last executing test programs: 20.240236597s ago: executing program 0 (id=472): syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x1, 0x1f3, &(0x7f0000000500)="$eJzsmb/L00AYx7+XtHl/IIqLg4uDL6jgmyapyrt0qOAoiFXUwaHYWKppK22EtiC0uLj4BwiuLo4ODk4O/gWuOqggONjRTTi5yyW9pmlppWjhfT7Qu28ud8/z3FPyHCQgCOLQ8u3rry/PLx/cOA/gCPawpcZ/mFHPj03P//zi8Q5KV16++fTqQ+vok3dpe0ys4cv7twC8L5sIwXLK49TqHU3vqf4mDJxT+hYY7Ej+5pzzvJRD+GC4o+Y80HQ7Nhj49r12ULvfCHxHNK5oPNEUdf8iqPGIoQZgW0bHOdPud/uDh9Ug8Dtpkeexn5lbq4pF+ZPxlQ2UEGePcwPA7WdPR+Ja5QYOjCR/Lgy4ShfBUFH6AFuwbXuSEm3/J3MT++Yy+/+/4rUUx/f/lVORYMEm7F0Iho0IY90ivxY7LD0iHuhk5MQ4roH6nO8r+rrLsDF/gSxcyIjn424QXP1LyyJjVkaiEjGpT4IzWn3KJaNAIWw+KnT7g/1Gs1r3637L84qXnAuOc9EryEIUtQvq37asT7vJSHwGzGIxCz3xoLo9IOy48roahh0varWKW3nb/inXGNfr0eLTUcfUmZUclCmY+hmyF+qsmT1zOHdPBEEQBEEQBEEQBEEQBEEQ2ZwCk29Z1YcqPgfvmnxD+ScAAP//+tFdLw==") openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0) fadvise64(r0, 0x8fff, 0x4101, 0x3) 19.714041443s ago: executing program 0 (id=475): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x11, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f00000003c0)="c274386d178550cb864bd57221bc", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 19.435490782s ago: executing program 0 (id=477): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000004600)='map_files\x00') fchdir(r1) sendmmsg$unix(r0, &(0x7f0000002d80)=[{{0x0, 0x47, 0x0, 0x0, 0x0, 0x0, 0x40884}}, {{&(0x7f0000000080)=@abs={0x1, 0x30, 0x30}, 0x6e, 0x0}}], 0x2, 0x40000004) 19.329134365s ago: executing program 0 (id=478): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x8, &(0x7f0000000600), 0x5, 0x50c, &(0x7f0000001640)="$eJzs3U9sG1kZAPDPdpJN2izdXRDaXSS20iKVP2qcP0KbABLiBBwqISpxAamExA0lTh3FTmmiSqRw64EDAoGEOHDnwpULPVFVQpxBXDmhVlCCVFCRBnnsSZ3ETlya2Gzm95Ncz/i5/t5z8r08v3njCSC3Ljb/KURMRsQfIuJCa3f/Ey627naf3Flq3gqRJFf/Vkif19zPnpr9v/MRsRMR4xHx1S9GfKtwOG59a3t1sVqtbLT3y4219XJ9a/vyjbXFlcpK5ebM/HsLC/PTc7MLJ9bWez/8zr0rv/ny2K+e/uDRgx/97rfNak22yzrbcZJaTR+N1zseG4mIz51GsCEotdszMeyK8D9p/vw+GBHvpvl/IUrpT7M/z061ZsBpS5Ik+U/ySq/inQQ4s4rpGLhQnIqI1naxODXVGsN/KM4Vq7V641PXa5s3l1tj5dditHj9RrUy3f6s8FqMFpr7M+n28/3ZA/tzEekY+MeliXR/aqlWXR5sVwcccP5A/v+z1Mp/ICf6/8gPnDXyH/JL/kN+yX/IL/kP+SX/Ib/kP+SX/If8kv+QX535n53I9eqQ6gIM1lF//8cGWA9goL5y5UrzlmTnvy/f2tpcrd26vFypr06tbS5NLdU21qdWarWV9JydteNer1qrrc98OjZvlxuVeqNc39q+tlbbvNm4lp7Xf60yOpBWAf14/Z37fypExM5nJtJbdPzJl6twtiVJIYZ9DjIwHKVhd0DA0Dj0B/n1Ap/xe35JGPD+1uUreveMn+9Z9PlYP/aVdn/9EvUCTk/xqMJnDwdXEWDgLr3l+B/klfl/yC/z/5Bfx4zxDQ8gB46a/4/2tfy6OjT/38PTF6sPcPqOnP8HzrTJLtf/SpLke692XLtrOiI+EBF/LI2+kl3rCzgLin8ttMf/ly58bPJg6VjhX+kcwFhEfPfnV396e7HR2JhpPv73vccbP2s/PjuM+gO97Z/hy/I0y2MAIL92n9xZym6DjPv4C61FCIfjj7TnJsfTEcy53cK+tQqFE1q7sHM3It7sFr/Qvt5568jHud3SofhvtO8LrZdI6zuSXjd9MPHf6oj/0Y74b7/0uwL5cL/Z/0x3y79imtOxl3/7+5/JE1ofnfV/2ZrrzvhZ/1fq0f+902eMb//i+90O76aLvR/fjXi7a/+bxRtPYx2M36zbpT7jP/rG1z7cqyz5Zet1usXPNLfKjbX1cn1r+/KNrBbz7y0szE/PzS6U0znqcjZTfdhn3/z9g17xm+1v69H+Px9q/0S7Tp/os/3//sjDr188Iv7H3+3++/dGen/g/U+SvTp8ss/4/5j9yzd7lTXjL/d4/4vd4kdWGjHXZ/z6T77k3GEA+D9S39peXaxWKxtdNkZ7F9mwYWPQGyMxwKDH9Rw7g+mggFPzPOmHXRMAAAAAAAAAAACgX71W/94/weXEw24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZ8N8AAAD//6rz1eo=") syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x30040a9, 0x0, 0x1, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}, {@lowerdir={'lowerdir', 0x3d, '.'}}]}) 18.791745022s ago: executing program 0 (id=480): syz_usbip_server_init(0x1) syz_usbip_server_init(0x1) syz_usbip_server_init(0x2) syz_usbip_server_init(0x2) 17.57932657s ago: executing program 0 (id=485): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000380)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10004000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2, r0}, 0xc) 17.118109444s ago: executing program 32 (id=485): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000380)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10004000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r2, r0}, 0xc) 4.46578128s ago: executing program 3 (id=545): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000340)=0x16) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0x208, 0x1, 0x85, 0x7a7, 0x4f, "0d418107009188b791e15b1b6f6ff88c6b00", 0x86, 0x100022}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000002440)=0xd) 4.087540772s ago: executing program 3 (id=546): sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, 0x0, 0x0) 3.957185626s ago: executing program 3 (id=547): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000580)=ANY=[@ANYBLOB='iocharset=cp850,fmask=00000000000000000000236,errors=remount-ro,umask=00000000000000000000004,fmask=00000000000000000000005,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000001,fmask=00000000000000000000007,uid=', @ANYRESHEX=0x0, @ANYBLOB="5f747970653d5de52c7375626a5f747970653d3970182c6673636f6e7465745b73797374656d5f752c000000000000007400000000cb6febe662768742da83ec1dab52f4af"], 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x101, 0x48000028, r0, 0x0) 3.51745137s ago: executing program 3 (id=549): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xfc, "2af01c3d0040fbffffffffffffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)) 3.179700811s ago: executing program 3 (id=554): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sysfs$1(0x1, 0x0) 3.018248805s ago: executing program 4 (id=557): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000009cc0), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000009e80)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f000000ba40)={0x0, 0x0, &(0x7f000000ba00)={&(0x7f0000009ec0)={0x44, r1, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x985}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3a}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x6d}]}, 0x44}, 0x1, 0x0, 0x0, 0x41}, 0x40000) 2.735527004s ago: executing program 4 (id=559): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x20000043}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a58000000180a3f6d6f578dbe9c8b000002000000040003800900020073797a30000000000900010073797a30"], 0x6c}}, 0x880) 2.670107036s ago: executing program 2 (id=560): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) rmdir(&(0x7f0000000040)='./control\x00') 2.383460585s ago: executing program 4 (id=562): r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) syz_emit_ethernet(0x7e, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x3, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0) 2.195337901s ago: executing program 2 (id=564): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0) dup3(r0, r1, 0x0) 2.029621236s ago: executing program 4 (id=566): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) syslog(0x4, 0x0, 0x0) 1.687460467s ago: executing program 2 (id=568): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a00340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d89cb9412c30c45f9d4d63d267d2a43f03a47fa56b300"/318], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=") bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000ebff0000240000002400000008000002000000000000000202000000070000000000000803000000000000000000000d000000000000305f302e2e"], 0x0, 0x44}, 0x28) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) 1.687266227s ago: executing program 1 (id=569): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000480)={0x4, 0xffffffffffffffff}) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x4018aee3, 0x0) 1.627915669s ago: executing program 3 (id=570): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=") symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000200)='./file0\x00') chmod(&(0x7f00000001c0)='./file0\x00', 0x87) unlink(&(0x7f0000000040)='./file0\x00') 1.366416207s ago: executing program 2 (id=571): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) fchownat(r0, &(0x7f0000000140)='./file0/../file0/../file0\x00', 0x0, 0x0, 0x0) 1.27145191s ago: executing program 1 (id=572): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018030000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000a02"], 0x0, 0x96}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r1, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0x51, 0x0}}, 0x10) 1.076380346s ago: executing program 2 (id=573): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000600)={[{@utf8}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x3}}, {@uni_xlateno}, {@uni_xlate}, {@utf8no}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@utf8}, {@fat=@discard}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@numtail}, {@fat=@uid}, {@iocharset={'iocharset', 0x3d, 'cp949'}}]}, 0x1, 0x386, &(0x7f0000000040)="$eJzs3U2IG+UbAPAnnWQ//n/a3YNQFITRm6ClH3jQ05ayheJeVIaqBzHYrcpmFTYY3B6arhfxKHhUELyIBwU99CxCRbx58GoFqYoH7a3Q4itJJsm0SbdbtF/4+x3Cs8/7PnnfmcxuZmc27760FGsnGnHy4sULMTdXi/rSkaW4VIvFyGLoTEyamZIDAO4Nl1KKP9PADktqt3hKAMAt1n//f2V3JfP2ue36J+/+AHDPK3//n9+uz9xE5vLNXTEAAO4qE9f/Hx41nfv/4DZ/5VZ/vfJXAQDAverZ51946vBKxDN5Phex/k6n6BTx5Lj98Ml4LVqxGvtjIa5EDE4Ueg+1/uPRYyvLWZ7n3fhlMYqI+KhTRKx3O8XgTOFw1q+fjQOxEItlfXm2kVLKjn65snwg74uIM93++LFe6xSNqJfj//i/WI2Dkcd9E/URx1aWD+blExTrw/puxFZ53WJ0b2Mhvn853ohWnJg/HikNT2tWlk8fyPMjaeWq+k4xGydGe2HyCggAAAAAAAAAAAAAAAAAAAAAAPwT+8q1c/Lhwn5Fp4g0Xr9n36hDvnj1+jiD7uX6QFuD9YHSbIqU/njrseLdLEbrA+2fsj5Pp6jHrju32QAAAAAAAAAAAAAAAAAAAHBXaW/ORLPVWt1ob55aqwbdjfbmrojoZV7/9rOv52Oyzw2CejlGpSkvU6fWmikbdk5Zv0/EYlTKs4ho9Gd4aq356dnRjKtDzI62Yuo0Zq/f1GrtfujnD8aZB7PhM/817pPF9A3MrplGNVjfM5jSKNMYb3Iv05hWdagMDt5gr55PKV1vh59+cbIqahH1m3/htg9SL/jmwqv3H2rvfbyf+SoNPPLowvHz73/821qz1Ru5p/XJzEb7Slprll9PP9iuH2SV46dW7sNa9Uiob1e+dXWmmf3w+3MPvPfdzkZP1cybU/pkg835fKO9WSu/U/pNM4Ogl7umar51LBsdCcOmRvybr04vmBiiF+z9cKl59vRPv+70eSo/JCzUAQAAAAAAAAAAAAAAAAAAt0Xls+Kl8sO+je2qnni6DOZu7ewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PZofzH8//+b42BrIrOT4HI3JptmVzfaEXvu9GYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAf93cAAAD//weUadc=") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1.076151036s ago: executing program 1 (id=574): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e1f, @remote}, 0x10) setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8) sendmmsg$sock(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@txtime={{0x18, 0x1, 0x3d, 0x800000000}}], 0x18}}], 0x1, 0x0) 856.856653ms ago: executing program 1 (id=575): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 495.493294ms ago: executing program 1 (id=576): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'hsr0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_SLAVE2={0x8, 0x2, r2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) 354.829118ms ago: executing program 2 (id=577): io_setup(0x6, &(0x7f00000003c0)=0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x2, r1, 0x0}]) ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000040)=@e={0xff, 0x0, 0x0, 0x9, @SEQ_NOTEON=@note=0x16}) 337.931889ms ago: executing program 4 (id=578): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fddbdf250f00000008000300", @ANYRES32=r2, @ANYBLOB="080034000b00000005003300b3"], 0x2c}, 0x1, 0x0, 0x0, 0x24005050}, 0x0) 67.311858ms ago: executing program 1 (id=579): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c3341, 0x12b) pwritev2(r0, &(0x7f00000005c0)=[{&(0x7f00000000c0)="ec", 0x1}], 0x1, 0x7, 0x0, 0x1e) 0s ago: executing program 4 (id=580): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYRES32=0x0], 0x2, 0x5505, &(0x7f000000cf00)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, 0x0) kernel console output (not intermixed with test programs): 82.659419][ T5765] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.437745][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.449005][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.459544][ T5785] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.468572][ T5785] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.477013][ T5785] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.485515][ T5785] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.493898][ T5785] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.516630][ T5785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.526881][ T5785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.536298][ T5782] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.536962][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.560092][ T5782] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.568060][ T5782] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.578516][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.585948][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.598699][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.615813][ T5789] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.624515][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.632639][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.658621][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.678476][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.687387][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.695555][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.715730][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.038951][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 85.227429][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.236065][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.243917][ T5780] bridge_slave_0: entered allmulticast mode [ 85.251180][ T5780] bridge_slave_0: entered promiscuous mode [ 85.265636][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.272918][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.280401][ T5780] bridge_slave_1: entered allmulticast mode [ 85.287886][ T5780] bridge_slave_1: entered promiscuous mode [ 85.341866][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 85.363149][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.400249][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.421935][ T5776] chnl_net:caif_netlink_parms(): no params data found [ 85.472323][ T5780] team0: Port device team_slave_0 added [ 85.482158][ T5780] team0: Port device team_slave_1 added [ 85.576623][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.583850][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.610252][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.660443][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.667479][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.695999][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.723915][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.732969][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.740329][ T5786] bridge_slave_0: entered allmulticast mode [ 85.747567][ T5786] bridge_slave_0: entered promiscuous mode [ 85.761674][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.768933][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.776164][ T5786] bridge_slave_1: entered allmulticast mode [ 85.783819][ T5786] bridge_slave_1: entered promiscuous mode [ 85.791004][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 85.814553][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.821978][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.829353][ T5776] bridge_slave_0: entered allmulticast mode [ 85.836880][ T5776] bridge_slave_0: entered promiscuous mode [ 85.845353][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.852702][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.860104][ T5776] bridge_slave_1: entered allmulticast mode [ 85.867312][ T5776] bridge_slave_1: entered promiscuous mode [ 85.963685][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.998787][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.019254][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.034484][ T5780] hsr_slave_0: entered promiscuous mode [ 86.041849][ T5780] hsr_slave_1: entered promiscuous mode [ 86.057967][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.139557][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.146821][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.154270][ T5784] bridge_slave_0: entered allmulticast mode [ 86.161543][ T5784] bridge_slave_0: entered promiscuous mode [ 86.173772][ T5786] team0: Port device team_slave_0 added [ 86.184166][ T5776] team0: Port device team_slave_0 added [ 86.193752][ T5776] team0: Port device team_slave_1 added [ 86.228633][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.235823][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.244155][ T5784] bridge_slave_1: entered allmulticast mode [ 86.251909][ T5784] bridge_slave_1: entered promiscuous mode [ 86.273263][ T5786] team0: Port device team_slave_1 added [ 86.353008][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.366632][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.376817][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.387594][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.414180][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.426467][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.434699][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.460972][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.494988][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.502177][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.530463][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.542613][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.550014][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.576079][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.609260][ T5782] Bluetooth: hci1: command tx timeout [ 86.629935][ T5784] team0: Port device team_slave_0 added [ 86.639449][ T5784] team0: Port device team_slave_1 added [ 86.688636][ T5782] Bluetooth: hci3: command tx timeout [ 86.694346][ T5782] Bluetooth: hci0: command tx timeout [ 86.726356][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.733769][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.760043][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.770757][ T5782] Bluetooth: hci2: command tx timeout [ 86.812608][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.820181][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.846459][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.871312][ T5786] hsr_slave_0: entered promiscuous mode [ 86.878057][ T5786] hsr_slave_1: entered promiscuous mode [ 86.885040][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.893175][ T5786] Cannot create hsr debugfs directory [ 86.919048][ T5776] hsr_slave_0: entered promiscuous mode [ 86.925632][ T5776] hsr_slave_1: entered promiscuous mode [ 86.933199][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.941321][ T5776] Cannot create hsr debugfs directory [ 87.130211][ T5784] hsr_slave_0: entered promiscuous mode [ 87.136992][ T5784] hsr_slave_1: entered promiscuous mode [ 87.146148][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.153953][ T5784] Cannot create hsr debugfs directory [ 87.448229][ T5780] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.482803][ T5780] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.523251][ T5780] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.575726][ T5780] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.696397][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.708450][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.731487][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.751645][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.818240][ T5776] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.842088][ T5776] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.856505][ T5776] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.867835][ T5776] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.986117][ T5784] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.997968][ T5784] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.013152][ T5784] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.024562][ T5784] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.156569][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.177343][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.210908][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.231236][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.261471][ T3454] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.269033][ T3454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.283189][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.304334][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.320757][ T2977] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.327938][ T2977] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.343951][ T2977] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.351188][ T2977] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.369515][ T3525] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.376716][ T3525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.429664][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.436848][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.447408][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.454581][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.516122][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.603015][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.652017][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.659277][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.689371][ T5782] Bluetooth: hci1: command tx timeout [ 88.715640][ T3454] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.722912][ T3454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.769916][ T51] Bluetooth: hci3: command tx timeout [ 88.775471][ T5782] Bluetooth: hci0: command tx timeout [ 88.849266][ T5782] Bluetooth: hci2: command tx timeout [ 89.107384][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.242331][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.270886][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.291179][ T5786] veth0_vlan: entered promiscuous mode [ 89.316456][ T5786] veth1_vlan: entered promiscuous mode [ 89.402392][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.439483][ T5786] veth0_macvtap: entered promiscuous mode [ 89.450335][ T5776] veth0_vlan: entered promiscuous mode [ 89.467703][ T5786] veth1_macvtap: entered promiscuous mode [ 89.511717][ T5776] veth1_vlan: entered promiscuous mode [ 89.523759][ T5780] veth0_vlan: entered promiscuous mode [ 89.556461][ T5780] veth1_vlan: entered promiscuous mode [ 89.575526][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.616466][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.654339][ T5786] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.663805][ T5786] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.675907][ T5786] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.685125][ T5786] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.732772][ T5780] veth0_macvtap: entered promiscuous mode [ 89.745642][ T5784] veth0_vlan: entered promiscuous mode [ 89.759520][ T5776] veth0_macvtap: entered promiscuous mode [ 89.785955][ T5780] veth1_macvtap: entered promiscuous mode [ 89.805274][ T5776] veth1_macvtap: entered promiscuous mode [ 89.837015][ T5784] veth1_vlan: entered promiscuous mode [ 89.873818][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.884875][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.898168][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.946306][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.958623][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.969247][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.980139][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.992274][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.011765][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.018026][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.027386][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.043768][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.051222][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.068009][ T5780] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.077369][ T5780] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.086251][ T5780] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.096056][ T5780] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.119411][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.133294][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.144417][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.155204][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.167186][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.203756][ T5776] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.214281][ T5776] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.224482][ T5776] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.234056][ T5776] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.264050][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.265179][ T5784] veth0_macvtap: entered promiscuous mode [ 90.282056][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.312449][ T5784] veth1_macvtap: entered promiscuous mode [ 90.361367][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.376523][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.396185][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.409003][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.419119][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.429954][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.442345][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.505705][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.517585][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.529353][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.543002][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.554527][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.565380][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.594996][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.606943][ T5784] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.617562][ T5784] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.627637][ T5784] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.637212][ T5784] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.729918][ T3454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.745409][ T3454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.768987][ T5782] Bluetooth: hci1: command tx timeout [ 90.823668][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.855129][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.864416][ T51] Bluetooth: hci3: command tx timeout [ 90.870194][ T5782] Bluetooth: hci0: command tx timeout [ 90.897473][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.908095][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.915524][ T5840] syz.3.5[5840]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 90.939241][ T5782] Bluetooth: hci2: command tx timeout [ 90.975191][ T5840] loop3: detected capacity change from 0 to 128 [ 91.068930][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.076826][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.160657][ T3525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.197294][ T3525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.342711][ T2109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.385532][ T2109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.962989][ T5862] loop2: detected capacity change from 0 to 256 [ 91.983692][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 92.000409][ T5861] team0: Port device batadv1 added [ 92.141157][ T8] cfg80211: failed to load regulatory.db [ 92.327812][ T5870] loop3: detected capacity change from 0 to 256 [ 92.385559][ T5870] exfat: Deprecated parameter 'utf8' [ 92.461068][ T5870] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 92.850818][ T5782] Bluetooth: hci1: command tx timeout [ 92.877381][ T5885] loop3: detected capacity change from 0 to 1024 [ 92.938472][ T5782] Bluetooth: hci0: command tx timeout [ 92.943996][ T51] Bluetooth: hci3: command tx timeout [ 92.970579][ T5817] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 93.018914][ T5782] Bluetooth: hci2: command tx timeout [ 93.188477][ T5817] usb 3-1: Using ep0 maxpacket: 8 [ 93.209752][ T5817] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 93.225426][ T5817] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.234115][ T5817] usb 3-1: Product: syz [ 93.239924][ T5817] usb 3-1: Manufacturer: syz [ 93.244718][ T5817] usb 3-1: SerialNumber: syz [ 93.262122][ T5817] usb 3-1: config 0 descriptor?? [ 93.281814][ T5817] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 93.405512][ T5891] ªªªªªª: renamed from vlan0 (while UP) [ 93.467342][ T5881] loop0: detected capacity change from 0 to 32768 [ 93.553829][ T5881] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 93.798559][ T5881] XFS (loop0): Ending clean mount [ 94.083721][ T23] XFS (loop0): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xd0, xfs_rmapbt block 0x14 [ 94.109042][ T23] XFS (loop0): Unmount and run xfs_repair [ 94.115065][ T23] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 94.152453][ T5817] gspca_sonixj: reg_r err -71 [ 94.157301][ T5817] sonixj: probe of 3-1:0.0 failed with error -71 [ 94.164083][ T23] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 94.183976][ T5817] usb 3-1: USB disconnect, device number 2 [ 94.191977][ T23] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10 ................ [ 94.212959][ T23] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d ..BNy.B..... ... [ 94.223763][ T23] 00000030: 00 00 00 00 6c 4b dc c9 00 00 00 00 00 00 00 01 ....lK.......... [ 94.235806][ T23] 00000040: ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 ................ [ 94.248013][ T23] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 94.302976][ T23] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 94.324383][ T23] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 94.358873][ T27] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x14 len 4 error 74 [ 94.413711][ T27] XFS (loop0): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x182e/0x1df0 (fs/xfs/libxfs/xfs_defer.c:598). Shutting down filesystem. [ 94.431772][ T27] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 94.499627][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 94.854182][ T5911] loop3: detected capacity change from 0 to 128 [ 94.899089][ T5911] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 94.969423][ T5911] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 95.105782][ T5915] loop9: detected capacity change from 0 to 7 [ 95.149889][ T5915] Dev loop9: unable to read RDB block 7 [ 95.188329][ T5915] loop9: AHDI p1 [ 95.217990][ T5915] loop9: partition table partially beyond EOD, truncated [ 95.612449][ T5925] loop2: detected capacity change from 0 to 1024 [ 95.787280][ T5923] loop0: detected capacity change from 0 to 32768 [ 95.799890][ T5923] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.36 (5923) [ 95.818365][ T5815] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 95.841403][ T5923] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 95.852072][ T5923] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 95.860949][ T5923] BTRFS info (device loop0): turning on sync discard [ 95.867971][ T5923] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 95.878792][ T5923] BTRFS info (device loop0): use lzo compression, level 0 [ 95.885995][ T5923] BTRFS info (device loop0): turning on async discard [ 95.893398][ T5923] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 95.904120][ T5923] BTRFS info (device loop0): trying to use backup root at mount time [ 95.912312][ T5923] BTRFS info (device loop0): enabling auto defrag [ 95.918928][ T5923] BTRFS info (device loop0): using free space tree [ 96.003150][ T2109] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 96.016871][ T5923] BTRFS error (device loop0): failed to load root extent [ 96.024226][ T5923] BTRFS warning (device loop0): try to load backup roots slot 1 [ 96.033257][ T3525] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 96.050605][ T5815] usb 2-1: Using ep0 maxpacket: 8 [ 96.064109][ T5923] BTRFS warning (device loop0): couldn't read tree root [ 96.071243][ T5923] BTRFS warning (device loop0): try to load backup roots slot 2 [ 96.081751][ T11] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 96.095924][ T5923] BTRFS warning (device loop0): couldn't read tree root [ 96.102982][ T5815] usb 2-1: config 0 has an invalid interface number: 32 but max is 0 [ 96.103041][ T5815] usb 2-1: config 0 has no interface number 0 [ 96.103160][ T5815] usb 2-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=4d.89 [ 96.111565][ T5923] BTRFS warning (device loop0): try to load backup roots slot 3 [ 96.147139][ T5923] BTRFS info (device loop0): enabling ssd optimizations [ 96.159836][ T5923] BTRFS info (device loop0): rebuilding free space tree [ 96.189354][ T5815] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.243220][ T5923] BTRFS info (device loop0): checking UUID tree [ 96.261106][ T5815] usb 2-1: config 0 descriptor?? [ 96.279453][ T5815] usb-storage 2-1:0.32: USB Mass Storage device detected [ 96.341318][ T5815] usb-storage 2-1:0.32: device ignored [ 96.585920][ T5815] usb 2-1: USB disconnect, device number 2 [ 96.713817][ T5784] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 97.403485][ T5961] capability: warning: `syz.1.44' uses deprecated v2 capabilities in a way that may be insecure [ 97.981369][ T5958] loop3: detected capacity change from 0 to 32768 [ 97.991330][ T5958] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.42 (5958) [ 98.018969][ T5958] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 98.050974][ T5958] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 98.068243][ T5958] BTRFS info (device loop3): setting nodatasum [ 98.079520][ T5958] BTRFS info (device loop3): force zlib compression, level 3 [ 98.097365][ T5958] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 98.132732][ T5958] BTRFS info (device loop3): use lzo compression, level 0 [ 98.148663][ T5974] loop0: detected capacity change from 0 to 256 [ 98.164227][ T5958] BTRFS info (device loop3): turning on flush-on-commit [ 98.199684][ T5958] BTRFS info (device loop3): enabling auto defrag [ 98.208727][ T5974] ======================================================= [ 98.208727][ T5974] WARNING: The mand mount option has been deprecated and [ 98.208727][ T5974] and is ignored by this kernel. Remove the mand [ 98.208727][ T5974] option from the mount to silence this warning. [ 98.208727][ T5974] ======================================================= [ 98.248340][ T5958] BTRFS info (device loop3): max_inline at 4096 [ 98.268236][ T5958] BTRFS info (device loop3): using free space tree [ 98.415164][ T28] audit: type=1800 audit(1781884168.670:2): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.49" name="file1" dev="loop0" ino=1048593 res=0 errno=0 [ 98.441455][ T5974] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 98.463269][ T5958] BTRFS info (device loop3): enabling ssd optimizations [ 98.488769][ T5974] FAT-fs (loop0): Filesystem has been set read-only [ 98.495710][ T5974] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 98.548366][ T5974] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 98.593657][ T5974] syz.0.49 (5974) used greatest stack depth: 20464 bytes left [ 98.601635][ T28] audit: type=1800 audit(1781884168.860:3): pid=5974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.49" name="file1" dev="loop0" ino=1048593 res=0 errno=0 [ 98.887312][ T5786] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 99.080462][ T5970] loop2: detected capacity change from 0 to 32768 [ 99.282816][ T5970] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 99.587020][ T5970] XFS (loop2): Ending clean mount [ 99.706360][ T6019] loop1: detected capacity change from 0 to 256 [ 99.844012][ T6019] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 99.980397][ T5780] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 100.021982][ T6023] loop0: detected capacity change from 0 to 512 [ 100.053986][ T6023] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 100.197531][ T6023] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.60: bg 0: block 393: padding at end of block bitmap is not set [ 100.251760][ T6030] loop3: detected capacity change from 0 to 1024 [ 100.356564][ T6023] EXT4-fs (loop0): Remounting filesystem read-only [ 100.395528][ T6023] EXT4-fs (loop0): 2 truncates cleaned up [ 100.424812][ T6023] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.687300][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.864307][ T6037] loop0: detected capacity change from 0 to 512 [ 100.885719][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 100.901267][ T6037] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 100.935697][ T6037] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 100.970890][ T6037] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2855: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 101.067951][ T6037] EXT4-fs (loop0): 1 truncate cleaned up [ 101.085646][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.102548][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 101.106087][ T9] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.106146][ T9] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.106171][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 101.106209][ T9] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 101.106235][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.175632][ T9] usb 4-1: config 0 descriptor?? [ 101.300178][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.452134][ T6031] loop1: detected capacity change from 0 to 32768 [ 101.525478][ T6031] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 101.629088][ T9] nzxt-smart2 0003:1E71:2009.0001: unknown main item tag 0x0 [ 101.634017][ T6031] XFS (loop1): Ending clean mount [ 101.636858][ T9] nzxt-smart2 0003:1E71:2009.0001: unknown main item tag 0x0 [ 101.636912][ T9] nzxt-smart2 0003:1E71:2009.0001: unknown main item tag 0x0 [ 101.668409][ T9] nzxt-smart2 0003:1E71:2009.0001: unknown main item tag 0x0 [ 101.675957][ T9] nzxt-smart2 0003:1E71:2009.0001: unknown main item tag 0x0 [ 101.694828][ T6031] XFS (loop1): Quotacheck needed: Please wait. [ 101.721022][ T9] nzxt-smart2 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 101.799847][ T6031] XFS (loop1): Quotacheck: Done. [ 101.864667][ T9] usb 4-1: USB disconnect, device number 2 [ 102.001068][ T6056] fido_id[6056]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 102.043229][ T5776] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 102.315253][ T6062] process 'syz.1.72' launched './file1' with NULL argv: empty string added [ 102.588376][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 102.783797][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 102.792561][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 102.808286][ T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0023, bcdDevice= 0.00 [ 102.817638][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.830140][ T9] usb 1-1: config 0 descriptor?? [ 102.925788][ T6075] loop1: detected capacity change from 0 to 1024 [ 102.978376][ T5816] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 103.049399][ T9] usbhid 1-1:0.0: can't add hid device: -71 [ 103.066106][ T9] usbhid: probe of 1-1:0.0 failed with error -71 [ 103.089337][ T9] usb 1-1: USB disconnect, device number 2 [ 103.178470][ T5816] usb 3-1: Using ep0 maxpacket: 16 [ 103.187381][ T5816] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 103.208011][ T5816] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 103.217735][ T5816] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.231684][ T5816] usb 3-1: config 0 descriptor?? [ 103.336709][ T6079] loop1: detected capacity change from 0 to 8192 [ 103.392752][ T6079] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 103.406821][ T6079] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 103.416540][ T6079] REISERFS (device loop1): using ordered data mode [ 103.424109][ T6079] reiserfs: using flush barriers [ 103.438385][ T6079] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 103.472992][ T6079] REISERFS (device loop1): checking transaction log (loop1) [ 103.493361][ T6079] REISERFS (device loop1): Using r5 hash to sort names [ 103.520917][ T6079] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 103.647973][ T6079] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option "ÿÿ18446744073709551615ÿÿÿÿ0177777777777777777777701777777777777777777777ÿÿ18446744073709551615ÿÿ" [ 103.681851][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0xd [ 103.708244][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 103.715438][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 103.751441][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 103.771548][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 103.784717][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 103.802452][ T5816] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0 [ 104.024294][ T6077] loop3: detected capacity change from 0 to 32768 [ 104.078594][ T5816] hid-led: probe of 0003:0FC5:B080.0002 failed with error -71 [ 104.092044][ T5816] usb 3-1: USB disconnect, device number 3 [ 104.116865][ T6077] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.333953][ T6077] XFS (loop3): Ending clean mount [ 104.555693][ T5786] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.769332][ T6103] program syz.2.88 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.844863][ T6105] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 105.629850][ T6109] loop2: detected capacity change from 0 to 32768 [ 105.663373][ T6109] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.90 (6109) [ 105.713055][ T6109] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.759991][ T6109] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 105.792976][ T6109] BTRFS info (device loop2): using free space tree [ 105.979956][ T6109] BTRFS info (device loop2): enabling ssd optimizations [ 105.998355][ T6109] BTRFS info (device loop2): auto enabling async discard [ 106.112480][ T5780] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 106.609011][ T6122] loop0: detected capacity change from 0 to 32768 [ 106.737928][ T6122] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 106.816659][ T6160] loop2: detected capacity change from 0 to 16 [ 106.920972][ T6160] erofs: (device loop2): mounted with root inode @ nid 36. [ 107.029537][ T6160] erofs: (device loop2): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 107.050592][ T6122] XFS (loop0): Ending clean mount [ 107.132360][ T6160] erofs: (device loop2): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 107.183377][ T6165] erofs: (device loop2): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 107.218495][ T6160] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 0 of nid 36 [ 107.263321][ T6165] erofs: (device loop2): z_erofs_fill_inode_lazy: big pcluster head1/2 of compact indexes should be consistent for nid 36 [ 107.276652][ T6160] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 107.288732][ T6165] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 107.354799][ T5784] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.659507][ T5817] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 107.871695][ T5817] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 107.898240][ T5817] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.921696][ T5817] usb 4-1: config 0 descriptor?? [ 107.939479][ T5817] cp210x 4-1:0.0: cp210x converter detected [ 108.221736][ T6187] loop0: detected capacity change from 0 to 1024 [ 108.252854][ T6187] EXT4-fs: Ignoring removed orlov option [ 108.341762][ T5817] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 108.402565][ T5817] usb 4-1: cp210x converter now attached to ttyUSB0 [ 108.479734][ T6187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.579756][ T5817] usb 4-1: USB disconnect, device number 3 [ 108.597024][ T6187] EXT4-fs (loop0): shut down requested (1) [ 108.641173][ T5817] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 108.742958][ T5817] cp210x 4-1:0.0: device disconnected [ 108.840251][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.968129][ C0] sched: RT throttling activated [ 109.233749][ T6185] loop1: detected capacity change from 0 to 131072 [ 109.248450][ T6185] F2FS-fs (loop1): invalid crc value [ 109.300994][ T6185] F2FS-fs (loop1): Found nat_bits in checkpoint [ 109.361959][ T6185] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 109.453375][ T6180] loop2: detected capacity change from 0 to 32768 [ 109.495813][ T6180] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 109.538246][ T6180] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 109.713099][ T6180] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 109.726806][ T6199] loop3: detected capacity change from 0 to 8192 [ 109.738288][ T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 109.745513][ T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 109.767827][ T6199] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 109.811233][ T6199] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 109.828046][ T6199] REISERFS (device loop3): using ordered data mode [ 109.858222][ T6199] reiserfs: using flush barriers [ 109.883713][ T6199] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 109.922491][ T6199] REISERFS (device loop3): checking transaction log (loop3) [ 109.939906][ T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 194ms [ 109.977095][ T9] gfs2: fsid=syz:syz.0: jid=0: Done [ 110.006647][ T6180] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 110.174832][ T6209] loop0: detected capacity change from 0 to 1024 [ 110.244716][ T6199] REISERFS (device loop3): Using tea hash to sort names [ 110.284277][ T6199] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 110.353515][ T6199] overlayfs: upper fs needs to support d_type. [ 110.362453][ T6199] overlayfs: upper fs does not support tmpfile. [ 110.375103][ T6199] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 110.399261][ T6199] overlayfs: conflicting lowerdir path [ 110.515921][ T2977] hfsplus: b-tree write err: -5, ino 3 [ 110.621473][ T6180] gfs2: fsid=syz:syz.0: found 1 quota changes [ 110.954572][ T6213] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 110.967793][ T5780] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 110.967793][ T5780] inode = 11 2339 [ 110.967793][ T5780] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 421 [ 110.979357][ T6213] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 110.999157][ T5780] gfs2: fsid=syz:syz.0: G: s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 111.014198][ T5780] gfs2: fsid=syz:syz.0: H: s:EX f:H e:0 p:5780 [syz-executor] gfs2_quota_sync+0x411/0x5a0 [ 111.024843][ T5780] gfs2: fsid=syz:syz.0: I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0 [ 111.043426][ T6214] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 111.056673][ T5780] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 111.083174][ T5780] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 111.098925][ T6213] netlink: 'syz.3.122': attribute type 29 has an invalid length. [ 111.103875][ T5780] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 111.119654][ T5780] gfs2: fsid=syz:syz.0: File system withdrawn [ 111.127522][ T5780] CPU: 0 PID: 5780 Comm: syz-executor Not tainted syzkaller #0 [ 111.135149][ T5780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 111.145296][ T5780] Call Trace: [ 111.148625][ T5780] [ 111.151608][ T5780] dump_stack_lvl+0x18c/0x250 [ 111.156676][ T5780] ? show_regs_print_info+0x20/0x20 [ 111.161933][ T5780] ? load_image+0x420/0x420 [ 111.166500][ T5780] ? kobject_uevent_env+0x368/0x890 [ 111.171857][ T5780] gfs2_withdraw+0xe16/0x1400 [ 111.176620][ T5780] ? gfs2_lm+0x240/0x240 [ 111.181038][ T5780] ? gfs2_consist_inode_i+0xf5/0x110 [ 111.186400][ T5780] gfs2_inode_refresh+0xb3c/0x11a0 [ 111.191583][ T5780] ? gfs2_inode_metasync+0xf0/0xf0 [ 111.196796][ T5780] ? gfs2_glock_nq+0xe2e/0x1440 [ 111.201709][ T5780] gfs2_instantiate+0x162/0x220 [ 111.206628][ T5780] gfs2_glock_wait+0x1d4/0x2a0 [ 111.211523][ T5780] do_sync+0x4b8/0xd90 [ 111.215662][ T5780] ? gfs2_quota_sync+0x411/0x5a0 [ 111.220664][ T5780] ? bh_get+0x760/0x760 [ 111.224875][ T5780] ? gfs2_quota_sync+0x318/0x5a0 [ 111.229884][ T5780] ? gfs2_quota_sync+0x411/0x5a0 [ 111.234893][ T5780] ? do_raw_spin_unlock+0x121/0x230 [ 111.240183][ T5780] gfs2_quota_sync+0x411/0x5a0 [ 111.245036][ T5780] gfs2_sync_fs+0x4c/0xb0 [ 111.249435][ T5780] sync_filesystem+0xea/0x220 [ 111.254176][ T5780] generic_shutdown_super+0x6f/0x2b0 [ 111.259679][ T5780] kill_block_super+0x44/0x90 [ 111.264428][ T5780] deactivate_locked_super+0x97/0x100 [ 111.269879][ T5780] cleanup_mnt+0x3d7/0x460 [ 111.274400][ T5780] task_work_run+0x1d4/0x260 [ 111.279054][ T5780] ? task_work_cancel+0x220/0x220 [ 111.284148][ T5780] ? exit_to_user_mode_loop+0x3b/0x110 [ 111.289685][ T5780] exit_to_user_mode_loop+0xe6/0x110 [ 111.295038][ T5780] exit_to_user_mode_prepare+0xee/0x180 [ 111.300695][ T5780] syscall_exit_to_user_mode+0x1a/0x50 [ 111.306232][ T5780] do_syscall_64+0x61/0xb0 [ 111.310706][ T5780] ? clear_bhb_loop+0x40/0x90 [ 111.315443][ T5780] ? clear_bhb_loop+0x40/0x90 [ 111.320175][ T5780] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 111.326157][ T5780] RIP: 0033:0x7fc96499e097 [ 111.330640][ T5780] Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 111.350323][ T5780] RSP: 002b:00007ffe47448fa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 111.358824][ T5780] RAX: 0000000000000000 RBX: 00007fc964a322ca RCX: 00007fc96499e097 [ 111.366861][ T5780] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe47449060 [ 111.374889][ T5780] RBP: 00007ffe47449060 R08: 00007ffe4744a060 R09: 00000000ffffffff [ 111.382930][ T5780] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe4744a0f0 [ 111.390966][ T5780] R13: 00007fc964a322ca R14: 000000000001a4be R15: 00007ffe4744a130 [ 111.399013][ T5780] [ 111.563283][ T6220] Driver unsupported XDP return value 0 on prog (id 7) dev N/A, expect packet loss! [ 112.339964][ T6229] loop1: detected capacity change from 0 to 512 [ 112.411486][ T6229] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.424431][ T6229] ext4 filesystem being mounted at /34/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.515997][ T5776] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.758486][ T6235] tipc: Started in network mode [ 112.763770][ T6235] tipc: Node identity 000000005f2d003a0040ffffe0000001, cluster identity 4711 [ 112.817850][ T6235] tipc: Enabling of bearer rejected, failed to enable media [ 113.066373][ T6246] netlink: 160 bytes leftover after parsing attributes in process `syz.2.135'. [ 113.121120][ T6246] netlink: 160 bytes leftover after parsing attributes in process `syz.2.135'. [ 113.629758][ T6238] loop1: detected capacity change from 0 to 32768 [ 113.675736][ T6238] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 113.859776][ T6238] XFS (loop1): Ending clean mount [ 113.868453][ T969] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 113.904385][ T6238] XFS (loop1): Quotacheck needed: Please wait. [ 113.972980][ T6238] XFS (loop1): Quotacheck: Done. [ 113.988299][ T5817] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 114.085301][ T5776] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 114.104272][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 114.116053][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.126489][ T969] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 114.143702][ T969] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.165690][ T969] usb 4-1: config 0 descriptor?? [ 114.227194][ T5817] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 114.268315][ T5817] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 114.299493][ T5817] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 114.336502][ T5817] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.362115][ T5817] usb 3-1: config 0 descriptor?? [ 114.381607][ T5817] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 114.410001][ T5817] dvb-usb: bulk message failed: -22 (3/0) [ 114.442025][ T5817] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 114.470232][ T5817] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 114.477748][ T5817] usb 3-1: media controller created [ 114.511564][ T5817] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 114.563991][ T5817] dvb-usb: bulk message failed: -22 (6/0) [ 114.580036][ T6269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.604051][ T5817] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 114.621628][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.634074][ T6269] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.660717][ T5817] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input10 [ 114.672151][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.690291][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.698876][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.706045][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.740489][ T5817] dvb-usb: schedule remote query interval to 150 msecs. [ 114.747548][ T5817] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 114.751774][ T6284] loop1: detected capacity change from 0 to 256 [ 114.762617][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.778225][ T969] isku 0003:1E7D:319C.0003: unknown main item tag 0x0 [ 114.815765][ T5817] usb 3-1: USB disconnect, device number 4 [ 114.829052][ T969] isku 0003:1E7D:319C.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.3-1/input0 [ 114.868502][ T6284] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d) [ 114.972252][ T5817] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 115.127456][ T9] usb 4-1: USB disconnect, device number 4 [ 115.551535][ T6291] loop2: detected capacity change from 0 to 8192 [ 115.594215][ T6291] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 115.615426][ T6298] loop1: detected capacity change from 0 to 24 [ 115.648318][ T6291] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 115.657624][ T6291] REISERFS (device loop2): using ordered data mode [ 115.700757][ T6300] netlink: 44 bytes leftover after parsing attributes in process `syz.0.154'. [ 115.712247][ T6291] reiserfs: using flush barriers [ 115.750345][ T6291] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 115.767876][ T6291] REISERFS (device loop2): checking transaction log (loop2) [ 116.141604][ T6291] REISERFS (device loop2): Using tea hash to sort names [ 116.156984][ T6291] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 116.186332][ T6291] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 116.188083][ T6307] loop1: detected capacity change from 0 to 1024 [ 116.254944][ T6291] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 6) not found (pos 2) [ 116.341544][ T6311] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2) [ 116.382242][ T6311] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2) [ 116.789914][ T6322] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.388712][ T6318] loop1: detected capacity change from 0 to 32768 [ 117.501693][ T6318] JBD2: Ignoring recovery information on journal [ 117.515969][ T6340] netlink: 16 bytes leftover after parsing attributes in process `syz.3.172'. [ 117.691685][ T6318] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 117.988024][ T28] audit: type=1800 audit(1781884188.250:4): pid=6318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.161" name="bus" dev="loop1" ino=17059 res=0 errno=0 [ 118.200176][ T6356] loop3: detected capacity change from 0 to 4096 [ 118.272951][ T6318] syz.1.161 (6318) used greatest stack depth: 18840 bytes left [ 118.356940][ T6358] loop0: detected capacity change from 0 to 2048 [ 118.457365][ T6358] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.510524][ T5776] ocfs2: Unmounting device (7,1) on (node local) [ 118.761930][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.019193][ T6371] netlink: 'syz.2.186': attribute type 1 has an invalid length. [ 119.124208][ T6369] loop3: detected capacity change from 0 to 4096 [ 119.196022][ T6369] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 119.300705][ T6369] ntfs3: loop3: Failed to load $Extend (-22). [ 119.307311][ T6369] ntfs3: loop3: Failed to initialize $Extend. [ 119.381910][ T6379] netlink: 16 bytes leftover after parsing attributes in process `syz.0.188'. [ 120.268236][ T969] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 120.384647][ T6408] loop1: detected capacity change from 0 to 1024 [ 120.400339][ T6408] EXT4-fs: Ignoring removed bh option [ 120.430145][ T6408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 120.458284][ T969] usb 4-1: Using ep0 maxpacket: 32 [ 120.470661][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.482307][ T969] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.492765][ T969] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 120.502127][ T6407] loop2: detected capacity change from 0 to 2048 [ 120.503706][ T969] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.520071][ T969] usb 4-1: config 0 descriptor?? [ 120.528747][ T969] hub 4-1:0.0: USB hub found [ 120.596101][ T6407] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 120.614431][ T5776] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.759932][ T969] hub 4-1:0.0: 26 ports detected [ 120.774872][ T969] hub 4-1:0.0: insufficient power available to use all downstream ports [ 120.988395][ T969] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 121.008190][ T969] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 121.047292][ T969] usbhid 4-1:0.0: can't add hid device: -71 [ 121.062236][ T969] usbhid: probe of 4-1:0.0 failed with error -71 [ 121.115887][ T6404] loop0: detected capacity change from 0 to 32768 [ 121.129952][ T969] usb 4-1: USB disconnect, device number 5 [ 121.208441][ T27] usb 3-1: new low-speed USB device number 5 using dummy_hcd [ 121.232355][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.232355][ T6404] [ 121.243260][ T6404] xtLookup: xtSearch returned -5 [ 121.258182][ T6404] free_index: error reading directory table [ 121.274251][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.274251][ T6404] [ 121.284712][ T6404] xtLookup: xtSearch returned -5 [ 121.297344][ T6404] free_index: error reading directory table [ 121.304017][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.304017][ T6404] [ 121.318190][ T6404] xtLookup: xtSearch returned -5 [ 121.323219][ T6404] free_index: error reading directory table [ 121.335524][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.335524][ T6404] [ 121.347046][ T6404] xtLookup: xtSearch returned -5 [ 121.361306][ T6404] free_index: error reading directory table [ 121.367306][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.367306][ T6404] [ 121.385694][ T6404] xtLookup: xtSearch returned -5 [ 121.391107][ T6404] free_index: error reading directory table [ 121.397122][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.397122][ T6404] [ 121.431012][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 121.438496][ T6404] xtLookup: xtSearch returned -5 [ 121.447411][ T6404] add_index: get/read_metapage failed! [ 121.452424][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 64, setting to 8 [ 121.465073][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.465073][ T6404] [ 121.478013][ T27] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 121.491390][ T27] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 121.500969][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.509588][ T6404] xtLookup: xtSearch returned -5 [ 121.514604][ T6404] free_index: error reading directory table [ 121.531635][ T27] usb 3-1: config 0 descriptor?? [ 121.543172][ T6415] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 121.558669][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.558669][ T6404] [ 121.570756][ T6404] xtLookup: xtSearch returned -5 [ 121.577329][ T6404] free_index: error reading directory table [ 121.583870][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.583870][ T6404] [ 121.596295][ T6404] xtLookup: xtSearch returned -5 [ 121.601489][ T6404] free_index: error reading directory table [ 121.607716][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.607716][ T6404] [ 121.618075][ T6404] xtLookup: xtSearch returned -5 [ 121.630441][ T6404] free_index: error reading directory table [ 121.636457][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.636457][ T6404] [ 121.654507][ T6404] xtLookup: xtSearch returned -5 [ 121.659904][ T6404] free_index: error reading directory table [ 121.678329][ T6404] ERROR: (device loop0): xtSearch: XT_GETPAGE: xtree page corrupt [ 121.678329][ T6404] [ 121.713715][ T6404] xtLookup: xtSearch returned -5 [ 121.723832][ T6404] add_index: get/read_metapage failed! [ 121.974925][ T27] logitech 0003:046D:C295.0004: unknown main item tag 0x7 [ 121.997295][ T27] logitech 0003:046D:C295.0004: unknown main item tag 0x3 [ 122.022028][ T6427] loop3: detected capacity change from 0 to 512 [ 122.037434][ T27] logitech 0003:046D:C295.0004: unexpected long global item [ 122.046834][ T27] logitech 0003:046D:C295.0004: parse failed [ 122.064322][ T6427] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 122.076859][ T27] logitech: probe of 0003:046D:C295.0004 failed with error -22 [ 122.137563][ T6427] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 122.171939][ T27] usb 3-1: USB disconnect, device number 5 [ 122.183503][ T6427] EXT4-fs (loop3): 1 truncate cleaned up [ 122.210075][ T6427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.326816][ T6427] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 13: comm syz.3.210: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 122.375808][ T6427] EXT4-fs (loop3): Remounting filesystem read-only [ 122.407358][ T6435] loop0: detected capacity change from 0 to 4096 [ 122.415761][ T6435] EXT4-fs: inline encryption not supported [ 122.482826][ T6435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 122.496661][ T6437] macvtap1: entered promiscuous mode [ 122.503168][ T6437] vlan0: entered promiscuous mode [ 122.552947][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.670185][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.914497][ T6445] capability: warning: `syz.2.217' uses 32-bit capabilities (legacy support in use) [ 122.958058][ T6445] program syz.2.217 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.048446][ T6450] loop1: detected capacity change from 0 to 764 [ 123.115038][ T6453] loop3: detected capacity change from 0 to 128 [ 123.180599][ T6450] Symlink component flag not implemented [ 123.207633][ T6453] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 123.226383][ T6450] Symlink component flag not implemented [ 123.236914][ T6450] Symlink component flag not implemented (128) [ 123.269158][ T6450] Symlink component flag not implemented (105) [ 123.297891][ T6453] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 124.210881][ T6483] netem: change failed [ 124.377090][ T6461] loop2: detected capacity change from 0 to 32768 [ 124.423347][ T6486] netlink: 16 bytes leftover after parsing attributes in process `syz.3.234'. [ 124.445473][ T6461] JBD2: Ignoring recovery information on journal [ 124.445806][ T6486] netlink: 28 bytes leftover after parsing attributes in process `syz.3.234'. [ 124.478494][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz.0.235'. [ 124.489176][ T6486] netlink: 16 bytes leftover after parsing attributes in process `syz.3.234'. [ 124.598357][ T6490] netlink: 64 bytes leftover after parsing attributes in process `syz.0.235'. [ 124.623134][ T6461] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 124.834140][ T5780] ocfs2: Unmounting device (7,2) on (node local) [ 124.904760][ T6479] loop1: detected capacity change from 0 to 32768 [ 124.980212][ T6479] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.231 (6479) [ 125.043144][ T6479] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 125.088261][ T6479] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 125.097817][ T6479] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 125.129656][ T6479] BTRFS info (device loop1): use zstd compression, level 3 [ 125.159089][ T6479] BTRFS info (device loop1): using free space tree [ 125.368259][ T6479] BTRFS info (device loop1): enabling ssd optimizations [ 125.401205][ T6520] loop2: detected capacity change from 0 to 16 [ 125.418224][ T6479] BTRFS info (device loop1): auto enabling async discard [ 125.419758][ T6520] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 125.469723][ T5777] udevd[5777]: incorrect cramfs checksum on /dev/loop2 [ 125.480972][ T28] audit: type=1800 audit(1781884195.750:5): pid=6479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.231" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 125.510734][ T6522] input: syz0 as /devices/virtual/input/input11 [ 125.552794][ T5777] udevd[5777]: incorrect cramfs checksum on /dev/loop2 [ 125.789455][ T6528] loop0: detected capacity change from 0 to 16 [ 125.796809][ T6528] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 125.856496][ T5790] udevd[5790]: incorrect cramfs checksum on /dev/loop0 [ 125.912927][ T6532] loop3: detected capacity change from 0 to 256 [ 125.923924][ T6532] exfat: Deprecated parameter 'utf8' [ 125.950677][ T6286] udevd[6286]: incorrect cramfs checksum on /dev/loop0 [ 125.963836][ T6532] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 126.025033][ T6532] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5f1fc80d, utbl_chksum : 0xe619d30d) [ 126.066420][ T5776] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 126.561178][ T6546] netlink: 104 bytes leftover after parsing attributes in process `syz.0.252'. [ 127.376680][ T6563] netlink: 508 bytes leftover after parsing attributes in process `syz.0.260'. [ 127.801903][ T6570] gretap0: entered promiscuous mode [ 127.846245][ T6572] netlink: 16 bytes leftover after parsing attributes in process `syz.2.264'. [ 127.906740][ T6572] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.958701][ T6575] Zero length message leads to an empty skb [ 128.401255][ T6591] GUP no longer grows the stack in syz.0.272 (6591): 200000007000-200000008000 (200000004000) [ 128.454396][ T6591] CPU: 1 PID: 6591 Comm: syz.0.272 Not tainted syzkaller #0 [ 128.461780][ T6591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 128.472164][ T6591] Call Trace: [ 128.475496][ T6591] [ 128.478461][ T6591] dump_stack_lvl+0x18c/0x250 [ 128.483186][ T6591] ? show_regs_print_info+0x20/0x20 [ 128.488417][ T6591] ? load_image+0x420/0x420 [ 128.492952][ T6591] ? find_vma+0x134/0x1b0 [ 128.497355][ T6591] fixup_user_fault+0x691/0x750 [ 128.502269][ T6591] fault_in_user_writeable+0x71/0xd0 [ 128.507616][ T6591] futex_lock_pi+0x276/0xa00 [ 128.512267][ T6591] ? fixup_pi_state_owner+0x5f0/0x5f0 [ 128.517899][ T6591] ? userfaultfd_unmap_prep+0x3c0/0x3c0 [ 128.523491][ T6591] do_futex+0x23d/0x3e0 [ 128.527682][ T6591] ? __ia32_sys_get_robust_list+0x110/0x110 [ 128.533625][ T6591] __se_sys_futex+0x3a9/0x440 [ 128.538787][ T6591] ? __x64_sys_futex+0xf0/0xf0 [ 128.543585][ T6591] ? __x64_sys_futex+0x21/0xf0 [ 128.548379][ T6591] do_syscall_64+0x55/0xb0 [ 128.552876][ T6591] ? clear_bhb_loop+0x40/0x90 [ 128.557596][ T6591] ? clear_bhb_loop+0x40/0x90 [ 128.562323][ T6591] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.568263][ T6591] RIP: 0033:0x7f580c99ce59 [ 128.572717][ T6591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.592355][ T6591] RSP: 002b:00007f580d91b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.600798][ T6591] RAX: ffffffffffffffda RBX: 00007f580cc15fa0 RCX: 00007f580c99ce59 [ 128.608793][ T6591] RDX: 0000000000000000 RSI: 000000000000008d RDI: 0000200000004000 [ 128.616968][ T6591] RBP: 00007f580ca32e6f R08: 0000000000000000 R09: 0000000000000000 [ 128.624962][ T6591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.633052][ T6591] R13: 00007f580cc16038 R14: 00007f580cc15fa0 R15: 00007ffe8f55b078 [ 128.641154][ T6591] [ 128.801914][ T6601] loop0: detected capacity change from 0 to 1024 [ 128.808551][ T27] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 129.068303][ T27] usb 2-1: Using ep0 maxpacket: 32 [ 129.085076][ T27] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 129.113910][ T27] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 129.130396][ T27] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 129.148768][ T27] usb 2-1: Product: syz [ 129.163687][ T27] usb 2-1: Manufacturer: syz [ 129.180933][ T27] usb 2-1: SerialNumber: syz [ 129.213020][ T27] usb 2-1: config 0 descriptor?? [ 129.230854][ T6595] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 129.258381][ T27] hub 2-1:0.0: bad descriptor, ignoring hub [ 129.270997][ T27] hub: probe of 2-1:0.0 failed with error -5 [ 129.807086][ T6617] loop3: detected capacity change from 0 to 4096 [ 129.917020][ T6617] ntfs3: loop3: ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record [ 130.338247][ T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 130.538268][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 130.546690][ T8] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 130.558428][ T8] usb 3-1: config 0 has no interface number 0 [ 130.575027][ T8] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 130.591533][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.609715][ T8] usb 3-1: Product: syz [ 130.617425][ T8] usb 3-1: Manufacturer: syz [ 130.627572][ T8] usb 3-1: SerialNumber: syz [ 130.652960][ T8] usb 3-1: config 0 descriptor?? [ 130.679278][ T8] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 130.820505][ T6632] ip6gre1: entered promiscuous mode [ 130.825946][ T6632] ip6gre1: entered allmulticast mode [ 130.894921][ T6619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.913013][ T6619] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 131.098446][ T6638] loop3: detected capacity change from 0 to 256 [ 131.144082][ T6638] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d) [ 131.322756][ T8] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 131.356934][ T8] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 131.507050][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 131.515610][ T27] usb 3-1: USB disconnect, device number 6 [ 131.539134][ T27] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 131.578533][ T5817] usb 2-1: USB disconnect, device number 3 [ 131.588880][ T27] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 131.659446][ T27] quatech2 3-1:0.51: device disconnected [ 131.810658][ T3525] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 131.819958][ T6649] loop3: detected capacity change from 0 to 4096 [ 131.839298][ T3525] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 131.847636][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 131.938664][ T6656] loop0: detected capacity change from 0 to 512 [ 132.088934][ T6656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.258442][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 132.322211][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.332945][ T6652] loop1: detected capacity change from 0 to 32768 [ 132.368434][ T6652] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.300 (6652) [ 132.440249][ T6652] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.468794][ T6663] loop2: detected capacity change from 0 to 128 [ 132.506423][ T6652] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 132.538593][ T6652] BTRFS info (device loop1): metadata ratio 0 [ 132.548511][ T6652] BTRFS info (device loop1): setting nodatasum [ 132.554761][ T6652] BTRFS info (device loop1): using free space tree [ 132.608700][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 132.827576][ T6652] BTRFS info (device loop1): enabling ssd optimizations [ 133.033614][ T6692] loop2: detected capacity change from 0 to 2048 [ 133.098751][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.106888][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.116773][ T6692] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 133.180074][ T5776] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 133.218934][ T6286] udevd[6286]: incorrect nilfs2 checksum on /dev/loop2 [ 133.304887][ T6696] loop3: detected capacity change from 0 to 2048 [ 133.325857][ T6699] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 133.360376][ T6286] udevd[6286]: incorrect nilfs2 checksum on /dev/loop2 [ 133.411143][ T6696] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 133.693675][ T5952] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop1 scanned by udevd (5952) [ 133.907455][ T6699] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 133.971839][ T6699] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4) [ 134.048540][ T6699] Remounting filesystem read-only [ 134.058421][ T3525] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 134.066081][ T3525] NILFS (loop2): discard dirty block: blocknr=39, size=1024 [ 134.145013][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.165583][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.181064][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.202389][ T3525] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 134.223249][ T3525] NILFS (loop2): discard dirty block: blocknr=18, size=1024 [ 134.238234][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.261543][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.301431][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.341714][ T6720] loop0: detected capacity change from 0 to 4096 [ 134.348352][ T3525] NILFS (loop2): discard dirty page: offset=0, ino=5 [ 134.355093][ T3525] NILFS (loop2): discard dirty block: blocknr=41, size=1024 [ 134.408591][ T6720] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 134.418779][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.427726][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.476521][ T3525] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.540463][ T5780] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 134.575727][ T5780] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 134.626567][ T5780] NILFS (loop2): discard dirty block: blocknr=35, size=1024 [ 134.657039][ T5780] NILFS (loop2): discard dirty block: blocknr=36, size=1024 [ 134.677849][ T5780] NILFS (loop2): discard dirty block: blocknr=37, size=1024 [ 134.701334][ T5780] NILFS (loop2): discard dirty block: blocknr=38, size=1024 [ 134.732919][ T5780] NILFS (loop2): discard dirty page: offset=0, ino=4 [ 134.752133][ T5780] NILFS (loop2): discard dirty block: blocknr=40, size=1024 [ 134.783120][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.817888][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.858389][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 134.888065][ T5780] NILFS (loop2): discard dirty page: offset=0, ino=3 [ 134.895021][ T5780] NILFS (loop2): discard dirty block: blocknr=42, size=1024 [ 134.923360][ T5780] NILFS (loop2): discard dirty block: blocknr=43, size=1024 [ 134.965489][ T5780] NILFS (loop2): discard dirty block: blocknr=44, size=1024 [ 134.993675][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 135.012924][ T5780] NILFS (loop2): discard dirty page: offset=196608, ino=3 [ 135.032270][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 135.062389][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 135.091811][ T5780] NILFS (loop2): discard dirty block: blocknr=49, size=1024 [ 135.114202][ T5780] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 135.378599][ T6717] loop3: detected capacity change from 0 to 40427 [ 135.436276][ T6717] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 135.475337][ T6717] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 135.492499][ T6733] loop2: detected capacity change from 0 to 256 [ 135.516640][ T6717] F2FS-fs (loop3): invalid crc value [ 135.562260][ T28] audit: type=1800 audit(1781884205.820:6): pid=6733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.322" name="file1" dev="loop2" ino=1048604 res=0 errno=0 [ 135.569028][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 135.616602][ T6717] F2FS-fs (loop3): Found nat_bits in checkpoint [ 135.861744][ T6717] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 135.876192][ T6745] warning: `syz.2.325' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 135.895991][ T6717] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 135.896766][ T6723] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 136.174535][ T6723] XFS (loop1): Ending clean mount [ 136.353325][ T5776] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 136.480188][ T6757] sctp: [Deprecated]: syz.2.327 (pid 6757) Use of int in maxseg socket option. [ 136.480188][ T6757] Use struct sctp_assoc_value instead [ 136.981281][ T6764] set_capacity_and_notify: 1 callbacks suppressed [ 136.981297][ T6764] loop1: detected capacity change from 0 to 64 [ 137.084324][ T6739] loop0: detected capacity change from 0 to 40427 [ 137.127604][ T6739] F2FS-fs (loop0): Small segment_count (9 < 1 * 24) [ 137.145533][ T6739] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 137.215779][ T5818] kernel write not supported for file /ppp (pid: 5818 comm: kworker/0:5) [ 137.379860][ T6739] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 137.387002][ T6739] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 137.619855][ T5784] syz-executor: attempt to access beyond end of device [ 137.619855][ T5784] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 137.682728][ T5784] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 138.567016][ T6797] loop0: detected capacity change from 0 to 512 [ 138.859673][ T6797] EXT4-fs: Ignoring removed bh option [ 138.898239][ T6797] EXT4-fs (loop0): Test dummy encryption mode enabled [ 138.918312][ T6797] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 138.995717][ T6797] EXT4-fs error (device loop0): ext4_orphan_get:1404: inode #15: comm syz.0.337: inode has both inline data and extents flags [ 139.049004][ T6797] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.337: couldn't read orphan inode 15 (err -117) [ 139.063458][ T6790] loop2: detected capacity change from 0 to 32768 [ 139.095199][ T6791] loop1: detected capacity change from 0 to 32768 [ 139.111409][ T6797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.153868][ T6790] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 139.208347][ T28] audit: type=1800 audit(1781884209.460:7): pid=6797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.337" name="file3" dev="loop0" ino=16 res=0 errno=0 [ 139.258217][ T28] audit: type=1804 audit(1781884209.510:8): pid=6797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.337" name="/newroot/98/bus/file2" dev="loop0" ino=16 res=1 errno=0 [ 139.268946][ T6791] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 139.346799][ T6790] XFS (loop2): Ending clean mount [ 139.357418][ T6825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'. [ 139.437417][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.581800][ T6791] XFS (loop1): Ending clean mount [ 139.634590][ T5780] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 139.653810][ T6791] XFS (loop1): Quotacheck needed: Please wait. [ 139.670701][ T6832] loop0: detected capacity change from 0 to 64 [ 139.876174][ T6791] XFS (loop1): Quotacheck: Done. [ 140.120533][ T5776] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 141.308732][ T6845] loop3: detected capacity change from 0 to 32768 [ 141.365399][ T6845] XFS (loop3): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 141.453911][ T6845] XFS (loop3): Ending clean mount [ 141.611298][ T5786] XFS (loop3): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 141.625835][ T6858] loop0: detected capacity change from 0 to 32768 [ 141.789990][ T6858] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 141.948068][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 141.974425][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 141.993620][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.002285][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.018727][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.027156][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.058690][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.073239][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.088327][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.103150][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.117947][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.149869][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.164562][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.193457][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.218560][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.240753][ T5784] ocfs2: Unmounting device (7,0) on (node local) [ 142.251748][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.280068][ T8] hid-generic 0006:0004:0009.0005: unknown main item tag 0x0 [ 142.344538][ T8] hid-generic 0006:0004:0009.0005: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 142.400604][ T5815] kernel read not supported for file /adsp1 (pid: 5815 comm: kworker/0:4) [ 142.520110][ T6892] fido_id[6892]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 143.172226][ T6910] loop3: detected capacity change from 0 to 8 [ 143.328317][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 143.455431][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.378'. [ 143.549403][ T6919] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 143.960584][ T6935] loop3: detected capacity change from 0 to 256 [ 144.234604][ T6938] loop3: detected capacity change from 0 to 512 [ 144.258449][ T5815] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 144.288035][ T6938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.351152][ T6938] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.413719][ T6929] loop2: detected capacity change from 0 to 32768 [ 144.500184][ T5815] usb 1-1: unable to get BOS descriptor or descriptor too short [ 144.521105][ T5815] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 144.534667][ T6929] JBD2: Ignoring recovery information on journal [ 144.543093][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.582582][ T5815] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 144.604179][ T6929] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 144.626373][ T5815] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 144.668317][ T5815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.698950][ T5815] usb 1-1: Product: syz [ 144.703237][ T5815] usb 1-1: Manufacturer: syz [ 144.741754][ T5815] usb 1-1: SerialNumber: syz [ 144.783902][ T5815] usb 1-1: selecting invalid altsetting 1 [ 144.816928][ T5815] usb 1-1: unit 6 not found! [ 145.014999][ T5815] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 145.028975][ T5815] usb 1-1: USB disconnect, device number 3 [ 145.045891][ T5780] ocfs2: Unmounting device (7,2) on (node local) [ 145.111872][ T5952] udevd[5952]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 145.598579][ T5815] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 145.680315][ T6965] loop2: detected capacity change from 0 to 64 [ 145.725484][ T6965] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 145.798191][ T5815] usb 2-1: Using ep0 maxpacket: 16 [ 145.817815][ T5815] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 145.845230][ T5815] usb 2-1: config 1 has no interface number 0 [ 145.862844][ T6967] loop0: detected capacity change from 0 to 128 [ 145.868868][ T5815] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 145.894881][ T5815] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 145.919364][ T5815] usb 2-1: config 1 interface 105 has no altsetting 0 [ 145.942280][ T5815] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 145.988371][ T5815] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 145.996556][ T5815] usb 2-1: Product: syz [ 146.033059][ T5815] usb 2-1: Manufacturer: syz [ 146.037752][ T5815] usb 2-1: SerialNumber: syz [ 146.085744][ T6955] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 146.099174][ T6955] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 146.526921][ T6955] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 146.557964][ T6955] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 146.717562][ T6984] loop3: detected capacity change from 0 to 512 [ 146.780566][ T6984] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e000e018, mo2=0002] [ 146.789439][ T6984] System zones: 1-12 [ 146.797002][ T6984] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #12: comm syz.3.408: missing EA_INODE flag [ 146.818501][ T5815] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71 [ 146.835775][ T5815] aqc111: probe of 2-1:1.105 failed with error -71 [ 146.848813][ T5815] usb 2-1: USB disconnect, device number 4 [ 146.862017][ T6984] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.408: error while reading EA inode 12 err=-117 [ 146.877897][ T6984] EXT4-fs (loop3): 1 orphan inode deleted [ 146.914042][ T6984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.082227][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.809981][ T27] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 148.016310][ T6999] loop0: detected capacity change from 0 to 32768 [ 148.053759][ T27] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 148.084224][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.137579][ T27] usb 2-1: Product: syz [ 148.161509][ T27] usb 2-1: Manufacturer: syz [ 148.166206][ T27] usb 2-1: SerialNumber: syz [ 148.229917][ T27] usb 2-1: config 0 descriptor?? [ 148.289735][ T27] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 148.739542][ T7001] loop3: detected capacity change from 0 to 131072 [ 148.749920][ T7001] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0) [ 148.758337][ T7001] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 148.770375][ T7001] F2FS-fs (loop3): invalid crc value [ 148.817005][ T7001] F2FS-fs (loop3): Found nat_bits in checkpoint [ 148.888726][ T7001] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 148.895867][ T7001] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 149.124719][ T5816] usb 2-1: USB disconnect, device number 5 [ 149.547445][ T7013] loop5: detected capacity change from 0 to 1 [ 149.567897][ T7015] netlink: 8 bytes leftover after parsing attributes in process `syz.0.418'. [ 149.608324][ T7015] netlink: 52 bytes leftover after parsing attributes in process `syz.0.418'. [ 149.629433][ T3454] loop: Write error at byte offset 4, length 512. [ 149.675087][ C0] I/O error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 149.685750][ C0] Buffer I/O error on dev loop5, logical block 0, lost async page write [ 150.778424][ T5816] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 150.978831][ T5816] usb 3-1: Using ep0 maxpacket: 16 [ 151.006112][ T5816] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 151.037766][ T5816] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 151.068198][ T5816] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 151.098187][ T5816] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 151.127445][ T5816] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 151.169751][ T5816] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 151.197899][ T5816] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 151.218713][ T5816] usb 3-1: Manufacturer: syz [ 151.230398][ T5816] usb 3-1: config 0 descriptor?? [ 151.305780][ T7031] loop0: detected capacity change from 0 to 32768 [ 151.399008][ T7031] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 151.554692][ T7031] XFS (loop0): Ending clean mount [ 151.588183][ T5816] rc_core: IR keymap rc-hauppauge not found [ 151.604487][ T5816] Registered IR keymap rc-empty [ 151.610236][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 151.649413][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.668241][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 151.676200][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 151.721635][ T5816] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 151.726477][ T5784] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 151.777016][ T5816] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input12 [ 151.888732][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 151.948339][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.018289][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.068678][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.108478][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.169365][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.238293][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.282563][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.331617][ T7073] loop0: detected capacity change from 0 to 512 [ 152.348968][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.378576][ T5816] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 152.430635][ T5816] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 152.438785][ T5816] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 152.456549][ T5816] usb 3-1: USB disconnect, device number 7 [ 152.502071][ T7073] EXT4-fs (loop0): 1 orphan inode deleted [ 152.510151][ T7062] loop3: detected capacity change from 0 to 40427 [ 152.523172][ T7073] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.543180][ T3525] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 152.559852][ T7062] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 152.573141][ T3525] EXT4-fs error (device loop0): ext4_release_dquot:6989: comm kworker/u4:10: Failed to release dquot type 1 [ 152.593472][ T7062] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 152.637791][ T7073] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.661420][ T7062] F2FS-fs (loop3): Found nat_bits in checkpoint [ 152.884436][ T7062] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 152.913367][ T7062] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 152.939413][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.004752][ T7086] batadv_slave_0: entered promiscuous mode [ 153.062686][ T7086] batman_adv: batadv0: Adding interface: macvtap1 [ 153.073030][ T7086] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.104226][ T7086] batman_adv: batadv0: Interface activated: macvtap1 [ 153.157361][ T7091] loop0: detected capacity change from 0 to 256 [ 153.189902][ T7091] exfat: Deprecated parameter 'utf8' [ 153.255024][ T7091] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 153.381622][ T7096] loop2: detected capacity change from 0 to 256 [ 153.392152][ T7096] exfat: Deprecated parameter 'namecase' [ 153.405641][ T7096] exfat: Deprecated parameter 'utf8' [ 153.424097][ T7096] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xea424414, utbl_chksum : 0xe619d30d) [ 153.912129][ T7105] loop0: detected capacity change from 0 to 64 [ 153.999253][ T5784] hfs: node 4:3 still has 1 user(s)! [ 154.218893][ T7111] netlink: 80 bytes leftover after parsing attributes in process `syz.0.454'. [ 154.415127][ T7117] loop0: detected capacity change from 0 to 1024 [ 154.508621][ T28] audit: type=1800 audit(1781884224.770:9): pid=7117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.457" name="file1" dev="loop0" ino=3 res=0 errno=0 [ 154.627837][ T49] hfsplus: b-tree write err: -5, ino 3 [ 154.873475][ T7124] loop1: detected capacity change from 0 to 4096 [ 154.899357][ T7124] EXT4-fs: Ignoring removed i_version option [ 154.930921][ T7124] EXT4-fs: Ignoring removed orlov option [ 154.979618][ T7124] EXT4-fs (loop1): Test dummy encryption mode enabled [ 155.024055][ T7133] loop0: detected capacity change from 0 to 256 [ 155.062816][ T7124] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.175050][ T7133] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 155.225954][ T7133] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 155.293763][ T7133] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 155.316875][ T5776] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.489584][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.833052][ T7150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.470'. [ 155.937892][ T7153] loop0: detected capacity change from 0 to 16 [ 155.996740][ T7153] erofs: (device loop0): mounted with root inode @ nid 36. [ 156.086314][ T7153] erofs: (device loop0): erofs_find_target_block: corrupted dir block 8200 @ nid 36 [ 156.154922][ T7158] erofs: (device loop0): z_erofs_readahead: readahead error at folio 12 @ nid 36 [ 156.185075][ T7158] erofs: (device loop0): z_erofs_readahead: readahead error at folio 9 @ nid 36 [ 156.218207][ T7158] erofs: (device loop0): z_erofs_readahead: readahead error at folio 8 @ nid 36 [ 156.234226][ T7158] syz.0.472: attempt to access beyond end of device [ 156.234226][ T7158] loop0: rw=524288, sector=67108872, nr_sectors = 16 limit=16 [ 156.264512][ T7158] syz.0.472: attempt to access beyond end of device [ 156.264512][ T7158] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 156.525529][ T7162] loop2: detected capacity change from 0 to 1024 [ 156.635453][ T7162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.813934][ T7169] loop0: detected capacity change from 0 to 512 [ 156.869599][ T7169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.935129][ T7169] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 