V5 Filesystem [ 137.243587][ T5847] loop1: detected capacity change from 0 to 256 [ 137.267920][ T5847] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 137.908233][ T3996] EXT4-fs (loop3): unmounting filesystem. [ 137.914941][ T5852] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 137.932391][ T5816] XFS (loop2): Ending clean mount [ 137.993253][ T5816] XFS (loop2): Quotacheck needed: Please wait. [ 138.036286][ T5860] loop0: detected capacity change from 0 to 16 [ 138.052526][ T5860] erofs: (device loop0): mounted with root inode @ nid 36. [ 138.067972][ T5860] erofs: (device loop0): find_target_block_classic: corrupted dir block 8200 @ nid 36 [ 138.111346][ T5816] XFS (loop2): Quotacheck: Done. [ 138.156004][ T5866] loop3: detected capacity change from 0 to 64 [ 138.204984][ T3579] XFS (loop2): Unmounting Filesystem [ 138.312302][ T5873] netlink: 'syz-executor.4': attribute type 13 has an invalid length. [ 138.519536][ T5883] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 138.885441][ T5891] loop3: detected capacity change from 0 to 256 [ 138.996042][ T5891] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 139.651591][ T5871] loop0: detected capacity change from 0 to 40427 [ 139.662271][ T5871] F2FS-fs (loop0): Wrong segment_count / block_count (64 > 16384) [ 139.670378][ T5871] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 139.739560][ T5871] F2FS-fs (loop0): Found nat_bits in checkpoint [ 139.758963][ T5908] netlink: 'syz-executor.3': attribute type 13 has an invalid length. [ 139.858576][ T5871] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 139.865974][ T5871] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 139.887265][ T5915] loop4: detected capacity change from 0 to 256 [ 139.910613][ T5917] loop3: detected capacity change from 0 to 16 [ 139.928030][ T5915] exFAT-fs (loop4): failed to load upcase table (idx : 0x00005895, chksum : 0x4d892a17, utbl_chksum : 0xe619d30d) [ 139.941842][ T5917] erofs: (device loop3): mounted with root inode @ nid 36. [ 139.964086][ T5917] erofs: (device loop3): find_target_block_classic: corrupted dir block 8200 @ nid 36 [ 139.999918][ T5921] sp0: Synchronizing with TNC [ 140.180102][ T3954] syz-executor.0: attempt to access beyond end of device [ 140.180102][ T3954] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 140.291797][ T3954] syz-executor.0: attempt to access beyond end of device [ 140.291797][ T3954] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 140.390962][ T5898] loop1: detected capacity change from 0 to 32768 [ 140.392432][ T3954] syz-executor.0: attempt to access beyond end of device [ 140.392432][ T3954] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 140.536734][ T5938] loop3: detected capacity change from 0 to 256 [ 140.586015][ T5938] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 141.277464][ T5898] XFS (loop1): Mounting V5 Filesystem [ 141.338728][ T5950] loop2: detected capacity change from 0 to 512 [ 141.398552][ T5950] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 141.446999][ T5950] ext4 filesystem being mounted at /root/syzkaller-testdir2678256202/syzkaller.G3WoVl/153/file0 supports timestamps until 2038 (0x7fffffff) [ 141.487651][ T5898] XFS (loop1): Ending clean mount [ 141.501231][ T5898] XFS (loop1): Quotacheck needed: Please wait. [ 141.537112][ T5960] sp0: Synchronizing with TNC [ 141.563018][ T5898] XFS (loop1): Quotacheck: Done. [ 141.568152][ T26] audit: type=1804 audit(1718640408.014:153): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2678256202/syzkaller.G3WoVl/153/file0/bus" dev="loop2" ino=15 res=1 errno=0 [ 141.606797][ T26] audit: type=1804 audit(1718640408.054:154): pid=5950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2678256202/syzkaller.G3WoVl/153/file0/bus" dev="loop2" ino=15 res=1 errno=0 [ 141.639249][ T3579] EXT4-fs (loop2): unmounting filesystem. [ 141.675990][ T3898] XFS (loop1): Unmounting Filesystem [ 141.803989][ T4273] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.894660][ T5968] xt_cgroup: invalid path, errno=-2 [ 141.910324][ T4273] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.017614][ T4273] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.101721][ T5975] loop4: detected capacity change from 0 to 64 [ 142.190361][ T4273] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.514692][ T5986] loop4: detected capacity change from 0 to 64 [ 142.595921][ T5988] sp0: Synchronizing with TNC [ 142.800086][ T5962] loop3: detected capacity change from 0 to 40427 [ 142.821250][ T5962] F2FS-fs (loop3): Wrong segment_count / block_count (64 > 16384) [ 142.836727][ T5962] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 142.867116][ T5994] loop4: detected capacity change from 0 to 16 [ 142.869226][ T120] block nbd1: Attempted send on invalid socket [ 142.879723][ T120] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 142.896912][ T5993] qnx6: unable to read the first superblock [ 142.899209][ T5994] erofs: (device loop4): mounted with root inode @ nid 36. [ 142.906901][ T52] block nbd1: Attempted send on invalid socket [ 142.917339][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 142.938075][ T5993] qnx6: unable to read the first superblock [ 142.952944][ T5994] erofs: (device loop4): find_target_block_classic: corrupted dir block 8200 @ nid 36 [ 142.954129][ T6001] loop2: detected capacity change from 0 to 64 [ 142.964070][ T5993] qnx6: unable to read the first superblock [ 142.979527][ T5962] F2FS-fs (loop3): Found nat_bits in checkpoint [ 143.088468][ T3575] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 143.098844][ T3575] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 143.102576][ T6005] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 143.121244][ T3575] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 143.121250][ T5962] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 143.121274][ T5962] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 143.134519][ T6008] loop1: detected capacity change from 0 to 64 [ 143.162231][ T3575] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 143.172825][ T3575] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 143.183119][ T3575] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 143.402954][ T6010] IPv6: Can't replace route, no match found [ 143.508115][ T4284] kworker/u4:21: attempt to access beyond end of device [ 143.508115][ T4284] loop3: rw=1048577, sector=53248, nr_sectors = 8 limit=40427 [ 143.568577][ T3996] syz-executor.3: attempt to access beyond end of device [ 143.568577][ T3996] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 143.585559][ T4273] device hsr_slave_0 left promiscuous mode [ 143.594242][ T3996] syz-executor.3: attempt to access beyond end of device [ 143.594242][ T3996] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 143.611871][ T4273] device hsr_slave_1 left promiscuous mode [ 143.626853][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 143.634409][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 143.658494][ T3996] syz-executor.3: attempt to access beyond end of device [ 143.658494][ T3996] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 143.678945][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 143.714858][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 143.745206][ T4273] device bridge_slave_1 left promiscuous mode [ 143.774140][ T4273] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.806075][ T4273] device bridge_slave_0 left promiscuous mode [ 143.819948][ T4273] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.837720][ T6033] loop2: detected capacity change from 0 to 256 [ 143.838633][ T6034] loop1: detected capacity change from 0 to 64 [ 143.865481][ T4273] device veth1_macvtap left promiscuous mode [ 143.875912][ T4273] device veth0_macvtap left promiscuous mode [ 143.888570][ T6033] exFAT-fs (loop2): failed to load upcase table (idx : 0x00005895, chksum : 0x4d892a17, utbl_chksum : 0xe619d30d) [ 143.898156][ T4273] device veth1_vlan left promiscuous mode [ 143.926568][ T4273] device veth0_vlan left promiscuous mode [ 144.048578][ T6037] xt_cgroup: invalid path, errno=-2 [ 144.185312][ T6039] loop1: detected capacity change from 0 to 64 [ 144.259618][ T4273] bond1 (unregistering): Released all slaves [ 144.496783][ T4273] team0 (unregistering): Port device team_slave_1 removed [ 144.518653][ T4273] team0 (unregistering): Port device team_slave_0 removed [ 144.539197][ T4273] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 144.558523][ T4273] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 144.668025][ T4273] bond0 (unregistering): Released all slaves [ 144.777177][ T6049] IPv6: Can't replace route, no match found [ 145.033245][ T26] audit: type=1326 audit(1718640411.484:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.054073][ T6002] chnl_net:caif_netlink_parms(): no params data found [ 145.086779][ T6068] xt_cgroup: invalid path, errno=-2 [ 145.104319][ T26] audit: type=1326 audit(1718640411.504:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.164169][ T26] audit: type=1326 audit(1718640411.504:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.224254][ T26] audit: type=1326 audit(1718640411.504:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.261460][ T3575] Bluetooth: hci3: command tx timeout [ 145.263866][ T6073] loop1: detected capacity change from 0 to 256 [ 145.356392][ T6073] exFAT-fs (loop1): failed to load upcase table (idx : 0x00005895, chksum : 0x4d892a17, utbl_chksum : 0xe619d30d) [ 145.356731][ T6002] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.399756][ T26] audit: type=1326 audit(1718640411.524:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.444807][ T6002] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.463552][ T26] audit: type=1326 audit(1718640411.524:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe02367a6a7 code=0x7ffc0000 [ 145.468585][ T6002] device bridge_slave_0 entered promiscuous mode [ 145.557468][ T26] audit: type=1326 audit(1718640411.524:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe023640379 code=0x7ffc0000 [ 145.563725][ T6002] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.633586][ T6002] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.645095][ T6065] loop2: detected capacity change from 0 to 32768 [ 145.649962][ T6002] device bridge_slave_1 entered promiscuous mode [ 145.651782][ T26] audit: type=1326 audit(1718640411.524:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6062 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 145.755281][ T6065] XFS (loop2): Mounting V5 Filesystem [ 145.777360][ T6002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.835961][ T6002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 145.938654][ T6065] XFS (loop2): Ending clean mount [ 145.962309][ T6065] XFS (loop2): Quotacheck needed: Please wait. [ 145.969832][ T6096] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 145.999525][ T6096] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.028596][ T6065] XFS (loop2): Quotacheck: Done. [ 146.042701][ T6096] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.087811][ T6096] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'. [ 146.132986][ T3579] XFS (loop2): Unmounting Filesystem [ 146.198077][ T6002] team0: Port device team_slave_0 added [ 146.224468][ T6002] team0: Port device team_slave_1 added [ 146.314692][ T6002] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 146.341085][ T6002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.405586][ T6002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 146.405887][ T3587] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 146.428271][ T3587] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 146.436789][ T3587] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 146.445966][ T3587] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 146.454299][ T6002] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 146.455350][ T3587] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 146.468719][ T3587] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 146.488472][ T6002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 146.514535][ T6002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 146.579447][ T6106] IPv6: Can't replace route, no match found [ 146.645386][ T6111] loop2: detected capacity change from 0 to 256 [ 146.652715][ T6002] device hsr_slave_0 entered promiscuous mode [ 146.653322][ T6111] exfat: Deprecated parameter 'utf8' [ 146.664339][ T6111] exfat: Deprecated parameter 'utf8' [ 146.669755][ T6111] exfat: Deprecated parameter 'namecase' [ 146.675639][ T6111] exfat: Deprecated parameter 'utf8' [ 146.676008][ T6002] device hsr_slave_1 entered promiscuous mode [ 146.697605][ T6111] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001213e, chksum : 0xd5e0710c, utbl_chksum : 0xe619d30d) [ 147.000238][ T6123] loop2: detected capacity change from 0 to 64 [ 147.101094][ T3625] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 147.200545][ T6103] chnl_net:caif_netlink_parms(): no params data found [ 147.241080][ T7] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 147.341201][ T3587] Bluetooth: hci3: command tx timeout [ 147.459889][ T6103] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.486746][ T6103] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.515891][ T6103] device bridge_slave_0 entered promiscuous mode [ 147.532443][ T3625] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.551068][ T3625] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 147.559997][ T3625] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 147.569765][ T6103] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.580137][ T6103] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.581372][ T6137] loop2: detected capacity change from 0 to 256 [ 147.594085][ T3625] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 147.602190][ T6103] device bridge_slave_1 entered promiscuous mode [ 147.631904][ T6137] FAT-fs (loop2): Directory bread(block 64) failed [ 147.638477][ T6137] FAT-fs (loop2): Directory bread(block 65) failed [ 147.645605][ T6137] FAT-fs (loop2): Directory bread(block 66) failed [ 147.653298][ T6137] FAT-fs (loop2): Directory bread(block 67) failed [ 147.661740][ T6137] FAT-fs (loop2): Directory bread(block 68) failed [ 147.668287][ T6137] FAT-fs (loop2): Directory bread(block 69) failed [ 147.668295][ T7] usb 5-1: config 0 has an invalid interface number: 210 but max is 1 [ 147.674994][ T6137] FAT-fs (loop2): Directory bread(block 70) failed [ 147.694105][ T7] usb 5-1: config 0 has no interface number 1 [ 147.695429][ T6137] FAT-fs (loop2): Directory bread(block 71) failed [ 147.701497][ T7] usb 5-1: config 0 interface 210 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 147.712283][ T6137] FAT-fs (loop2): Directory bread(block 72) failed [ 147.723105][ T3625] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 147.723135][ T3625] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 147.732928][ T6137] FAT-fs (loop2): Directory bread(block 73) failed [ 147.746936][ T3625] usb 2-1: SerialNumber: syz [ 147.761573][ T7] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x1, skipping [ 147.763208][ T6103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 147.810217][ T6002] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 147.833023][ T6103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 147.846820][ T6002] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 147.867253][ T6002] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 147.905625][ T6002] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 147.927692][ T6103] team0: Port device team_slave_0 added [ 147.953094][ T6103] team0: Port device team_slave_1 added [ 147.977520][ T7] usb 5-1: New USB device found, idVendor=ed06, idProduct=4500, bcdDevice= 0.01 [ 148.001520][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.012329][ T7] usb 5-1: Product: syz [ 148.016525][ T7] usb 5-1: Manufacturer: syz [ 148.027155][ T4273] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.039462][ T7] usb 5-1: SerialNumber: syz [ 148.053761][ T7] usb 5-1: config 0 descriptor?? [ 148.065177][ T6103] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 148.073028][ T3625] usb 2-1: 0:2 : does not exist [ 148.078250][ T3625] usb 2-1: unit 5 not found! [ 148.082489][ T6103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.110322][ T6103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 148.117607][ T7] usb-storage 5-1:0.210: USB Mass Storage device detected [ 148.148375][ T4273] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.151868][ T3625] usb 2-1: USB disconnect, device number 6 [ 148.169156][ T6103] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 148.183271][ T6103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.189132][ T7] usb-storage 5-1:0.210: Quirks match for vid ed06 pid 4500: 1000 [ 148.226986][ T6103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 148.285079][ T7] usb-storage 5-1:0.0: USB Mass Storage device detected [ 148.304767][ T7] usb-storage 5-1:0.0: Quirks match for vid ed06 pid 4500: 1000 [ 148.307687][ T4273] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.328389][ T6145] IPv6: Can't replace route, no match found [ 148.342518][ T6103] device hsr_slave_0 entered promiscuous mode [ 148.350402][ T6103] device hsr_slave_1 entered promiscuous mode [ 148.357164][ T6103] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 148.365844][ T6103] Cannot create hsr debugfs directory [ 148.388140][ T7] usb 5-1: USB disconnect, device number 7 [ 148.402165][ T6002] 8021q: adding VLAN 0 to HW filter on device bond0 [ 148.410131][ T6149] IPv6: Can't replace route, no match found [ 148.427473][ T4273] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.465456][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 148.474507][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 148.499613][ T6002] 8021q: adding VLAN 0 to HW filter on device team0 [ 148.541348][ T3587] Bluetooth: hci4: command tx timeout [ 148.585706][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 148.604828][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 148.616633][ T3625] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.623800][ T3625] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.632303][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 148.641385][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 148.649999][ T3625] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.657143][ T3625] bridge0: port 2(bridge_slave_1) entered forwarding state [ 148.692164][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 148.700238][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 148.722893][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 148.760482][ T6002] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 148.782162][ T6002] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 148.798558][ T6161] loop2: detected capacity change from 0 to 512 [ 148.806792][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 148.817572][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 148.826108][ T6159] loop1: detected capacity change from 0 to 4096 [ 148.829744][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 148.842619][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 148.852311][ T6161] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 148.860551][ T6159] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 148.863440][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 148.883293][ T6161] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 148.892920][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 148.904694][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 148.916632][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 148.951641][ T6161] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz-executor.2: bg 0: block 18: invalid block bitmap [ 148.968910][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 148.977591][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 148.977911][ T6161] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 149.022067][ T6159] ntfs3: loop1: failed to convert "c46c" to ascii [ 149.059372][ T6161] EXT4-fs (loop2): 1 truncate cleaned up [ 149.103794][ T6161] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 149.132573][ T6161] ext2 filesystem being mounted at /root/syzkaller-testdir2678256202/syzkaller.G3WoVl/182/file1 supports timestamps until 2038 (0x7fffffff) [ 149.243242][ T6176] Bluetooth: MGMT ver 1.22 [ 149.421670][ T3587] Bluetooth: hci3: command tx timeout [ 149.443346][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 149.452894][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 149.531726][ T6002] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 149.606092][ T3579] EXT4-fs (loop2): unmounting filesystem. [ 149.628162][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 149.636337][ T26] kauditd_printk_skb: 88 callbacks suppressed [ 149.636351][ T26] audit: type=1326 audit(1718640416.074:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 149.667415][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 149.735849][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 149.744816][ T26] audit: type=1326 audit(1718640416.074:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 149.768633][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 149.781627][ T6002] device veth0_vlan entered promiscuous mode [ 149.833420][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 149.841699][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 149.859141][ T26] audit: type=1326 audit(1718640416.114:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 149.883643][ T6187] IPv6: Can't replace route, no match found [ 149.909684][ T26] audit: type=1326 audit(1718640416.114:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 149.954978][ T6002] device veth1_vlan entered promiscuous mode [ 149.964832][ T26] audit: type=1326 audit(1718640416.114:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 149.973052][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 149.998940][ T26] audit: type=1326 audit(1718640416.114:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 150.050862][ T26] audit: type=1326 audit(1718640416.124:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 150.084814][ T26] audit: type=1326 audit(1718640416.144:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe02367a6a7 code=0x7ffc0000 [ 150.113305][ T6103] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 150.116079][ T26] audit: type=1326 audit(1718640416.184:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe023640379 code=0x7ffc0000 [ 150.176719][ T26] audit: type=1326 audit(1718640416.184:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fe02367cf29 code=0x7ffc0000 [ 150.308759][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 150.331532][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 150.365104][ T6002] device veth0_macvtap entered promiscuous mode [ 150.378710][ T6103] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 150.416224][ T6002] device veth1_macvtap entered promiscuous mode [ 150.427701][ T6103] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 150.464061][ T6103] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 150.474832][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.486526][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.505273][ T6192] loop4: detected capacity change from 0 to 64 [ 150.514409][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.526092][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.538747][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.549575][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.562118][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.574031][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.586668][ T6002] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.605159][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 150.615041][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 150.624011][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 150.631201][ T3587] Bluetooth: hci4: command tx timeout [ 150.632707][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 150.704900][ T4273] device hsr_slave_0 left promiscuous mode [ 150.724807][ T4273] device hsr_slave_1 left promiscuous mode [ 150.743117][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.756771][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.766597][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.781348][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.800214][ T4273] device bridge_slave_1 left promiscuous mode [ 150.806737][ T4273] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.827699][ T4273] device bridge_slave_0 left promiscuous mode [ 150.840712][ T4273] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.880217][ T4273] device veth1_macvtap left promiscuous mode [ 150.887047][ T4273] device veth1_vlan left promiscuous mode [ 150.898213][ T4273] device veth0_vlan left promiscuous mode [ 151.089992][ T6206] loop2: detected capacity change from 0 to 4096 [ 151.100694][ T6206] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 151.148425][ T6206] ntfs3: loop2: failed to convert "c46c" to ascii [ 151.236157][ T4273] team0 (unregistering): Port device team_slave_1 removed [ 151.269935][ T4273] team0 (unregistering): Port device team_slave_0 removed [ 151.294860][ T4273] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 151.318717][ T4273] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 151.438469][ T4273] bond0 (unregistering): Released all slaves [ 151.502106][ T3587] Bluetooth: hci3: command tx timeout [ 151.717176][ T6214] devpts: called with bogus options [ 152.259042][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.285136][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.331144][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.366082][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.386286][ T6002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.405437][ T6002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.440974][ T6002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.493320][ T6223] device netdevsim0 entered promiscuous mode [ 152.518971][ T6223] device netdevsim0 left promiscuous mode [ 152.566073][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 152.578272][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 152.592858][ T6002] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.610911][ T6002] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.628345][ T6002] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.639309][ T6002] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.665326][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 152.711108][ T3587] Bluetooth: hci4: command tx timeout [ 152.753173][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 152.802118][ T6239] loop2: detected capacity change from 0 to 512 [ 152.848002][ T6239] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz-executor.2: Invalid inode bitmap blk 4 in block_group 0 [ 152.851521][ T6103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.900941][ T6239] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 152.903949][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 152.918365][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 152.928367][ T3747] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.932608][ T6103] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.950038][ T3747] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.995085][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 153.016242][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.030082][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.055780][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.063069][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.085324][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.107135][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.123692][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.130891][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.148551][ T4289] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.170433][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 153.180138][ T4289] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.180840][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 153.203796][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 153.232327][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 153.245768][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.258199][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.271490][ T7] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 153.274256][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.293678][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.315801][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 153.346712][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 153.356232][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 153.371826][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 153.388732][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 153.408103][ T6103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 153.662678][ T7] usb 3-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f [ 153.691480][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.721910][ T7] usb 3-1: config 0 descriptor?? [ 153.771956][ T7] rndis_wlan 3-1:0.0: More than one union descriptor, skipping ... [ 153.779900][ T7] usb 3-1: bad CDC descriptors [ 153.833180][ T7] rndis_host 3-1:0.0: More than one union descriptor, skipping ... [ 153.870408][ T7] usb 3-1: bad CDC descriptors [ 153.885825][ T7] cdc_acm 3-1:0.0: More than one union descriptor, skipping ... [ 153.996441][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 154.023901][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 154.046621][ T6103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 154.135133][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 154.154768][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 154.200096][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 154.218086][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 154.239029][ T6103] device veth0_vlan entered promiscuous mode [ 154.256077][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 154.264003][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 154.288080][ T6103] device veth1_vlan entered promiscuous mode [ 154.380924][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 154.400296][ T3574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 154.426085][ T6103] device veth0_macvtap entered promiscuous mode [ 154.448635][ T6103] device veth1_macvtap entered promiscuous mode [ 154.519723][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.524995][ T6255] loop0: detected capacity change from 0 to 40427 [ 154.572875][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.585563][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.598338][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.610138][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.631505][ T3624] usb 3-1: USB disconnect, device number 9 [ 154.645587][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.662196][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 154.676443][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 154.676450][ T6255] F2FS-fs (loop0): Found nat_bits in checkpoint [ 154.716589][ T3579] EXT4-fs (loop2): unmounting filesystem. [ 154.725467][ T6103] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 154.763866][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 154.781316][ T3587] Bluetooth: hci4: command tx timeout [ 154.782603][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 154.815052][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 154.823157][ T6255] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2 [ 154.862644][ T6255] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 154.924804][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 154.960849][ T6255] syz-executor.0: attempt to access beyond end of device [ 154.960849][ T6255] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 154.999783][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.033786][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.070038][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.096160][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.116413][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.178706][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.243206][ T6103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 155.273975][ T6103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 155.291632][ T6103] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 155.300623][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 155.316019][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 155.336572][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 155.362489][ T6103] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.376235][ T6103] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.393350][ T6103] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.420555][ T6103] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 155.490125][ T6302] loop2: detected capacity change from 0 to 764 [ 155.627505][ T6302] rock: directory entry would overflow storage [ 155.658115][ T6302] rock: sig=0x4f50, size=4, remaining=3 [ 155.678142][ T6302] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 155.725910][ T4284] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 155.745934][ T4284] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.851663][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 155.910184][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 155.919797][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 155.988411][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 156.845514][ T6340] devpts: called with bogus options [ 157.599268][ T6308] loop4: detected capacity change from 0 to 32768 [ 157.629000][ T6308] find_entry called with index = 0 [ 157.638589][ T6308] find_entry called with index = 0 [ 157.669608][ T6308] find_entry called with index >= next_index [ 157.717577][ T6308] find_entry called with index >= next_index [ 157.747382][ T6308] find_entry called with index >= next_index [ 157.748084][ T26] kauditd_printk_skb: 264 callbacks suppressed [ 157.748096][ T26] audit: type=1800 audit(1718640424.194:525): pid=6353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 157.800542][ T6308] find_entry called with index >= next_index [ 157.837408][ T6308] find_entry called with index >= next_index [ 157.841033][ T26] audit: type=1800 audit(1718640424.234:526): pid=6353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 158.038324][ T6357] kvm [6356]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x9df00000800 [ 158.069134][ T6333] loop1: detected capacity change from 0 to 32768 [ 158.075913][ T6357] kvm [6356]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xa0000000000 [ 158.195395][ T6369] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 158.226267][ T6333] XFS (loop1): Mounting V5 Filesystem [ 159.351012][ C1] sched: RT throttling activated [ 159.387841][ T6333] XFS (loop1): Ending clean mount [ 159.417074][ T6379] loop3: detected capacity change from 0 to 262144 [ 159.433882][ T6379] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6379) [ 159.459486][ T6379] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 159.470037][ T6379] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 159.479310][ T6379] BTRFS info (device loop3): using free space tree [ 159.566546][ T3898] XFS (loop1): Unmounting Filesystem [ 