last executing test programs:

9.145333319s ago: executing program 2:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
pwrite64(r0, &(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000080)=0x1)

8.667893317s ago: executing program 0:
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\n'], 0x0, 0x0})

7.516920925s ago: executing program 2:
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4044, &(0x7f0000000300)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b170000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e62b1103ec49fc3d1214efebb15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddf914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a4026c56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf60a17142db60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9071d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e031cce6d7e3882941a3a5157e666a8ad60ea41cc1cbc68862905ff2197f7f06cb6bcfe65222cb1ba17114b73eb7ca38768027c"], 0xff, 0x5e15, &(0x7f000000c740)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAELkJDX2JpMIoMDyDaIRBaeyAvEBngE2GTDIq/AA+QZEA+ApRlWWRAK1cw5dk1Nj3uMPV3dc34/aVz11emaPuX/1FT3VFWfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADiB9//ydleRFz9TVpwNOJzMYjoRyzX9YmoZy7nxw8j4lhsNccLETFYjKjX3/rnuYgLEfHJkYiNzTur9eJz++zHxTO3b372w+/94/d/unfsZ2//9KN2+48/f/7jP9yNOPqjNz7+7O7T2XYAAAAoRVVVVS+9zT+e3t/3u+4UADAV+fhfJXm5Wq1Wq59q/cf+bPVHXWjdVI13t1lExHpznfo1g9PxADBn1uPTrrtAh+RftGFEPNN1J4CZ1uu6AxyIjc07q72Ub695PDix3Z7/Trkj//Xeg/s79ppO0r7GZFo/X/diEM/v0Z/lKfVhluT8++38r263j9LjDjr/adkr/9H2rU/FyfkP2vm37Mj/zxExt/n3x+Zfqpz/8HHyXx/M8f4vfwAAAAAADr/89/+jHZ//XXzyTdmXR53/PTGlPgAAAAAAAADA0/ak4/89YPw/AAAAmFn1e/XaX448XLbXZ7HVy6/0Ip5tPR4oTLpZZqXrfgAAAAAAAAAAAABASYbb1/Be6UUsRMSzKytVVdVfTe36cT3p+vOu9O2HknX9Sx4AALZ9cqR1L38vYikirqTP+ltYWVmpqqXllWqlWl7Mr2dHi0vVcuN9bZ7WyxZH+3hBPBxV9TdbaqzXNOn98qT29vern2tUDfbRsenoMHAAiIjto9GGI9IhU1XPRdevcpgP9v/Dx/7PfnT9cwoAAAAcvKqqql76OO/j6Zx/v+tOAQBTkY//7fMCarVarVarD1/dVI13t1lExHpznfo1g+H4AWDOrMenXXeBDsm/aMOIONZ1J4CZ1uu6AxyIjc07q72Ub695PEjju+drQXbkv97bWi+vP246Sfsak2n9fN2LQTy/R39emFIfZknOv9/O/+p2+yg97qDzn5a98q+382gH/elazn/Qzr/l8OTfH5t/qXL+w8fKfyB/AAAAAACYYfnv/0ed/82bDAAAAAAAAABzZ2Pzzmq+7zWf///imMf1mnPu/zw0cv69fefv/t/DJOffb+ffuiBn0Ji//9bD/P+9eWf1o9v/+kKeznz+C4NR/dwLvf5gmK75qRbeietxI9bizK7HD3e0n93VvrCj/dyE9vO72kd1+3JuPxWr8cu4EW8/aF+ccGHU0oT2akJ7zn9g/y9Szn/Y+KrzX0ntvda0dv/D/q79vjkd9zyX//afl3fvXdN3LwYPtq2p3r6THfRn6//kmVH8+tbazVO/vXb79s2zkSY7lp6LNHnKcv4L6Svn/8pL2+35935zf73/4eix858V92K4Z/4vNebr7X11yn3rQs5/lL5y/vkINH7/n+f8997/X+ugPwAAAAAAAAAAAAAAAPAoVVVt3SJ6OSIupft/uro3EwCYrnz8r5K8XK1Wq9Vq9eGrm6rx3mwWEfH35jr1a4bfjftmAMAs+29E/LPrTtAZ+Rcsf95fPf1S150BpurW+x/8/NqNG2s3b3XdEwAAAAAAAADg/5XH/zzRGP956