156.967820][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.055567][ T7155] loop1: detected capacity change from 0 to 32768 [ 157.065413][ T7155] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.473 (7155) [ 157.146889][ T7155] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 157.187281][ T7155] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 157.224978][ T7155] BTRFS info (device loop1): setting nodatasum [ 157.233365][ T7155] BTRFS info (device loop1): force zlib compression, level 3 [ 157.259814][ T7157] loop3: detected capacity change from 0 to 32768 [ 157.267675][ T7155] BTRFS info (device loop1): use zlib compression, level 3 [ 157.275382][ T7155] BTRFS info (device loop1): turning on flush-on-commit [ 157.289708][ T7155] BTRFS info (device loop1): enabling auto defrag [ 157.301586][ T5784] VFS: Lookup of 'ÿÿ' in ext4 loop0 would have caused loop [ 157.317589][ T7155] BTRFS info (device loop1): max_inline at 4096 [ 157.330510][ T5784] VFS: Lookup of 'ÿÿ' in ext4 loop0 would have caused loop [ 157.339704][ T7155] BTRFS info (device loop1): using free space tree [ 157.388587][ T7157] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 157.408456][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.555482][ T6305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.584331][ T7198] loop2: detected capacity change from 0 to 512 [ 157.606576][ T7155] BTRFS info (device loop1): enabling ssd optimizations [ 157.628837][ T7157] XFS (loop3): Ending clean mount [ 157.658379][ T7198] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 157.681981][ T7157] XFS (loop3): Quotacheck needed: Please wait. [ 157.747892][ T7198] EXT4-fs (loop2): orphan cleanup on readonly fs [ 157.758803][ T7198] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:512: comm syz.2.481: Block bitmap for bg 0 marked uninitialized [ 157.894116][ T7198] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 157.911444][ T7198] EXT4-fs (loop2): 1 orphan inode deleted [ 157.923248][ T7157] XFS (loop3): Quotacheck: Done. [ 157.931092][ T5776] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 157.949720][ T7198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 157.983073][ T7198] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 157.993962][ T7198] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 158.068866][ T5786] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 158.289300][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.688319][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.802418][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.915336][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.012775][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.161280][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.852150][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 159.873311][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 159.885387][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 159.897018][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 159.908347][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 159.915877][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 160.144516][ T7234] syz.2.494: vmalloc error: size 9223372036854775807, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 160.208306][ T7234] CPU: 1 PID: 7234 Comm: syz.2.494 Not tainted syzkaller #0 [ 160.215699][ T7234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 160.225828][ T7234] Call Trace: [ 160.229158][ T7234] [ 160.232226][ T7234] dump_stack_lvl+0x18c/0x250 [ 160.236956][ T7234] ? show_regs_print_info+0x20/0x20 [ 160.242212][ T7234] ? load_image+0x420/0x420 [ 160.246786][ T7234] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 160.253273][ T7234] ? cpuset_print_current_mems_allowed+0x2e7/0x360 [ 160.259945][ T7234] warn_alloc+0x246/0x340 [ 160.264360][ T7234] ? zone_watermark_ok_safe+0x230/0x230 [ 160.270008][ T7234] ? __mutex_trylock_common+0x160/0x270 [ 160.275665][ T7234] __vmalloc_node_range+0x129/0x1320 [ 160.281124][ T7234] ? tomoyo_path_number_perm+0x217/0x5e0 [ 160.286875][ T7234] ? rcu_is_watching+0x15/0xb0 [ 160.291717][ T7234] ? trace_contention_end+0x39/0xe0 [ 160.296996][ T7234] ? __mutex_lock+0x30d/0xc80 [ 160.301746][ T7234] ? tomoyo_path_number_perm+0x56b/0x5e0 [ 160.307446][ T7234] ? tomoyo_path_number_perm+0x217/0x5e0 [ 160.313155][ T7234] ? free_vm_area+0x50/0x50 [ 160.317717][ T7234] ? dvb_dvr_do_ioctl+0x12e/0x220 [ 160.322821][ T7234] vmalloc+0x79/0x90 [ 160.326758][ T7234] ? dvb_dvr_do_ioctl+0x12e/0x220 [ 160.331830][ T7234] dvb_dvr_do_ioctl+0x12e/0x220 [ 160.336819][ T7234] dvb_usercopy+0x195/0x2b0 [ 160.341367][ T7234] ? dvb_dvr_release+0x3e0/0x3e0 [ 160.346350][ T7234] ? dvb_generic_ioctl+0xb0/0xb0 [ 160.351343][ T7234] ? dvb_dvr_poll+0x230/0x230 [ 160.356057][ T7234] dvb_dvr_ioctl+0x29/0x30 [ 160.360512][ T7234] __se_sys_ioctl+0xfd/0x170 [ 160.365139][ T7234] do_syscall_64+0x55/0xb0 [ 160.369850][ T7234] ? clear_bhb_loop+0x40/0x90 [ 160.374582][ T7234] ? clear_bhb_loop+0x40/0x90 [ 160.379329][ T7234] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 160.385300][ T7234] RIP: 0033:0x7fc96499ce59 [ 160.389839][ T7234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 160.409478][ T7234] RSP: 002b:00007fc96588e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.417926][ T7234] RAX: ffffffffffffffda RBX: 00007fc964c15fa0 RCX: 00007fc96499ce59 [ 160.425926][ T7234] RDX: 7fffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 160.433928][ T7234] RBP: 00007fc964a32e6f R08: 0000000000000000 R09: 0000000000000000 [ 160.441928][ T7234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.449924][ T7234] R13: 00007fc964c16038 R14: 00007fc964c15fa0 R15: 00007ffe47449d38 [ 160.457936][ T7234] [ 160.516802][ T7234] Mem-Info: [ 160.520189][ T7234] active_anon:5944 inactive_anon:0 isolated_anon:0 [ 160.520189][ T7234] active_file:1298 inactive_file:40013 isolated_file:0 [ 160.520189][ T7234] unevictable:768 dirty:194 writeback:0 [ 160.520189][ T7234] slab_reclaimable:10602 slab_unreclaimable:91866 [ 160.520189][ T7234] mapped:24770 shmem:1366 pagetables:592 [ 160.520189][ T7234] sec_pagetables:0 bounce:0 [ 160.520189][ T7234] kernel_misc_reclaimable:0 [ 160.520189][ T7234] free:1361971 free_pcp:11986 free_cma:0 [ 160.575547][ T7234] Node 0 active_anon:23776kB inactive_anon:0kB active_file:5192kB inactive_file:159852kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99080kB dirty:776kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10472kB pagetables:2368kB sec_pagetables:0kB all_unreclaimable? no [ 160.620613][ T7234] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 160.677899][ T7234] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 160.767767][ T7234] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 160.779589][ T7234] Node 0 DMA32 free:1537844kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:24040kB inactive_anon:0kB active_file:5192kB inactive_file:159020kB unevictable:1536kB writepending:776kB present:3129332kB managed:2586936kB mlocked:0kB bounce:0kB free_pcp:29260kB local_pcp:18908kB free_cma:0kB [ 160.804923][ T7250] pim6reg0: tun_chr_ioctl cmd 1074025694 [ 160.844250][ T7234] lowmem_reserve[]: 0 0 0 0 0 [ 160.851135][ T7234] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 160.888991][ T7234] lowmem_reserve[]: 0 0 0 0 0 [ 160.893899][ T7234] Node 1 Normal free:3893948kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20452kB local_pcp:9888kB free_cma:0kB [ 160.927932][ T7234] lowmem_reserve[]: 0 0 0 0 0 [ 160.934304][ T7234] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 160.955943][ T7234] Node 0 DMA32: 333*4kB (UME) 326*8kB (ME) 241*16kB (ME) 120*32kB (UME) 221*64kB (UME) 87*128kB (UM) 43*256kB (UM) 42*512kB (UM) 34*1024kB (UME) 14*2048kB (UM) 343*4096kB (UM) = 1537844kB [ 161.021192][ T7234] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 161.039582][ T7234] Node 1 Normal: 225*4kB (UME) 45*8kB (UME) 33*16kB (UME) 72*32kB (UME) 29*64kB (UME) 7*128kB (UME) 2*256kB (UM) 1*512kB (E) 1*1024kB (E) 1*2048kB (E) 948*4096kB (M) = 3893948kB [ 161.063874][ T7234] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 161.074142][ T7234] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 161.098415][ T7234] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 161.111926][ T7234] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 161.121773][ T7234] 42666 total pagecache pages [ 161.126694][ T7234] 0 pages in swap cache [ 161.148538][ T7234] Free swap = 124460kB [ 161.152799][ T7234] Total swap = 124996kB [ 161.156998][ T7234] 2097051 pages RAM [ 161.178464][ T7234] 0 pages HighMem/MovableOnly [ 161.203055][ T7234] 416931 pages reserved [ 161.207333][ T7234] 0 pages cma reserved [ 161.279747][ T7259] loop3: detected capacity change from 0 to 64 [ 161.444558][ T7261] netlink: 36 bytes leftover after parsing attributes in process `syz.1.502'. [ 161.970721][ T51] Bluetooth: hci2: command tx timeout [ 162.221342][ T7227] chnl_net:caif_netlink_parms(): no params data found [ 162.283678][ T7284] loop2: detected capacity change from 0 to 256 [ 162.361944][ T7284] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x0f68ff13, utbl_chksum : 0xe619d30d) [ 162.662267][ T7227] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.702681][ T7227] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.712563][ T7227] bridge_slave_0: entered allmulticast mode [ 162.720533][ T7227] bridge_slave_0: entered promiscuous mode [ 162.729883][ T7227] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.740643][ T7227] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.748477][ T7227] bridge_slave_1: entered allmulticast mode [ 162.756653][ T7227] bridge_slave_1: entered promiscuous mode [ 162.947999][ T7227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.055004][ T7227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 163.064278][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 163.166267][ T49] hsr_slave_0: left promiscuous mode [ 163.187902][ T49] hsr_slave_1: left promiscuous mode [ 163.202109][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.233817][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.277823][ T9] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 163.291025][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.308258][ T9] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 163.317384][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.328690][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.344765][ T9] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 163.374600][ T49] bridge_slave_1: left allmulticast mode [ 163.398275][ T49] bridge_slave_1: left promiscuous mode [ 163.434321][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.457810][ T49] bridge_slave_0: left allmulticast mode [ 163.463740][ T49] bridge_slave_0: left promiscuous mode [ 163.470293][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.525866][ T7314] loop2: detected capacity change from 0 to 128 [ 163.570264][ T49] veth1_macvtap: left promiscuous mode [ 163.577275][ T49] veth0_macvtap: left promiscuous mode [ 163.610218][ T7314] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.627329][ T49] veth1_vlan: left promiscuous mode [ 163.639173][ T49] veth0_vlan: left promiscuous mode [ 163.673435][ T7314] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 163.834236][ T5780] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 164.056336][ T51] Bluetooth: hci2: command tx timeout [ 164.151584][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 164.338416][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 164.350386][ T8] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 164.367399][ T8] usb 4-1: config 0 has no interface number 0 [ 164.384749][ T8] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 164.395348][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.408012][ T8] usb 4-1: Product: syz [ 164.414923][ T8] usb 4-1: Manufacturer: syz [ 164.424188][ T8] usb 4-1: SerialNumber: syz [ 164.437873][ T8] usb 4-1: config 0 descriptor?? [ 164.461217][ T9] stv0680 2-1:4.0: Could not get descriptor 0200 [ 164.476101][ T8] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 164.666134][ T9] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 164.684203][ T9] stv0680 2-1:4.0: last error: 35, command = 0xc [ 164.704928][ T8] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 164.722541][ T9] usb 2-1: USB disconnect, device number 6 [ 164.744940][ T8] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 164.796798][ T49] team0 (unregistering): Port device team_slave_1 removed [ 164.913606][ T49] team0 (unregistering): Port device team_slave_0 removed [ 164.972799][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 165.042072][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 165.116898][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 165.120728][ T969] usb 4-1: USB disconnect, device number 6 [ 165.151266][ T969] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 165.174785][ T969] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 165.199888][ T969] quatech2 4-1:0.51: device disconnected [ 165.336242][ T7328] loop1: detected capacity change from 0 to 64 [ 165.393860][ T28] audit: type=1800 audit(1781884235.650:10): pid=7328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.520" name="file1" dev="loop1" ino=21 res=0 errno=0 [ 165.782362][ T49] bond0 (unregistering): Released all slaves [ 165.942438][ T7227] team0: Port device team_slave_0 added [ 165.970984][ T7227] team0: Port device team_slave_1 added [ 166.100746][ T7227] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.107789][ T7227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.139388][ T51] Bluetooth: hci2: command tx timeout [ 166.151639][ T7227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.176714][ T7227] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.214461][ T7227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.286570][ T7227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.324353][ T7336] netlink: 32 bytes leftover after parsing attributes in process `syz.1.524'. [ 166.546637][ T7227] hsr_slave_0: entered promiscuous mode [ 166.586136][ T7227] hsr_slave_1: entered promiscuous mode [ 166.604224][ T7227] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.641825][ T7227] Cannot create hsr debugfs directory [ 167.477060][ T7227] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 167.505054][ T7227] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 167.532705][ T7227] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 167.559873][ T7227] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 167.697855][ T7349] loop1: detected capacity change from 0 to 32768 [ 167.704804][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 167.739126][ T7349] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.528 (7349) [ 167.799102][ T7349] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 167.830545][ T7349] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 167.844958][ T7227] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.853232][ T7349] BTRFS info (device loop1): setting nodatasum [ 167.875747][ T7349] BTRFS info (device loop1): enabling auto defrag [ 167.896036][ T7349] BTRFS info (device loop1): disabling tree log [ 167.917456][ T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 167.936271][ T7349] BTRFS info (device loop1): using free space tree [ 167.944614][ T7227] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.951378][ T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 167.964726][ T8] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 