last executing test programs: 5.286342704s ago: executing program 2 (id=15796): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=") prlimit64(0x0, 0x7, &(0x7f0000000140)={0x4, 0x8d}, 0x0) r0 = getpgid(0x0) syz_pidfd_open(r0, 0x0) 5.105052835s ago: executing program 0 (id=15797): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0xc5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000001700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) 4.788099851s ago: executing program 0 (id=15798): r0 = epoll_create1(0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a}) ppoll(&(0x7f0000000780)=[{r0}], 0x1, 0x0, 0x0, 0x0) 4.666408557s ago: executing program 5 (id=15801): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080), 0x1) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000440), 0x1) 4.611470356s ago: executing program 2 (id=15802): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = io_uring_setup(0x63d6, &(0x7f0000000240)={0x0, 0x0, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2) io_uring_enter(r0, 0xcbffffff, 0x0, 0x11, 0x0, 0x0) 4.362185408s ago: executing program 3 (id=15803): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_none}]}}) 4.358563517s ago: executing program 2 (id=15804): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) 4.203152618s ago: executing program 4 (id=15805): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_elf64(r0, &(0x7f00000003c0)=ANY=[], 0xa0e) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x2000000) 3.744271827s ago: executing program 3 (id=15808): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchdir(r0) close(r0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) 3.629037926s ago: executing program 0 (id=15809): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x200000000000000}, 0x0) r0 = io_uring_setup(0x7bda, &(0x7f0000000080)) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x18, 0x20000000, r1) 3.289252859s ago: executing program 3 (id=15810): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6000000010000100"/20, @ANYRES32=r2, @ANYBLOB="040047000000000034001680300001802c000c"], 0x60}}, 0x0) 3.244955717s ago: executing program 0 (id=15811): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) getgroups(0x0, 0x0) 2.866932895s ago: executing program 5 (id=15812): unshare(0xc040480) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) preadv2(r0, &(0x7f0000000400)=[{&(0x7f0000001140)=""/4096, 0x2007ffb}], 0x1, 0x0, 0x0, 0x41) 2.848742265s ago: executing program 2 (id=15813): r0 = socket(0x2, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)="63546067c757837c50f8a81b6315c5d35a940351", 0x14}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="10000000000000000100000001"], 0x30}}], 0x2, 0x0) 2.652724714s ago: executing program 5 (id=15814): setreuid(0x0, 0xee01) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x89901) close(r0) 2.617007556s ago: executing program 2 (id=15815): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file3\x00', 0x0, &(0x7f0000005700)=ANY=[@ANYBLOB="6e6f61636c2c6e6f757365725f78617474722c6e6f71756f74612c6e6f71756f74612c66617374626f6f742c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6673796e635f6d6f64653d7374726963742c6772706a71756f74613d272c616c6c6f635f6d6f64653d64656661756c742c6e6f696e6c696e655f78617474722c00e04cbd9a4f63af8c98e7f638dba07a40d32059fb6ddd2f4cc595bf28c283364e3ebb4d506eb7ea924d3bc4a944eb7ff5cd986dd3b7cb533e7d1a244d820bfa6d3ed0080f7bc8bfba8ae0b56c48ad64dcbcc449e149ea6d309082c9759d87451a2e1bbb8b7b013e3d5fad19da476837e286c64e240600000000000000b00d3188d38d15f988d55c7cdd5f4d76947e0e70ad90dac3ac2df4a232ccd9aed86b51c33c98784699aa72bbef855492eb3cd24b7fe8f2f215c60c01a07e4918a0"], 0x1, 0x550f, &(0x7f00000001c0)="$eJzs3M9rI+UbAPAn7XZ/f/dbxIO3HViEFjZh0x+L3qru4g/sUlY9eNI0SUN2k0xp0rT25MGjePA/EQVPHv0bPHj2Jh4Ub0IlM1PdqgtC08RtPx+YPPO+efPM84Zl4ZkpCeDcmk9+/bkUN+JKRMxGxPWI7LxUHJm1PLwQETcjYuaJo1TM/zFxMSKuRsSNUfI8Z6l46/Pbw1urP731yzffXbpw7Yuvv5/eroFpezEiutv5+V43j2krj4+K+dqwncXuyrCI+Rvdx8U4zeNeczPLsFc7WlfL4nIrX59u7/ZHcatTq49iq72VzW/38gv2h62jPNkHHtV2snGjuZnFdj/NYusgr2v/IP+/7aA/yPM0inwfZeljMDiK+Xxzv5nvZ/txFuu9QTGf500bzf1RHBaxuFzU004jq2PzJN/0f9vb7d7ufjJs7vTbaS9ZrVRfqlTvlqs7aaM5aK6Ua93G3ZVkodUZLSsPmrXuWitNW51mpZ52F5OFVr1erlaThXvNzXatl1SrleXKnfLqYnF2O3n9wXtJp5EsjOKr7d7uoN3pJ1vpTpJ/YjFZqiy/vJjcqibvrG8kGw/v31/feDfuvf/glfU3XysW/a2sZGHpztJSuXqnvFRdPIP7/+Ap+/+kKHqM+4cTKU27AIBnj/4fmIbT6/93HsbhYTZ/mv1/6P/HYlz97+Ek+t/z3v+fwv7hRPT/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1g9zX76Rnczn42vF/P+KqeeKcSkiZiLi8B/MxsVjOWeLPHNPWT/3lxq+LUWWYXSNS8VxNSLWiuO3/5/2twAAAABn11cf3/ws79bzl/lpF8Qk5TdtZq5/OKZ8pYiYm/9xTNlmRi/PjylZ9u/7QuyPKVt2A+vymJLlt9wujCvbvzJ7LFx+IpTyMDPRcgAAgIk43glMtgsBAABgkj6ddgFMRymOHmUePQvO/vL+zweCV46NAAAAgGdQadoFAAAAAKcu6//9/h8AAACcbfnv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/M7O/dyoDURxAH62cSD/FBTlnla4QRkpIcccIwpIE5RAWkgD1EBuKSGCFR4vWlbsaiWP7d3V90kwjAU/ZhA+zBtpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjT33q7+v3z66+uOYdjN3lmAwAAAFyzr7er5sU89d+31z+2lz63/SIiyoi4tnav4s1FZtXm1A+8v743hj8RTcLpO6bt411ELKqIRUT8/9T3rwAAAACv1269WabVenqajz0ghpSKNuWHb5nyioio5/8ypZWnvC+Zwpr/9yR+ZEprClizTGGp5DbJlfYkze1+rtrN7jRFasrHP59t7gAAwICqi2bYVQgAAABD+j72ABhHEbdbmeetwGlq2u29txc9AAAA4AUqxh4AAAAA0Ltm/f+sz/8L5/8BAABAV+n8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPq0r7er3Xqz7JpzOHaTZzYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3LA/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb373l/8TU+NMMvfaWHoeSdZOja1TY+/cOPrD+Po1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAX/e6X/xNT40wyd9pYOh5J1q4aW1eNvQeNowfj7d8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79u0ZSxQEAfzOzs/FOxTXKFhFRsNDGy+2dd14nFkqw8E8QQm7vjLcqnim84xDS2Enqa0RLEUGJ3f0PVyeQJnYptohgYbUyszPJ5Ae4/prZZD8fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKXh24dxkh064zguzm3tP1jJ+u1jfebRxs5C1rI4qjPps+HF6oeo21wiAAAAzI6krO9DCLvp5lLWx528/k/La7Ka/9unx3FZzx+v+8u+rP2z9svPe88fDNQZj5Pd9NbqoH/5ZCqt/2+W0+2Zv7yilT/5/N1Lkn8h8Xvrzw3T/HlGXz9+/E47D+fqyBYA+CculX0RlL8PZX2vycQAmBmtSuFd1v9Jp9mcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOowXA9PlnEUQlhoHcaZ7f0HK6f1jzZ2Fsp2/eHDjeo9s1ukIYRbq4P+5RrnMu0+v3f/zvJg0L9bf/BSCKGp0d8qpn/ngwkuDqGR5yP4j4K4+LKnJZ+zETT4QwkAgHMpLVpW1++mm0vZuWg+hNF3R+v/VytxmLD+3/vw+lZ1rGr936tthg2am+yyxbU/RqPRvfuvr368fLt/u//JG1d6b/au3rh27cZi/q5k0RsTAAAA/p120ar1fzx/cv3/YiUOE9b/n33T+7I6VjJr9f+EDhf9ms4EAABgtj378u+/Raecj9rt8MXy2trd3vh48PnK+NhAqn/bXNGq9X8y33RWAAAAQB2G69GR9f+blThMuP7/1Pcv/Fi9ZxJCuFCs/19a+XRws77pTLU6/py46TkCAADQrAtFq67/p/n+//hgy0McQnjtlXFc/BvAier/5N2vfqiOVd3/f7W+KU6luDt+HnnfDaHVbTojAAAAzrMnipYV+7+mm0sf/XTx/bb9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1+zMAAP//H1NCtw==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsync(r0) 2.325057278s ago: executing program 5 (id=15816): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x4b}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 2.324897428s ago: executing program 3 (id=15817): unshare(0x600) capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x6ee89126bd9a2aaa}, 0xc) 2.029282094s ago: executing program 5 (id=15819): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.978565794s ago: executing program 3 (id=15820): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-ssse3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000026c0)=[{{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000002700)="dba2160ab89da6658a8fa6789c907e8a24628498ea5fb4e24b235521833ccd102dfb52e039eb33b3b3c4cc936d9f11c56587843057699cb0bdf89c13b36b7b11024f9dc57ebedcae66cdf35515b89bffc4c3ba76308d73a338ba6defb0b3b71361341d0e64de40678be9928aea8a1ab139c0cc91fa2140dd34340e40e8e0a6b09d9eee9c692722a03147b0237afa44ac25f629b1153cd5b0247fd3edbd2f89c5d521b7ad1e0ca4865d20e5a758e9a6c2daeb247423ecf2078e707a2fb573f6a545baf583e8798b8252885813f6b2b59432a031812f6af8b8ee3915517bc6626acfc066d80988ce52b13dd195152e5123aaa16686ebdb1de85e8a542068c848e3a832975b6f885bbda26559db38d46aab4d20a3c86ff771dec00396bd0be55c818ecabe04bd3e84c89f26702cab3d38e907d0680dff694e34afa48166f365e6fb8a256e0af00b3e27bde7104fb833ff8524adb8230ab3c273a7a9a3c33b6a3f02af8793278fa5bacf9cd36e03c259575c4f0e2c6fa8d0bebb2e01f34ad8050747f8eff0b3ca04b8d01b497833629c5eebe21de4abee888b6cdd859e450da42c411b3688af6e1116834c92aea534cc2c0d84be553a21ab658a100509258dc2ece0874e90e5d2bf9111ef44f4e3cef335c8ac3260fd9f470133f17c0042781192fdab812a4182b532f77eb79f8a06d030b2dd4591ba5c3c1cf89840b1ff40fc4eaa41704b68974f7eaf7503d33e61761714625678c930f6c85ef4916be22e148ae5f6b82913848984a66a35c639e705ee0946fd96cb7562298c77e0b237df39c2c2cc6edb4b0823d9e742acdcf0b5c82f3db331bb01aa9c7802a9e4a8fb9f4444da273ab870c0b0184d034e224054b9f5636533207e86448806f2f1f5f13f90698557a1ef655adc847280fb9461eaeaca6ccf7c20471d66b476c8b85d2c9fddae613b80e26269ca36f139d1dbb3fea8a4f004d5adb93de2b54e3dba815e59ece08d42a1cdba186113f173a38ff4afa87325a054df8a07129cc645fd84dcc375a3d2679aceca24c1e7337ba1a07b3dbdbdb7f3d4333f7e5765577652a45cba8f9506d494f3afc700c279187ee809e8e7be299665e56f558a560d20f03389b1581b5cce57d96142bc791be64da46195e3a9bc85273a587d7c4273e07f874100496fbdc9acd69f5343b4dbca4875c766315c6d6332f5c627260c387197cc44b8fdacd76f4b8d2a89055a1a6703c0e1cf0af091faca022767328fd951990c2e26b03b832d2438ddbd0a0d272d621da02f78797055c0afefcfa9103416016288c6d0e554923d8711535b8e725dd908165f9e62d20ef3a4ec162c3ede9bdd95161d3dab547898fc3d5ef8b25121abbd44b8b1482f9c6e10758bd71d41f367ed68f9b6f06b159108aa8ebfe3b80fbd31e678226085f04b46bc52b02ec5b819e7ad1f69fed9ee7c84a15194dbb2e924f7d929e79c1ac42ace155a2d8ad27e22a376cbd5c84678264bb72ee79b455114d3017ce720c88f2e5579a843ef6a97e7901c7327e1543daf68bc0db074c02a800a8d1231fc4c025a6632db6f3c4d1c7b48b6c3b4db9dddaf9b8d15a5d6813c44d52ebbd0110e2de814be2151634eabd2e5eef559efe64a24dd86b1ecd9f90e18d3f33314b98181c4efad40e6978407df9afdd9f13a45df310bb812a99052e1f3f11850f60d99854e3e31adcb5e385705d4a85aa4788a0dc663649d2e7a412dbe1ee9cf12a1108899178382e7fea442179dfdd42237a0d18cd36b510f499d3d87c8d752c323bfe835d825104335ab706ce9d0c427849c06d3aeb08789a1689693cce656c45a02af9c35c28406e2186c6b8351c50975dfbb92e5e7776d1efe760e16531e3efb699a57b153cacaade043d6f197761fb987625df97a3b90766a0c3862cdda30dfd42970efe6147307ea12cfddc51da837d1e1f60a2d329de954cc0485319d82de7103c21ff1186cb3f6716fcd8786d72cdf660749567a9a6d4a9c50347ad29e16750d857d5b03f35fba79965ad43ca3d1832d586342f1f4c261cd7da7002e365f9e78d5f733df1fe101e9ae38a915fccd7de41379c73607e5c53b18e6a3b24a36735410eecb972c07cbdb39ec449a0b96ce34c076d48d8f0f2b0760b8cc754d928c60817ba3146244609ea0108fa83818b5fc6f472b819eb693857982496e26f9938faac0c4dcc6683c462baaea230118d39bacda94ba365804c42aaf3c020d39124dcc0770be94af1165637610090eaa10faa2014013ae82bd9e75bd6ab9d7a5aad2a91a4b2a69552f84f4e58237d80ace51ad12407bef25f00f0aa806acbac2fcfbb00b645bbd7068776f7a500665c856984f7a4ed8b3b2050b45704a6ea79fbc0ebb80f29a6a0505312c6da7a2b3f3542475418a0b77b48a3a84246c0538efd4de948a3fb22d42dfdd16336ab50ad33c4e13620dd8b5a01d46bfdcf379270bfa66f8d19a199a5691982107dcfda230809732969fb7702616e4ae2c1f58548c1892246eb6bb2414170ba15e92beb09372be6c398e4ca5b425538fb86185b5d19e043aa0f5f7dfd60d985921ddede7b0075af20f5ef2570795fb64157afdc412a06cb22f5c7bb8db9b1c6227835e39ad0b9e2137597f0831ed992e3bc8d42cce9246d3c712844959f32a874581913d73ab7d8159a2d5cbd2ecc350da3c4691dbb96b866f97475d08925b935c6d1022997e8ee09782d279bce6768ec2998f02cf62ae4aa245188594f6dbfddce769282e02190735bc8211d5123d94f947d882881cc5135c56fe1262c759174941153d09d0cae8c2bddd9b820ee46247d0ec947cd7ff6d057a798cac128d144663caa6077101b04e4b3586e5f3e2cc9cda7b13173d05148e9a93172ba0ac3e8369c22ad7b970f6665fab7d86e194b2a28cc81d4e0c48b59f18ad2ea79ed38b39cd5d5232b5b17d02d7fddda512267ffdd427235a051748bda68afa23e2cfe7a9af8593934760e386bceb8be4e3fcd42f9dd1f1c60e8c1ac44cbbc469cf8daabee301ece2ca028dff49b13bdcde6dadd0b4a88bd102563d4535683d0818186d3afd3e5f647665451a2acea062cdbc0bcf5f7b4a34e64a96505616818b214aec9ecca83a12c905b08bb5f39b42326b996796be0ed201ab34535f26d74059062316301fe250d9cad854d745240371d2011ef6fbd83a0581d54c1d7b4d03f97d5fb34e36b5ea14267abbdd2e2c91b858fd5eb50a6a62162c82a2e9b53b8c161f4f743e8e6e683cb3479f9a1248a26524d1aa89a1b2ffb54efa35198ded5d63f7c71d58969c5a9c20aac378ce4e4ced5eb07fb3f5694d99ad82181b72536e3e332d5cfb7757a4f238aee87517b1100791fc07020311ac266bce9941e1ffa2f0855a66ed4d6563857ac5a911f170e9bd5f450b4498d28ae605a383f628884875388f8abe9c59922b", 0x980}], 0x1}}], 0x1, 0x0) 1.796509275s ago: executing program 4 (id=15822): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000100)) sendmmsg$inet(r0, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 1.561447705s ago: executing program 1 (id=15823): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) lseek(r0, 0xffffffffffffffff, 0x0) 1.49287531s ago: executing program 3 (id=15824): syz_mount_image$jfs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='quota,errors=remount-ro,integrity,iocharset=cp932,nodiscard,nointegrity,grpquota\x00quota,resize,iocharset=iso8859-5,uid=', @ANYRESDEC, @ANYBLOB="2c726573697a653d3078303030303030303030303030303030332c713a5774613f726573697a652c7533727130303030303030303000303030303030303030342c736d61636b66736861743d6574002678f9edfbac5d6325f9002c00c9cd79b9b92293ea"], 0xfe, 0x61d3, &(0x7f0000008140)="$eJzs3c1vHGcdB/DfvvqltLV6qEqFkJuWl1KaxEkJgQJND3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0XER09FbG2vr9aLLxyyH9/9499/98Mn3vrbHwbn/vunO73XJ6139+6v/vPne0fbZgAAAChNVVVVJ33Mfz59vu+23SkAYCry63+V5OWnvv71P9/6yyz1R61Wq9XqKdRN1Xj3mkVEbDRvU79ncDgeAE6Yjfi47S7QIvkXrR8RT7TdCWCmddruAMdia3t9tZPy7TRfD5Z32/O5IPvy3+g8uL5j0vQgo+eYTOvxtRm9eGZCfxam1IdZkvPvjuZ/bbd9mNY77vynZVL+w91Ln4qT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfn//5daPv47d/RNOZRPOv67PKU+AAAAAAAAAMDjdtTx/x4w/h8AAADMrPqzeu03T+0tm/RdbPXyq52IJ0fWBwqTLpZZbLsfAAAAAAAAAAAAAFCS/u45vFc7EYOIeHJxsaqq+qdptH5UR739SVf69kPJ2n6SBwCAXR89NXItfydiPiKupu/6GywuLlbV/MJitVgtzOX3s8O5+Wqh8bk2T+tlc8NDvCHuD6v6l803btd00Oflg9pHf199X8Oqd4iOPSaD9Nec0NxS2ACQ7L4abXlFOmWq6ulJbz5gH/v/KbQUS20/rph9bT9MAQAAgONXVVXVSV/n/Xw65t9tu1MAwFTk1//R4wJHqrsT2iMez+9Xq9VqtVr9qeqmarx7zSIiNpq3qd8zGI4fAE6Yjfi47S7QIvkXrR8Rz7XdCWCmddruAMdia3t9tZPy7TRfD9L47vlckH35b3R2bpdvP256kNFzTKb1+NqMXjwzoT/PTqkPsyTn3x3N/9pu+zCtd9z5T8uk/Ic7l8yVJ+ffG81/xOnJvzs2/1Ll/PuPlH9P/gAAAAAAMMPy//8vOf6bNxkAAAAAAAAATpyt7fXVfN1rPv7/uTHruf7zdMr5dx41/4U0L/8TLeffHcn/yyPr9Rrz99/c2///vb2++vs7//psnh42/7k800mPrE56RHTSPXX6aXqUrXvY5qA3rO9p0On2+umcn2rwTtyIm7EW5/et201/j732lX3tdU8H+9ov7GvvP9R+cV/7IH3vQLWQ28/GavwkbsbbO+1129wB2z9/QHt1QHvOv+f5v0g5/37jp85/MbV3Rqa1+x92H9rvm9Nx93Plxud/ef74N+dAm9F7sG1N9fadaaE/O3+TJ4bxs9trt87evX7nzq2VSJN9Sy9EmjxmOf/Bzs/c3vP/i7vt+Xm/ub/e/3D4yPnPis3oT8z/xcZ8vb0vT7lvbcj5D9NPzv/t1D5+/z/J+U/e/19poT8AAAAAAAAAAAAAAADwSaqq2rlE9EpEXErX/7R1bSYAMF1XIu5Fej9Qy8vVarVarVafvrqpGu+NZhERf23e5lJE/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpS213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+aWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOMvxM743Gcnjf99Jh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5v9AY77zO//mR4ddLGP91dMz7EuT8zzQez3X+XxpZr5l/9duZy3/jsCtuRndf/ufuvPfTc7ff/+DVG+9df3ft3bUfX1xZOX/x0qXLly+fe+fGzbXzu/8eT69nQM4/j33tPNCy5Pxz5vIvS87/C6mWf1ly/l9MtfzLkvPP7/fkX5acf/7sI/+y5PxfTrX8y5Lz/0qq5V+Wre31uTr/V1It/7Lk/f+rqZZ/WXL+r6Za/mXJ+Z9NtfzLkvM/l+pD5O/r4U+RnH8+wmX/L0vOfyXV8i9Lzv9CquVflpz/xVTLvyw5/9dSLf+y5Py/lmr5lyXnfynV8i9Lzv/rqZZ/WXL+l1Mt/7Lk/L+RavmXJef/zVTLvyw5/9dTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5v5Fq+Zdl7/v/zZgxYybPtP3MBAAAAAAAAAAAAACMmsbpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TevHUIMhODkb2CTmBCSJbu2E7/wb4oJrw1QCiQU+oLjetdmwW947RIokk0DJRJGpRVV04u2gFAbqaqIKi5oRWkuqr5clfaC3lRUlZAaVQEFVKS2otlq5jzP45nZ2Zld73h99jyfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnH+s42iKJp/Wn9tL4oXND/eOrW9ddnrrvUWAgAAAOv1v62/n7shXXBoFTdqW+ZvX/EPX19aWloq3j/6O+NfXFpKV0wVxfiWomhdFz31bx9otC8TPFZMNkbaPh8ZsPrRAdePDbh+fMD1EwOu3zLg+skB1y/bActsLX8e07qzXa0Pt5e7tLixGG9dt6vHrR5rbBkZiT/LaWm0brM0fqxYKE4U88Vsx/Llso3W8t+8tbmutxVxXSNt69rZPEJ++MmjcRsaYR/v6ljX5fuMvv+GYupHP/zk0T869+zNvebA3dBxf+V23nlbczs/HS4pt7VRbEn7JG7nSNt27uzxnIx2bGejdbvmx93b+dwqt3P08mZuqO7nfLIYaX387dZ+Gmv/sV7aTzvDZf91e1EUFy9vdvcyy9ZVjBTbOi4Zufz8TJZHZPM+mofSi4uxNR2nt67iOG3OuV2dx2n3ayI+/7eG242tsA3tT9P3PzWx7Hlf63EaNR/1Sq+V7mNw2K+VqhyD8bj4dutBP97zGNwVHv8n71j5GOx57PQ4BtPjbjsGbxt0DI5MjLa2OT0JjdZtLh+DuzuWH22tqdGaz9zR/xicOXfyzMzixz/x2oWTR47PH58/tXf37tm9+/YdOHBg5tjCifnZ8u8r3NvVt60YSa+B28K+i6+BV3ct236oLn15eK/DyT6vw+1dyw77dTjW/eAaG/OCXH5Ml6+Nh5o7ffLSSLHCa6z1/Ny1/tdhetxtr8Oxttdhz68pPV6HY6t4HTaXOXPX6r5nGWv702sbrtbXgu1tx2D39yPdx+Cwvx+pyjE4GY6Lf7lr5a8FO8P2Pj691u9HRpcdg+nhhvee5iXp+/3JA63R67i8pXnFdRPF+cX5s/c8euTcubO7izA2xEvajpXu43Vb22Mqlh2vI2s+Xg8tvOLxW3pcvj3sq8nXNv+aXPG5ai5z7z39n6vWV7fe+7Pj0j1FGEO20fuz11fz5v5MWbLP/mwu8+mZ9X8vnnJp2/vv+ArvvzH3P1+uL93VY6PjY+XrdzTtnfGO9+POp2qs9d7VaK37uZnVvR+Phz8b/X58Y5/34x1dyw77/Xi8+8HF9+PGoJ92rE/38zkZjpMTs/3fj5vL7Niz1mNyrO/78e1hNsL+f01ICikXtR07Kx23aV1jY+PhcY3FNXQep3s7lh8P2ay5rif3XNlxeuft5X2Npkd32UYdp1Ndyw77OE3vVysdp41BP327Mt3P52Q4Lm7c2/84bS7z9L3rf+/cGj9se++cGHQMjo9ONLd5PB2E5fv90tZ4DN5THC1OFyeKuda1E63jqdFa1/R9qzsGJ8KfjX6v3NHnGLyza9lhH4Pp69hKx15jbPmDH4Lu53MyHBdP3Nf/GGwu86b9w/3e9c5wSVqm7XvX7p+vrfQzr1u6dtPV/JlXczv/en//n802lzlxYK05s/9+ujtccl2P/dT9+l3pNTVXbMx+2hG289kDK++n5vY0l/niwVUeT4eKorjw0QdaP+8N/77yZ+e/8/WOf3fp9W86Fz76wA+uP/Y3a9l+ADa/58uxrfxa1/YvU6v5938AAABgU4i5fyTMRP4HAACA2oi5P/6v8ET+BwAAgNqIuX8szCST/L/jTc8uPH+hSM38pSBen3bDg+VyseM6Gz6fWrqsefkDX53/8V9cWN26R4qi+MmDv9Zz+R0Pxu0qTYXtfOrNnZcvv+GFVa3/kYcvL9feX/9SuP/4eFZ7GPSq4M4WRfHNGz7fWs/UBy615tMPPtKa77n4+GPNZZ47WH4eb//MS8rlfz+Ufw8dO9Jx+2fCfvhemLNv770/4u2+duk1O/e/7/L64u0at72w9bCf+GB5v/H35HzhsXL5uJ9X2v6//NyTX2su/+irem//hZHe2/9kuN+vhvnfLy+Xb38Omp/H230mbH9cX7zdPV/5Vs/tf+qz5fJn3lIu90iYcf13hs93veXZhfb99WjjSMfjKt5aLhfXP/ud32xdH+8v3n/39k8evtSxP7qPj6f/qbyfma7l4+VxPdGfd62/eT/tx2dc/5O/8UjHfh60/qfe88zLm/fbvf67u5Yb7bp9929s+oPPfL7n+uL2HPrTMx2P59C7w+s4rP+JD4bjMVz/P099vmO90SPv7nz/ict/afuFjscTve1H5fqfev3x1vz3qR//3nUvuP6FF1/Z3HdF8e33lvc3aP3H//B0x/Z/+aa7Ws9HvD529LvXv5K4/rMfmz51evH8wlzbXm397px3lNuzZXLrtub23hDeW7s/P3z63Ifmz07NTs0WxVR9f4XeFftKmD8ox8W13v6uh8PzecvvfnPbHf/4uXj5Pz9UXn7p7eXXrVeH5b4QLt9ePn9LjXWu/4lbb2q9vhtPl5939NiHYOeu/ziwqgXD4+/+viAe72de+qHWfmhe1/q6EV/X69z+786V9/ONsF+Xwm9mvu2my+trXz7+boRL7y1f7+vef+FtLj6vfxye73d+r7z/uF3x8X43fB/zrR2d73fx+PjGhZHu+2/9Fo+L4f2kuFheH5eK+/vSczf13Lz4e0iKize3Pv/tdD83r+lhrmTx44szJxZOnX905tz84rmZxY9/4vDJ0+dPnTvc+l2ehz886PaX35+2td6f5ub33VvMbi2K4nQxuwFvWFdn+5sfrW77zzx8dG7/7B1z88eOnD927uEz82ePH11cPDo/t3jHkWPH5j826PYLc/fv3nNw7/4908cX5u4/cPDg3oPTC6dONzej3KgB9s1+ZPrU2cOtmyzef+/B3ffdd+/s9MnTc/P375+dnT4/6Patr03TzVv/6vTZ+RNHzi2cnJ9eXPjE/P27D+7bt2fgbwM8eebY4tTM2fOnZs4vzp+dKR/L1LnWxc2vfYNuTz0t/mv5/Wy3RvmL+Ip33b0v/X7Wpq9+asW7Khfp+gWiz4bfRfP3LzpzYDWfx9w/HmaSSf4HAACAHMTcPxFmIv8DAABAbcTcvyXMRP4HAACA2oi5fzLMJJP8r/+v/7+6/n95vf5/Xv3/Mx8te6Wbvf8f+/P6/3m4xv3/da9f/1//v379/9X35zf79uv/6/+zXNX6/zH3by2KLPM/AAAA5CDm/m1hJvI/AAAA1EbM/deFmcj/AAAAUBsx978gzCST/K//v6r+/55Bhav69/+d/1//v9ic/