zqg1rjRO8Z/fStOzO34n/3RYGus87RBL8ajx/8+GY8e/3s44fkWJrSPJrQvTmhfmtA+9kaPhpz/iynjnP/xtGEljf/6Sgf96VrO/2Qa6znn/5XW45r5V3+d5/z7O/I/ffu9X52+9f4Hr19/79q7a++u/eLsmUsXzl+8cP7ixdPvXL+xdmb73w57fLBy/nnsa9eBliXnnzOXf1ly/l9OtfzLkvN/OdXyL0vOP7/ek39Zcv75vY/8y5LzfzXV8i9Lzv+rqZZ/WXL+r6Va/mXJ+X8t1fIvS87/9VTLvyw5/1Opln9Zcv6nUy3/suT88xku+Zcl55+vbJB/WXL+51It/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/66mWf1ly/t9ItfzLkvN/I9XyL0vO/5upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8v5tq+Zcl5/9mquVfloef/2/GjBkzeabr30wAAAAAAAAAAAAAQNs0LifuehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd28xcpb3/cDfPdlrQ8D/cCYO2OZkYGF3fQKHGEwS8qekB0pC2rSkxrHXxolP9a45CdWbQluiIBWpvaAXTZMojSK1FahK1VSiEVIjtXfNVSNuolbKhS+gclBSKVVgq3fmeR7PzM7OrA9jZt7n80H2z7vzvjPPvPPO7H4XfWcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGq3/+MyfDBVFUf6p/bWmKC4u/72q2Fl+OL/t/V4hAAAAcK7erf39t5emT+xcxk4N2/zrdf/+3YWFhYXiC++cfO/PFhbSBeuKYmRlUdQui/7tFz9faNwmeL4YHxpu+Hi4y82PdLl8tMvlY10uX9Hl8pVdLh/vcvmiA7DIqvrPY2pXdmPtn2vqh7S4vBirXXZjm72eH1o5PBx/llMzVNtnYWxfcaA4WMwUU4v2Gar9VxSvry9v68Ei3tZww22tLYri1E+f2xPXMBSO8Y1F043VND52b99frHvnp8/t+fbcW9e0m10Pw6KVFsXGDeU6XyiK0z+uKoaKlemYxHUON6xzbZt1jjStc6i2X/nv1nWeWuY64/0eD+v8YYd1rg2fe/qGoijmiyW3afV8MVysbrnVdLzH62dEeR3lQ/nBYvSMzpP1yzhPyn1+ckPzedJ6Tsbjvz4ck9El1tD4cLz95RWLjvvZniflve6Hc7W87ofLGx0fb/zRatO5Wm7z3E1LnwNtH7s250A6lxvOgQ3dzoHhFSO1c2D49Jo3NJ0D04v2GS6Gard18qbO58Dk3KGjk7PPPHvHgUO798/snzk8PbVty+atWzZv3Tq578DBman632d2SAfI6mI4nYMbwmtNPAdvadm28ZRc+Mb5ex6M98nzoLzvn7m5XNDFw8US53i5zQsbz/15kL7uNzwPRhueB21fU9s8D0aX8Twotzm1cXlfM0cb/rRbQ69eC9c0nAPv59fD8jYfu3Xp18K1YV0v3namXw9HFp0D8W4Nhede+Zn0/d743eG4LD4vri0vuGhFcXx25tidT++emzs2XYRxQVzW8Fi1ni+rG+5Tseh8GT7j82Xn3/zy5mvbfH5NOFbjt3d+rMpttkx0fqxqr+7tj2fTZzcVYZxnF/p4tvtqVh7PlCU6HM9ymxfuOPfvBVMuaXj9G+v2+jcyNlp//RtJR2Os6fVv8UMzUltZUZy6Y3mvf2Phz4V+/bu8T17/ymP12J2dz4Fymxcnz/QcGO34+ndDmENhPbeGxDDekPvfq10+Xz9NGx7LrufN6OhYOG9G4y02nzebF+1TXlt52xunzu682XhD82PV9H1LBc+b8lj9+VTn86bc5o3pc3/tWBX/2fDasaLbOTA2sqJc71g6Ceqvdwur4jlwZ7GnOFIcLPamfcpHubytiU3LOwdWhD8X+rXj6j45B8pj9cqmzudAuc0PNp/f7502hs+kbRq+d2r9+cJSmf/a0dPX13rYznfmL9f5iS2dfzZUbvPWljPNGZ2P0+3hMxe1OU6tz5+lzum9xYU5TleHdR7c2vlnU+U2l29b5vm0syiKN6ffrP28K/x89++P/8d3m37u2+5nym9Ov/nQ5CM/OpP1AwBw9t6r/T2/ov69ZsP/sV7O//8HAAAABkLM/cNhJvI/AAAAVEbM/SNhJvI/AAAAVEbM/aNhJpnk/yfu3v7quyeK9G6AC0G8PB6Gh++tbxc73vPh43ULp5Wf/9i3xl79yonl3fZwURS/fOhDbbd/4t64rrqjcZ0faf78Ildfv6zbf/zR09s1vn/Cqe3164/3Z7mnQewqvz65qXa9656Zrs03Hipq85H5F5+vX3/947j9yc317f8yvGnJzn1DTftvDOu5Mcx14T1lHt55+jiUM+736trr/uWyz56+vbjf0IZLanfzlT+oX298j6iXL6tvH+/3Uuv/569+59Vy+6dvar/+E8Pt138yXO9PwvzFjvr2jcf8Kw3r/6Ow/nh7cb87v/n9tut/7ar69q+F8+LrYbau//4//fC77R6veDs776nvF29/6n+21PaL1xevv3X94yemm45H6/W/8U79enY8+bORxu3j5+PtRI/f03x+D4XHt