159.788305][ T6379] BTRFS info (device loop3): enabling ssd optimizations [ 159.840826][ T6403] loop4: detected capacity change from 0 to 4096 [ 159.848988][ T6403] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 159.939449][ T6403] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 160.111900][ T6379] BTRFS error (device loop3: state M): unrecognized mount option '00000000000000000000000Xcv:Q"Co"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 160.111900][ T6379] o*e4bL*' [ 160.278244][ T26] audit: type=1800 audit(1718640426.724:527): pid=6403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 160.407748][ T6103] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 160.418499][ T6423] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 161.598518][ T6447] loop2: detected capacity change from 0 to 4096 [ 161.627807][ T6447] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 161.759045][ T6447] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 161.795496][ T3572] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22. [ 161.888104][ T6435] loop1: detected capacity change from 0 to 32768 [ 161.954208][ T6435] XFS (loop1): Mounting V5 Filesystem [ 162.168547][ T6435] XFS (loop1): Ending clean mount [ 162.322124][ T6435] syz-executor.1: attempt to access beyond end of device [ 162.322124][ T6435] loop1: rw=4096, sector=2886424181342207, nr_sectors = 1 limit=32768 [ 162.412032][ T6468] Bluetooth: MGMT ver 1.22 [ 162.440409][ T6468] loop2: detected capacity change from 0 to 256 [ 162.477467][ T6468] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 163.183424][ T3898] XFS (loop1): Unmounting Filesystem [ 163.316113][ T6454] loop4: detected capacity change from 0 to 32768 [ 163.381810][ T6454] find_entry called with index = 0 [ 163.386975][ T6454] find_entry called with index = 0 [ 163.408646][ T6454] find_entry called with index >= next_index [ 163.415027][ T6454] find_entry called with index >= next_index [ 163.431549][ T6454] find_entry called with index >= next_index [ 163.437630][ T6454] find_entry called with index >= next_index [ 163.471343][ T6454] find_entry called with index >= next_index [ 163.492445][ T6482] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.519293][ T6482] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.545856][ T6484] loop2: detected capacity change from 0 to 256 [ 163.554238][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.568367][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.580267][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.601596][ T6484] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 163.626642][ T6474] kvm [6473]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x9df00000800 [ 163.642617][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.687227][ T6474] kvm [6473]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xa0000000000 [ 163.705607][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.735280][ T6484] loop2: detected capacity change from 256 to 0 [ 163.747592][ T6482] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.764356][ T4289] loop: Write error at byte offset 9223372036854775807, length 512. [ 163.782674][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 163.791073][ C0] I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 163.801529][ C0] I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 163.811623][ C0] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 163.867934][ T4289] loop: Write error at byte offset 9223372036854775807, length 512. [ 163.878078][ C0] I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 163.887538][ C0] I/O error, dev loop2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 163.896935][ C0] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 163.905441][ T3706] loop: Write error at byte offset 9223372036854858239, length 512. [ 163.916609][ C0] I/O error, dev loop2, sector 161 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 163.926237][ C0] Buffer I/O error on dev loop2, logical block 161, lost sync page write [ 163.952575][ C0] I/O error, dev loop2, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.006695][ C0] I/O error, dev loop2, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.032366][ C0] I/O error, dev loop2, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.047226][ T3706] loop: Write error at byte offset 9223372036854857727, length 512. [ 164.062675][ C0] I/O error, dev loop2, sector 160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 164.072312][ C0] Buffer I/O error on dev loop2, logical block 160, lost sync page write [ 164.086472][ C0] I/O error, dev loop2, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 164.098763][ T3579] exFAT-fs (loop2): failed to exfat_remove_entries : err(-5) [ 164.403692][ T102] loop: Write error at byte offset 9223372036854775807, length 512. [ 164.429983][ C0] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 164.520292][ T3747] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.573238][ T6504] loop0: detected capacity change from 0 to 32768 [ 164.637273][ T6504] XFS (loop0): Mounting V5 Filesystem [ 164.660203][ T3747] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.710376][ T6504] XFS (loop0): Ending clean mount [ 164.740598][ T6504] syz-executor.0: attempt to access beyond end of device [ 164.740598][ T6504] loop0: rw=4096, sector=2886424181342207, nr_sectors = 1 limit=32768 [ 164.772542][ T3747] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.820901][ T6002] XFS (loop0): Unmounting Filesystem [ 164.866377][ T3747] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 165.007083][ T6506] loop3: detected capacity change from 0 to 40427 [ 165.105001][ T6506] F2FS-fs (loop3): Found nat_bits in checkpoint [ 165.158686][ T6531] loop4: detected capacity change from 0 to 512 [ 165.225511][ T26] audit: type=1326 audit(1718640431.678:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe02367cf29 code=0x0 [ 165.278901][ T6506] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 165.314380][ T6506] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 165.383699][ T3575] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 165.397058][ T3575] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 165.408755][ T3575] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 165.417125][ T6506] syz-executor.3: attempt to access beyond end of device [ 165.417125][ T6506] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 165.419941][ T3575] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 165.457682][ T3575] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 165.465491][ T3575] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 166.138828][ T6552] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 166.313279][ T6534] chnl_net:caif_netlink_parms(): no params data found [ 166.557818][ T3747] device hsr_slave_0 left promiscuous mode [ 166.573119][ T3747] device hsr_slave_1 left promiscuous mode [ 166.581811][ T3747] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.599505][ T3747] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.622389][ T3747] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.640069][ T3747] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.660403][ T3747] device bridge_slave_1 left promiscuous mode [ 166.677487][ T3747] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.716191][ T3747] device bridge_slave_0 left promiscuous mode [ 166.742883][ T3747] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.795340][ T3747] device veth1_macvtap left promiscuous mode [ 166.826017][ T3747] device veth0_macvtap left promiscuous mode [ 166.848025][ T3747] device veth1_vlan left promiscuous mode [ 166.879597][ T3747] device veth0_vlan left promiscuous mode [ 166.888214][ T6567] loop3: detected capacity change from 0 to 16 [ 166.918157][ T6567] erofs: (device loop3): mounted with root inode @ nid 36. [ 167.168181][ T6567] syz-executor.3: attempt to access beyond end of device [ 167.168181][ T6567] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 167.358603][ T6542] loop1: detected capacity change from 0 to 262144 [ 167.378361][ T6570] loop4: detected capacity change from 0 to 256 [ 167.418898][ T6542] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (6542) [ 167.480714][ T6570] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 167.501134][ T3575] Bluetooth: hci2: command tx timeout [ 167.510553][ T6542] BTRFS info (device loop1): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 167.522766][ T6542] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 167.532312][ T6542] BTRFS info (device loop1): using free space tree [ 168.092376][ T6542] BTRFS info (device loop1): enabling ssd optimizations [ 168.133988][ T6594] __nla_validate_parse: 15 callbacks suppressed [ 168.134009][ T6594] netlink: 272 bytes leftover after parsing attributes in process `syz-executor.4'. [ 168.198015][ T6542] BTRFS error (device loop1: state M): unrecognized mount option '00000000000000000000000Xcv:Q"Co"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 168.198015][ T6542] o*e4bL*' [ 168.256086][ T6596] syz-executor.3: attempt to access beyond end of device [ 168.256086][ T6596] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 168.309506][ T3898] BTRFS info (device loop1): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 168.320405][ T6598] syz-executor.3: attempt to access beyond end of device [ 168.320405][ T6598] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 168.382111][ T6567] syz-executor.3: attempt to access beyond end of device [ 168.382111][ T6567] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 168.431253][ T6567] syz-executor.3: attempt to access beyond end of device [ 168.431253][ T6567] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 168.481507][ T6584] kvm [6581]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x9df00000800 [ 168.497551][ T6584] kvm [6581]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xa0000000000 [ 168.550321][ T26] audit: type=1326 audit(1718640434.998:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.581239][ T26] audit: type=1326 audit(1718640435.008:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.646744][ T26] audit: type=1326 audit(1718640435.098:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.688558][ T26] audit: type=1326 audit(1718640435.098:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.745130][ T3747] team0 (unregistering): Port device team_slave_1 removed [ 168.789248][ T26] audit: type=1326 audit(1718640435.098:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.815732][ T3747] team0 (unregistering): Port device team_slave_0 removed [ 168.848794][ T3747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 168.865919][ T26] audit: type=1326 audit(1718640435.178:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 168.900738][ T3747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 168.972934][ T26] audit: type=1326 audit(1718640435.178:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbff967a6a7 code=0x7ffc0000 [ 169.031612][ T26] audit: type=1326 audit(1718640435.178:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbff9640379 code=0x7ffc0000 [ 169.081763][ T6611] loop3: detected capacity change from 0 to 512 [ 169.084224][ T3747] bond0 (unregistering): Released all slaves [ 169.088142][ T26] audit: type=1326 audit(1718640435.178:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x7ffc0000 [ 169.193560][ T6534] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.201164][ T6534] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.209448][ T6534] device bridge_slave_0 entered promiscuous mode [ 169.236624][ T6609] (unnamed net_device) (uninitialized): up delay (4) is not a multiple of miimon (6516), value rounded to 0 ms [ 169.275120][ T6534] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.298599][ T6534] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.323333][ T6534] device bridge_slave_1 entered promiscuous mode [ 169.427926][ T6534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.453939][ T6534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.549321][ T6534] team0: Port device team_slave_0 added [ 169.568493][ T6534] team0: Port device team_slave_1 added [ 169.581422][ T3575] Bluetooth: hci2: command tx timeout [ 169.599502][ T6623] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 169.648633][ T6534] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.662824][ T6534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.689481][ T6534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.707712][ T6534] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.719294][ T6534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 169.780207][ T6534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 169.881840][ T6534] device hsr_slave_0 entered promiscuous mode [ 169.917324][ T6534] device hsr_slave_1 entered promiscuous mode [ 169.940484][ T6534] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 169.963779][ T6534] Cannot create hsr debugfs directory [ 170.016107][ T6629] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 170.620082][ T26] kauditd_printk_skb: 51 callbacks suppressed [ 170.620098][ T26] audit: type=1326 audit(1718640437.063:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6637 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x0 [ 170.739275][ T6534] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 170.763793][ T6534] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 170.784532][ T6534] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 170.803409][ T6534] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 170.865353][ T6646] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 170.904093][ T6646] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 170.941829][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 170.991395][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.035522][ T6534] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.045383][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.102798][ T6534] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.110356][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 171.117525][ T6646] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.128476][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 171.143948][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.221140][ T6433] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 171.231567][ T6433] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 171.240316][ T6433] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.247464][ T6433] bridge0: port 1(bridge_slave_0) entered forwarding state [ 171.256914][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.347844][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 171.414954][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 171.453359][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 171.470230][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 171.503704][ T6663] overlayfs: failed to resolve './file0': -2 [ 171.515341][ T6430] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.522530][ T6430] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.551602][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 171.568331][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 171.630588][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.650851][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.668326][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.676793][ T3575] Bluetooth: hci2: command tx timeout [ 171.689961][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.698871][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 171.707489][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 171.722437][ T6534] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 171.738695][ T6534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 171.749712][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 171.768900][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 171.854771][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 171.994887][ T6681] loop4: detected capacity change from 0 to 256 [ 172.079610][ T6681] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd82bb37b, utbl_chksum : 0xe619d30d) [ 172.276248][ T6678] loop1: detected capacity change from 0 to 1024 [ 172.846757][ T6678] loop1: detected capacity change from 0 to 4096 [ 172.883340][ T6678] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 172.957591][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 172.975121][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 173.010536][ T6534] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.070222][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 173.103852][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 173.112262][ T26] audit: type=1326 audit(1718640439.553:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbff967cf29 code=0x0 [ 173.150607][ T6701] (unnamed net_device) (uninitialized): up delay (4) is not a multiple of miimon (6516), value rounded to 0 ms [ 173.209691][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 173.225869][ T6430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 173.252812][ T6534] device veth0_vlan entered promiscuous mode [ 173.272699][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 173.280162][ T6704] loop4: detected capacity change from 0 to 256 [ 173.283157][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 173.302017][ T6704] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 173.320617][ T6534] device veth1_vlan entered promiscuous mode [ 173.364444][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 173.378308][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 173.388909][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 173.405760][ T6432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 173.423274][ T6534] device veth0_macvtap entered promiscuous mode [ 173.437718][ T6534] device veth1_macvtap entered promiscuous mode [ 173.461217][ T6704] loop4: detected capacity change from 256 to 0 [ 173.472600][ T3838] loop: Write error at byte offset 9223372036854775807, length 512. [ 173.488908][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.493401][ C1] blk_print_req_error: 2 callbacks suppressed [ 173.493414][ C1] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.509827][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.515007][ C1] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.515172][ C1] Buffer I/O error on dev loop4, logical block 0, lost sync page write [ 173.550074][ T3707] loop: Write error at byte offset 9223372036854775807, length 512. [ 173.559194][ C0] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.568662][ C0] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.578055][ C0] Buffer I/O error on dev loop4, logical block 0, lost sync page write [ 173.587821][ T3707] loop: Write error at byte offset 9223372036854858239, length 512. [ 173.597144][ T6708] loop1: detected capacity change from 0 to 2048 [ 173.605220][ C0] I/O error, dev loop4, sector 161 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.614862][ C0] Buffer I/O error on dev loop4, logical block 161, lost sync page write [ 173.624024][ C1] I/O error, dev loop4, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 173.624287][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.644179][ T6708] EXT4-fs (loop1): unsupported inode size: 32768 [ 173.650532][ T6708] EXT4-fs (loop1): blocksize: 2048 [ 173.679417][ C1] I/O error, dev loop4, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 173.681030][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.699224][ C1] I/O error, dev loop4, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 173.704541][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.715474][ T3838] loop: Write error at byte offset 9223372036854857727, length 512. [ 173.719064][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.729099][ C1] I/O error, dev loop4, sector 160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 173.746437][ C1] Buffer I/O error on dev loop4, logical block 160, lost sync page write [ 173.759290][ T3575] Bluetooth: hci2: command tx timeout [ 173.759495][ C1] I/O error, dev loop4, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 173.771229][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 173.781720][ T3572] exFAT-fs (loop4): failed to exfat_remove_entries : err(-5) [ 173.799338][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.816137][ T6534] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.831353][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 173.839706][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 173.847921][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 173.864131][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 173.875784][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.891241][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.905156][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.916038][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.927138][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 173.947857][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.968048][ T6534] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.006721][ T6534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.035435][ T6534] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.038705][ T6534] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.038781][ T6534] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.038808][ T6534] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.038834][ T6534] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.074148][ T6718] 9p: Unknown Cache mode mmap" [ 174.221293][ T4278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.221366][ T4278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 174.318687][ T3838] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 174.318759][ T3838] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.084495][ T6717] loop1: detected capacity change from 0 to 32768 [ 175.367319][ T6717] XFS (loop1): Mounting V5 Filesystem [ 175.617127][ T6717] XFS (loop1): Ending clean mount [ 175.629970][ T6606] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 175.649497][ T6606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 175.658521][ T6606] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 175.679073][ T6606] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 175.726834][ T6714] loop3: detected capacity change from 0 to 262144 [ 175.746293][ T6714] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (6714) [ 175.778130][ T6714] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 175.788456][ T6714] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 175.798260][ T6714] BTRFS info (device loop3): using free space tree [ 175.821529][ T3587] Bluetooth: hci0: command 0x0406 tx timeout [ 175.831711][ T3898] XFS (loop1): Unmounting Filesystem [ 175.896314][ T6714] BTRFS info (device loop3): enabling ssd optimizations [ 175.967736][ T6714] BTRFS error (device loop3: state M): unrecognized mount option '00000000000000000000000Xcv:Q"Co"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 175.967736][ T6714] o*e4bL*' [ 176.047149][ T6103] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 176.125341][ T3838] loop: Write error at byte offset 9223372036854775807, length 512. [ 176.175049][ C0] Buffer I/O error on dev loop4, logical block 0, lost sync page write [ 176.441742][ T4273] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.537011][ T4273] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.631894][ T4273] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.645121][ T3575] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 176.655403][ T3575] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 176.669758][ T3575] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 