167.988320][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 168.011723][ T8] usb 4-1: SerialNumber: syz [ 168.058823][ T3454] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.066044][ T3454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.146208][ T3454] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.153482][ T3454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.214607][ T51] Bluetooth: hci2: command tx timeout [ 168.235606][ T7349] BTRFS info (device loop1): enabling ssd optimizations [ 168.282417][ T7349] BTRFS info (device loop1): auto enabling async discard [ 168.318948][ T8] usb 4-1: 0:2 : does not exist [ 168.413131][ T8] usb 4-1: USB disconnect, device number 7 [ 168.483967][ T7361] loop2: detected capacity change from 0 to 32768 [ 168.496005][ T6286] udevd[6286]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 168.566430][ T7361] JBD2: Ignoring recovery information on journal [ 168.641643][ T7361] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 168.761328][ T5776] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 168.828640][ T5780] ocfs2: Unmounting device (7,2) on (node local) [ 169.265659][ T7227] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.733742][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.768697][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.775641][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.782585][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.789509][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.796384][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.803374][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.810290][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.817200][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 169.824147][ T7418] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2 [ 170.356484][ T7227] veth0_vlan: entered promiscuous mode [ 170.411070][ T7227] veth1_vlan: entered promiscuous mode [ 170.498225][ T7228] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 170.509791][ T7227] veth0_macvtap: entered promiscuous mode [ 170.538050][ T7227] veth1_macvtap: entered promiscuous mode [ 170.701884][ T7406] loop2: detected capacity change from 0 to 40427 [ 170.738451][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.750667][ T7228] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.768379][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.778989][ T7406] F2FS-fs (loop2): invalid crc value [ 170.798232][ T7228] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.798529][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.837656][ T7228] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 170.869050][ T7228] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.892508][ T7228] usb 2-1: config 0 descriptor?? [ 170.892900][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.928356][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 170.953256][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 170.995512][ T7227] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 171.082759][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.109617][ T7406] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 171.118059][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.157831][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.198244][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.212865][ T23] IPVS: starting estimator thread 0... [ 171.249989][ T7227] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.281032][ T7227] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.323928][ T5780] syz-executor: attempt to access beyond end of device [ 171.323928][ T5780] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 171.349646][ T7438] IPVS: using max 16 ests per chain, 38400 per kthread [ 171.360854][ T7227] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.395036][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.403983][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.412971][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.421436][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.445319][ T5780] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 171.458181][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.466097][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.475281][ T7228] hid-thrustmaster 0003:044F:B65D.0006: unknown main item tag 0x0 [ 171.489191][ T7228] hid-thrustmaster 0003:044F:B65D.0006: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0 [ 171.501598][ T7228] hid-thrustmaster 0003:044F:B65D.0006: Wrong number of endpoints? [ 171.533567][ T7227] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.566230][ T7227] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.593430][ T7227] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.618612][ C1] hid-thrustmaster 0003:044F:B65D.0006: Unknown wheel's model id 0x0, unable to proceed further with wheel init [ 171.630834][ T7227] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.840763][ T7228] usb 2-1: USB disconnect, device number 7 [ 171.996386][ T3454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.026706][ T3454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.105926][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.126301][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.231854][ T7453] loop3: detected capacity change from 0 to 256 [ 172.335531][ T7453] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 173.483853][ T7491] netlink: 40 bytes leftover after parsing attributes in process `syz.4.559'. [ 173.562541][ T7493] loop2: detected capacity change from 0 to 2048 [ 173.652578][ T7493] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 174.443773][ T7517] loop2: detected capacity change from 0 to 512 [ 175.117849][ T7537] loop2: detected capacity change from 0 to 256 [ 175.203290][ T7537] FAT-fs (loop2): Directory bread(block 64) failed [ 175.248451][ T7537] FAT-fs (loop2): Directory bread(block 65) failed [ 175.280488][ T7537] FAT-fs (loop2): Directory bread(block 66) failed [ 175.287190][ T7537] FAT-fs (loop2): Directory bread(block 67) failed [ 175.318605][ T7537] FAT-fs (loop2): Directory bread(block 68) failed [ 175.339284][ T7537] FAT-fs (loop2): Directory bread(block 69) failed [ 175.373922][ T7537] FAT-fs (loop2): Directory bread(block 70) failed [ 175.383171][ T7541] Bluetooth: MGMT ver 1.22 [ 175.402315][ T7537] FAT-fs (loop2): Directory bread(block 71) failed [ 175.428367][ T7537] FAT-fs (loop2): Directory bread(block 72) failed [ 175.465976][ T7537] FAT-fs (loop2): Directory bread(block 73) failed [ 175.774280][ T7523] loop3: detected capacity change from 0 to 32768 [ 175.932252][ T7523] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 176.087137][ T7523] [ 176.089573][ T7523] ====================================================== [ 176.096732][ T7523] WARNING: possible circular locking dependency detected [ 176.103831][ T7523] syzkaller #0 Not tainted [ 176.108291][ T7523] ------------------------------------------------------ [ 176.115357][ T7523] syz.3.570/7523 is trying to acquire lock: [ 176.121389][ T7523] ffff88802e599818 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_evict_inode+0x1daa/0x41a0 [ 176.134184][ T7523] [ 176.134184][ T7523] but task is already holding lock: [ 176.141591][ T7523] ffff88805d5ca658 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}, at: ocfs2_evict_inode+0x2d0a/0x41a0 [ 176.154299][ T7523] [ 176.154299][ T7523] which lock already depends on the new lock. [ 176.154299][ T7523] [ 176.165251][ T7523] [ 176.165251][ T7523] the existing dependency chain (in reverse order) is: [ 176.174328][ T7523] [ 176.174328][ T7523] -> #2 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}: [ 176.184730][ T7523] down_write+0x97/0x200 [ 176.189556][ T7523] ocfs2_del_inode_from_orphan+0x12f/0x7b0 [ 176.196965][ T7523] ocfs2_dio_end_io+0x107a/0x13f0 [ 176.202933][ T7523] dio_complete+0x24c/0x710 [ 176.208200][ T7523] __blockdev_direct_IO+0x2c42/0x32e0 [ 176.214260][ T7523] ocfs2_direct_IO+0x235/0x2a0 [ 176.220393][ T7523] generic_file_direct_write+0x1c9/0x3e0 [ 176.226607][ T7523] __generic_file_write_iter+0x11b/0x230 [ 176.232797][ T7523] ocfs2_file_write_iter+0x1724/0x1ef0 [ 176.239006][ T7523] do_iter_write+0x747/0xc50 [ 176.244479][ T7523] do_pwritev+0x242/0x3a0 [ 176.249462][ T7523] do_syscall_64+0x55/0xb0 [ 176.254548][ T7523] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 176.261305][ T7523] [ 176.261305][ T7523] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 176.271946][ T7523] down_write+0x97/0x200 [ 176.276846][ T7523] ocfs2_reserve_suballoc_bits+0x171/0x44a0 [ 176.283305][ T7523] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 176.290192][ T7523] ocfs2_mknod+0xea5/0x2310 [ 176.295260][ T7523] ocfs2_mkdir+0x196/0x430 [ 176.300334][ T7523] vfs_mkdir+0x2a5/0x470 [ 176.305177][ T7523] do_mkdirat+0x1dc/0x450 [ 176.310058][ T7523] __x64_sys_mkdirat+0x89/0xa0 [ 176.315384][ T7523] do_syscall_64+0x55/0xb0 [ 176.320452][ T7523] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 176.327106][ T7523] [ 176.327106][ T7523] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 176.338310][ T7523] __lock_acquire+0x37ef/0x7d80 [ 176.343736][ T7523] lock_acquire+0x19e/0x420 [ 176.349183][ T7523] down_write+0x97/0x200 [ 176.354018][ T7523] ocfs2_evict_inode+0x1daa/0x41a0 [ 176.359800][ T7523] evict+0x4b7/0x8a0 [ 176.364260][ T7523] do_unlinkat+0x38c/0x590 [ 176.369514][ T7523] __x64_sys_unlink+0x49/0x50 [ 176.374765][ T7523] do_syscall_64+0x55/0xb0 [ 176.379780][ T7523] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 176.386331][ T7523] [ 176.386331][ T7523] other info that might help us debug this: [ 176.386331][ T7523] [ 176.396679][ T7523] Chain exists of: [ 176.396679][ T7523] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type] [ 176.396679][ T7523] [ 176.418331][ T7523] Possible unsafe locking scenario: [ 176.418331][ T7523] [ 176.426308][ T7523] CPU0 CPU1 [ 176.431815][ T7523] ---- ---- [ 176.437210][ T7523] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]); [ 176.444390][ T7523] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2); [ 176.454796][ T7523] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]); [ 176.464467][ T7523] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 176.471806][ T7523] [ 176.471806][ T7523] *** DEADLOCK *** [ 176.471806][ T7523] [ 176.479997][ T7523] 3 locks held by syz.3.570/7523: [ 176.485052][ T7523] #0: ffff88805c962418 (sb_writers#24){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 176.494374][ T7523] #1: ffff8880600acbd0 (&osb->nfs_sync_rwlock){.+.+}-{3:3}, at: ocfs2_nfs_sync_lock+0x107/0x270 [ 176.504962][ T7523] #2: ffff88805d5ca658 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}, at: ocfs2_evict_inode+0x2d0a/0x41a0 [ 176.517710][ T7523] [ 176.517710][ T7523] stack backtrace: [ 176.523629][ T7523] CPU: 1 PID: 7523 Comm: syz.3.570 Not tainted syzkaller #0 [ 176.530958][ T7523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 176.541058][ T7523] Call Trace: [ 176.544373][ T7523] [ 176.547336][ T7523] dump_stack_lvl+0x18c/0x250 [ 176.552062][ T7523] ? load_image+0x420/0x420 [ 176.556689][ T7523] ? show_regs_print_info+0x20/0x20 [ 176.561957][ T7523] ? print_circular_bug+0x12b/0x1a0 [ 176.567213][ T7523] check_noncircular+0x2fc/0x400 [ 176.572245][ T7523] ? print_deadlock_bug+0x5d0/0x5d0 [ 176.577481][ T7523] ? lockdep_lock+0xf5/0x230 [ 176.582111][ T7523] ? _find_first_zero_bit+0xd6/0x100 [ 176.587433][ T7523] __lock_acquire+0x37ef/0x7d80 [ 176.592328][ T7523] ? verify_lock_unused+0x140/0x140 [ 176.597574][ T7523] ? __lock_acquire+0x7d80/0x7d80 [ 176.602630][ T7523] ? verify_lock_unused+0x140/0x140 [ 176.607864][ T7523] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 176.613540][ T7523] ? do_raw_spin_lock+0x11f/0x2b0 [ 176.618661][ T7523] ? mutex_unlock+0x10/0x10 [ 176.623213][ T7523] lock_acquire+0x19e/0x420 [ 176.627774][ T7523] ? ocfs2_evict_inode+0x1daa/0x41a0 [ 176.633187][ T7523] ? ocfs2_get_system_file_inode+0x1f1/0x820 [ 176.639355][ T7523] ? __might_sleep+0xe0/0xe0 [ 176.643999][ T7523] ? read_lock_is_recursive+0x20/0x20 [ 176.649435][ T7523] ? ocfs2_fast_symlink_read_folio+0x550/0x550 [ 176.655665][ T7523] ? ocfs2_evict_inode+0x1832/0x41a0 [ 176.660997][ T7523] down_write+0x97/0x200 [ 176.665293][ T7523] ? ocfs2_evict_inode+0x1daa/0x41a0 [ 176.670624][ T7523] ? down_read_killable+0x340/0x340 [ 176.675876][ T7523] ocfs2_evict_inode+0x1daa/0x41a0 [ 176.681078][ T7523] ? print_deadlock_bug+0x5d0/0x5d0 [ 176.686345][ T7523] ? ocfs2_sync_blockdev+0x40/0x40 [ 176.691508][ T7523] ? is_bpf_text_address+0x28f/0x2a0 [ 176.696839][ T7523] ? is_bpf_text_address+0x26/0x2a0 [ 176.702132][ T7523] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 176.708256][ T7523] ? kernel_text_address+0xa0/0xd0 [ 176.713411][ T7523] ? __kernel_text_address+0xd/0x30 [ 176.718656][ T7523] ? unwind_get_return_address+0x91/0xc0 [ 176.724331][ T7523] ? stack_trace_save+0x100/0x100 [ 176.729446][ T7523] ? arch_stack_walk+0x160/0x190 [ 176.734659][ T7523] ? mark_lock+0x94/0x320 [ 176.739042][ T7523] ? __lock_acquire+0x1336/0x7d80 [ 176.744115][ T7523] ? __lock_acquire+0x1336/0x7d80 [ 176.749185][ T7523] ? verify_lock_unused+0x140/0x140 [ 176.754447][ T7523] ? inode_wait_for_writeback+0x1e3/0x230 [ 176.760235][ T7523] ? __lock_acquire+0x7d80/0x7d80 [ 176.765310][ T7523] ? do_raw_spin_lock+0x11f/0x2b0 [ 176.770400][ T7523] ? __rwlock_init+0x150/0x150 [ 176.775217][ T7523] ? do_raw_spin_unlock+0x121/0x230 [ 176.780470][ T7523] ? _raw_spin_unlock+0x28/0x40 [ 176.785370][ T7523] ? inode_wait_for_writeback+0x1e3/0x230 [ 176.791137][ T7523] ? evict+0x482/0x8a0 [ 176.795266][ T7523] ? sb_clear_inode_writeback+0x330/0x330 [ 176.801028][ T7523] ? do_raw_spin_lock+0x11f/0x2b0 [ 176.806143][ T7523] ? bit_waitqueue+0x30/0x30 [ 176.810777][ T7523] ? do_raw_spin_unlock+0x121/0x230 [ 176.816044][ T7523] ? ocfs2_sync_blockdev+0x40/0x40 [ 176.821203][ T7523] evict+0x4b7/0x8a0 [ 176.825154][ T7523] ? __lock_acquire+0x7d80/0x7d80 [ 176.830223][ T7523] ? proc_nr_inodes+0x230/0x230 [ 176.835120][ T7523] ? do_raw_spin_unlock+0x121/0x230 [ 176.840374][ T7523] ? _raw_spin_unlock+0x28/0x40 [ 176.845274][ T7523] do_unlinkat+0x38c/0x590 [ 176.849735][ T7523] ? fsnotify_link_count+0xf0/0xf0 [ 176.854907][ T7523] ? getname_flags+0x20a/0x500 [ 176.859759][ T7523] __x64_sys_unlink+0x49/0x50 [ 176.864492][ T7523] do_syscall_64+0x55/0xb0 [ 176.868994][ T7523] ? clear_bhb_loop+0x40/0x90 [ 176.873740][ T7523] ? clear_bhb_loop+0x40/0x90 [ 176.878530][ T7523] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 176.884481][ T7523] RIP: 0033:0x7f178819ce59 [ 176.888934][ T7523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 176.908603][ T7523] RSP: 002b:00007f1788f77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 176.917127][ T7523] RAX: ffffffffffffffda RBX: 00007f1788415fa0 RCX: 00007f178819ce59 [ 176.925143][ T7523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040 [ 176.933147][ T7523] RBP: 00007f1788232e6f R08: 0000000000000000 R09: 0000000000000000 [ 176.941165][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 176.949201][ T7523] R13: 00007f1788416038 R14: 00007f1788415fa0 R15: 00007ffd888b3a18 [ 176.957225][ T7523] [ 177.209362][ T5786] ocfs2: Unmounting device (7,3) on (node local) [ 177.547814][ T7556] loop4: detected capacity change from 0 to 40427 [ 177.564831][ T7556] F2FS-fs (loop4): invalid crc value [ 177.590737][ T7556] F2FS-fs (loop4): Found nat_bits in checkpoint [ 177.670156][ T7556] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5