6lHXhTFd/64aDrOxUfr+/1Ty/rj9R29p/36b29Z59Gh62v7n74/a5ru19f+elPb+xvXs/Pv1jTdn5cfCMfvnckflNd78pFwPobL//eH9etrfS/T1x5ofr2J2399Tf15G69vsmX9L7esf/768th1X/+D79TX/9p9K5vWv/OT4Xx6sD67rX//X13atP83vl1/PI49NXH4yOzxA3sbjmrj83jl+KrVF138gUsuDa+lrR/vOjL3xMyxdVPrpopi3QC+ZWCv1//NMP+7PubP/y3U/ehn9fPupU/Vv27d8vP6xy+Hzz8eHs/49fFrfzHWdL62Pu7z99Xnua7/trCO5brqq/91/bI2PPn514//4x++1fp9Qbw/R68Yr92/V9ZfWbts6I365a2vV9385xXNz+sfj07V5vfCcV0I78y84cr67bVef3xvkpc+XX/+xu/k4v5Fy/uJrBlpvh/nuv4fh+9jvn918+tfPD++d6Ll3ZzXFEPlEubD60MxX788bhWP90unrmx7e/F9eIr5a85kmUuafWZ28uCBw8efnpybmZ2bnH3m2V2Hjhw/PLer9t6lu77Ybf/Tz+/Vtef33pltW4ras/1IffTY+73+o4/u2XvX1M17Z/btPr5v7tGjM8f275md3TOzd/bm3fv2zTzVbf8De3dMb9q++a5NE/sP7N1x9/btm7dPHDh8pFxGfVFdbJv60sThY7tqu8zu2LJ9euvWLVMTh47sndlx19TUxPFu+9e+Nk2Uez85cWzm4O65A4dmJmYPPDuzY3r7tm2bur7746Gj+2bXTR47fnjy+OzMscn6fVk3V/t0+bWv2/7kYfZIeL1rMRS+O//c7dvS++OWvvXlJa+qvknzt6fF2+G9oOLXt24fx9w/FmaSSf4HAACAHMTcH974//QF8j8AAABURsz9K8NM5H8AAACojJj7x8NMMsn/+v/6//r/+v/6/4PX/289Zv1M/1//vxP9f/3/QV6//r/+P931W/8/5v5VRZFl/gcAAIAcxNy/OsxE/gcAAIDKiLn/ojAT+R8AAAAqI+b+i8NMMsn/+v/6//r/nfr/cVv9/0L/v6/6/4NE/1//vxP9f/3/QV5/H/b/V+n/02/6rf8fc/8Hwkwyyf8AAACQg5j7Lwkzkf8BAACgMmLuvzTMRP4HAACAyoi5f02YSSb5X/9f/1//3+//1//X/+8l/X/9/070//X/B3n9fdj/9/v/6Tv91v+Puf//hZlkkv8BAAAgBzH3fzDMRP4HAACAyoi5/7IwE/kfAAAAKiPm/svDTDLJ//r/+v/6//r/+v/6/72k/6//34n+v/7/IK9f/1//n+76rf8fc/8VYSaZ5H8AAADIQcz9V4aZyP8AAABQGTH3XxVmIv8DAABAZcTcf3WYSSb5X/9f/1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7r8mzCST/A8AAAA5iLn/2jAT+R8AAAAqI+b+D4WZyP8AAABQGTH3rw0zyST/6//r/+v/6//r/+v/99Jg9f+Hl7xE/79O/7+Z/r/+v/6//j+d9Vv/P+b+D4eZZJL/AQAAIAcx918XZiL/AwAAQGXE3H99mIn8DwAAAJURc/+6MJNM8r/+v/6//r/+v/6//n8vDVb/f2n6/3X6/830//X/9f/1/+ms3/r/MfevDzPJJP8DAABADmLu3xBmIv8DAABAZcTcf0OYifwPAAAAlRFz/41hJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/6//T3f91v+Puf+mMJNM8j8AAADkIOb+m8NM5H8AAACojJj7bwkzkf8BAACgMmLu3xhmkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36//r/dNdv/f+Y+28NM8kk/wMAAEAOYu6/LcxE/gcAAIDKiLn/9jAT+R8AAAAqI+b+iTCTTPK//r/+v/6//r/+v/5/L+n/6/93ov+v/z/I69f/1/+nu37r/8fcf0eYSSb5HwAAAHIQc/+dYSbyPwAAAFRGzP2TYSbyPwAAAFRGzP1TYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9E/1//f5DXr/+v/093/db/j7l/Oswkk/wPAAAAOYi5f1OYifwPAAAAlRFz/+YwE/kfAAAAKiPm/i1hJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/6//T7PhNp/rt/5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xVmIv8DAABAZcTcf3eYSSb5X/9f/1//X/9f/1//v5f0//X/O9H/r2b/v7wP+v/6/932Jw/91v+PuX97mEkm+R8AAAByEHP/R8JM5H8AAACojJj77wkzkf8BAABgoLT7PYRRzP0fDTPJJP/r/1e9/7+wUv9f/1//v/P69f97S/9f/78T/f9q9v/9/n/9f/1/on7r/8fcvyPMJJP8DwAAADmIuf/eMBP5HwAAACoj5v77wkzkfwAAAKiMmPt3hplkkv/1/6ve//f7//X/9f+7rV//v7f0//X/O9H/H8z+f/i2Rf+/j/r/5Tmk/08/6rf+f8z994eZZJL/AQAAIAcx938szET+BwAAgMqIuf/jYSbyPwAAAFRGzP2fCDPJJP/r/+v/6//r/+v/6//3kv6//n8n+v+D2f+P9P/7p//v9//Tr/qt/x9z/wNhJpnkfwAAAMhBzP2fDDOR/wEAAKAyYu7//2Em8j8AAABURsz9D4aZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/l8JM8kk/wMAAEAOYu5/KMxE/gcAAIDKiLn/U2Em8j8AAABURsz9vxpmkkn+1/+/MP3/4XT9+v/6//r/+v/6/+eT/r/+f6H/f9be7/78oK9f/1//n+76rf8fc/+vhZlkkv8BAAAgBzH3/3qYifwPAAAAlRFz/2+Emcj/AAAAUBkx9z8cZpJJ/tf/9/v/9f/1/8+6/79womk9+v/6/+3o/+v/d6L/r/8/yOvX/9f/p7t+6//H3P+bYSaZ5H8AAADIQcz9j4SZyP8AAABQGTH3fzrMRP4HAACAyoi5/zNhJpnkf/1//X/9f/1/v/9f/7+X9P/1/zvR/9f/H+T16//r/9Ndv/X/Y+5/NMwkk/wPAAAAOYi5/7NhJvI/AAAAVEbM/b8VZiL/AwAAQGXE3P/bYSaZ5H/9f/1//X/9f/1//f9e0v9f3P8vX8P0/+v0//X/B3n9+v/6/3TXb/3/mPs/F2aSSf4HAACAHMTc/zthJvI/AAAAVEbM/b8bZiL/AwAAQGXE3P9YmEkm+V//X/9f/1//X/9f/7+XLkT/f3TA+v9+//9p+v/6/4O8fv1//X+667f+f8z9nw8zyST/AwAAQA5i7v+9MBP5HwAAACoj5v5dYSbyPwAAAFRGzP2Ph5lkkv/1//X/9f/1//X/9f97ye//1//vRP9f/3+Q16//r/9P8A8zS17Ub/3/mPt3h5lkkv8BAAAgBzH3fyHMRP4HAACAyoi5f0+YifwPAAAAlRFz/94wk0zyf3b9//rd1P8Pt6//r/9f6P/r//eY/r/+fyf6//r/g7x+/X/9f7rrt/5/zP0zYSaZ5H8AAADIQcz9+8JM5H8AAACojJj794eZyP8AAABQGTH3PxFmkkn+z67/H+j/1+n/6/8X+v/6/z2m/9+j/n84t/X/6/T/z8773Z8f9PXr/+v/012/9f9j7j8QZpJJ/gcAAIAcxNz/xTAT+R8AAAAqI+b+L4WZyP8AAABQGTH3HwwzyST/6//r/+v/6//r/+v/95L+v9//34n+v/7/IK9f/1//n+76rf8fc/+hMJNM8j8AAADkIOb+w2Em8j8AAABURsz9R8JM5H8AAACojJj7j4aZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/t8PM8kk/wMAAEAOYu4/FmYi/wMAAEBlxNw/G2Yi/wMAAEBlxNw/F2aSSf7X/9f/1//X/9f/1//vJf1//f9O9P/1/wd5/fr/+v9012/9/5j7j4eZZJL/AQAAIAcx9z8ZZiL/AwAAQGXE3P9UmIn8DwAAAJURc//TYSaZ5H/9f/1//f//Y+8ucwVLizgONxACCWExrIAlsAaWgbsM7u7u7u7u7u4wMLgmkDBVNRPSc86dhsN9T9XzfKmRTvpN7ofOP51fjv5f/6//P5L+X/+/Rf+v/z/z+/X/+n/2rdb/5+6/R9wyZP8DAADABLn77xm32P8AAADQRu7+e8Ut9j8AAAC0kbv/3nHLkP2v/9f/6//1//p//f+R9P/6/y36f/3/md+v/9f/s2+1/j93/33iliH7HwAAACbI3X/fuMX+BwAAgDZy998vbrH/AQAAoI3c/fePW4bsf/2//l//r//X/+v/j6T/1/9v0f/r/8/8fv2//p99q/X/ufsfELcM2f8AAAAwQe7+B8Yt9j8AAAC0kbv/QXGL/Q8AAABt5O5/cNwyZP/r//X/+n/9v/5f/38k/b/+f4v+X/9/5vfr//X/7Fut/8/d/5C4Zcj+BwAAgAly9z80brH/AQAAoI3c/Q+LW+x/AAAAaCN3/8PjliH7X/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ff4f3/3a77971o/5+7/7q4Zcj+BwAAgAly9z8ibrH/AQAAoI3c/Y+MW+x/AAAAaCN3/6PiliH7X/+v/7+p///nbfT/+n/9/03/Xf//v6H/1/9v0f/r/8/8fv2//p99h/f/O73/f/577v5Hxy1D9j8AAABMkLv/MXGL/Q8AAABt5O5/bNxi/wMAAEAbufsfF7cM2f/6f/2/7//r//X/+v8j6f/1/1v0//r/M79/q/+/6wXer/9ngtX6/9z9j49bhux/AAAAmCB3/xPiFvsfAAAA2sjd/8S4xf4HAACANnL3PyluGbL/9f/6f/2//l//r/8/kv5f/79F/6//P/P7ff9f/8++1fr/3P1PjluG7H8AAACYIHf/U+IW+x8AAADayN3/1LjF/gcAAIA2cvc/LW4Zsv/1//p//b/+/7/q/2+n/9f/b9P/6/+36P/1/2d+v/5f/8++1fr/3P1Pj1uG7H8AAACYIHf/M+IW+x8AAADayN3/zLjF/gcAAIA2cvc/K24Zsv/1//p//b/+3/f/9f9H0v/r/7fo//X/Z36//l//z77V+v/c/c+OW4bsfwAAAJggd/9z4hb7HwAAANrI3f/cuMX+BwAAgDZy9z