f/45Oj/Z2PN/fv3PdTxqf5/oP+v/6//r/+v/8+6ja94TY/+f+tX81/t/n/M/deHmWSS/wEAACAHMfe/MMxE/gcAAIDaiLn/hjAT+R8AAABqI+b+7WEmmeR//X/n/9f/1/9ff/+/c42V6v+v9/z/bRuj/785OP9/f/r/A1xx/39S/38z9v/Hh7v91e7/D9x8/X+uiqqd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDaiLn/JWEm8j8AAADURsz9N4aZZJL/9f/1//X/9f9rff7/9fb/+57/v/xI/79a9P/70/8fwPn/8+r/D3n7q93/H/b5/8ff3H17/X96qVr/P+b+l4aZZJL/AQAAIAcx998UZiL/AwAAQG3E3P+yMBP5HwAAAGoj5v4dYSaZ5H/9f/1//X/9f/3/3usf3P8v6f9Xi/5/f/r/A+j/6//r/6+u/9/jm9/O/n/8aqn/n7uq9f9j7r85zCST/A8AAAA5iLn/ljAT+R8AAABqI+b+/xdmIv8DAABAbcTcvzPMJJP8r/+v/6//n1f//+4J/X/9/3rT/+9P/38A/X/9f/3/VZ7/f7m1nP9/y6A7ozaq1v+Puf/lYSaZ5H8AAADIQcz9rwgzkf8BAACgNmLuf2WYifwPAAAAtRFz/1SYSSb5X/+/Xv3/P/mrJ15Z6P/r/w9Yf037//Ew0P/PnP5/f/r/A+j/6//r/29I/598VK3/H3P/rWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx998eZiL/AwAAQG3E3L8rzCST/K//X6/+f6T/r//fb/017f8n+v950//voe1Fqv8/gP6//n/2/f/43a/+P8NRtf5/zP2vCjPJJP8DAABADmLuvyPMRP4HAACA2oi5/9VhJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f97r1//f3PS/+9vrf3/Cf1//X/9/8z6/87/z3BVrf8fc/9rwkwyyf8AAACQg5j77wozkf8BAACgNuL/3yz/36v8DwAAAHUUc/90mEkm+V//X/8/p/5/Q/9f/1//v/b0//tz/v8B9P/1/ze0///9js/69P8n2g73Fen/U0VV6//H3P/aMJNM8j8AAADkIOb+e8JM5H8AAACojZj7Z8JM5H8AAACojZj7Z8NMMsn/+v/6/zn1/53/X/9f/7/+9P/70/8fQP9f/79u5/8vCv1/rqmq9f9j7t8dZpJJ/gcAAIAcxNy/J8xE/gcAAIDaiLl/b5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9/97rr3j/v6H/35v+f3/6/wPo/+v/163/7/z/XGNV6//H3H9fmEkm+R8AAAByEHP/vjAT+R8AAABqI+b+/WEmIf/3+n/dAAAAwOYSc/+BMJNM/v1f/78m/f9f/7uOdev/6//3W/9w+v9b9f/DdP7/aqlp/7/7ZXHF9P8H0P/X/9f/1/9nqKrW/4+5/2CYSSb5HwAAAHIQc//rwkzkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/T4WZZJL/9f9r0v/vov+v/99v/c7/r/9fZzXt/w9Nrfr/I/r/+v/V2n79f/1/lrv6/f/40er6/zH33x9mkkn+BwAAgBzE3P/TYSbyPwAAANRGzP2vDzOR/wEAAKA2Yu4/FGZSt/z/st4X6//r/+v/6/9fnf7/64tuVez/Nw8e/f960f/vr1b9f+f/1/+v2Pbr/+v/s1zVzv8fc/8bwkzqlv8BAAAgYzH3PxBmIv8DAABAbcTc/8YwE/kfAAAAaiPm/jeFmWSS//X/9f/1//X/nf+/9/r1/zcn/f/+9P8H0P/X/9f/1/9nqKrW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKA2Yu5/a5iJ/A8AAAC1EXP/28JMMsn/+v/6//r/+v/6/73Xr/+/Oen/96f/P4D+v/6//r/+P0NVtf5/zP0/E2aSSf4HAACAHMTc/2CYifwPAAAAtRFz/9vDTOR/AAAAqI2Y+98RZpJJ/tf/1//X/9f/1//vvX79/81J/78//f8B9P/1//X/9f+5EltXuqJq/f+Y+98ZZpJJ/gcAAIAcxNz/s2Em8j8AAADURsz97wozkf8BAACgNmLu/7kwk0zyv/6//n+1+v9LF9pvp/+v/18Mq//fvJH+fxb0//vT/x+gR/9/i/6//r/+v/4/V6xq/f+Y+98dZpJJ/gcAAIAcxNz/njAT+R8AAABqI+b+94aZyP8AAABQGzH3PxRmkkn+1//Psv8/EnvL1ev/O/+//r/z/+v/r4/+f3/6/wM4/7/+v/6//j9DVbX+f8z9D4eZZJL/AQAAIAcx978vzET+BwAAgNqIuf/nw0zkfwAAAKiNmPvfH2aSSf7X/8+y/1/h8//Xrf8/1nF85NT/n2x7PtNxqf+v/78B9P/70/8fQP9f/7/K/f9wNG9d4fb6/1RR1fr/Mfd/IMwkk/wPAAAAOYi5/xfCTOR/AAAAqI2Y+38xzET+BwAAgNqIuf+Xwkwyyf/6//r/+v/O/+/8/73Xr/+/Oen/96f/P4D+v/5/lfv/A+j/U0VV6//H3P/LYSYrBr8f/OcqHiYAAABQITH3fzDMJJN//wcAAIAcxNx/OMxE/gcAAIDaiLn/kTCTTPK//n93/z+eUVX/X/9f/1//X/9/Mxpe//9l1xeF/r/+v/6//r/+v/4/61G1/n/M/UfCTDLJ/wAAAJCDmPt/JcxE/gcAAIDaiLn/aJiJ/A8AAAC1EXP/XJhJJvn/Gvb/x6vZ/3f+/yvt//9E/1//P9D/703/f2M4/39/+v8D6P/r/+v/6/8zVFXr/8fcPx9mkkn+BwAAgBpLPw6Ouf9YmIn8DwAAALURc//xMBP5HwAAAGoj5v4PhZlkkv+d/1//3/n/r0X/f6xjef3/kv6//v8w6P/3p/8/gP6//r/+v/4/Q1W1/n/M/QthJpnkfwAAAMhBzP0fDjOR/wEAAKA2Yu7/SJiJ/A8AAAC1EXP/iTCTTPK//r/+f+79/0ZRXHT+f/3/XuvX/9+c9P/70/8fQP9f/39T9f+f+K32z/T/qaKq9f9j7j8ZZpJJ/gcAAIAcxNx/Ksz/Y+8+miQ7szoOp0TbIAL4CKxZsYSV+Ahs2RHBmsAJ4ZGE9yC8N8J7GO9HMxrvNd6PxnursZqJqAlVn3PUVZV1b3dXduW973mezaE7upRZrZJafyp+c4v9DwAAAMPI3f8jcYv9DwAAAMPI3f+jcUuT/a//1/937/83e3n+/9Ffr/+/Rv+v/9+FE/39he2/7rQo/NT+/7u/5+4f1P/r//X/k/T/nv+v/+e4pfX/uft/LG5psv8BAACgg9z9Px632P8AAAAwjNz9PxG32P8AAAAwjNz9d8ctTfa//l//r//X/x/p/x/S/+v/183z/6fp/2fo//X/+n/9Pzu1tP4/d/9Pxi1N9j8AAAB0kLv/nrjF/gcAAIBh5O7/qbjF/gcAAIBh5O7/6bilyf7X/+v/9f9r6f8vef7/sc9H/6//30b/P03/P0P/r//X/+v/2aml9f+5+38mbmmy/wEAAKCD3P0/G7fY/wAAADCM3P0/F7fY/wAAADCM3P0/H7c02f9d+v9Hjv1Y/6//v/73ax39/zk9/1//r/9fuQc3T/47Qf9/kv5/xkz/v9no/6fccD+//dNbz/s/hf5f/89JS+v/c/f/QtzyfZvNpVv9JAEAAIBFyd3/i3FLk+//AwAAQAe5+++NW+x/AAAAGEbu/vvilib7v0v/f5z+X/9//e+X/l//v+319f/r5Pn/087e/3/Xd/zwD/Xt/z3/f5rn/++6/3/iK0P/z7otrf/P3X9/3NJk/wMAAEAHuft/KW6x/wEAAGAYuft/OW6x/wEAAGAYuft/JW5psv/1/6P1/99y5OOu6/8Paxf9v/5f/6//H53+f5rn/884/Nfc1fqh/l//7/n/+n/OZmn9f+7+X41bmux/AAAA6CB3/6/FLfY/AAAADCN3/6/HLfY/AAAADCN3/2/ELU32v/5/tP7/6Md5/n/1//d827Vfov/X/+v/B6f/n6b/nzHK8/9v8atm3/38Wd2u93+g/9f/c8uW1v/n7v/NuKXJ/gcAAIAOcvf/Vtxi/wMAAMAwcvf/dtxi/wMAAMAwcvf/TtzSZP/r//X/6+j/8xU8/1//f/v7/6T/Xyf9/zT9/4xR+v9bpP/3/H/9P7u2tP4/d//vxi1N9j8AAAB0kLv/9+IW+x8AAACGkbv/9+MW+x8AAACGkbv/D+KWJvtf/6//X0f/f+bn/+v/9f+e/9+E/n+a/n+G/l//r//X/7NTS+v/c/c/ELc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/+X/9/hv7/wkb/r//X/y+M/n+a/n+G/l//r//X/7NTC+r/r/uoK5s/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa//n8x/f9hzrfw/v/g5vr/q5vNZvD+3/P/T+3/r17397O+LvX/+v9zoP+fpv+fof/X/+v/9f/s1IL6/8Mf5+7/i7ilyf4HAACADnL3/2XcYv8DAADAMHL3/1XcYv8DAADAMHL3/3Xc0mT/6/8X0/8fWnj/7/n/+v8jf13P/79G/78s+v9p+v8Z+n/9v/5f/89OLa3/z93/N3HTpYu3/CkCAAAAC5O7/2/jlibf/wcAAIAOcvf/Xdxi/wMAAMBKPXDiZ3L3/33c0mT/6/932/9fuu7n9P/6/+NfH/p//b/+//bT/0/T/8/Q/+v/9f/6f3Zqaf1/7v5/iFua7H8AAADoIHf/g3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/2v//f8f/2//l//v/319f/rpP+fpv+fof/X/++3/7/85P+p/2cMN9H/Hxwc3Hvb+//c/f8ctzTZ/wAAANBB7v5/iVvsfwAAABhG7v5/jVvsfwAAABhG7v5/i1ua7H/9f9P+P7/U19X/37fZ6P/1//p//f80/f80/f8M/b/+3/P/9f/s1NKe/5+7/9/jlmPD786b+iwBAACAJcnd/x9xS5Pv/wMAAEAHufv/M26x/wEAAGAYufv/K25psv/1/037f8//1//r/8+7/398o/8/F6vo/6+e/vpL7//v1//r/ye06/+//3uP/FD/r/9v6fh/uB2ztP4/d/9/xy1N9j8AAAB0kLv/f+IW+x8AAACGkbv/f+MW+x8AAACGkbv//+KmC032v/5f/6//1//r/7e//jk////SZrPR/+/AKvr/CUvv/3fz/P/TY1H9v/5/ze9f/6//56Sl9f+5+/8/bmmy/wEAAKCD3P1PiVvsfwAAABhG7v6nxi32PwAAAAwjd//T4pYm+1//r//X/+v/h+//719F/+/5/zui/5+2jP7/dPp//f+a37/+X//PjdtX/5+7/+lxS5P9DwAAAB3k7n9G3GL/AwAAwDBy9z8zbrH/AQAAYBi5+58VtzTZ//p//f/N9P/5PvX/Y/X/lxfX/1858tdr8vx//f+O6P+n6f9n6P/1//r/B/T/7NLSnv+fu//ZcUuT/Q8AAAAd5O5/Ttz6f93a/wAAADCM3P3PjVvsfwAAABhG7v7nxS1N9r/+X//v+f/6/+Gf/6//b0X/P03/P0P/r//X/3v+Pzu1tP4/d//z45Ym+x8AAAA6yN3/grjF/gcAAIBh5O5/Ydxi/wMAAMAwcvc/FLc02f/6f/2//l//r/+/9vdQ/z8G/f+08+n/r+r/9f/Vz98R/xTo//X/cx/PmJbW/+fuf1Hc0mT/AwAAQAe5+18ct9j/AAAAMIzc/Q/HLfY/AAAArNKFLT+Xu/8lcUuT/a//1/+frf8/+rr6f/3/ZqX9/7bX1/+v0176//yi0P97/n/o0/9/55Efre35/8f//NL/6//ZvaX1/7n7Xxq3NNn/AAAA0EHu/pfFLfY/AAAADCN3/8vjFvsfAAAAhpG7/xVxS5P9r//X/3v+v/5f/7/99fX/6+T5/9P0/zP0//P9/Lb/Qa2wtv5/1+9f/6//56Sl9f+5+18ZtzTZ/wAAANBB7v5XxS32PwAAAAwjd/+r4xb7HwAAAIZxuPszLmu4//X/+n/9v/5f/7/99fX/66T/n6b/n6H/32s/v/b3r//X/3PS0vr/1xx+1JXNa+OWJvsfAAAAOsjd/7q4xf4HAACAYeTuf33cYv8DAADAMHL3vyFuabL/9f/6/3X0/wcHB/c26v/zHzT9/6H5/v9R/T9F/z9N/z9D/6//1//r/9mppfX/ufsfiVua7H8AAADoIHf/G+MW+x8AAACGkbv/TXGL/Q8AAADDyN3/5rilyf7X/y+g/7+i//f8f8//33j+v/5/R/T/0/T/M0bs/6/c+Ke/737+rPb9/vX/+n9OWlr/n7v/LXFLk/0PAAAAHeTuf2vcYv8DAADAMHL3vy1usf8BAABgGLn73x63NNn/+v/z6/+f+L3r8vz/q5vt71//r//X/+v/bzf9/zT9/4wR+/+bsO9+fu3vX/+v/+ek7P/vOPZn4r76/9z974hbjg6/i7fyuQIAAADLkLv/nXFLk+//AwAAQAe5+98Vt9j/AAAAMIzc/e+OW5rsf/3/Ap7/P2D/7/n/278+9P+L7v/v1P+PQf8/Tf8/Q/+v/99D/59/rozV/+dXs/6/u+z/j9tX/5+7/z1xS5P9DwAAAB3k7n9v3GL/AwAAwDBy978vbrH/AQAAYBi5+x+NW67b/9va7lHo//X/+n/9v/5/++vr/9dJ/z/tRvv/y5uz9f9J/6//1/97/r/+v7el9f+5+98ft/j+PwAAAKzOxVN+Pnf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/objlsTv39ZbOlf5f/z9E///wtx5+rP5f/7/R/7en/5/m+f8z9P+76Ofv0v+P0f9vNvp/zm5p/X/u/g/HLb7/DwAAAMPI3f+RuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v8z9v+Haebe+//4WP2//n+j/29P/z9N/z/jNvT/F4/+9Tv0/57/P0j/7/n/7MLS+v/c/R+PW5rsfwAAAOggd/8n4hb7HwAAAIaRu/+TcYv9DwAAAMPI3f+puKXJ/t9b/x+/1fr/1ff/y3j+f3ys/l//v9H/t6f/n6b/n+H5//p//b/+n51aWv+fu//TcUuT/Q8AAAAd5O7/TNxi/wMAAMAwcvd/Nm6x/wEAAGAYufs/F7c02f+e/6//1//r//X/219f/79O+v9p+v/t6m+U/l//r//X/7NTS+v/c/d/Pm5psv8BAACgg9z9X4hb7H8AAAAYRu7+x+IW+x8AAACGkbv/i3FLk/2v/9f/6//1//r/E69/10b/v1r6/2n77P9/4NvnX9bz//fe/+db0P/r//X/7MTS+v/c/V+KW5rsfwAAAOggd/+X4xb7HwAAAIaRu/8rcYv9DwAAAMPI3f/VuKXJ/p/p/y/XL9T/T9L/H33/+v/tXx/6/9X0/4f0/+uk/5/m+f8z9P+e/6//1/+zU0vr/3P3fy1uabL/AQAAoIPc/Y/HLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P97/n/a+r/79L/6//1//p//f8M/f80/f+MZfX/J/7zQv+/7Pev/9f/c9LS+v/c/d8MAAD//yBlU3A=") unlink(&(0x7f0000000180)='./file1\x00') syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000007980)=ANY=[@ANYRES16, @ANYRESHEX, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYBLOB="f1bcde2281a84392f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2ccc415d2daf8dac725533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec0e822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4cb1a1fa962a8b0000dc2e319379ea1e5a07aeb3f9cd4e648df4dd18e6253e7b2310a78d63a232a2a40758027a472e7d263ef567a84166f26ee56e701c63a886378788a512f28edec086b1c0823c028840eeaf3f5d8769023c01218614f4fa40be9892e7a285ac63f7f97aaa5b8ecc86e28c6193bc21a2b833e5c9c703c4cfa063dd34c245706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99be2aa924949558c800"/353, @ANYRESHEX, @ANYRES16, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRES16], 0x0, 0x0, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) 1.348738465s ago: executing program 4 (id=15825): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) ioctl$SIOCSIFHWADDR(r0, 0x8911, &(0x7f0000000000)={'bridge0\x00', @random="f6d85b658e96"}) 1.29332783s ago: executing program 1 (id=15826): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x6a, 0x10}]}}]}, 0x38}}, 0x0) 1.085044416s ago: executing program 4 (id=15827): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000180)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper}) ioctl$IOCTL_VMCI_SET_NOTIFY(r0, 0x7cb, &(0x7f0000000080)={0x8}) 856.009246ms ago: executing program 4 (id=15828): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x28, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RSSI_THRESHOLD={0x8}]}]}, 0x28}}, 0x0) 781.502689ms ago: executing program 1 (id=15829): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x74, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e24}]}]}]}, 0x74}}, 0x0) 593.044489ms ago: executing program 4 (id=15830): landlock_create_ruleset(&(0x7f0000000200)={0x0, 0x1}, 0x10, 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYRES16=r0, @ANYRESDEC=0x0], 0x0) 522.227012ms ago: executing program 1 (id=15831): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000700)=0x91, 0x4) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @dev}, 0x10) 416.97383ms ago: executing program 0 (id=15832): r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x1c, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x200, 0x781b00, 0x23456}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) 296.522135ms ago: executing program 1 (id=15833): open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x4c02, 0x0) 115.259027ms ago: executing program 2 (id=15834): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB='b ', @ANYRESDEC], 0x9) 66.238146ms ago: executing program 5 (id=15835): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r0, @ANYBLOB="01000000ff"], 0x38}}, 0xfe0f000000000000) 23.114798ms ago: executing program 0 (id=15836): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0) 0s ago: executing program 1 (id=15837): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x25dfdbfd, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc}}, @TCA_EGRESS_BLOCK={0x8}]}, 0x44}}, 0x0) kernel console output (not intermixed with test programs): 1422.661147][ T6737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1422.666759][ T5505] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 1422.681250][ T6737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1422.710996][ T6737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1422.725085][ T6737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1422.750499][ T6737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1422.782617][ T6737] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1422.798330][ T6737] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1422.827318][ T6737] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1422.892757][ T5505] usb 6-1: Using ep0 maxpacket: 16 [ 1422.912830][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1422.916917][ T6737] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1422.956983][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1422.978198][ T6737] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1422.994087][ T5505] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1423.015012][ T6737] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.032274][ T5505] usb 6-1: New USB device found, idVendor=056a, idProduct=0093, bcdDevice= 0.00 [ 1423.049066][ T6737] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1423.052629][ T5505] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1423.106510][ T5505] usb 6-1: config 0 descriptor?? [ 1423.479091][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1423.493491][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1423.545318][ T5505] wacom 0003:056A:0093.009C: hidraw0: USB HID v0.00 Device [HID 056a:0093] on usb-dummy_hcd.5-1/input0 [ 1423.668891][T18582] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1423.698151][T18582] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1423.754828][T29678] usb 6-1: USB disconnect, device number 21 [ 1423.962532][ T5505] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1424.157918][ T5505] usb 3-1: Using ep0 maxpacket: 8 [ 1424.172682][ T5505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1424.211887][ T5505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1424.267190][ T5505] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 1424.344562][ T5505] usb 3-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00 [ 1424.353660][ T5505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1424.403716][ T5505] usb 3-1: config 0 descriptor?? [ 1424.808291][ T5505] apple 0003:05AC:0274.009D: item fetching failed at offset 6/70 [ 1424.818218][ T7012] 9p: Unknown Cache mode or invalid value [ 1424.832359][ T5505] apple 0003:05AC:0274.009D: parse failed [ 1424.864272][ T5505] apple 0003:05AC:0274.009D: probe with driver apple failed with error -22 [ 1425.037917][ T5505] usb 3-1: USB disconnect, device number 22 [ 1425.626964][ T7036] tipc: Started in network mode [ 1425.649911][ T7036] tipc: Node identity , cluster identity 4711 [ 1426.357754][ T7025] loop1: detected capacity change from 0 to 32768 [ 1426.387453][ T7054] netlink: 'syz.5.14721': attribute type 10 has an invalid length. [ 1426.415536][ T5558] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1426.651731][ T5558] usb 5-1: Using ep0 maxpacket: 16 [ 1426.681703][ T5558] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1426.714101][ T5558] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1426.741315][ T5558] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1426.789195][ T7060] loop2: detected capacity change from 0 to 64 [ 1426.797415][ T5558] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1426.824855][ T5558] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1426.855148][ T5558] usb 5-1: config 0 descriptor?? [ 1426.861038][ T5505] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1427.076091][ T5505] usb 6-1: Using ep0 maxpacket: 16 [ 1427.093051][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1427.117793][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1427.162242][ T5505] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1427.199945][ T5505] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1427.243280][ T5505] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1427.245873][ T5558] microsoft 0003:045E:07DA.009E: unknown main item tag 0x0 [ 1427.284541][ T5505] usb 6-1: config 0 descriptor?? [ 1427.302469][ T5558] microsoft 0003:045E:07DA.009E: No inputs registered, leaving [ 1427.358002][ T5558] microsoft 0003:045E:07DA.009E: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 1427.382812][ T5558] microsoft 0003:045E:07DA.009E: no inputs found [ 1427.389178][ T5558] microsoft 0003:045E:07DA.009E: could not initialize ff, continuing anyway [ 1427.448536][ T5558] usb 5-1: USB disconnect, device number 25 [ 1427.463294][ T7070] loop2: detected capacity change from 0 to 1024 [ 1427.561300][ T7070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1427.619046][ T7075] loop1: detected capacity change from 0 to 1024 [ 1427.669332][ T7075] hfsplus: bad catalog entry type [ 1427.696541][ T5505] microsoft 0003:045E:07DA.009F: ignoring exceeding usage max [ 1427.820787][ T5505] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.009F/input/input100 [ 1427.834669][ T2898] hfsplus: b-tree write err: -5, ino 4 [ 1427.871021][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1427.957138][ T5505] microsoft 0003:045E:07DA.009F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 1428.006485][ T5505] usb 6-1: USB disconnect, device number 22 [ 1428.496986][ T7101] loop2: detected capacity change from 0 to 64 [ 1428.609530][ T7101] syz.2.14743: attempt to access beyond end of device [ 1428.609530][ T7101] loop2: rw=2049, sector=126, nr_sectors = 5 limit=64 [ 1428.701449][ T7105] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14745'. [ 1428.806143][ T66] kworker/u8:5: attempt to access beyond end of device [ 1428.806143][ T66] loop2: rw=1, sector=65, nr_sectors = 1 limit=64 [ 1428.883688][ T66] Buffer I/O error on dev loop2, logical block 65, lost async page write [ 1428.913836][ T66] kworker/u8:5: attempt to access beyond end of device [ 1428.913836][ T66] loop2: rw=1, sector=66, nr_sectors = 1 limit=64 [ 1428.955020][ T66] Buffer I/O error on dev loop2, logical block 66, lost async page write [ 1428.966302][ T66] kworker/u8:5: attempt to access beyond end of device [ 1428.966302][ T66] loop2: rw=1, sector=67, nr_sectors = 1 limit=64 [ 1428.980971][ T66] Buffer I/O error on dev loop2, logical block 67, lost async page write [ 1428.989637][ T66] kworker/u8:5: attempt to access beyond end of device [ 1428.989637][ T66] loop2: rw=1, sector=68, nr_sectors = 1 limit=64 [ 1429.005221][ T66] Buffer I/O error on dev loop2, logical block 68, lost async page write [ 1429.013689][ T66] kworker/u8:5: attempt to access beyond end of device [ 1429.013689][ T66] loop2: rw=1, sector=72, nr_sectors = 1 limit=64 [ 1429.052487][ T66] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 1429.067760][ T7114] loop5: detected capacity change from 0 to 512 [ 1429.076606][ T66] kworker/u8:5: attempt to access beyond end of device [ 1429.076606][ T66] loop2: rw=1, sector=73, nr_sectors = 1 limit=64 [ 1429.125785][ T7114] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1429.144612][ T66] Buffer I/O error on dev loop2, logical block 73, lost async page write [ 1429.173229][ T66] kworker/u8:5: attempt to access beyond end of device [ 1429.173229][ T66] loop2: rw=1, sector=76, nr_sectors = 1 limit=64 [ 1429.195680][ T7114] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.14751: invalid indirect mapped block 