176.682677][ T3575] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 176.690255][ T3575] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 176.699150][ T3575] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 176.747980][ T4273] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.348131][ T6769] chnl_net:caif_netlink_parms(): no params data found [ 177.435345][ T6785] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 177.629925][ T6769] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.644967][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.656814][ T6769] device bridge_slave_0 entered promiscuous mode [ 177.675978][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.688528][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.699523][ T6769] device bridge_slave_1 entered promiscuous mode [ 177.758575][ T6769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.838184][ T6769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.942232][ T6795] __nla_validate_parse: 13 callbacks suppressed [ 177.942250][ T6795] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'. [ 178.009288][ T6769] team0: Port device team_slave_0 added [ 178.038862][ T6769] team0: Port device team_slave_1 added [ 178.151143][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.188594][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.296208][ T6769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.340584][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.365723][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.457936][ T6769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.517849][ T6801] block device autoloading is deprecated and will be removed. [ 178.642324][ T6769] device hsr_slave_0 entered promiscuous mode [ 178.662483][ T6769] device hsr_slave_1 entered promiscuous mode [ 178.770114][ T6769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 178.828091][ T6769] Cannot create hsr debugfs directory [ 178.841326][ T3587] Bluetooth: hci0: command tx timeout [ 179.117235][ T6791] loop1: detected capacity change from 0 to 40427 [ 179.162144][ T6791] F2FS-fs (loop1): invalid crc value [ 179.215629][ T6791] F2FS-fs (loop1): Found nat_bits in checkpoint [ 179.230567][ T6783] loop2: detected capacity change from 0 to 262144 [ 179.238710][ T6783] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (6783) [ 179.255820][ T6809] loop3: detected capacity change from 0 to 4096 [ 179.267264][ T6783] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 179.277748][ T6783] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 179.287150][ T6783] BTRFS info (device loop2): using free space tree [ 179.335301][ T6791] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 179.341262][ T6763] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 179.398894][ T3898] syz-executor.1: attempt to access beyond end of device [ 179.398894][ T3898] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 179.518551][ T6783] BTRFS info (device loop2): enabling ssd optimizations [ 179.590534][ T6836] loop3: detected capacity change from 0 to 1024 [ 179.603149][ T6763] usb 1-1: Using ep0 maxpacket: 16 [ 179.617120][ T6783] BTRFS error (device loop2: state M): unrecognized mount option '00000000000000000000000Xcv:Q"Co"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 179.617120][ T6783] o*e4bL*' [ 179.712629][ T6534] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 179.761449][ T6763] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 179.791089][ T6763] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 179.819221][ T6763] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.843416][ T6836] loop3: detected capacity change from 0 to 4096 [ 179.857848][ T6763] usb 1-1: config 0 descriptor?? [ 179.898886][ T6836] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 180.049287][ T6769] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 180.114299][ T6769] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 180.140785][ T6769] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 180.195438][ T4273] device hsr_slave_0 left promiscuous mode [ 180.214667][ T4273] device hsr_slave_1 left promiscuous mode [ 180.222496][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.232449][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.253508][ T4273] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.271192][ T4273] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.291223][ T4273] device bridge_slave_1 left promiscuous mode [ 180.297561][ T4273] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.326533][ T4273] device bridge_slave_0 left promiscuous mode [ 180.336629][ T6807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.368141][ T4273] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.375949][ T6807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.403876][ T6763] hid (null): unknown global tag 0x83 [ 180.409331][ T6763] hid (null): unknown global tag 0xc [ 180.446859][ T6763] hid-generic 0003:0158:0100.0001: unknown main item tag 0x1 [ 180.466279][ T6763] hid-generic 0003:0158:0100.0001: unexpected long global item [ 180.477390][ T6763] hid-generic: probe of 0003:0158:0100.0001 failed with error -22 [ 180.508940][ T4273] device veth1_macvtap left promiscuous mode [ 180.515191][ T4273] device veth1_vlan left promiscuous mode [ 180.531155][ T4273] device veth0_vlan left promiscuous mode [ 180.611614][ T1148] usb 1-1: USB disconnect, device number 6 [ 180.703803][ T6844] loop3: detected capacity change from 0 to 32768 [ 180.739433][ T6844] XFS (loop3): Mounting V5 Filesystem [ 180.825171][ T6844] XFS (loop3): Ending clean mount [ 180.844379][ T4273] bond2 (unregistering): Released all slaves [ 180.861384][ T3587] Bluetooth: hci0: command tx timeout [ 180.865729][ T4273] bond1 (unregistering): Released all slaves [ 180.911965][ T6103] XFS (loop3): Unmounting Filesystem [ 181.297028][ T4273] team0 (unregistering): Port device team_slave_1 removed [ 181.319948][ T6869] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'. [ 181.332242][ T4273] team0 (unregistering): Port device team_slave_0 removed [ 181.377435][ T4273] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 181.398409][ T4273] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 181.554858][ T4273] bond0 (unregistering): Released all slaves [ 181.625042][ T6769] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 181.909131][ T6769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.936570][ T6867] loop3: detected capacity change from 0 to 40427 [ 181.942201][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 181.958632][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 181.975007][ T6867] F2FS-fs (loop3): invalid crc value [ 181.987618][ T6882] loop1: detected capacity change from 0 to 2048 [ 182.023970][ T6769] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.042557][ T6867] F2FS-fs (loop3): Found nat_bits in checkpoint [ 182.048967][ T6882] loop1: p3 < > p4 < > [ 182.063336][ T6882] loop1: partition table partially beyond EOD, truncated [ 182.063891][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 182.070469][ T6882] loop1: p3 start 4284289 is beyond EOD, [ 182.100200][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 182.111104][ T6882] truncated [ 182.138910][ T6763] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.146091][ T6763] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.214005][ T6429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 182.232797][ T6429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 182.244984][ T6867] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 182.252848][ T6429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 182.272439][ T6429] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.279670][ T6429] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.308010][ T6429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 182.324370][ T6429] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 182.358590][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 182.380500][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 182.401245][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 182.420301][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 182.468117][ T6769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 182.478621][ T6882] loop1: detected capacity change from 0 to 512 [ 182.489174][ T6103] syz-executor.3: attempt to access beyond end of device [ 182.489174][ T6103] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 182.520643][ T6769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 182.577510][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 182.606933][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 182.646453][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 182.687108][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 182.717306][ T6607] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 182.750276][ T6905] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 182.781516][ T1148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 182.820392][ T6892] loop2: detected capacity change from 0 to 32768 [ 182.844692][ T6761] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 182.866302][ T6761] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 182.885143][ T6909] loop1: detected capacity change from 0 to 1024 [ 182.886084][ T6769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.919489][ T6892] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (6892) [ 182.941491][ T3587] Bluetooth: hci0: command tx timeout [ 182.964521][ T6892] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 183.011404][ T6892] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 183.020153][ T6892] BTRFS info (device loop2): using free space tree [ 183.451352][ T6892] BTRFS info (device loop2): enabling ssd optimizations [ 184.246324][ T6950] loop1: detected capacity change from 0 to 1024 [ 184.290148][ T6950] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 184.335775][ T6955] loop3: detected capacity change from 0 to 256 [ 184.362266][ T6950] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 184.400792][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 184.424712][ T6534] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 184.443957][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 184.553932][ T3898] EXT4-fs (loop1): unmounting filesystem. [ 184.565231][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 184.577603][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 184.600755][ T6769] device veth0_vlan entered promiscuous mode [ 184.638732][ T6761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 184.667084][ T6761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 184.688106][ T6769] device veth1_vlan entered promiscuous mode [ 184.712383][ T6964] loop0: detected capacity change from 0 to 16 [ 184.730083][ T6964] erofs: (device loop0): mounted with root inode @ nid 36. [ 184.855101][ T6966] Invalid ELF header magic: != ELF [ 185.033158][ T3587] Bluetooth: hci0: command tx timeout [ 185.105116][ T6964] syz-executor.0: attempt to access beyond end of device [ 185.105116][ T6964] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 185.233223][ T6769] device veth0_macvtap entered promiscuous mode [ 185.294463][ T6769] device veth1_macvtap entered promiscuous mode [ 185.393495][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.443292][ T6972] syz-executor.0: attempt to access beyond end of device [ 185.443292][ T6972] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 185.471180][ T6607] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 185.488988][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.519461][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.536786][ T6970] syz-executor.0: attempt to access beyond end of device [ 185.536786][ T6970] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 185.558164][ T6970] syz-executor.0: attempt