8vbhmy//X/+n/9v/5f/6//P5L+X/+/Rf+v/z/z+/X/+n/2rdb/5+5/ftwyZP8DAADABLn7XxC32P8AAADQRu7+F8Yt9j8AAAC0kbv/RXHLkP2v/9f/6//1//p//f+R9P/6/y36/6v3/3e8hd9P/7/W+/X/+n/2rdb/5+5/cdwyZP8DAADABLn7XxK32P8AAADQRu7+l8Yt9j8AAAC0kbv/ZXHLkP1/S/3/DXe68f/r/y9G/3/19+v/9f/6f/2//l//v0X/7/v/Z36//l//z77V+v/c/S+PW4bsfwAAAJggd/8r4hb7HwAAANrI3f/KuMX+BwAAgDZy978qbhmy/33/X/+v/9f/6//1/0fS/+v/t+j/9f9nfr/+X//PvtX6/9z9r45bhux/AAAAmCB3/2viFvsfAAAA2sjd/9q4xf4HAACANnL3vy5uGbL/9f/6/0vv/2+r/0/6//i56v/1/7eC/l//f0X/f80uu58/+/v1//p/9q3W/+fuf33cMmT/AwAAwAS5+98Qt9j/AAAA0Ebu/jfGLfY/AAAAtJG7/01xy5D9r//X/196/+/7/0X/Hz9X/b/+/1bQ/+v/r+j/r9ll9/Nnf7/+X//PvtX6/9z9b45bhux/AAAAmCB3/1viFvsfAAAA2sjd/9a4xf4HAACANnL3vy1uGbL/9f/6f/2//l//r/8/kv5f/79F/6//P/P7J/b/t7/ZP+v/uYjV+v/c/W+PW4bsfwAAAJggd/874hb7HwAAANrI3f/OuMX+BwAAgDZy978rbhmy//X/Z+//7359vED/r//X/+v/l6T/1/9v0f/r/8/8/on9/83p/7mI1fr/3P3vjluG7H8AAACYIHf/e+IW+x8AAADayN3/3rjF/gcAAIA2cve/L24Zsv/1/2fv/33/X/+v/9f/r03/r//fov/X/5/5/fp//T/7Vuv/c/e/P24Zsv8BAABggtz9H4hb7H8AAABoI3f/B+MW+x8AAADayN3/obhlyP7X/+v/9f/6f/2//v9IV3//Bf+guAD9v/7/iv7/ml12P3/29+v/9f/sW63/z93/4bhlyP4HAACACXL3fyRusf8BAACgjdz9H41b7H8AAABoI3f/x+KGu9z58p70f6X/1//r//X/+n/9/5F8/1//v0X/r/8/8/v1//p/9q3W/+fu/3jc4u//AQAAoI3c/Z+IW+x/AAAAaCN3/yfjFvsfAAAA2sjd/6m4Zcj+1//r//X/+n/9v/7/SPp//f8W/b/+/8zv1//r/9m3Wv+fu//TccuQ/Q8AAAAT5O7/TNxi/wMAAEAbufs/G7fY/wAAANBG7v7PxS1D9r/+X/+v/9f/6//1/0fS/+v/t+j/9f9nfr/+X//PvtX6/9z9n49bhux/AAAAmCB3/xfiFvsfAAAA2sjd/8W4xf4HAACANnL3fyluGbL/9f/6f/2//l//r/8/kv5f/79F/6//P/P79f/6f/at1v/n7v9y3DJk/wMAAMAEufu/ErfY/wAAANBG7v6vxi32PwAAALSRu/9rccuQ/d+5/9/6Zfr/G+n/9f9X9P/6/4Pp//X/W/T/+v8zv1//r/9n32r9f+7+r8ctQ/Y/AAAATJC7/xtxi/0PAAAAbeTu/2bcYv8DAABAG7n7vxW3DNn/nfv/Lfr/G+n/9f9X9P/6/4Pp//X/W/T/+v8zv1//r/9n32r9f+7+b8ctQ/Y/AAAATJC7/ztxi/0PAAAAbeTu/27cYv8DAABAG7n7vxe3DNn/+n/9v/5f/6//1/8fSf+v/9+i/9f/n/n9+n/9P/tW6/9z938/bhmy/wEAAGCC3P0/iFvsfwAAAGgjd/8P4xb7HwAAANrI3f+juGXI/tf/6//1//p//b/+/0j6f/3/Fv2//v/M79f/6//Zt1r/n7v/x3HLkP0PAAAAE+Tu/0ncYv8DAABAG7n7fxq32P8AAADQRu7+n8UtQ/a//l//r//X/+v/9f9H0v/r/7fo//X/Z36//l//z77V+v/c/T+PW4bsfwAAAJggd/8v4hb7HwAAANrI3f/LuMX+BwAAgDZy9/8qbhmy//X/+n/9v/5f/6//P5L+X/+/Rf+v/z/z+/X/+n/2rdb/5+6/Pm4Zsv8BAABggtz9v45b7H8AAABoI3f/b+IW+x8AAADayN1/Q9wyZP/r//X/Lfv/O+j/9f/6/1Xo//X/W/T/+v8zv1//r/9n32r9f+7+38YtQ/Y/AAAATJC7/3dxi/0PAAAAbeTu/33cYv8DAABAG7n7/xC3DNn/+n/9f8v+3/f/9f/6/2Xo//X/W/T/+v8zv1//r/9n32r9f+7+P8YtQ/Y/AAAATJC7/09xi/0PAAAAbeTu/3PcYv8DAABAG7n7/xK3DNn/+n/9v/5f/6//1/8fSf+v/9+i/9f/n/n9+n/9P/tW6/9z9/81bhmy/wEAAGCC3P1/i1vsfwAAAGgjd//f4xb7HwAAANrI3f+PuGXI/tf/6//1//p//b/+/0j6f/3/Fv2//v/M79f/6//Zt1r/n7v/XwEAAP//dwI/rA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
open_by_handle_at(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0c0000000100000020"], 0x0)