4294967295 (level 0) [ 1429.218842][ T66] Buffer I/O error on dev loop2, logical block 76, lost async page write [ 1429.230321][ T66] kworker/u8:5: attempt to access beyond end of device [ 1429.230321][ T66] loop2: rw=1, sector=77, nr_sectors = 1 limit=64 [ 1429.244455][ T7114] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.14751: invalid indirect mapped block 4294967295 (level 1) [ 1429.259047][ T66] Buffer I/O error on dev loop2, logical block 77, lost async page write [ 1429.266901][ T7114] EXT4-fs (loop5): 1 orphan inode deleted [ 1429.271405][ T66] kworker/u8:5: attempt to access beyond end of device [ 1429.271405][ T66] loop2: rw=1, sector=78, nr_sectors = 48 limit=64 [ 1429.304574][ T7114] EXT4-fs (loop5): 1 truncate cleaned up [ 1429.311716][ T7114] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1429.576890][ T5582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1429.701748][ T7129] loop4: detected capacity change from 0 to 1024 [ 1429.823645][ T7136] netlink: 228 bytes leftover after parsing attributes in process `syz.5.14757'. [ 1429.985051][ T5505] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 1430.020965][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14761'. [ 1430.064444][ T7139] netlink: 36 bytes leftover after parsing attributes in process `syz.0.14761'. [ 1430.118872][ T7139] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14761'. [ 1430.132836][T19826] Bluetooth: hci8: command 0x0406 tx timeout [ 1430.169678][ T5505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1430.170157][ T7139] netlink: 36 bytes leftover after parsing attributes in process `syz.0.14761'. [ 1430.187663][ T5505] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1430.201409][ T5505] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00 [ 1430.211625][ T5505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1430.227015][ T5505] usb 3-1: config 0 descriptor?? [ 1430.523177][ T7153] netlink: 110 bytes leftover after parsing attributes in process `syz.1.14767'. [ 1430.553145][ T7153] netlink: 20 bytes leftover after parsing attributes in process `syz.1.14767'. [ 1430.638233][ T5505] corsair-psu 0003:1B1C:1C0D.00A0: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.2-1/input0 [ 1430.815971][ T5505] corsair-psu 0003:1B1C:1C0D.00A0: unable to initialize device (-71) [ 1430.816798][ T7161] loop1: detected capacity change from 0 to 512 [ 1430.863170][ T5505] corsair-psu 0003:1B1C:1C0D.00A0: probe with driver corsair-psu failed with error -71 [ 1430.866836][ T7161] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.14771: casefold flag without casefold feature [ 1430.897169][ T7161] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.14771: couldn't read orphan inode 15 (err -117) [ 1430.914903][ T7161] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1430.995647][ T5505] usb 3-1: USB disconnect, device number 23 [ 1431.053880][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1431.684879][ T7180] loop5: detected capacity change from 0 to 2048 [ 1431.695052][ T7184] loop2: detected capacity change from 0 to 512 [ 1431.742950][ T7180] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1431.791176][ T7180] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1431.841534][ T7184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1431.858189][ T7184] ext4 filesystem being mounted at /2488/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1431.945270][ T7191] bridge0: entered promiscuous mode [ 1431.998781][ T7190] bridge0: left promiscuous mode [ 1432.139988][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1432.343564][ T7204] loop4: detected capacity change from 0 to 256 [ 1432.453775][ T7204] FAT-fs (loop4): Directory bread(block 64) failed [ 1432.470443][ T7204] FAT-fs (loop4): Directory bread(block 65) failed [ 1432.496138][ T7204] FAT-fs (loop4): Directory bread(block 66) failed [ 1432.510047][ T7204] FAT-fs (loop4): Directory bread(block 67) failed [ 1432.541480][ T7204] FAT-fs (loop4): Directory bread(block 68) failed [ 1432.555549][ T7204] FAT-fs (loop4): Directory bread(block 69) failed [ 1432.562174][ T7204] FAT-fs (loop4): Directory bread(block 70) failed [ 1432.601251][ T7204] FAT-fs (loop4): Directory bread(block 71) failed [ 1432.630303][ T7204] FAT-fs (loop4): Directory bread(block 72) failed [ 1432.636921][ T7204] FAT-fs (loop4): Directory bread(block 73) failed [ 1432.782922][ T7219] loop1: detected capacity change from 0 to 1024 [ 1432.795634][ T7218] loop5: detected capacity change from 0 to 1024 [ 1432.865535][ T7222] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14798'. [ 1432.882610][ T7222] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14798'. [ 1432.990868][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 1433.097301][ T66] hfsplus: b-tree write err: -5, ino 4 [ 1433.745328][ T7248] loop5: detected capacity change from 0 to 1024 [ 1433.771226][ T7248] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1433.783806][ T7245] loop1: detected capacity change from 0 to 4096 [ 1433.814624][ T7248] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1433.851882][ T7250] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1433.901158][ T7223] loop2: detected capacity change from 0 to 32768 [ 1433.952302][ T7223] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1433.984751][ T7248] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2792: inode #2: comm syz.5.14810: corrupted in-inode xattr: bad e_name length [ 1434.061972][ T7259] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #2: comm syz.5.14810: corrupted in-inode xattr: bad e_name length [ 1434.085664][ T7223] XFS (loop2): Ending clean mount [ 1434.120247][ T7223] XFS (loop2): Quotacheck needed: Please wait. [ 1434.279602][ T7223] XFS (loop2): Quotacheck: Done. [ 1434.301796][ T5582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1434.373659][ T7265] vim2m vim2m.0: vidioc_s_fmt queue busy [ 1434.588349][ T7269] nbd: must specify a device to reconfigure [ 1434.592861][ T7272] trusted_key: encrypted_key: keylen parameter is missing [ 1434.608871][ T5502] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1434.883982][ T7279] loop5: detected capacity change from 0 to 2048 [ 1434.964143][ T7279] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1435.021445][ T7279] UDF-fs: incorrect filename length (10) [ 1435.272930][T27208] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1435.512187][T27208] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 1435.530016][T27208] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1435.561639][T27208] usb 2-1: config 0 has no interface number 0 [ 1435.586728][T27208] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1435.608289][T27208] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1435.659535][T27208] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 1435.695090][T27208] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1435.725100][T27208] usb 2-1: Product: syz [ 1435.729449][T27208] usb 2-1: Manufacturer: syz [ 1435.734062][T27208] usb 2-1: SerialNumber: syz [ 1435.769331][T27208] usb 2-1: config 0 descriptor?? [ 1436.356137][T27208] usbtouchscreen 2-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 1436.406084][T27208] usb 2-1: USB disconnect, device number 7 [ 1436.593651][ T7328] loop4: detected capacity change from 0 to 64 [ 1436.615591][ T7330] program syz.5.14843 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1437.122889][T29662] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 1437.159248][ T7342] loop5: detected capacity change from 0 to 4096 [ 1437.355561][T29662] usb 5-1: Using ep0 maxpacket: 16 [ 1437.363312][T29662] usb 5-1: config 0 has no interfaces? [ 1437.381468][T29662] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1437.419093][T29662] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1437.451612][T29662] usb 5-1: config 0 descriptor?? [ 1437.520420][ T7355] loop2: detected capacity change from 0 to 24 [ 1437.547687][ T7355] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1437.571062][ T7355] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1437.688921][T27208] usb 5-1: USB disconnect, device number 26 [ 1438.763828][T27208] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 1438.843689][ T7383] tipc: Enabling of bearer rejected, failed to enable media [ 1438.992081][T27208] usb 3-1: Using ep0 maxpacket: 16 [ 1439.009708][T27208] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1439.071401][T27208] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1439.098088][T27208] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1439.133312][T27208] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1439.149287][T27208] usb 3-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00 [ 1439.183562][ T7388] loop4: detected capacity change from 0 to 4096 [ 1439.191334][T27208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1439.211388][T27208] usb 3-1: config 0 descriptor?? [ 1439.260644][ T7398] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1439.327680][ T7388] NILFS (loop4): error -2 reading inode: ino=10977524091715586 [ 1439.696294][T27208] hid-generic 0003:045E:05DA.00A1: unknown main item tag 0x0 [ 1439.747437][T27208] hid-generic 0003:045E:05DA.00A1: hidraw0: USB HID v0.00 Device [HID 045e:05da] on usb-dummy_hcd.2-1/input0 [ 1439.936310][ T5599] usb 3-1: USB disconnect, device number 24 [ 1440.179946][ T7425] syz.1.14889 uses old SIOCAX25GETINFO [ 1440.240693][ T7389] loop5: detected capacity change from 0 to 32768 [ 1440.262914][ T7389] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.14873 (7389) [ 1440.325422][ T7389] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1440.355355][ T7389] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 1440.372941][ T7389] BTRFS info (device loop5): using free-space-tree [ 1440.376967][ T7429] netlink: 'syz.4.14892': attribute type 3 has an invalid length. [ 1440.524925][ T7389] BTRFS info (device loop5): rebuilding free space tree [ 1440.723028][ T7456] loop1: detected capacity change from 0 to 512 [ 1440.752416][ T7456] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1440.789177][ T7456] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 1440.848396][ T7456] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 1440.910041][ T7456] EXT4-fs (loop1): 1 truncate cleaned up [ 1440.926706][ T5582] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1440.949839][ T7456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1441.067177][ T7456] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 4: comm syz.1.14897: lblock 0 mapped to illegal pblock 4 (length 1) [ 1441.112364][ T7456] EXT4-fs (loop1): Remounting filesystem read-only [ 1441.321527][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1441.473744][ T7484] loop1: detected capacity change from 0 to 256 [ 1441.518915][ T7484] vfat: Bad value for 'dmask' [ 1441.845437][ T7496] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14901'. [ 1441.905177][ T7502] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1441.905177][ T7502] The task syz.2.14919 (7502) triggered the difference, watch for misbehavior. [ 1441.910650][ T7501] netlink: 'syz.4.14918': attribute type 1 has an invalid length. [ 1441.960661][ T7501] netlink: 9352 bytes leftover after parsing attributes in process `syz.4.14918'. [ 1442.001957][ T7501] netlink: 'syz.4.14918': attribute type 1 has an invalid length. [ 1442.030955][ T7501] netlink: 'syz.4.14918': attribute type 2 has an invalid length. [ 1442.068037][ T7501] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14918'. [ 1442.487901][T27208] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 1442.717470][T27208] usb 4-1: Using ep0 maxpacket: 16 [ 1442.805710][T27208] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1442.851833][T27208] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1442.866425][ T5585] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 1442.878100][T27208] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1442.878146][T27208] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1442.878192][T27208] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00 [ 1442.878224][T27208] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1442.895485][ T7526] loop4: detected capacity change from 0 to 2048 [ 1442.898848][ T5585] CPU: 0 UID: 0 PID: 5585 Comm: kworker/u9:2 Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 1442.932965][ T5585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1442.936619][T27208] usb 4-1: config 0 descriptor?? [ 1442.943019][ T5585] Workqueue: hci0 hci_rx_work [ 1442.943064][ T5585] Call Trace: [ 1442.943078][ T5585] [ 1442.943092][ T5585] dump_stack_lvl+0x241/0x360 [ 1442.943129][ T5585] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1442.943159][ T5585] ? __pfx__printk+0x10/0x10 [ 1442.943203][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1442.979069][ T5585] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 1442.984387][ T5585] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 1442.989981][ T5585] sysfs_create_dir_ns+0x2ce/0x3a0 [ 1442.995131][ T5585] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1443.000786][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.006470][ T5585] kobject_add_internal+0x435/0x8d0 [ 1443.011706][ T5585] kobject_add+0x152/0x220 [ 1443.016146][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.021955][ T5585] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1443.027181][ T5585] ? device_add+0x3e7/0xbf0 [ 1443.031716][ T5585] ? __pfx_kobject_add+0x10/0x10 [ 1443.036675][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.042385][ T5585] ? _raw_spin_unlock+0x28/0x50 [ 1443.047260][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.052920][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.058573][ T5585] ? get_device_parent+0x165/0x410 [ 1443.063873][ T5585] device_add+0x4e5/0xbf0 [ 1443.068235][ T5585] hci_conn_add_sysfs+0xe8/0x200 [ 1443.073200][ T5585] le_conn_complete_evt+0xc9f/0x12e0 [ 1443.078546][ T5585] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 1443.084316][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.089968][ T5585] ? __mutex_unlock_slowpath+0x21d/0x750 [ 1443.095616][ T5585] ? __copy_skb_header+0x437/0x5b0 [ 1443.100746][ T5585] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1443.106398][ T5585] ? skb_pull_data+0x112/0x230 [ 1443.111196][ T5585] hci_le_enh_conn_complete_evt+0x185/0x420 [ 1443.117128][ T5585] hci_event_packet+0xa57/0x1540 [ 1443.122092][ T5585] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 1443.127411][ T5585] ? __pfx_hci_event_packet+0x10/0x10 [ 1443.132801][ T5585] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1443.138026][ T5585] ? __entry_text_end+0xfdfc5/0x1020c9 [ 1443.143500][ T5585] ? hci_send_to_monitor+0xd8/0x7f0 [ 1443.148728][ T5585] ? kcov_remote_start+0x97/0x7d0 [ 1443.153780][ T5585] hci_rx_work+0x3e8/0xca0 [ 1443.158224][ T5585] ? process_scheduled_works+0x945/0x1830 [ 1443.163966][ T5585] process_scheduled_works+0xa2e/0x1830 [ 1443.169568][ T5585] ? __pfx_process_scheduled_works+0x10/0x10 [ 1443.175581][ T5585] ? assign_work+0x364/0x3d0 [ 1443.180282][ T5585] worker_thread+0x86d/0xd10 [ 1443.184914][ T5585] ? __kthread_parkme+0x169/0x1d0 [ 1443.189961][ T5585] ? __pfx_worker_thread+0x10/0x10 [ 1443.195090][ T5585] kthread+0x2f2/0x390 [ 1443.199186][ T5585] ? __pfx_worker_thread+0x10/0x10 [ 1443.204322][ T5585] ? __pfx_kthread+0x10/0x10 [ 1443.208934][ T5585] ret_from_fork+0x4d/0x80 [ 1443.213371][ T5585] ? __pfx_kthread+0x10/0x10 [ 1443.217987][ T5585] ret_from_fork_asm+0x1a/0x30 [ 1443.222793][ T5585] [ 1443.234056][ T5585] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1443.248415][ T5585] Bluetooth: hci0: failed to register connection device [ 1443.415592][ T7526] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.14932: bad orphan inode 8192 [ 1443.494819][ T7526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1443.739322][T27208] hid (null): usage index exceeded [ 1443.809609][T27208] hid-generic 0003:045E:05DA.00A2: ignoring exceeding usage max [ 1443.854523][T27208] hid-generic 0003:045E:05DA.00A2: ignoring exceeding usage max [ 1443.880999][T27208] hid-generic 0003:045E:05DA.00A2: usage index exceeded [ 1443.899335][T32755] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /525/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=1, rec_len=0, size=2048 fake=0 [ 1443.917771][T27208] hid-generic 0003:045E:05DA.00A2: item 0 4 2 0 parsing failed [ 1443.974902][T27208] hid-generic 0003:045E:05DA.00A2: probe with driver hid-generic failed with error -22 [ 1444.051734][T27208] usb 4-1: USB disconnect, device number 3 [ 1444.152497][T32755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1444.962047][ T7575] tipc: Enabling of bearer rejected, media not registered [ 1445.390151][ T5505] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 1445.424228][ T7553] loop1: detected capacity change from 0 to 40427 [ 1445.465424][ T7553] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 1445.494570][ T7553] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1445.511850][ T7553] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x1fffff [ 1445.558695][ T7553] F2FS-fs (loop1): invalid crc value [ 1445.581046][ T7553] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1445.586113][ T5505] usb 6-1: Using ep0 maxpacket: 16 [ 1445.606907][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1445.627792][ T5505] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1445.669859][ T5505] usb 6-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00 [ 1445.682139][ T7603] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14963'. [ 1445.710604][ T5505] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1445.750081][ T5505] usb 6-1: config 0 descriptor?? [ 1445.839054][ T7553] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1445.876423][ T7553] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1445.967305][ T7614] loop2: detected capacity change from 0 to 512 [ 1445.985784][ T7614] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1446.062815][ T7614] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.14968: invalid indirect mapped block 4294967295 (level 0) [ 1446.118090][ T7614] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.14968: invalid indirect mapped block 4294967295 (level 1) [ 1446.168232][ T5505] hid-alps 0003:044E:120C.00A3: hidraw0: USB HID v0.00 Device [HID 044e:120c] on usb-dummy_hcd.5-1/input0 [ 1446.169232][ T7614] EXT4-fs (loop2): 1 orphan inode deleted [ 1446.227007][ T7614] EXT4-fs (loop2): 1 