to access beyond end of device [ 185.558164][ T6970] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 185.582480][ T6970] syz-executor.0: attempt to access beyond end of device [ 185.582480][ T6970] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 185.591537][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.605899][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.616506][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.627058][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.637599][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.650655][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.662780][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 185.674309][ T26] audit: type=1326 audit(1718640452.123:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 185.710923][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 185.740127][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 185.755350][ T26] audit: type=1326 audit(1718640452.123:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 185.759976][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 185.793260][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 185.807142][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 185.826893][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 185.832143][ T26] audit: type=1326 audit(1718640452.123:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 185.864780][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.875742][ T6607] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 185.889256][ T6607] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 185.897959][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.918354][ T6607] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 185.930298][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.938298][ T26] audit: type=1326 audit(1718640452.123:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 185.941219][ T6607] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 185.973490][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.994877][ T26] audit: type=1326 audit(1718640452.123:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 186.000284][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.046838][ T26] audit: type=1326 audit(1718640452.123:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 186.056149][ T6607] usb 2-1: config 1 has no interface number 0 [ 186.094347][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.096441][ T6607] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 186.109581][ T26] audit: type=1326 audit(1718640452.123:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 186.135197][ T6607] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.141569][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 186.156175][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.167714][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.175247][ T26] audit: type=1326 audit(1718640452.123:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8bdbe7a6a7 code=0x7ffc0000 [ 186.214780][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.232736][ T6607] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 186.246620][ T26] audit: type=1326 audit(1718640452.123:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8bdbe40379 code=0x7ffc0000 [ 186.251951][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 186.293200][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 186.314918][ T6769] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.331649][ T6769] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.340469][ T6769] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.379088][ T26] audit: type=1326 audit(1718640452.123:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6963 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 186.404734][ T6769] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.442183][ T6607] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values [ 186.460749][ T6607] snd_usb_pod 2-1:1.1: invalid control EP [ 186.490862][ T6607] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 186.518091][ T6607] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 186.529993][ T6607] snd_usb_pod: probe of 2-1:1.1 failed with error -22 [ 186.695909][ T6763] usb 2-1: USB disconnect, device number 7 [ 188.555397][ T3747] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.585010][ T3747] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.651692][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 188.678178][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.693003][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.719696][ T6763] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 188.748010][ T7012] loop3: detected capacity change from 0 to 512 [ 188.799683][ T7012] EXT4-fs (sda1): changing journal_checksum during remount not supported; ignoring [ 188.820894][ T7019] loop0: detected capacity change from 0 to 16 [ 188.828947][ T7012] EXT4-fs (sda1): re-mounted. Quota mode: journalled. [ 188.854161][ T7019] erofs: (device loop0): mounted with root inode @ nid 36. [ 188.869375][ T7019] syz-executor.0: attempt to access beyond end of device [ 188.869375][ T7019] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 190.456460][ T7021] syz-executor.0: attempt to access beyond end of device [ 190.456460][ T7021] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 190.500637][ T7021] syz-executor.0: attempt to access beyond end of device [ 190.500637][ T7021] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 190.533337][ T7021] syz-executor.0: attempt to access beyond end of device [ 190.533337][ T7021] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 190.560459][ T7019] syz-executor.0: attempt to access beyond end of device [ 190.560459][ T7019] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 192.051242][ T6607] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 192.274945][ T7062] loop2: detected capacity change from 0 to 512 [ 192.296640][ T7062] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 192.319511][ T7065] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 192.320327][ T7062] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2810: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 192.349804][ T7062] EXT4-fs (loop2): 1 truncate cleaned up [ 192.355791][ T7062] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 192.413373][ T6607] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 192.433094][ T7062] deleting an unspecified loop device is not supported. [ 192.455258][ T6607] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 192.467959][ T6607] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 192.513324][ T6607] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 192.532273][ T6607] usb 5-1: config 1 has no interface number 0 [ 192.539715][ T6607] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 192.555314][ T6607] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.589898][ T6534] EXT4-fs (loop2): unmounting filesystem. [ 192.604465][ T6607] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 192.653204][ T7071] loop3: detected capacity change from 0 to 2048 [ 192.679891][ T7071] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 192.722418][ T7072] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 192.823832][ T6607] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 192.840336][ T6607] snd_usb_pod 5-1:1.1: invalid control EP [ 192.849681][ T7071] syz-executor.3: attempt to access beyond end of device [ 192.849681][ T7071] loop3: rw=0, sector=262216, nr_sectors = 2 limit=2048 [ 192.875435][ T6607] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 192.883625][ T6607] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 192.895728][ T6607] snd_usb_pod: probe of 5-1:1.1 failed with error -22 [ 192.904175][ T7071] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=1) [ 193.053927][ T1148] usb 5-1: USB disconnect, device number 8 [ 193.595940][ T7096] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.1'. [ 193.775783][ T7106] loop0: detected capacity change from 0 to 16 [ 193.807024][ T7106] erofs: (device loop0): mounted with root inode @ nid 36. [ 193.819421][ T7106] syz-executor.0: attempt to access beyond end of device [ 193.819421][ T7106] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 194.225274][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.234273][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.469107][ T7108] syz-executor.0: attempt to access beyond end of device [ 194.469107][ T7108] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 194.562841][ T7119] syz-executor.0: attempt to access beyond end of device [ 194.562841][ T7119] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 194.648708][ T7106] syz-executor.0: attempt to access beyond end of device [ 194.648708][ T7106] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 194.672571][ T7106] syz-executor.0: attempt to access beyond end of device [ 194.672571][ T7106] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 194.693850][ T26] kauditd_printk_skb: 127 callbacks suppressed [ 194.693864][ T26] audit: type=1326 audit(1718640461.143:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.783591][ T26] audit: type=1326 audit(1718640461.143:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.839894][ T26] audit: type=1326 audit(1718640461.213:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.868944][ T7104] loop4: detected capacity change from 0 to 40427 [ 194.877432][ T26] audit: type=1326 audit(1718640461.213:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.902966][ T26] audit: type=1326 audit(1718640461.213:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.927521][ T26] audit: type=1326 audit(1718640461.213:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.950957][ T26] audit: type=1326 audit(1718640461.213:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 194.995653][ T26] audit: type=1326 audit(1718640461.213:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8bdbe7a6a7 code=0x7ffc0000 [ 195.027179][ T26] audit: type=1326 audit(1718640461.213:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8bdbe40379 code=0x7ffc0000 [ 195.057347][ T26] audit: type=1326 audit(1718640461.213:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bdbe7cf29 code=0x7ffc0000 [ 195.082582][ T7104] F2FS-fs (loop4): Found nat_bits in checkpoint [ 195.152118][ T7104] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 195.490540][ T7134] loop1: detected capacity change from 0 to 2048 [ 195.508702][ T7139] loop3: detected capacity change from 0 to 512 [ 195.518676][ T7140] loop2: detected capacity change from 0 to 1024 [ 195.546662][ T7139] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 195.558933][ T7134] loop1: p3 < > p4 < > [ 195.563832][ T7134] loop1: partition table partially beyond EOD, truncated [ 195.589912][ T7134] loop1: p3 start 4284289 is beyond EOD, truncated [ 195.641491][ T7139] EXT4-fs (loop3): 1 truncate cleaned up [ 195.647279][ T7139] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 195.655860][ T7140] bio_check_eod: 2 callbacks suppressed [ 195.655876][ T7140] syz-executor.2: attempt to access beyond end of device [ 195.655876][ T7140] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 195.679852][ T7140] syz-executor.2: attempt to access beyond end of device [ 195.679852][ T7140] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 195.697296][ T7140] Buffer I/O error on dev loop2, logical block 2889, async page read [ 195.746719][ T7134] kvm: emulating exchange as write [ 195.811659][ T7148] syz-executor.2: attempt to access beyond end of device [ 195.811659][ T7148] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 195.877784][ T6103] EXT4-fs (loop3): unmounting filesystem. [ 195.890120][ T7147] loop1: detected capacity change from 0 to 512 [ 195.946297][ T7142] loop0: detected capacity change from 0 to 32768 [ 