4.910805072s ago: executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000006c72663a00000000000000008500000061000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

4.70258925s ago: executing program 0:
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000380)="ba4200ec3e0f01cb260fc7b00a000f221166b8ff67ab990f23d80f21f86635400000800f23f82b920a000f01df0fe3611366b90f09000066b80000000066ba000000000f30baf80c66b8704e008266efbafc0c66ed", 0x55}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000340), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
clock_adjtime(0x7, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000001})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.669570359s ago: executing program 4:
r0 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24)
setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, 0x0, 0x0)

4.294356735s ago: executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b"], 0x0}, 0x90)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in6=@empty, @in=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0x2, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x154}}, 0x0)

4.074045668s ago: executing program 4:
r0 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f8)
sched_setscheduler(0x0, 0x5, &(0x7f0000000100))
ioprio_set$pid(0x1, 0x0, 0x0)
sendfile(r1, r1, 0x0, 0x100000000)
sendfile(r0, r0, 0x0, 0x80000001)

3.97617323s ago: executing program 2:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
pwrite64(r0, &(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000080)=0x1)

3.972169279s ago: executing program 3:
write$binfmt_script(0xffffffffffffffff, 0x0, 0x6db6e559)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket(0x11, 0x2, 0x0)
getsockopt$nfc_llcp(r0, 0x107, 0xf, 0x0, 0x20000000)

3.968910941s ago: executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_DREG={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

3.823548546s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298)
r2 = memfd_create(0x0, 0x0)
fallocate(r2, 0x0, 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x20242, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8001})
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffffffff}]}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}}, 0x0)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000000)='\t', 0xf4c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5}]}}}]}, 0x3c}}, 0x0)

3.705113666s ago: executing program 3:
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@umask={'umask', 0x3d, 0x1d04}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@uid}, {@umask={'umask', 0x3d, 0xfffffffffffffffb}}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@codepage={'codepage', 0x3d, 'koi8-ru'}}], [{@uid_eq}]}, 0x1, 0x2fc, &(0x7f00000008c0)="$eJzs3b9u00AcB/DvnROatlEwbRESC6i0EiyI8kdCCKkIZUPdmRCQpFKEVURbJGBJQGwgHoCNgVfgIRgAsTHBxMQDZDt057NjJ46T0DpOyvcjNbLPd+efdXZ8P0upQUT/rdvVnx+v/NZ/AnDgALgBSAAloADgJE6Vnu7sN/e9Rj2tI8e00H8CfkvRV6e204itC6Dtt/FbWK5eK6AcLaNsKKVu/co7CMqdufoTSGDOXodme2nCcWWlDZzJO4ZJiw6w6KCDZ6jkGA4REU0Be/+X9jZRNkUCUgLr9rZ/pO7/nbwDOFxXvb4ildrA3P9/LFSCzEsJPb7HzaZuvmdSOL1dBlniKMEUe9aPwT+zYhNMMSyrNLHI+e1mARdrL1GXeIVNK1JtxXzW/VM3MCTa1YTcNMXg3orYWvCPxs9kewQhbTe9xpxeSIh/ebw9HswbHepn8U3cEy7eox7O/wpK6GEyI+X2jJQs6vgvDe510bTStWDT/k0oGatywuzktN2DNeQoS8kZSbTP4AFBO4wgLU6z7yXEHyv4R7cxpNVyUis3XBvQaiXWyok8E0l9lJKN4BDFO3FXrOIPPqEamf9LHd86Ildm2le9MDXtmVF77NXjIxtRMDXdvjtH93I5G0ZgzY19bASM+bTsLR7iOip7z188cjyvsasXHiQsPCnvCltSfA0k1sl+wUFKHbS7JUprKTVqzyrL4C8caof6+yMs0ZdPUmV9lYUlctLDNBULLXuGZ7iL6leknZCzs6AUECvZuvnFbsrkO4qmzJ4IRt8WzOccEE2anncJP/8zM3k7qzNTVf3hpszT05NMxHrcCDO4+FRwyXwujJXBLQ7O4CJ7vDwgZzQ517nzwFqkUMDusZXYrWvjPCJEFd9xn8//iYiIiIiIiIiIiIiIiIiIiIiIiIhmzSg/FZAADvJLg7yPkYiIiIiIiIiIiIiIiIiIiIiIiIiIiIho1v3T+3+T/ke8ef+vm/T+3w/X1u74S73v/7X4/l+ifPwNAAD//+7ddNs=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000680)=""/201, 0xc9)