truncate cleaned up [ 1446.237506][ T7614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1446.410244][ T5558] usb 6-1: USB disconnect, device number 23 [ 1446.413609][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1446.552898][ T7627] trusted_key: encrypted_key: insufficient parameters specified [ 1447.777280][ T5505] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1448.021768][ T5505] usb 2-1: New USB device found, idVendor=99fa, idProduct=8988, bcdDevice=98.53 [ 1448.033141][ T5505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1448.062453][ T5505] usb 2-1: Product: syz [ 1448.072268][ T5505] usb 2-1: Manufacturer: syz [ 1448.084459][ T5505] usb 2-1: SerialNumber: syz [ 1448.093707][ T5505] usb 2-1: config 0 descriptor?? [ 1448.161308][ T7675] program syz.5.14996 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1448.168754][ T5505] gspca_main: spca506-2.14.0 probing 99fa:8988 [ 1448.466612][ T7649] loop4: detected capacity change from 0 to 32768 [ 1448.499626][ T7649] XFS: ikeep mount option is deprecated. [ 1448.643084][ T7649] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1448.671505][ T5505] usb 2-1: USB disconnect, device number 8 [ 1448.778791][ T7698] netlink: 'syz.5.15003': attribute type 4 has an invalid length. [ 1448.787470][ T7698] netlink: 17 bytes leftover after parsing attributes in process `syz.5.15003'. [ 1448.894914][ T7649] XFS (loop4): Ending clean mount [ 1448.943390][ T7649] XFS (loop4): Quotacheck needed: Please wait. [ 1449.060582][ T7649] XFS (loop4): Quotacheck: Done. [ 1449.444595][T32755] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1449.541306][ T7716] smb3: Bad value for 'gid' [ 1449.545935][ T7716] smb3: Bad value for 'gid' [ 1449.592147][ T7687] loop2: detected capacity change from 0 to 32768 [ 1449.621546][ T7687] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.15000 (7687) [ 1449.689458][ T7687] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1449.741436][ T7687] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 1449.799107][ T7687] BTRFS info (device loop2): using free-space-tree [ 1450.134449][T29662] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 1450.310339][ T5502] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1450.358398][T29662] usb 6-1: Using ep0 maxpacket: 16 [ 1450.366031][T29662] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1450.403224][T29662] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1450.430374][T29662] usb 6-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 1450.461777][T29662] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1450.526795][T29662] usb 6-1: config 0 descriptor?? [ 1450.635013][ T7753] loop1: detected capacity change from 0 to 64 [ 1450.953387][T29662] kye 0003:0458:5012.00A4: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1451.020772][T29662] kye 0003:0458:5012.00A4: hidraw0: USB HID v0.00 Device [HID 0458:5012] on usb-dummy_hcd.5-1/input0 [ 1451.050879][T29662] kye 0003:0458:5012.00A4: tablet-enabling feature report not found [ 1451.088637][T29662] kye 0003:0458:5012.00A4: tablet enabling failed [ 1451.206883][T29662] usb 6-1: USB disconnect, device number 24 [ 1451.343614][ T7768] netlink: 44 bytes leftover after parsing attributes in process `syz.1.15029'. [ 1452.011699][ T7756] loop4: detected capacity change from 0 to 32768 [ 1452.944924][ T7815] sctp: [Deprecated]: syz.2.15052 (pid 7815) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1452.944924][ T7815] Use struct sctp_sack_info instead [ 1453.292981][ T7818] loop1: detected capacity change from 0 to 4096 [ 1453.346194][ T7818] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 1453.383440][ T7818] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1453.411006][ T7818] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 1453.872306][ T5505] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 1454.115787][ T5505] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 1454.116721][ T7861] netlink: 16 bytes leftover after parsing attributes in process `syz.2.15072'. [ 1454.133224][ T5505] usb 4-1: config 0 has no interface number 0 [ 1454.153942][ T7861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15072'. [ 1454.161497][ T5505] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1454.176590][ T5505] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1454.186675][ T5505] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice=ee.00 [ 1454.186712][ T5505] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1454.207501][ T5505] usb 4-1: config 0 descriptor?? [ 1454.393545][ T5558] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 1454.575377][ T5558] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1454.600587][ T7869] loop4: detected capacity change from 0 to 4096 [ 1454.617312][ T5558] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 1454.652658][ T5558] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 1454.659495][ T5505] uclogic 0003:256C:006D.00A5: No inputs registered, leaving [ 1454.693469][ T5558] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1454.715838][ T5505] uclogic 0003:256C:006D.00A5: hidraw0: USB HID v0.40 Device [HID 256c:006d] on usb-dummy_hcd.3-1/input1 [ 1454.737561][ T5558] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1454.783639][ T5558] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 1454.820252][ T5558] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 1454.848643][ T5558] usb 2-1: Product: syz [ 1454.883869][ T5558] usb 2-1: Manufacturer: syz [ 1454.883896][ T5558] usb 2-1: SerialNumber: syz [ 1454.889203][ T5558] usb 2-1: config 0 descriptor?? [ 1455.112364][ T7881] netlink: 32 bytes leftover after parsing attributes in process `syz.0.15083'. [ 1455.124929][ T5558] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 1455.138208][ T5599] usb 4-1: USB disconnect, device number 4 [ 1455.148925][ T5558] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 1455.312267][ T5558] radio-si470x 2-1:0.0: software version 0, hardware version 0 [ 1455.330075][ T5558] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 1455.372231][ T5558] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 1455.507613][ T5558] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1455.528955][ T5558] radio-si470x 2-1:0.0: submitting int urb failed (-90) [ 1455.539570][ T7891] loop2: detected capacity change from 0 to 2048 [ 1455.557045][ T5558] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1455.590044][ T5558] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22 [ 1455.629342][ T5558] usb 2-1: USB disconnect, device number 9 [ 1455.639565][ T7897] netlink: 56 bytes leftover after parsing attributes in process `syz.5.15089'. [ 1455.678972][ T7891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1455.726990][ T7897] netlink: 48 bytes leftover after parsing attributes in process `syz.5.15089'. [ 1455.736622][ T7891] ext4 filesystem being mounted at /2536/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1455.857673][ T25] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 1455.930104][ T7907] loop5: detected capacity change from 0 to 256 [ 1455.961548][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1456.020137][ T7907] FAT-fs (loop5): Directory bread(block 64) failed [ 1456.039271][ T7907] FAT-fs (loop5): Directory bread(block 65) failed [ 1456.060812][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 1456.066577][ T7907] FAT-fs (loop5): Directory bread(block 66) failed [ 1456.075886][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1456.092870][ T7907] FAT-fs (loop5): Directory bread(block 67) failed [ 1456.109026][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1456.119276][ T7907] FAT-fs (loop5): Directory bread(block 68) failed [ 1456.125839][ T7907] FAT-fs (loop5): Directory bread(block 69) failed [ 1456.144470][ T25] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 1456.153870][ T7907] FAT-fs (loop5): Directory bread(block 70) failed [ 1456.161132][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1456.169344][ T7907] FAT-fs (loop5): Directory bread(block 71) failed [ 1456.178690][ T25] usb 5-1: config 0 descriptor?? [ 1456.185931][ T7907] FAT-fs (loop5): Directory bread(block 72) failed [ 1456.192493][ T7907] FAT-fs (loop5): Directory bread(block 73) failed [ 1456.646390][ T25] isku 0003:1E7D:319C.00A6: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.4-1/input0 [ 1456.863489][ T5505] usb 5-1: USB disconnect, device number 27 [ 1457.197546][ T7909] loop2: detected capacity change from 0 to 32768 [ 1457.223424][ T7909] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.15095 (7909) [ 1457.283294][ T7941] loop5: detected capacity change from 0 to 64 [ 1457.295785][ T7909] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1457.330200][ T7909] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 1457.360078][ T7909] BTRFS info (device loop2): using free-space-tree [ 1457.571934][ T7909] BTRFS info (device loop2): rebuilding free space tree [ 1457.613779][ T7960] netlink: 'syz.1.15113': attribute type 6 has an invalid length. [ 1457.946223][ T5502] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1458.149044][ T7978] loop5: detected capacity change from 0 to 1024 [ 1458.163453][ T7981] netlink: 68 bytes leftover after parsing attributes in process `syz.0.15122'. [ 1458.765627][ T7925] Bluetooth: hci1: command 0x0406 tx timeout [ 1458.770865][ T2861] Bluetooth: hci4: command 0x0406 tx timeout [ 1458.772903][ T7925] Bluetooth: hci5: command 0x0406 tx timeout [ 1458.918247][ T8002] loop2: detected capacity change from 0 to 512 [ 1458.963044][ T8001] loop5: detected capacity change from 0 to 2048 [ 1459.028966][ T8001] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1459.056550][ T8002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1459.127183][ T8002] ext4 filesystem being mounted at /2539/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1459.170006][ T8014] netlink: 'syz.4.15137': attribute type 29 has an invalid length. [ 1459.221145][ T8014] netlink: 'syz.4.15137': attribute type 29 has an invalid length. [ 1459.338173][ T5582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1459.403473][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1459.730897][ T8028] loop2: detected capacity change from 0 to 1024 [ 1460.044074][ T8034] loop1: detected capacity change from 0 to 2048 [ 1460.060920][T18586] hfsplus: b-tree write err: -5, ino 4 [ 1460.096326][ T8034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1460.144928][ T5558] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 1460.356915][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1460.386675][ T5558] usb 6-1: Using ep0 maxpacket: 16 [ 1460.400210][ T5558] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1460.430631][ T5558] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1460.472402][ T5558] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1460.501469][ T5558] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1460.530095][ T5558] usb 6-1: config 0 descriptor?? [ 1460.673042][ T8020] loop4: detected capacity change from 0 to 32768 [ 1460.730708][ T8020] find_entry called with index >= next_index [ 1460.959003][ T5558] uclogic 0003:28BD:0071.00A7: interface is invalid, ignoring [ 1461.173652][ T5558] usb 6-1: USB disconnect, device number 25 [ 1461.298895][ T8061] loop2: detected capacity change from 0 to 8 [ 1461.651043][ T8071] netlink: 'syz.0.15160': attribute type 29 has an invalid length. [ 1461.712632][ T8071] netlink: 'syz.0.15160': attribute type 29 has an invalid length. [ 1461.771559][ T8073] netlink: 'syz.2.15162': attribute type 3 has an invalid length. [ 1462.187918][ T8092] loop5: detected capacity change from 0 to 16 [ 1462.289051][ T8092] erofs: (device loop5): mounted with root inode @ nid 36. [ 1462.343743][ T8092] syz.5.15170: attempt to access beyond end of device [ 1462.343743][ T8092] loop5: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 1462.400049][ T8092] syz.5.15170: attempt to access beyond end of device [ 1462.400049][ T8092] loop5: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 1462.523091][ T5558] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1462.712920][ T5558] usb 3-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 1462.750621][ T5558] usb 3-1: config 0 has an invalid interface association descriptor of length 5, skipping [ 1462.792566][ T5558] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1462.820270][ T5558] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1462.848784][ T8103] loop4: detected capacity change from 0 to 2048 [ 1462.856509][ T5558] usb 3-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 1462.884252][ T5558] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1462.886030][ T8103] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1462.922687][ T8103] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1462.940859][ T8103] UDF-fs: Scanning with blocksize 512 failed [ 1462.941625][ T5558] usb 3-1: Product: syz [ 1462.966571][ T8103] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1462.970516][ T5558] usb 3-1: Manufacturer: syz [ 1463.015632][ T5558] usb 3-1: SerialNumber: syz [ 1463.025788][ T5558] usb 3-1: config 0 descriptor?? [ 1463.243746][ T8109] netlink: 60 bytes leftover after parsing attributes in process `syz.0.15179'. [ 1463.310375][ T8085] loop1: detected capacity change from 0 to 40427 [ 1463.337634][T27208] usb 3-1: USB disconnect, device number 25 [ 1463.445423][ T8085] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1463.538853][T19826] Bluetooth: hci6: command 0x0406 tx timeout [ 1463.758506][ T8085] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1464.948165][ T8121] loop4: detected capacity change from 0 to 40427 [ 1464.962440][ T8128] loop5: detected capacity change from 0 to 32768 [ 1464.983505][ T8128] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15186 (8128) [ 1465.011821][ T8121] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1465.036160][ T8128] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1465.066302][ T8128] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 1465.099936][ T8128] BTRFS info (device loop5): using free-space-tree [ 1465.250861][ T8121] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1465.419897][T27208] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 1465.545121][T32755] syz-executor: attempt to access beyond end of device [ 1465.545121][T32755] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1465.597634][T32755] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1465.608919][ T5582] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1465.662192][T27208] usb 3-1: config 0 has an invalid interface number: 170 but max is 0 [ 1465.670394][T27208] usb 3-1: config 0 has no interface number 0 [ 1465.743581][T27208] usb 3-1: config 0 interface 170 altsetting 68 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1465.774474][T27208] usb 3-1: config 0 interface 170 altsetting 68 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1465.798974][T27208] usb 3-1: config 0 interface 170 has no altsetting 0 [ 1465.809909][T27208] usb 3-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00 [ 1465.829887][T27208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1465.859454][T27208] usb 3-1: config 0 descriptor?? [ 1466.303279][T27208] uclogic 0003:5543:004D.00A8: interface is invalid, ignoring [ 1466.507838][ T5505] usb 3-1: USB disconnect, device number 26 [ 1466.999095][ T8201] loop5: detected capacity change from 0 to 4096 [ 1467.015260][ T8201] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1467.122123][ T8201] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 1467.287702][ T8212] loop2: detected capacity change from 0 to 8 [ 1467.350316][ T5582] ntfs3: loop5: ino=1a, ntfs_sync_fs failed, -22. [ 1467.371722][ T8212] SQUASHFS error: zlib decompression failed, data probably corrupt [ 1467.415012][ T8212] SQUASHFS error: Failed to read block 0x13e: -5 [ 1467.433620][ T8212] SQUASHFS error: Unable to read metadata cache entry [13c] [ 1467.452345][ T8212] SQUASHFS error: Unable to read directory block [13c:26] [ 1467.719046][ T8225] sp0: Synchronizing with TNC [ 1467.726035][ T8226] loop4: detected capacity change from 0 to 8 [ 1467.760158][ T8224] [U] è` [ 1467.779067][ T8226] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1468.249903][ T8243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15233'. [ 1468.309317][ T8247] vivid-007: ================= START STATUS ================= [ 1468.339412][ T8247] vivid-007: Enable Output Cropping: true [ 1468.346436][ T8247] vivid-007: Enable Output Composing: true [ 1468.378477][ T8247] vivid-007: Enable Output Scaler: true [ 1468.393442][T27208] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 1468.404271][ T8247] vivid-007: Tx RGB Quantization Range: Automatic [ 1468.410774][ T8247] vivid-007: Transmit Mode: HDMI [ 1468.437491][ T8247] vivid-007: Hotplug Present: 0x00000000 [ 1468.456066][ T8247] vivid-007: RxSense Present: 0x00000000 [ 1468.468116][ T8247] vivid-007: EDID Present: 0x00000000 [ 1468.478330][ T8247] vivid-007: ================== END STATUS ================== [ 1468.607777][T27208] usb 3-1: Using ep0 maxpacket: 8 [ 1468.615342][T27208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1468.647856][T27208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1468.683473][T27208] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 1468.700811][ T25] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1468.718677][T27208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1468.730845][ T8253] netlink: 'syz.4.15238': attribute type 12 has an invalid length. [ 1468.754370][T27208] usb 3-1: config 0 descriptor?? [ 1468.926794][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1468.993263][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1469.012993][ T25] usb 6-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00 [ 1469.039411][ T8257] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15240'. [ 1469.041646][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1469.082457][ T25] usb 6-1: config 0 descriptor?? [ 1469.197409][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.210184][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x6 [ 1469.232107][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x5 [ 1469.241308][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x4 [ 1469.248307][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.297176][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.326336][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.352562][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.381584][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.399948][T27208] cherry 