195.995154][ T7142] ERROR: (device loop0): diWrite: ixpxd invalid [ 195.995154][ T7142] [ 196.005952][ T7142] ERROR: (device loop0): remounting filesystem as read-only [ 196.013488][ T7142] ERROR: (device loop0): txCommit: [ 196.013488][ T7142] [ 196.061719][ T6604] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 196.249641][ T7155] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 196.307356][ T3575] Bluetooth: hci1: command 0x0406 tx timeout [ 196.431377][ T6604] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 196.439815][ T6604] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 196.450308][ T6604] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 196.460662][ T6604] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 196.470437][ T6604] usb 5-1: config 1 has no interface number 0 [ 196.477153][ T6604] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 196.486315][ T6604] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.534650][ T6604] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 196.544860][ T7162] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 196.615160][ T7166] loop2: detected capacity change from 0 to 256 [ 196.635581][ T7166] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 196.663186][ T7166] FAT-fs (loop2): FAT read failed (blocknr 64) [ 196.751290][ T6604] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 196.759502][ T6604] snd_usb_pod 5-1:1.1: invalid control EP [ 196.768694][ T6604] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 196.775928][ T6604] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 196.793263][ T6604] snd_usb_pod: probe of 5-1:1.1 failed with error -22 [ 196.959654][ T3620] usb 5-1: USB disconnect, device number 9 [ 197.248639][ T7175] loop0: detected capacity change from 0 to 32768 [ 197.263617][ T7184] loop1: detected capacity change from 0 to 1024 [ 197.280831][ T7175] ERROR: (device loop0): diWrite: ixpxd invalid [ 197.280831][ T7175] [ 197.290538][ T7175] ERROR: (device loop0): remounting filesystem as read-only [ 197.298624][ T7175] ERROR: (device loop0): txCommit: [ 197.298624][ T7175] [ 197.493127][ T7189] loop2: detected capacity change from 0 to 1024 [ 197.505043][ T7190] loop3: detected capacity change from 0 to 256 [ 197.533643][ T7189] syz-executor.2: attempt to access beyond end of device [ 197.533643][ T7189] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 197.555935][ T7189] syz-executor.2: attempt to access beyond end of device [ 197.555935][ T7189] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 197.577522][ T7189] Buffer I/O error on dev loop2, logical block 2889, async page read [ 197.695086][ T7197] syz-executor.2: attempt to access beyond end of device [ 197.695086][ T7197] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 197.781939][ T6769] [ 197.784293][ T6769] ====================================================== [ 197.791298][ T6769] WARNING: possible circular locking dependency detected [ 197.798308][ T6769] 6.1.94-syzkaller #0 Not tainted [ 197.803312][ T6769] ------------------------------------------------------ [ 197.810322][ T6769] syz-executor.4/6769 is trying to acquire lock: [ 197.816637][ T6769] ffff88807fc7c3f8 (&journal->j_checkpoint_mutex){+.+.}-{3:3}, at: __jbd2_log_wait_for_space+0x213/0x760 [ 197.827853][ T6769] [ 197.827853][ T6769] but task is already holding lock: [ 197.835227][ T6769] ffff88807fc78650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x46d/0x1150 [ 197.844305][ T6769] [ 197.844305][ T6769] which lock already depends on the new lock. [ 197.844305][ T6769] [ 197.854727][ T6769] [ 197.854727][ T6769] the existing dependency chain (in reverse order) is: [ 197.863750][ T6769] [ 197.863750][ T6769] -> #3 (sb_internal){.+.+}-{0:0}: [ 197.871066][ T6769] lock_acquire+0x1f8/0x5a0 [ 197.876115][ T6769] percpu_down_read+0x44/0x1a0 [ 197.881418][ T6769] ext4_evict_inode+0x46d/0x1150 [ 197.886892][ T6769] evict+0x2a4/0x620 [ 197.891338][ T6769] ext4_ext_migrate+0x100b/0x12f0 [ 197.896885][ T6769] ext4_ioctl+0x1dc6/0x5f60 [ 197.901916][ T6769] __se_sys_ioctl+0xf1/0x160 [ 197.907039][ T6769] do_syscall_64+0x3b/0xb0 [ 197.912000][ T6769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 197.918426][ T6769] [ 197.918426][ T6769] -> #2 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 197.926858][ T6769] lock_acquire+0x1f8/0x5a0 [ 197.931894][ T6769] percpu_down_read+0x44/0x1a0 [ 197.937276][ T6769] ext4_writepages+0x1e5/0x3de0 [ 197.942650][ T6769] do_writepages+0x3a2/0x670 [ 197.947766][ T6769] filemap_fdatawrite_wbc+0x121/0x180 [ 197.953665][ T6769] filemap_write_and_wait_range+0x1a4/0x290 [ 197.960082][ T6769] __iomap_dio_rw+0xb4e/0x2130 [ 197.965370][ T6769] iomap_dio_rw+0x42/0xa0 [ 197.970223][ T6769] ext4_file_write_iter+0x1464/0x1880 [ 197.976124][ T6769] do_iter_write+0x6e6/0xc50 [ 197.981236][ T6769] do_pwritev+0x216/0x360 [ 197.986088][ T6769] do_syscall_64+0x3b/0xb0 [ 197.991118][ T6769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 197.997539][ T6769] [ 197.997539][ T6769] -> #1 (&sb->s_type->i_mutex_key#8){++++}-{3:3}: [ 198.006156][ T6769] lock_acquire+0x1f8/0x5a0 [ 198.011185][ T6769] down_read+0xad/0xa30 [ 198.015860][ T6769] ext4_bmap+0x4b/0x410 [ 198.020541][ T6769] bmap+0xa1/0xd0 [ 198.024704][ T6769] jbd2_journal_flush+0x5b5/0xc40 [ 198.030257][ T6769] ext4_ioctl+0x3986/0x5f60 [ 198.035293][ T6769] __se_sys_ioctl+0xf1/0x160 [ 198.040416][ T6769] do_syscall_64+0x3b/0xb0 [ 198.045366][ T6769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 198.051785][ T6769] [ 198.051785][ T6769] -> #0 (&journal->j_checkpoint_mutex){+.+.}-{3:3}: [ 198.060575][ T6769] validate_chain+0x1661/0x5950 [ 198.061472][ T6604] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 198.065947][ T6769] __lock_acquire+0x125b/0x1f80 [ 198.078844][ T6769] lock_acquire+0x1f8/0x5a0 [ 198.083884][ T6769] mutex_lock_io_nested+0x134/0xab0 [ 198.089610][ T6769] __jbd2_log_wait_for_space+0x213/0x760 [ 198.095772][ T6769] start_this_handle+0x1040/0x21b0 [ 198.101415][ T6769] jbd2__journal_start+0x2d1/0x5c0 [ 198.107051][ T6769] __ext4_journal_start_sb+0x19b/0x410 [ 198.113041][ T6769] ext4_evict_inode+0x8dc/0x1150 [ 198.118508][ T6769] evict+0x2a4/0x620 [ 198.122933][ T6769] vfs_rmdir+0x381/0x4b0 [ 198.127703][ T6769] do_rmdir+0x3a2/0x590 [ 198.132390][ T6769] __x64_sys_unlinkat+0xdc/0xf0 [ 198.137770][ T6769] do_syscall_64+0x3b/0xb0 [ 198.142723][ T6769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 198.149150][ T6769] [ 198.149150][ T6769] other info that might help us debug this: [ 198.149150][ T6769] [ 198.159380][ T6769] Chain exists of: [ 198.159380][ T6769] &journal->j_checkpoint_mutex --> &sbi->s_writepages_rwsem --> sb_internal [ 198.159380][ T6769] [ 198.173995][ T6769] Possible unsafe locking scenario: [ 198.173995][ T6769] [ 198.181440][ T6769] CPU0 CPU1 [ 198.186802][ T6769] ---- ---- [ 198.192243][ T6769] lock(sb_internal); [ 198.196319][ T6769] lock(&sbi->s_writepages_rwsem); [ 198.204042][ T6769] lock(sb_internal); [ 198.210634][ T6769] lock(&journal->j_checkpoint_mutex); [ 198.216189][ T6769] [ 198.216189][ T6769] *** DEADLOCK *** [ 198.216189][ T6769] [ 198.224329][ T6769] 3 locks held by syz-executor.4/6769: [ 198.229783][ T6769] #0: ffff88807fc78460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 198.238957][ T6769] #1: ffff888056d1d440 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: do_rmdir+0x251/0x590 [ 198.248995][ T6769] #2: ffff88807fc78650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x46d/0x1150 [ 198.258498][ T6769] [ 198.258498][ T6769] stack backtrace: [ 198.264393][ T6769] CPU: 0 PID: 6769 Comm: syz-executor.4 Not tainted 6.1.94-syzkaller #0 [ 198.272817][ T6769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 198.282895][ T6769] Call Trace: [ 198.286182][ T6769] [ 198.289123][ T6769] dump_stack_lvl+0x1e3/0x2cb [ 198.293813][ T6769] ? nf_tcp_handle_invalid+0x642/0x642 [ 198.299289][ T6769] ? print_circular_bug+0x12b/0x1a0 [ 198.304494][ T6769] check_noncircular+0x2fa/0x3b0 [ 198.309435][ T6769] ? mark_lock+0x9a/0x340 [ 198.313774][ T6769] ? add_chain_block+0x850/0x850 [ 198.318722][ T6769] ? lockdep_lock+0x11f/0x2a0 [ 198.323409][ T6769] ? validate_chain+0x112/0x5950 [ 198.328445][ T6769] ? _find_first_zero_bit+0xd0/0x100 [ 198.333829][ T6769] validate_chain+0x1661/0x5950 [ 198.338736][ T6769] ? reacquire_held_locks+0x660/0x660 [ 198.344125][ T6769] ? reacquire_held_locks+0x660/0x660 [ 198.349512][ T6769] ? reacquire_held_locks+0x660/0x660 [ 198.354894][ T6769] ? validate_chain+0x112/0x5950 [ 198.359882][ T6769] ? unwind_next_frame+0x1a3f/0x2220 [ 198.365177][ T6769] ? deref_stack_reg+0x17c/0x210 [ 198.370121][ T6769] ? 0xffffffffa0000950 [ 198.374294][ T6769] ? 0xffffffffa0000950 [ 198.378500][ T6769] ? mark_lock+0x9a/0x340 [ 198.382852][ T6769] __lock_acquire+0x125b/0x1f80 [ 198.387735][ T6769] lock_acquire+0x1f8/0x5a0 [ 198.392253][ T6769] ? __jbd2_log_wait_for_space+0x213/0x760 [ 198.398076][ T6769] ? __jbd2_log_wait_for_space+0x213/0x760 [ 198.403894][ T6769] ? read_lock_is_recursive+0x10/0x10 [ 198.409281][ T6769] ? __might_sleep+0xb0/0xb0 [ 198.413882][ T6769] ? __jbd2_log_wait_for_space+0x213/0x760 [ 198.419785][ T6769] mutex_lock_io_nested+0x134/0xab0 [ 198.424991][ T6769] ? __jbd2_log_wait_for_space+0x213/0x760 [ 198.430811][ T6769] ? __jbd2_log_wait_for_space+0x207/0x760 [ 198.436633][ T6769] ? __lock_acquire+0x1f80/0x1f80 [ 198.441676][ T6769] ? mutex_lock_interruptible_nested+0x20/0x20 [ 198.447850][ T6769] __jbd2_log_wait_for_space+0x213/0x760 [ 198.452245][ T6604] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.453485][ T6769] ? do_raw_write_lock+0x143/0x4e0 [ 198.469508][ T6769] ? jbd2_commit_block_csum_verify+0x4f0/0x4f0 [ 198.475680][ T6769] ? do_raw_read_unlock+0x70/0x70 [ 198.480714][ T6769] start_this_handle+0x1040/0x21b0 [ 198.485830][ T6769] ? jbd2__journal_start+0x144/0x5c0 [ 198.491230][ T6769] ? jbd2__journal_start+0x5c0/0x5c0 [ 198.492244][ T6604] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.496535][ T6769] ? __kasan_slab_alloc+0x65/0x70 [ 198.496554][ T6769] ? slab_post_alloc_hook+0x71/0x3a0 [ 198.516636][ T6769] ? rcu_is_watching+0x11/0xb0 [ 198.521407][ T6769] ? jbd2__journal_start+0x144/0x5c0 [ 198.526701][ T6769] jbd2__journal_start+0x2d1/0x5c0 [ 198.531821][ T6769] __ext4_journal_start_sb+0x19b/0x410 [ 198.537290][ T6769] ext4_evict_inode+0x8dc/0x1150 [ 198.542238][ T6769] ? _raw_spin_unlock+0x24/0x40 [ 198.547106][ T6769] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 198.553018][ T6769] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 198.556928][ T6604] usb 4-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 198.558906][ T6769] evict+0x2a4/0x620 [ 198.571829][ T6769] vfs_rmdir+0x381/0x4b0 [ 198.576093][ T6769] do_rmdir+0x3a2/0x590 [ 198.580261][ T6769] ? d_delete_notify+0x150/0x150 [ 198.585216][ T6769] ? syscall_enter_from_user_mode+0x2e/0x230 [ 198.591208][ T6769] __x64_sys_unlinkat+0xdc/0xf0 [ 198.596095][ T6769] do_syscall_64+0x3b/0xb0 [ 198.600696][ T6769] ? clear_bhb_loop+0x45/0xa0 [ 198.605387][ T6769] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 198.608505][ T6604] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.611274][ T6769] RIP: 0033:0x7f254c87c707 [ 198.611290][ T6769] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 198.611316][ T6769] RSP: 002b:00007ffe36d58478 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 198.611335][ T6769] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f254c87c707 [ 198.611347][ T6769] RDX: 0000000000000200 RSI: 00007ffe36d595e0 RDI: 00000000ffffff9c [ 198.611358][ T6769] RBP: 00007f254c8d96c6 R08: 0000000000000000 R09: 0000000000000000 [ 198.611369][ T6769] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffe36d595e0 2024/06/17 16:07:45 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 198.684089][ T6769] R13: 00007f254c8d96c6 R14: 00000000000303a3 R15: 0000000000000004 [ 198.692080][ T6769] [ 198.701830][ T6604] usb 4-1: config 0 descriptor??