3.668109712s ago: executing program 2:
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)

2.506072919s ago: executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)

2.187565463s ago: executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000340)="15", 0x1}], 0x1)
write$binfmt_script(r0, &(0x7f0000000040), 0x18a3c85)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r2 = accept$alg(r1, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x1000)

2.153204432s ago: executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)

1.872512823s ago: executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)

1.797250052s ago: executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b"], 0x0}, 0x90)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in6=@empty, @in=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0x2, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x154}}, 0x0)

1.779528339s ago: executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000001c0))
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f5150001c0"])

1.713290393s ago: executing program 1:
syz_emit_ethernet(0x2e, &(0x7f0000000440)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @empty, @multicast1}, {0x0, 0xfffc, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

1.585539231s ago: executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x161000, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r1, 0x40046210, &(0x7f0000000080))
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000000700)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
userfaultfd(0x80001)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200))
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_int(r3, 0x0, 0x2, &(0x7f0000000000)=0x8, 0x4)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000140)=[@decrefs={0x40046307, 0x2}], 0x6c, 0x0, &(0x7f00000003c0)="d359dce07bb4c6df79f9293f9ca797ce2f28fd52427886272c62964b1e6430c214c980ddbdaac19eac19672e20bfb02bde6f5d32f863734e512297355a432b82be9353e58d2fee9e0682d9a44e601a8ce02f6ed37c01eaddab69ffae0e4512604abb7ab046379404cd3dbc64"})
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10)
setsockopt$inet_int(r3, 0x0, 0xa, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000000c0), 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x38, 0x2, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x38}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7fffffff}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x2000084e, &(0x7f0000000300)={[{@allow_utime={'allow_utime', 0x3d, 0x6}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x20000000000277a}}, {@umask={'umask', 0x3d, 0x7ff}}, {}, {@errors_continue}, {@errors_continue}, {}, {@errors_continue}]}, 0x80, 