0003:046A:0027.00A9: unknown main item tag 0x0 [ 1469.416506][T27208] cherry 0003:046A:0027.00A9: unknown global tag 0xd [ 1469.447809][T27208] cherry 0003:046A:0027.00A9: item 0 4 1 13 parsing failed [ 1469.467602][T27208] cherry 0003:046A:0027.00A9: probe with driver cherry failed with error -22 [ 1469.547099][ T8245] loop1: detected capacity change from 0 to 32768 [ 1469.558216][T27208] usb 3-1: USB disconnect, device number 27 [ 1469.564578][ T25] wacom 0003:056A:032C.00AA: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.5-1/input0 [ 1469.661861][ T8245] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1469.804087][ T5505] usb 6-1: USB disconnect, device number 26 [ 1469.872436][ T8245] XFS (loop1): Ending clean mount [ 1470.150318][ T8281] loop4: detected capacity change from 0 to 256 [ 1470.192825][ T5605] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1470.221552][ T8281] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1470.316650][ T29] audit: type=1800 audit(2000000368.687:1668): pid=8281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.15248" name="bus" dev="loop4" ino=1049034 res=0 errno=0 [ 1471.098227][ T8291] loop5: detected capacity change from 0 to 64 [ 1471.525280][ T66] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.612450][ T8283] loop2: detected capacity change from 0 to 32768 [ 1471.636870][ T8283] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.15250 (8283) [ 1471.711585][ T8283] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1471.730662][ T8283] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 1471.771502][ T66] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1471.785859][ T8283] BTRFS info (device loop2): using free-space-tree [ 1472.117719][ T66] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1472.165809][ T8325] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 1472.172378][ T8325] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1472.235201][ T8325] vhci_hcd vhci_hcd.0: Device attached [ 1472.311306][ T8326] vhci_hcd: connection closed [ 1472.317273][ T12] vhci_hcd: stop threads [ 1472.345880][ T12] vhci_hcd: release socket [ 1472.356462][ T12] vhci_hcd: disconnect device [ 1472.429642][T29662] vhci_hcd: vhci_device speed not set [ 1472.445478][ T5502] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1472.456406][ T66] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1472.925895][T19826] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1472.943953][T19826] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1472.968122][T19826] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1472.996996][T19826] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1473.046921][T19826] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 1473.055388][T19826] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1473.186284][ T66] team0: left allmulticast mode [ 1473.191190][ T66] team_slave_0: left allmulticast mode [ 1473.240446][ T66] team_slave_1: left allmulticast mode [ 1473.245962][ T66] team0: left promiscuous mode [ 1473.308513][ T66] team_slave_0: left promiscuous mode [ 1473.314408][ T66] team_slave_1: left promiscuous mode [ 1473.352538][ T66] bridge0: port 3(team0) entered disabled state [ 1473.429625][ T66] bridge_slave_1: left allmulticast mode [ 1473.435323][ T66] bridge_slave_1: left promiscuous mode [ 1473.466924][ T66] bridge0: port 2(bridge_slave_1) entered disabled state [ 1473.533980][ T66] bridge_slave_0: left allmulticast mode [ 1473.566475][ T66] bridge_slave_0: left promiscuous mode [ 1473.572275][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 1473.625127][ T25] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 1473.825192][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 8192, setting to 1024 [ 1473.843295][ T25] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 1024 [ 1473.880348][ T25] usb 6-1: New USB device found, idVendor=0499, idProduct=1035, bcdDevice=56.12 [ 1473.918250][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1473.948502][T27208] usb 3-1: new full-speed USB device number 28 using dummy_hcd [ 1473.978891][ T25] usb 6-1: config 0 descriptor?? [ 1474.010049][ T25] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1474.150262][T27208] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44 [ 1474.193807][T27208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1474.257155][T27208] usb 3-1: config 0 descriptor?? [ 1474.299364][T27208] pwc: Samsung MPC-C10 USB webcam detected. [ 1474.317076][ T25] usb 6-1: USB disconnect, device number 27 [ 1474.474765][T27208] pwc: send_video_command error -71 [ 1474.500034][T27208] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1474.507751][T27208] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 1474.565524][T27208] usb 3-1: USB disconnect, device number 28 [ 1475.029360][T19826] Bluetooth: hci8: command tx timeout [ 1475.219454][ T8393] netlink: 'syz.2.15295': attribute type 1 has an invalid length. [ 1475.244927][ T8394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15294'. [ 1475.262771][ T8393] netlink: 9344 bytes leftover after parsing attributes in process `syz.2.15295'. [ 1475.286084][ T8390] loop5: detected capacity change from 0 to 2048 [ 1475.297329][ T8393] netlink: 'syz.2.15295': attribute type 1 has an invalid length. [ 1475.312060][ T8390] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1475.855028][ T8405] random: crng reseeded on system resumption [ 1476.103601][ T5599] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 1476.300328][ T5599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1476.334078][ T5599] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1476.343889][ T5599] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00 [ 1476.371468][ T5599] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1476.401032][ T5599] usb 3-1: config 0 descriptor?? [ 1476.824024][ T5599] prodikeys 0003:041E:2801.00AB: unknown main item tag 0x0 [ 1476.866470][ T5599] prodikeys 0003:041E:2801.00AB: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.2-1/input0 [ 1476.908204][ T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1476.959190][T19826] Bluetooth: hci8: command tx timeout [ 1476.975234][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1477.061818][ T66] bond0 (unregistering): Released all slaves [ 1477.062714][ T5599] usb 3-1: USB disconnect, device number 29 [ 1477.128163][ T8402] loop5: detected capacity change from 0 to 32768 [ 1477.152809][ T8341] lo speed is unknown, defaulting to 1000 [ 1477.241446][ T8402] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1477.601873][ T8402] XFS (loop5): Ending clean mount [ 1477.691606][ T8402] XFS (loop5): Quotacheck needed: Please wait. [ 1477.959439][ T8402] XFS (loop5): Quotacheck: Done. [ 1478.186615][ T5582] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1478.823911][ T66] hsr_slave_0: left promiscuous mode [ 1478.853726][ T8455] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.15320'. [ 1478.878442][ T66] hsr_slave_1: left promiscuous mode [ 1478.899140][T19826] Bluetooth: hci8: command tx timeout [ 1478.919034][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1478.938019][ T66] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1479.034526][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1479.084805][ T66] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1479.166884][ T8463] tmpfs: Unexpected value for 'grpquota' [ 1479.232603][ T66] veth1_macvtap: left promiscuous mode [ 1479.264375][ T66] veth0_macvtap: left promiscuous mode [ 1479.288036][ T66] veth1_vlan: left promiscuous mode [ 1479.317370][ T66] veth0_vlan: left promiscuous mode [ 1479.810346][ T8456] loop5: detected capacity change from 0 to 32768 [ 1479.866628][ T8456] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15316 (8456) [ 1479.932782][ T8456] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 1479.958690][ T8456] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 1480.001722][ T8456] BTRFS info (device loop5): using free-space-tree [ 1480.169260][ T8495] 9pnet_fd: Insufficient options for proto=fd [ 1480.837840][T19826] Bluetooth: hci8: command tx timeout [ 1480.961923][ T5582] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 1481.019221][ T8509] loop1: detected capacity change from 0 to 512 [ 1481.118869][ T8509] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1481.176042][ T8509] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1481.351219][ T8496] loop2: detected capacity change from 0 to 32768 [ 1481.440702][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1482.813755][ T66] team0 (unregistering): Port device team_slave_1 removed [ 1483.044044][ T66] team0 (unregistering): Port device team_slave_0 removed [ 1483.432146][ T8544] overlayfs: disabling nfs_export due to verity=require [ 1483.449502][ T8544] overlayfs: missing 'lowerdir' [ 1484.629663][ T8519] netlink: 16 bytes leftover after parsing attributes in process `syz.5.15340'. [ 1484.640895][ T8519] tipc: Enabling of bearer rejected, failed to enable media [ 1484.824809][ T8341] chnl_net:caif_netlink_parms(): no params data found [ 1484.948842][ T8563] syz.1.15360: attempt to access beyond end of device [ 1484.948842][ T8563] nbd1: rw=0, sector=16, nr_sectors = 8 limit=0 [ 1484.952526][ T8562] loop2: detected capacity change from 0 to 512 [ 1484.992909][ T8563] REISERFS warning (device nbd1): sh-2006 read_super_block: bread failed (dev nbd1, block 2, size 4096) [ 1485.006153][ T8563] syz.1.15360: attempt to access beyond end of device [ 1485.006153][ T8563] nbd1: rw=0, sector=128, nr_sectors = 8 limit=0 [ 1485.022014][ T8563] REISERFS warning (device nbd1): sh-2006 read_super_block: bread failed (dev nbd1, block 16, size 4096) [ 1485.031777][ T8562] EXT4-fs: Ignoring removed mblk_io_submit option [ 1485.034719][ T8563] REISERFS warning (device nbd1): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd1 [ 1485.100887][ T8562] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 1485.243087][ T8562] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 1485.299282][ T8562] System zones: 1-12 [ 1485.324889][ T8341] bridge0: port 1(bridge_slave_0) entered blocking state [ 1485.338611][ T8562] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.15361: corrupted in-inode xattr: e_value size too large [ 1485.342452][ T8341] bridge0: port 1(bridge_slave_0) entered disabled state [ 1485.412831][ T8562] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.15361: couldn't read orphan inode 15 (err -117) [ 1485.414602][ T8341] bridge_slave_0: entered allmulticast mode [ 1485.471229][ T8341] bridge_slave_0: entered promiscuous mode [ 1485.473499][ T8562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1485.517631][ T8341] bridge0: port 2(bridge_slave_1) entered blocking state [ 1485.546827][ T8341] bridge0: port 2(bridge_slave_1) entered disabled state [ 1485.571711][ T8341] bridge_slave_1: entered allmulticast mode [ 1485.579472][ T8341] bridge_slave_1: entered promiscuous mode [ 1485.756747][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1485.896677][ T8341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1485.965084][ T8341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1486.166960][ T8341] team0: Port device team_slave_0 added [ 1486.200147][ T8341] team0: Port device team_slave_1 added [ 1486.300220][ T29] audit: type=1326 audit(2000000385.832:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.2.15376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9e3379ef9 code=0x7ffc0000 [ 1486.388856][ T29] audit: type=1326 audit(2000000385.832:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.2.15376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7ff9e3379ef9 code=0x7ffc0000 [ 1486.467444][ T29] audit: type=1326 audit(2000000385.832:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.2.15376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9e3379ef9 code=0x7ffc0000 [ 1486.486887][ T8341] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1486.533803][ T8341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1486.556071][ T29] audit: type=1326 audit(2000000385.832:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.2.15376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9e3379ef9 code=0x7ffc0000 [ 1486.649433][ T8341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1486.728515][ T8341] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1486.735496][ T8341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1486.848471][ T8341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1487.163921][ T8341] hsr_slave_0: entered promiscuous mode [ 1487.202845][ T8341] hsr_slave_1: entered promiscuous mode [ 1487.221047][ T8341] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1487.228626][ T8341] Cannot create hsr debugfs directory [ 1487.768214][ T8642] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744072876613744) [ 1487.808437][ T8642] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647 [ 1488.038206][ T8654] loop1: detected capacity change from 0 to 64 [ 1488.433958][ T5516] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1488.446193][ T5516] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1488.487350][ T8669] loop2: detected capacity change from 0 to 512 [ 1488.493860][ T5516] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1488.510773][ T5516] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1488.524299][ T5516] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 1488.531921][ T5516] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1488.642997][ T8669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1488.795106][ T8669] ext4 filesystem being mounted at /2586/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1488.941039][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1488.965687][ T8661] lo speed is unknown, defaulting to 1000 [ 1489.044427][ T8682] loop1: detected capacity change from 0 to 64 [ 1489.723607][ T8698] loop5: detected capacity change from 0 to 2048 [ 1489.732540][ T8341] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1489.768901][ T8698] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1489.839884][ T8341] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1489.883637][ T8341] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1489.965618][ T8712] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15424'. [ 1489.982365][ T8341] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1490.138673][T29678] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1490.140814][ T5582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1490.262455][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 1490.343045][T29678] usb 2-1: Using ep0 maxpacket: 16 [ 1490.363923][T29678] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1490.434114][T29678] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1490.465769][ T5516] Bluetooth: hci9: command tx timeout [ 1490.473782][T29678] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1490.506178][ T8661] chnl_net:caif_netlink_parms(): no params data found [ 1490.548681][T29678] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1490.585730][T29678] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1490.588217][ T8722] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15429'. [ 1490.618251][ T8341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1490.658454][T29678] usb 2-1: config 0 descriptor?? [ 1490.899681][ T8341] 8021q: adding VLAN 0 to HW filter on device team0 [ 1491.101428][T29678] microsoft 0003:045E:07DA.00AC: unknown main item tag 0x0 [ 1491.145143][T29678] microsoft 0003:045E:07DA.00AC: ignoring exceeding usage max [ 1491.184964][T18586] bridge0: port 1(bridge_slave_0) entered blocking state [ 1491.192241][T18586] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1491.229520][T29678] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.00AC/input/input105 [ 1491.245715][ T8661] bridge0: port 1(bridge_slave_0) entered blocking state [ 1491.276077][ T8661] bridge0: port 1(bridge_slave_0) entered disabled state [ 1491.302364][ T8661] bridge_slave_0: entered allmulticast mode [ 1491.321221][ T8661] bridge_slave_0: entered promiscuous mode [ 1491.338128][ T8661] bridge0: port 2(bridge_slave_1) entered blocking state [ 1491.369081][T29678] microsoft 0003:045E:07DA.00AC: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1491.387151][ T8661] bridge0: port 2(bridge_slave_1) entered disabled state [ 1491.413979][ T8661] bridge_slave_1: entered allmulticast mode [ 1491.423190][T29678] usb 2-1: USB disconnect, device number 10 [ 1491.435541][ T8661] bridge_slave_1: entered promiscuous mode [ 1491.474648][T18582] bridge0: port 2(bridge_slave_1) entered blocking state [ 1491.481862][T18582] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1491.505873][ T8711] loop2: detected capacity change from 0 to 40427 [ 1491.526457][ T8711] F2FS-fs (loop2): invalid crc value [ 1491.586483][ T8711] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1491.651807][ T8661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1491.703287][ T8661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1491.799042][ T8711] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 1491.808177][ T8747] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15438'. [ 1492.072630][ T8661] team0: Port device team_slave_0 added [ 1492.115697][ T8661] team0: Port device team_slave_1 added [ 1492.287461][ T8754] loop1: detected capacity change from 0 to 256 [ 1492.338652][ T8661] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1492.351122][ T8754] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xadbf5ead, utbl_chksum : 0xe619d30d) [ 1492.367756][ T8661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1492.394503][ T5516] Bluetooth: hci9: command tx timeout [ 1492.486757][ T8661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1492.586322][ T8661] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1492.635352][ T8661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1492.767749][ T8661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1493.080499][ T8739] loop5: detected capacity change from 0 to 32768 [ 1493.098985][ T8661] hsr_slave_0: entered promiscuous mode [ 1493.145917][ T8739] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1493.151047][ T8661] hsr_slave_1: entered promiscuous mode [ 1493.184275][ T8739] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1493.190629][ T8769] loop2: detected capacity change from 0 to 512 [ 1493.204709][ T8661] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1493.229087][ T8661] Cannot create hsr debugfs directory [ 1493.230625][ T8739] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 1493.254732][ T5811] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1493.262943][ T8769] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #12: comm syz.2.15446: corrupted in-inode xattr: invalid ea_ino [ 1493.264428][ T8763] netlink: 'syz.1.15445': attribute type 4 has an invalid length. [ 1493.288438][ T8769] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.15446: couldn't read orphan inode 12 (err -117) [ 1493.299008][ T5811] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1493.330828][ T8769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1493.358741][ T8763] netlink: 17 bytes leftover after parsing attributes in process `syz.1.15445'. [ 1493.565942][ T5811] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 286ms [ 1493.596750][ T5811] gfs2: fsid=syz:syz.0: jid=0: Done [ 1493.602008][ T8739] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1493.670726][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1494.213549][ T8341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1494.333522][ T5516] Bluetooth: hci9: command tx timeout [ 1494.437066][ T5599] hid-generic 0000:0000:0000.00AD: unknown main item tag 0x0 [ 1494.463394][T27208] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1494.471003][ T5599] hid-generic 0000:0000:0000.00AD: unknown main item tag 0x0 [ 1494.477581][ T5599] hid-generic 0000:0000:0000.00AD: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1494.627090][ T8661] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1494.696247][T27208] usb 3-1: Using ep0 maxpacket: 32 [ 1494.707471][T27208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1494.750358][T27208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1494.789648][T27208] usb 3-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 1494.838500][T27208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1494.876751][T27208] usb 3-1: config 0 descriptor?? [ 1495.069972][ T8661] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1495.310059][T27208] waltop 0003:172F:0501.00AE: item fetching failed at offset 2/5 [ 1495.376834][T27208] waltop 0003:172F:0501.00AE: probe with driver waltop failed with error -22 [ 1495.404178][ T8661] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1495.549926][ T25] usb 3-1: USB disconnect, device number 30 [ 1495.696770][ T8661] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1495.795883][T29662] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 1495.829868][ T8341] veth0_vlan: entered promiscuous mode [ 1495.922057][ T8341] veth1_vlan: entered promiscuous mode [ 1496.002766][T29662] usb 6-1: Using ep0 maxpacket: 16 [ 1496.010982][T29662] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1496.058565][T29662] usb 6-1: config 0 has an invalid interface number: 193 but max is 0 [ 1496.082308][ T8661] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1496.089324][T29662] usb 6-1: config 0 has no interface number 0 [ 1496.115383][T29662] usb 6-1: config 0 interface 193 altsetting 4 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 1496.129214][ T8341] veth0_macvtap: entered promiscuous mode [ 1496.161865][ T8661] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1496.166535][T29662] usb 6-1: config 0 interface 193 has no altsetting 0 [ 1496.199672][ T8661] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1496.199800][T29662] usb 6-1: New USB device found, idVendor=0499, idProduct=1034, bcdDevice=50.3a [ 1496.235811][ T8341] veth1_macvtap: entered promiscuous mode [ 1496.236744][T29662] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1496.261698][ T8819] netlink: 16 bytes leftover after parsing attributes in process `syz.2.15465'. [ 1496.269945][T29662] usb 6-1: Product: syz [ 1496.275700][ T5516] Bluetooth: hci9: command tx timeout [ 1496.289842][T29662] usb 6-1: Manufacturer: syz [ 1496.294538][T29662] usb 6-1: SerialNumber: syz [ 1496.301310][ T8661] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1496.304092][T29662] usb 6-1: config 0 descriptor?? [ 1496.491863][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.523080][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.540350][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.560025][ T5505] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1496.574811][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.600846][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.616008][T29662] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 1496.627512][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.646478][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.670708][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.686555][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.708622][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.716278][T29662] snd-usb-audio 6-1:0.193: probe with driver snd-usb-audio failed with error -2 [ 1496.725354][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.769732][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.775393][T29662] usb 6-1: USB disconnect, device number 28 [ 1496.780108][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.786620][ T5505] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1496.827721][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.846921][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1496.849150][ T5505] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1496.887466][ T5505] usb 2-1: config 0 descriptor?? [ 1496.908932][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1496.915941][ T5505] cp210x 2-1:0.0: cp210x converter detected [ 1496.947215][ T8341] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1497.021811][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.070989][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.114817][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.140357][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.166551][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.177225][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.212838][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.231252][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.261706][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.286442][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.308632][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.322017][ T5505] cp210x 2-1:0.0: failed to get vendor val 0x370c size 13: -32 [ 1497.341589][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.350283][ T5505] cp210x 2-1:0.0: GPIO initialisation failed: -32 [ 1497.359802][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.376980][ T5505] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1497.401406][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.431139][ T8341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1497.437971][ T5505] usb 2-1: USB disconnect, device number 11 [ 1497.469850][ T8341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1497.478510][ T5505] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1497.498824][ T5505] cp210x 2-1:0.0: device disconnected [ 1497.503449][ T8341] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1497.692190][ T8341] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1497.707500][ T8341] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1497.733264][ T8341] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1497.749512][ T8341] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1497.986593][ T8827] loop2: detected capacity change from 0 to 32768 [ 1498.070786][ T8827] read_mapping_page failed! [ 1498.083900][ T8827] ERROR: (device loop2): dbDiscardAG: -EIO [ 1498.083900][ T8827] [ 1498.109938][ T8827] ERROR: (device loop2): remounting filesystem as read-only [ 1498.152213][ T8661] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1498.286920][ T113] read_mapping_page failed! [ 1498.343593][ T2898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1498.373471][ T2898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1498.380564][ T8661] 8021q: adding VLAN 0 to HW filter on device team0 [ 1498.449998][ T2898] bridge0: port 1(bridge_slave_0) entered blocking state [ 1498.457204][ T2898] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1498.554105][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1498.564784][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1498.625777][ T2898] bridge0: port 2(bridge_slave_1) entered blocking state [ 1498.632989][ T2898] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1498.972952][ T8851] netlink: 'syz.0.15481': attribute type 10 has an invalid length. [ 1499.002754][ T8851] netem: change failed [ 1499.054397][ T8661] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1499.965295][ T8661] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1500.011078][ T8843] loop1: detected capacity change from 0 to 32768 [ 1500.085828][ T8872] loop2: detected capacity change from 0 to 1024 [ 1500.129137][ T8661] veth0_vlan: entered promiscuous mode [ 1500.150168][ T8661] veth1_vlan: entered promiscuous mode [ 1500.197126][ T8661] veth0_macvtap: entered promiscuous mode [ 1500.204940][ T8843] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1500.248538][ T8872] hfsplus: catalog searching failed [ 1500.278014][ T8661] veth1_macvtap: entered promiscuous mode [ 1500.407341][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.445195][ T8843] XFS (loop1): Ending clean mount [ 1500.476027][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.515432][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.569013][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.605252][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.661286][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.698121][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.736066][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.772883][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.812843][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.856774][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.895000][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1500.926737][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1500.968287][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.005928][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1501.062558][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.099027][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1501.111872][ T8863] loop4: detected capacity change from 0 to 32768 [ 1501.136563][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.174730][ T8661] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1501.183402][ T8863] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.15484 (8863) [ 1501.208330][ T8882] binder: 8881:8882 ioctl c00c620f 20000340 returned -22 [ 1501.216475][ T5605] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1501.239006][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.299878][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.358722][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.360144][ T8863] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1501.392083][ T8884] loop2: detected capacity change from 0 to 128 [ 1501.413735][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.432672][ T8863] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 1501.472102][ T8863] BTRFS info (device loop4): using free-space-tree [ 1501.472230][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.528064][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.567980][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.592019][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.639830][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.722441][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.798424][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.873790][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1501.928556][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1501.969652][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1502.003706][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1502.040944][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1502.093536][ T8661] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1502.134014][ T8661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1502.178020][ T8661] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1502.342678][ T8661] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1502.373217][ T8661] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1502.396357][ T8661] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1502.416641][ T8661] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1502.498778][ T8341] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1502.859641][T18592] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1502.875431][T18592] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1503.047573][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1503.055433][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1503.213342][ T8926] loop2: detected capacity change from 0 to 1024 [ 1503.263785][ T8926] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e04cc02c, mo2=0002] [ 1503.274044][ T8926] System zones: 0-1, 3-36 [ 1503.323872][ T8926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1503.454626][ T8926] EXT4-fs error (device loop2): __ext4_iget:4985: inode #12: block 13: comm syz.2.15502: invalid block [ 1503.467836][ T8926] EXT4-fs (loop2): Remounting filesystem read-only [ 1503.537790][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1503.686558][ T8938] loop5: detected capacity change from 0 to 8 [ 1503.705248][ T8938] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 1504.324882][T19826] Bluetooth: hci10: command 0x1003 tx timeout [ 1504.334081][ T5516] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 1504.806409][ T8961] macsec1: entered promiscuous mode [ 1504.851721][ T8961] macsec1: entered allmulticast mode [ 1504.974469][ T8966] loop5: detected capacity change from 0 to 512 [ 1505.047132][ T8966] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1505.076531][ T8968] loop1: detected capacity change from 0 to 1024 [ 1505.117117][ T8966] EXT4-fs (loop5): 1 truncate cleaned up [ 1505.148243][ T8966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1505.192936][ T8968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1505.370707][ T5582] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1505.463435][ T8980] loop2: detected capacity change from 0 to 64 [ 1505.482292][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1505.792965][ T8991] sg_write: process 20 (syz.4.15528) changed security contexts after opening file descriptor, this is not allowed. [ 1506.746252][ T9026] loop1: detected capacity change from 0 to 512 [ 1506.817933][ T9026] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1506.893888][ T9026] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1507.211608][ T9040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15547'. [ 1507.239379][ T5605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1507.418849][ T9046] binder: 9045:9046 ioctl 400c620e 20000380 returned -22 [ 1507.542004][ T9044] loop5: detected capacity change from 0 to 4096 [ 1507.649468][ T9054] loop4: detected capacity change from 0 to 128 [ 1507.686404][ T9054] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1507.714958][ T9054] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1507.723308][ T9044] ntfs3: loop5: failed to convert "0080" to koi8-ru [ 1507.751186][ T9057] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15556'. [ 1507.771364][ T9044] ntfs3: loop5: failed to convert name for inode 1e. [ 1507.788675][ T9044] ntfs3: loop5: failed to convert "256c" to koi8-ru [ 1508.248202][ T9065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15560'. [ 1508.360659][ T6022] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 1508.554343][ T6022] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1508.574822][ T6022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1508.621666][ T6022] usb 6-1: config 0 descriptor?? [ 1508.629179][ T9072] loop2: detected capacity change from 0 to 512 [ 1508.674102][ T9072] EXT4-fs: Ignoring removed oldalloc option [ 1508.694652][ T9072] EXT4-fs: Ignoring removed oldalloc option [ 1508.713279][ T9072] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1508.764060][ T9072] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #16: comm syz.2.15563: invalid indirect mapped block 83886080 (level 1) [ 1508.793903][ T9072] EXT4-fs (loop2): Remounting filesystem read-only [ 1508.817882][ T9072] EXT4-fs (loop2): 1 orphan inode deleted [ 1508.847788][ T9072] EXT4-fs (loop2): 1 truncate cleaned up [ 1508.874995][ T9072] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1509.020796][ T6022] [drm:udl_init] *ERROR* Selecting channel failed [ 1509.073866][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1509.080604][ T6022] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2 [ 1509.124397][ T6022] [drm] Initialized udl on minor 2 [ 1509.161147][ T6022] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1509.196887][ T6022] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 1509.218381][T29678] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1509.238222][ T6022] usb 6-1: USB disconnect, device number 29 [ 1509.247745][T29678] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed [ 1509.265780][T29678] udl 6-1:0.0: [drm] Cannot find any crtc or sizes [ 1509.275765][ T9087] tipc: Failed to obtain node identity [ 1509.281268][ T9087] tipc: Enabling of bearer rejected, failed to enable media [ 1509.414620][ T9085] loop4: detected capacity change from 0 to 4096 [ 1509.463712][ T9091] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1509.912416][ T9101] ieee802154 phy0 wpan0: encryption failed: -90 [ 1510.170567][ T9103] loop1: detected capacity change from 0 to 164 [ 1510.610704][ T9089] loop2: detected capacity change from 0 to 32768 [ 1510.676399][ T29] audit: type=1800 audit(2000000411.989:1673): pid=9089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.15567" name="bus" dev="loop2" ino=7 res=0 errno=0 [ 1510.915051][ T9089] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 1510.915051][ T9089] [ 1511.014216][ T9089] ERROR: (device loop2): remounting filesystem as read-only [ 1511.081110][ T9089] ialloc: diAlloc returned -5! [ 1511.385394][ T9097] loop5: detected capacity change from 0 to 40427 [ 1511.445111][ T9097] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 1511.452183][ T9097] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1511.476482][ T9097] F2FS-fs (loop5): build fault injection attr: rate: 17008, type: 0x1fffff [ 1511.538871][ T9097] F2FS-fs (loop5): invalid crc value [ 1511.600995][ T9097] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1511.864385][ T9097] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1511.871694][ T9097] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1511.990935][ T9097] syz.5.15573: attempt to access beyond end of device [ 1511.990935][ T9097] loop5: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 1512.210226][ T9150] loop2: detected capacity change from 0 to 64 [ 1512.549523][T18582] kworker/u8:9: attempt to access beyond end of device [ 1512.549523][T18582] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 1512.606395][T18582] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 1512.897828][ T9139] loop1: detected capacity change from 0 to 32768 [ 1512.973316][ T9139] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.15592 (9139) [ 1513.076051][ T9139] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1513.127400][ T9139] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 1513.176018][ T9139] BTRFS info (device loop1): using free-space-tree [ 1513.392519][ T9175] loop4: detected capacity change from 0 to 16 [ 1513.443647][ T9175] erofs: (device loop4): mounted with root inode @ nid 36. [ 1513.607944][ T5605] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1513.792979][ T9183] netlink: 'syz.5.15603': attribute type 22 has an invalid length. [ 1513.940054][ T9157] loop2: detected capacity change from 0 to 32768 [ 1514.167292][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1514.228247][ T9191] loop4: detected capacity change from 0 to 256 [ 1514.389642][ T9191] FAT-fs (loop4): Directory bread(block 64) failed [ 1514.396608][ T9191] FAT-fs (loop4): Directory bread(block 65) failed [ 1514.416581][ T9191] FAT-fs (loop4): Directory bread(block 66) failed [ 1514.450532][ T9191] FAT-fs (loop4): Directory bread(block 67) failed [ 1514.484049][ T9191] FAT-fs (loop4): Directory bread(block 68) failed [ 1514.511479][ T9191] FAT-fs (loop4): Directory bread(block 69) failed [ 1514.519016][ T9191] FAT-fs (loop4): Directory bread(block 70) failed [ 1514.538618][ T9191] FAT-fs (loop4): Directory bread(block 71) failed [ 1514.576705][ T9191] FAT-fs (loop4): Directory bread(block 72) failed [ 1514.583294][ T9191] FAT-fs (loop4): Directory bread(block 73) failed [ 1514.972341][ T9205] tun0: tun_chr_ioctl cmd 1074025680 [ 1515.156160][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1515.304099][T29662] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 1515.501936][T29662] usb 5-1: config 0 has no interfaces? [ 1515.511718][T29662] usb 5-1: New USB device found, idVendor=eb1a, idProduct=e350, bcdDevice=f8.fa [ 1515.544219][T29662] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1515.575512][T29662] usb 5-1: config 0 descriptor?? [ 1515.838080][ T5811] usb 5-1: USB disconnect, device number 28 [ 1515.886700][T29662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1516.113655][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1516.577290][ T9244] bridge0: port 2(bridge_slave_1) entered disabled state [ 1517.076482][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1517.188747][ T9255] loop4: detected capacity change from 0 to 4096 [ 1517.209244][ T9255] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 1517.270100][ T9255] ntfs3: loop4: Failed to load $Extend (-22). [ 1517.298172][ T9255] ntfs3: loop4: Failed to initialize $Extend. [ 1518.064188][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1518.268305][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1518.401272][ T9264] loop2: detected capacity change from 0 to 32768 [ 1518.603694][ T9270] loop5: detected capacity change from 0 to 32768 [ 1518.624175][ T9270] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.15643 (9270) [ 1518.684172][ T9270] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 1518.719234][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1518.719255][ T9270] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 1518.770577][ T9270] BTRFS info (device loop5): using free-space-tree [ 1518.867177][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1518.879222][T29662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1519.014174][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1519.141412][ T9305] netlink: 'syz.1.15654': attribute type 9 has an invalid length. [ 1519.150124][ T9305] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.15654'. [ 1519.212982][ T9309] netlink: 'syz.1.15654': attribute type 9 has an invalid length. [ 1519.265029][ T9309] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.15654'. [ 1519.451405][T29678] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 1519.647059][T29678] usb 4-1: Using ep0 maxpacket: 8 [ 1519.671046][T29678] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 1519.703009][T29678] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 1519.766673][T29678] usb 4-1: config 135 has no interface number 0 [ 1519.775614][ T5582] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 1519.798951][T29678] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1519.908043][T29678] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 1519.938617][T29678] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1519.972891][T29678] usb 4-1: Product: syz [ 1519.977093][T29678] usb 4-1: Manufacturer: syz [ 1520.006930][T29678] usb 4-1: SerialNumber: syz [ 1520.006986][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1520.036513][T29678] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 1520.049934][T29678] usb 4-1: No valid video chain found. [ 1520.175836][ T9314] loop1: detected capacity change from 0 to 8192 [ 1520.244226][ T9314] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1520.290940][ T9314] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 1520.328276][ T9314] REISERFS (device loop1): using ordered data mode [ 1520.393239][ T9314] reiserfs: using flush barriers [ 1520.400004][ T9314] REISERFS warning (device loop1): sh-458 journal_init_dev: cannot init journal device unknown-block(7,1): -16 [ 1520.464998][T29678] usb 4-1: USB disconnect, device number 5 [ 1520.485746][ T9314] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 1520.788383][ T9314] loop1: detected capacity change from 0 to 256 [ 1520.804645][ T9325] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1520.889166][ T9291] loop4: detected capacity change from 0 to 40427 [ 1520.899628][ T9327] loop2: detected capacity change from 0 to 1024 [ 1520.935635][ T9327] hfsplus: bad catalog entry type [ 1520.961631][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1521.008771][ T9291] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1521.048284][ T66] hfsplus: b-tree write err: -5, ino 4 [ 1521.315860][ T9291] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1521.640776][ T8341] syz-executor: attempt to access beyond end of device [ 1521.640776][ T8341] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1521.678303][ T9348] tun0: tun_chr_ioctl cmd 1074025675 [ 1521.694693][ T9348] tun0: persist disabled [ 1521.698270][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1521.708617][ T8341] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1521.933544][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1522.393740][T19826] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1522.412019][T19826] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1522.427192][T19826] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1522.449202][T19826] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1522.458455][T19826] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 1522.466028][T19826] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1522.708128][ T9362] lo speed is unknown, defaulting to 1000 [ 1522.937358][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1523.765700][ T9362] chnl_net:caif_netlink_parms(): no params data found [ 1523.948825][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1524.382156][ T9394] loop5: detected capacity change from 0 to 256 [ 1524.392765][T19826] Bluetooth: hci10: command tx timeout [ 1524.466270][ T9362] bridge0: port 1(bridge_slave_0) entered blocking state [ 1524.473465][ T9362] bridge0: port 1(bridge_slave_0) entered disabled state [ 1524.532579][T29662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1524.532923][ T9362] bridge_slave_0: entered allmulticast mode [ 1524.635267][ T9362] bridge_slave_0: entered promiscuous mode [ 1524.680042][ T9362] bridge0: port 2(bridge_slave_1) entered blocking state [ 1524.701129][ T9367] loop1: detected capacity change from 0 to 32768 [ 1524.736407][ T9362] bridge0: port 2(bridge_slave_1) entered disabled state [ 1524.743680][ T9362] bridge_slave_1: entered allmulticast mode [ 1524.809551][ T9367] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1524.842394][ T9362] bridge_slave_1: entered promiscuous mode [ 1524.855677][ T9399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1524.906687][ T5685] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.094910][ T9367] XFS (loop1): Ending clean mount [ 1525.138653][ T9367] XFS (loop1): Quotacheck needed: Please wait. [ 1525.239015][ T9362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1525.270006][ T9399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.305284][ T9367] XFS (loop1): Quotacheck: Done. [ 1525.317047][ T9362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1525.421607][ T5605] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1525.457599][ T9413] loop2: detected capacity change from 0 to 256 [ 1525.520914][ T9415] loop4: detected capacity change from 0 to 16 [ 1525.546521][ T9413] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 1525.556564][ T9415] erofs: (device loop4): mounted with root inode @ nid 36. [ 1525.634030][ T9399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.705964][ T9399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.740630][ T9399] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.780936][ T9404] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1525.782605][ T9362] team0: Port device team_slave_0 added [ 1525.847193][ T9362] team0: Port device team_slave_1 added [ 1525.876060][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1526.113770][ T9420] loop2: detected capacity change from 0 to 64 [ 1526.146759][ T9362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1526.171485][ T9362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1526.264795][ T9362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1526.320827][T19826] Bluetooth: hci10: command tx timeout [ 1526.465319][ T9362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1526.497564][ T9362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1526.614455][ T9362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1527.080515][ T9430] loop5: detected capacity change from 0 to 64 [ 1527.205682][ T9434] loop1: detected capacity change from 0 to 64 [ 1527.210095][ T9362] hsr_slave_0: entered promiscuous mode [ 1527.312319][ T9417] loop4: detected capacity change from 0 to 32768 [ 1527.355927][ T9362] hsr_slave_1: entered promiscuous mode [ 1527.368043][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.391256][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.418279][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.425809][ T9417] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1527.426523][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.476533][ T9362] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1527.521717][ T9362] Cannot create hsr debugfs directory [ 1527.539096][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.625061][ T9434] hfs: request for non-existent node 237 in B*Tree [ 1527.766242][ T9438] hfs: request for non-existent node 237 in B*Tree [ 1527.783069][ T9417] XFS (loop4): Ending clean mount [ 1527.808463][ T9438] hfs: request for non-existent node 237 in B*Tree [ 1527.821532][ T9417] XFS (loop4): Quotacheck needed: Please wait. [ 1527.915564][T29662] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 1528.021087][ T9417] XFS (loop4): Quotacheck: Done. [ 1528.035909][ T66] hfs: request for non-existent node 237 in B*Tree [ 1528.074275][ T66] hfs: request for non-existent node 237 in B*Tree [ 1528.160723][ T8341] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1528.260468][T19826] Bluetooth: hci10: command tx timeout [ 1528.268678][T29662] usb 4-1: config 0 has no interfaces? [ 1528.298674][T29662] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 1528.338600][T29662] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1528.413550][T29662] usb 4-1: config 0 descriptor?? [ 1528.675288][ T9362] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1528.735207][T29678] usb 4-1: USB disconnect, device number 6 [ 1528.811707][T27208] net_ratelimit: 5 callbacks suppressed [ 1528.811732][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1528.987636][ T9460] sp0: Synchronizing with TNC [ 1529.142938][ T9467] loop4: detected capacity change from 0 to 164 [ 1529.428152][ T9362] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1529.496500][ T9472] loop4: detected capacity change from 0 to 64 [ 1529.642788][ T9475] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.652034][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.666845][ T9475] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.675217][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.742416][ T9475] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.751067][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.760092][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.797449][ T9475] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.805840][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1529.913226][ T9362] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1530.208808][T19826] Bluetooth: hci10: command tx timeout [ 1530.232169][ T9485] loop2: detected capacity change from 0 to 764 [ 1530.314206][ T9485] rock: directory entry would overflow storage [ 1530.339621][ T9485] rock: sig=0x4654, size=5, remaining=4 [ 1530.347697][T19826] Bluetooth: hci7: command 0x0405 tx timeout [ 1530.408037][ T9362] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1530.431893][ T9485] rock: directory entry would overflow storage [ 1530.438102][ T9485] rock: sig=0x4f50, size=4, remaining=3 [ 1530.496539][ T9485] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1531.906368][ T9489] loop1: detected capacity change from 0 to 32768 [ 1531.939661][ T9489] XFS: attr2 mount option is deprecated. [ 1531.961013][ T9362] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1532.049852][ T9362] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1532.066474][ T9489] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1532.137812][ T9362] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1532.202935][ T9362] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1532.264533][ T9489] XFS (loop1): Ending clean mount [ 1532.323334][ T9489] XFS (loop1): Quotacheck needed: Please wait. [ 1532.528890][ T9489] XFS (loop1): Quotacheck: Done. [ 1532.649368][ T29] audit: type=1326 audit(2000000435.550:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.4.15728" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a8ed79ef9 code=0x0 [ 1532.802051][ T5605] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1532.853197][ T9362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1532.949549][ T9362] 8021q: adding VLAN 0 to HW filter on device team0 [ 1533.033011][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1533.040237][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1533.096867][T18582] bridge0: port 2(bridge_slave_1) entered blocking state [ 1533.104180][T18582] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1533.415612][ T9362] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1533.433047][ T9527] netlink: 32 bytes leftover after parsing attributes in process `syz.5.15735'. [ 1533.466106][T29662] IPVS: starting estimator thread 0... [ 1533.581451][ T9528] IPVS: using max 16 ests per chain, 38400 per kthread [ 1533.637557][ T5685] net_ratelimit: 2044 callbacks suppressed [ 1533.637581][ T5685] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1534.149700][T29662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1534.372718][ T9362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1534.602948][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1534.645783][ T9362] veth0_vlan: entered promiscuous mode [ 1534.724436][ T9362] veth1_vlan: entered promiscuous mode [ 1534.910406][ T9362] veth0_macvtap: entered promiscuous mode [ 1534.969027][ T9362] veth1_macvtap: entered promiscuous mode [ 1535.097139][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.133877][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.153921][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.201153][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.234020][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.273429][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.306708][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.342815][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.368710][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.389574][ T9565] program syz.1.15759 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1535.408067][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.437429][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.471880][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.503791][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.553273][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.585038][ T5685] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1535.587138][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.675492][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.701817][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1535.739022][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1535.776616][ T9571] CUSE: info not properly terminated [ 1535.813234][ T9362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1535.923878][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1535.979275][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.012220][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.062737][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.076364][ T9566] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 1536.107822][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.135537][ T5685] kernel write not supported for file /snd/seq (pid: 5685 comm: kworker/1:7) [ 1536.163707][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.188454][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.244077][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.275037][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.318373][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.350097][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.387625][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.414605][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.452374][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.480685][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.498286][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.526725][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.544777][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.545033][ T5685] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1536.561481][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1536.601574][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1536.649723][ T9362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1536.721212][ T9588] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15758'. [ 1536.762638][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1536.984272][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1537.013350][ T9362] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1537.042891][ T9362] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1537.085333][ T9362] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1537.132335][ T9362] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1537.361595][ T9606] loop4: detected capacity change from 0 to 1024 [ 1537.450817][ T9606] hfsplus: bad catalog entry type [ 1537.514948][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1537.608852][ T5558] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1537.639534][T18586] hfsplus: b-tree write err: -5, ino 4 [ 1537.672161][T18595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1537.705648][T18595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1537.823335][ T5558] usb 3-1: Using ep0 maxpacket: 8 [ 1537.834634][ T9615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15771'. [ 1537.850175][ T5558] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1537.887621][ T5558] usb 3-1: config 0 has no interface number 0 [ 1537.906635][ T5558] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1537.943646][ T5558] usb 3-1: config 0 interface 1 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1538.001337][ T5558] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1538.028963][ T5558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1538.050244][ T9615] netlink: 136 bytes leftover after parsing attributes in process `syz.3.15771'. [ 1538.107504][ T5558] usb 3-1: config 0 descriptor?? [ 1538.144647][ T5558] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 1538.146115][T18592] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1538.194643][T18592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1538.401294][ T5811] usb 3-1: USB disconnect, device number 31 [ 1538.461672][ T9626] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 1538.481306][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1538.498240][ T9626] pim6reg0: linktype set to 776 [ 1539.032064][ T9644] loop4: detected capacity change from 0 to 512 [ 1539.069985][ T9644] EXT4-fs: Ignoring removed i_version option [ 1539.109532][ T9644] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 1539.135951][ T9644] System zones: 1-12 [ 1539.170914][ T9644] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.15783: bg 0: block 131: padding at end of block bitmap is not set [ 1539.264195][ T9644] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 1539.325424][ T9644] EXT4-fs (loop4): 1 truncate cleaned up [ 1539.352078][ T9644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1539.388350][ T9651] loop1: detected capacity change from 0 to 4096 [ 1539.415554][ T9651] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 1539.445028][ T5558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1539.590312][ T8341] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1539.826245][ T5505] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1540.209977][ T9636] loop5: detected capacity change from 0 to 32768 [ 1540.221404][ T9636] XFS: ikeep mount option is deprecated. [ 1540.238297][ T9636] XFS: noikeep mount option is deprecated. [ 1540.328060][ T9636] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1540.423668][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1540.509542][ T9636] XFS (loop5): Ending clean mount [ 1540.540460][ T9681] loop2: detected capacity change from 0 to 512 [ 1540.556330][ T9636] XFS (loop5): Quotacheck needed: Please wait. [ 1540.588031][ T9681] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1540.673938][ T9636] XFS (loop5): Quotacheck: Done. [ 1540.718074][ T9681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1540.791275][ T9681] ext4 filesystem being mounted at /2662/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1540.931347][ T9658] loop4: detected capacity change from 0 to 32768 [ 1540.971667][ T5582] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 1541.021189][ T9658] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1541.068832][ T5502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1541.164380][ T9658] XFS (loop4): Ending clean mount [ 1541.197827][ T9658] XFS (loop4): Quotacheck needed: Please wait. [ 1541.335078][ T9658] XFS (loop4): Quotacheck: Done. [ 1541.382704][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1541.453171][ T8341] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1541.709190][ T9711] @: renamed from vlan0 (while UP) [ 1542.352287][T27208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1542.665873][T29662] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1542.896769][ T9727] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15810'. [ 1543.323721][ T5558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1543.352802][ T9738] loop4: detected capacity change from 0 to 512 [ 1543.361672][ T9738] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1543.424368][ T9738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1543.480302][ T9738] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1543.877270][ T8341] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1544.290601][ T5558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1544.479824][ T9764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15826'. [ 1544.855546][ T9735] loop2: detected capacity change from 0 to 40427 [ 1544.909431][ T9735] F2FS-fs (loop2): invalid crc value [ 1544.980627][ T9735] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1545.257234][ T9735] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1545.269475][ T5558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1545.436750][T29662] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 1545.557080][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1545.642497][T29662] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1545.672188][T29662] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1545.709747][ T30] INFO: task syz.3.14467:6432 blocked for more than 143 seconds. [ 1545.712781][T29678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1545.743188][ T30] Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 1545.743285][T29662] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1545.773814][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1545.815518][T29662] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1545.824987][ T30] task:syz.3.14467 state:D stack:24992 pid:6432 tgid:6431 ppid:5579 flags:0x00000004 [ 1545.856539][ T30] Call Trace: [ 1545.863200][T29662] usb 5-1: SerialNumber: syz [ 1545.879531][ T30] [ 1545.882499][ T30] __schedule+0x1800/0x4a60 [ 1545.903117][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1545.921248][ T30] ? __pfx___schedule+0x10/0x10 [ 1545.931005][ T30] ? __pfx_lock_release+0x10/0x10 [ 1545.936079][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1545.983481][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1546.012933][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 1546.032724][ T30] ? schedule+0x90/0x320 [ 1546.054667][ T30] schedule+0x14b/0x320 [ 1546.058878][ T30] ? down_read+0x6a5/0xa40 [ 1546.079295][T29662] usb 5-1: 0:2 : does not exist [ 1546.098787][ T30] schedule_preempt_disabled+0x13/0x30 [ 1546.106585][ T30] down_read+0x705/0xa40 [ 1546.112475][T29662] usb 5-1: USB disconnect, device number 29 [ 1546.126478][ T30] ? __pfx_down_read+0x10/0x10 [ 1546.147311][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1546.153295][ T30] super_lock+0x27c/0x400 [ 1546.182794][ T30] ? user_get_super+0xc6/0x180 [ 1546.187622][ T30] ? __pfx_super_lock+0x10/0x10 [ 1546.229826][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1546.235689][ T5811] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1546.247300][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1546.256761][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1546.275872][ T30] user_get_super+0xd2/0x180 [ 1546.282918][ T30] __se_sys_quotactl+0x527/0xa30 [ 1546.296474][ T30] ? __pfx___se_sys_quotactl+0x10/0x10 [ 1546.312237][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1546.354742][ T30] ? do_syscall_64+0x100/0x230 [ 1546.372163][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1546.390414][ T30] do_syscall_64+0xf3/0x230 [ 1546.403056][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1546.419334][ T30] RIP: 0033:0x7f76c7379ef9 [ 1546.433629][ T30] RSP: 002b:00007f76c8182038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 1546.458148][ T30] RAX: ffffffffffffffda RBX: 00007f76c7515f80 RCX: 00007f76c7379ef9 [ 1546.480111][ T30] RDX: 0000000000000000 RSI: 0000000020000800 RDI: ffffffff80000801 [ 1546.510360][ T30] RBP: 00007f76c73e793e R08: 0000000000000000 R09: 0000000000000000 [ 1546.535842][ T30] R10: 0000000020000840 R11: 0000000000000246 R12: 0000000000000000 [ 1546.564712][ T30] R13: 0000000000000000 R14: 00007f76c7515f80 R15: 00007fffa004cb48 [ 1546.579457][ T30] [ 1546.587178][ T30] [ 1546.587178][ T30] Showing all locks held in the system: [ 1546.615211][ T30] 1 lock held by khungtaskd/30: [ 1546.632950][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1546.678733][ T30] 4 locks held by kworker/u8:5/66: [ 1546.694813][ T30] 2 locks held by kworker/u8:7/2898: [ 1546.720447][ T30] #0: ffff8880b923e9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1546.752487][ T30] #1: ffff8880b9228948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770 [ 1546.790059][ T30] 2 locks held by getty/4975: [ 1546.801591][ T30] #0: ffff88802af1d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1546.837533][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 1546.862448][ T30] 1 lock held by syz.3.8117/23531: [ 1546.875365][ T30] 1 lock held by syz.3.14467/6432: [ 1546.886117][ T30] #0: ffff88801b6da0e0 (&type->s_umount_key#105){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 1546.931215][ T30] 1 lock held by syz.3.15314/8444: [ 1546.948805][ T30] #0: ffff88801b6da0e0 (&type->s_umount_key#105){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 1546.981877][ T30] 1 lock held by syz.0.15594/9148: [ 1546.998652][ T30] 1 lock held by syz.3.15824/9760: [ 1547.011924][ T30] [ 1547.014289][ T30] ============================================= [ 1547.014289][ T30] [ 1547.031933][ T30] NMI backtrace for cpu 0 [ 1547.036312][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 1547.047003][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1547.057070][ T30] Call Trace: [ 1547.060536][ T30] [ 1547.063479][ T30] dump_stack_lvl+0x241/0x360 [ 1547.068188][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1547.073420][ T30] ? __pfx__printk+0x10/0x10 [ 1547.078043][ T30] ? vprintk_emit+0x667/0x7c0 [ 1547.082743][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 1547.087798][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 1547.092947][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1547.098521][ T30] ? _printk+0xd5/0x120 [ 1547.102710][ T30] ? __pfx__printk+0x10/0x10 [ 1547.107334][ T30] ? __wake_up_klogd+0xcc/0x110 [ 1547.112215][ T30] ? __pfx__printk+0x10/0x10 [ 1547.116925][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.122587][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 1547.127638][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1547.133649][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 1547.139664][ T30] watchdog+0xff4/0x1040 [ 1547.143939][ T30] ? watchdog+0x1ea/0x1040 [ 1547.148410][ T30] ? __pfx_watchdog+0x10/0x10 [ 1547.153128][ T30] kthread+0x2f2/0x390 [ 1547.157236][ T30] ? __pfx_watchdog+0x10/0x10 [ 1547.161955][ T30] ? __pfx_kthread+0x10/0x10 [ 1547.166590][ T30] ret_from_fork+0x4d/0x80 [ 1547.171052][ T30] ? __pfx_kthread+0x10/0x10 [ 1547.175689][ T30] ret_from_fork_asm+0x1a/0x30 [ 1547.180510][ T30] [ 1547.185414][ T30] Sending NMI from CPU 0 to CPUs 1: [ 1547.191929][ C1] NMI backtrace for cpu 1 [ 1547.191943][ C1] CPU: 1 UID: 0 PID: 66 Comm: kworker/u8:5 Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 1547.191969][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1547.191985][ C1] Workqueue: bat_events batadv_nc_worker [ 1547.192021][ C1] RIP: 0010:__lock_acquire+0x1394/0x2040 [ 1547.192058][ C1] Code: 48 8b 74 24 40 44 89 e2 48 89 e9 e8 c6 98 00 00 45 31 f6 85 c0 0f 84 81 00 00 00 48 ba 00 00 00 00 00 fc ff df 48 8b 44 24 20 <0f> b6 04 10 84 c0 0f 85 00 08 00 00 48 8b 44 24 10 f6 40 02 10 75 [ 1547.192077][ C1] RSP: 0018:ffffc900020bf8f0 EFLAGS: 00000002 [ 1547.192096][ C1] RAX: 1ffff110030ec52a RBX: ffffffff9341c148 RCX: 61c95bf2f3fcf900 [ 1547.192114][ C1] RDX: dffffc0000000000 RSI: ffff888018762930 RDI: ffff888018761e00 [ 1547.192132][ C1] RBP: 3917648390fccdd7 R08: ffffffff93734847 R09: 1ffffffff26e6908 [ 1547.192149][ C1] R10: dffffc0000000000 R11: fffffbfff26e6909 R12: 0000000000000000 [ 1547.192167][ C1] R13: ffff8880187628d8 R14: 0000000000000000 R15: ffff888018762950 [ 1547.192186][ C1] FS: 0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 1547.192206][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1547.192222][ C1] CR2: 0000000020c06030 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 1547.192241][ C1] Call Trace: [ 1547.192250][ C1] [ 1547.192259][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1547.192288][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1547.192323][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1547.192364][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1547.192394][ C1] ? nmi_handle+0x151/0x5a0 [ 1547.192417][ C1] ? nmi_handle+0x2a/0x5a0 [ 1547.192441][ C1] ? __lock_acquire+0x1394/0x2040 [ 1547.192473][ C1] ? default_do_nmi+0x63/0x160 [ 1547.192503][ C1] ? exc_nmi+0x123/0x1f0 [ 1547.192531][ C1] ? end_repeat_nmi+0xf/0x53 [ 1547.192568][ C1] ? __lock_acquire+0x1394/0x2040 [ 1547.192601][ C1] ? __lock_acquire+0x1394/0x2040 [ 1547.192640][ C1] ? __lock_acquire+0x1394/0x2040 [ 1547.192673][ C1] [ 1547.192681][ C1] [ 1547.192702][ C1] lock_acquire+0x1ed/0x550 [ 1547.192734][ C1] ? batadv_nc_worker+0xcb/0x610 [ 1547.192772][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1547.192804][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.192836][ C1] ? batadv_nc_worker+0xcb/0x610 [ 1547.192869][ C1] ? __pfx_lock_release+0x10/0x10 [ 1547.192904][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1547.192943][ C1] batadv_nc_worker+0xec/0x610 [ 1547.192974][ C1] ? batadv_nc_worker+0xcb/0x610 [ 1547.193005][ C1] ? batadv_nc_worker+0xcb/0x610 [ 1547.193040][ C1] ? process_scheduled_works+0x945/0x1830 [ 1547.193071][ C1] process_scheduled_works+0xa2e/0x1830 [ 1547.193126][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1547.193168][ C1] ? assign_work+0x364/0x3d0 [ 1547.193208][ C1] worker_thread+0x86d/0xd10 [ 1547.193254][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1547.193293][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1547.193343][ C1] kthread+0x2f2/0x390 [ 1547.193382][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1547.193415][ C1] ? __pfx_kthread+0x10/0x10 [ 1547.193455][ C1] ret_from_fork+0x4d/0x80 [ 1547.193491][ C1] ? __pfx_kthread+0x10/0x10 [ 1547.193530][ C1] ret_from_fork_asm+0x1a/0x30 [ 1547.193578][ C1] [ 1547.208324][ T5558] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1547.335367][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1547.335390][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 1547.335427][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1547.335445][ T30] Call Trace: [ 1547.335457][ T30] [ 1547.335470][ T30] dump_stack_lvl+0x241/0x360 [ 1547.335507][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1547.335535][ T30] ? __pfx__printk+0x10/0x10 [ 1547.335573][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1547.335621][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.335658][ T30] ? vscnprintf+0x5d/0x90 [ 1547.335693][ T30] panic+0x349/0x860 [ 1547.335732][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.335769][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1547.335805][ T30] ? __pfx_panic+0x10/0x10 [ 1547.335842][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 1547.335874][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.335909][ T30] ? __irq_work_queue_local+0x137/0x410 [ 1547.335948][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.335982][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1547.336013][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1547.336049][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 1547.336086][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1547.336121][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 1547.336159][ T30] watchdog+0x1033/0x1040 [ 1547.336201][ T30] ? watchdog+0x1ea/0x1040 [ 1547.336247][ T30] ? __pfx_watchdog+0x10/0x10 [ 1547.336286][ T30] kthread+0x2f2/0x390 [ 1547.336328][ T30] ? __pfx_watchdog+0x10/0x10 [ 1547.336365][ T30] ? __pfx_kthread+0x10/0x10 [ 1547.336414][ T30] ret_from_fork+0x4d/0x80 [ 1547.336456][ T30] ? __pfx_kthread+0x10/0x10 [ 1547.336498][ T30] ret_from_fork_asm+0x1a/0x30 [ 1547.336554][ T30] [ 1547.340753][ T30] Kernel Offset: disabled