0x14fd, &(0x7f00000040c0)="$eJzs3AuYjtXXMPC99t43Q5OeJjkMe+1186TBNkmSQ0IOSZIkSU4JiUmShMSQU9KQhBwnyWEIyWEak8b5fMg5afKXJklCcgr7u/Tv/fzft//79r5ffZ/v+s/6Xde+Zq+5n7Wedc+aa577fq5rnu97jqrbvF6tpkQk/hT4+5dkIUSMEGKYEOIGIUQghKgYVzHuyvF8CpL/3JOwv9ajade6A3Yt8fxzN55/7sbzz914/rkbzz934/nnbjz/3I3nz1hutn1O0Rt55d7F7//nZvz6/y8kp9zkrzeWu7nX/yCF55+78fxzN55/7sbzz914/rkbz/9fX83/4hjPP3fj+TOWm13r9595Xdt1rX//GGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlDuf8VVoI8W/7a90XY4wxxhhjjDHG/jo+77XugDHGGGOMMcYYY//3gZBCCS0CkUfkFTEin8gvrhOx4npRQNwgIuJGESduEgXFzaKQKCyKiKIiXhQTxYURKKwgEYoSoqSIiltEKXGrSBClRRlRVjhRTiSK20R5cbuoIO4QFcWdopK4S1QWVURVUU3cLaqLe0QNUVPUEveK2qKOqCvqiftEfXG/aCAeEA3Fg6KReEg0Fg+LJuIR0VQ8KpqJx0Rz8bhoIZ4QLUUr0Vq0EW3/j/JfFn3FK6Kf6C+SxQAxULwqBonBYogYKoaJ18Rw8boYId4QKWKkGCXeFKPFW2KMeFuMFePEePGOmCAmiklispgipopU8a6YJt4T08X7YoaYKWaJ2SJNzBFzxQdinpgvFogPxULxkVgkFoslYqlIFx+LDLFMZIpPxHLxqcgSK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sF5+JHWKn2CV2iz1ir9gnPhf7xRfigPhSZIuv/of5Z/9Dfi8QIECCBA0a8kAeiIEYyA/5IRZioQAUgAhEIA7ioCAUhEJQCIpAEYiHeCgOxQEBgYCgBJSAKEShFJSCBEiAMlAGHDhIhEQoD7dDBagAFaEiVIJKUBmqQBWoBtWgOlSHGlADakEtqA21oS7UhfvgPrgfGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoCS2hNbSGttAW2kE7aA/toSN0hE7QCTpDZ0iCJOgKXaEbdIPu0B16QA/oCT2hF/SG3vAyvAyvwCvQH2rLATAQBsIgGARDYCgMhddgOLwOr8MbkAIjYRS8CW/CWzAGzsBYGAfjYTxUlxNhEkwGklMhFVJhGkyD6TAdZsBMmAmzIQ3mwFyYC/NgPsyHD2EhfAQfwWJYDEshHdIhA5ZBJmTCcjgLWbACVsIqWA1rYDWsg/WwDjbCJtgIW2ALbINt8Bl8BjthJ+yG3bAX9sLn8Dl8AV9ACmRDNhyEg3AIDsFhOAw5kANH4AgchaNwDI7BcTgOJ+AknIKTcBpOwxk4C+fgHFyAC3ARXoz/ttne0htShLxCSy3zyDwyRsbI/DK/jJWxsoAsICMyIuNknCwoC8pCspAsIovIeBkvi8viEiVKkqEsIUvECCFkKVlKJsgEWUaWkU46mSgTZXlZXlaQFWRFeaesJO+SlWUV2cFVk9VkddnR1ZA1ZS1ZS9aWdWRdWU/Wk/VlfdlANpANZUPZSDaSjeXDsokcAEPgUXllMs3lSGghR0FL2Uq2lm3kW/CkbCfHQHvZQXaUT8txMBY6y3YuST4ru8pJ0E0+LyfDC7KHnAo95Uuyl+wt+8iXZV/Z3vWT/eUMGCAHytkwSA6WQ+RQOQ/qyCsTqyvfkClypBwl35RL4S05Rr4tx8pxcrx8R06QE+UkOVlOkVNlqnxXTpPvyenyfTlDzpSz5GyZJufIufIDOU/Olwvkh3Kh/EgukovlErlUpsuPZYZcJjPlJ3K5/FRmyRVypVwlV8s1cq1cJ9fLDXKj3CQ3yy1yq9wmt8vP5A65U+6Su+UeuVfuk5/L/fILeUB+KbPlV/Kg/Js8JL+Wh+U3Mkd+K4/I7+RR+b08Jn+Qx+WP8oQ8KU/Jn+Rp+bM8I8/Kc/K8vCB/kRflJXlZeikUKKmU0ipQeVReFaPyqfzqOhWrrlcF1A0qom5UceomVVDdrAqpwqqIKqriVTFVXBmFyipSoSqhSqqoukWVUreqBFValVFllVPlVKK6TZVXt6sK6g5VUd2pKqm7VGVVRVVV1dTdqrq6R9VQNVUtda+qreqouqqeuk/VV/erBuoB1VA9qBqph1Rj9bBqoh5RTdWjqpl6TDVXj6sW6gnVUrVSrVUb1VY9qdqpp1R71UF1VE+rTuoZ1Vl1UUnqWdVVPae6qedVd/WC6qFeVD3VS6qX6q36qEvqsvKqn+qvktUANVC9qgapwWqIGqqGqdfUcPW6GqHeUClqpBql3lSj1VtqjHpbjVXj1Hj1jpqgJqpJarKaoqaqVPWumqbeU9PV+2qGmqlmqdkqTc1RQ36rtOC/kf/eP8kf8euzb1Pb1Wdqh9qpdqndao/aq/apfWq/2q8OqAMqW2Wrg+qgOqQOqcPqsMpROeqIOqKOqqPqmDqmjqvj6oQ6qc6rn9Rp9bM6o86qs+q8uqAuqIu//QyEBi210loHOo/Oq2N0Pp1fX6dj9fW6gL5BR/SNOk7fpAvqm3UhXVgX0UV1vC6mi2ujUVtNOtQldEkd1bfoUvpWnaBL6zK6rHa6nE7Ut/3p/D/qr61uq9vpdrq9bq876o66k+6kO+vOOkkn6a66q+6mu+nuurvuoXvonrqn7qV76T66j+6r++p+up9O1sl6oH5VD9KD9RA9VA/Tr+nhergeoUfoFJ2iR+lRerQercfoMXqsHqvH6/F6gp6gJ+lJeoqeolN1qp6mp+nperqeoWfoWXqWTtNpeq6eq+fpeXqBXqAX6oV6kV6kl+glOl2n6wydoTN1pl6ul+ssvUKv0Kv0Kr1Gr9Hr9Dq9QW/Qm/QmvUVv0Vl6u96ud+gdepfepffoPXqf3qf36/36gD6gs3W2PqgP6kP6kD6sD+scnaOP6CP6qD6qj+lj+rg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlsi+QgQx0oIM8QZ4gJogJ8gf5g9ggNigQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubi/8vKOGjXmwTwYgzGYH/NjLMZiASyAEYxgHMZhQSyIhbAQFsEiGI/xWByL4xWEhCWwBEYxiqWwFCZgApbBMujQYSImYnksjxWwAlbEilgJK2FlrIxVsSrejXfjPXgP1sSaeC/ei3WwDtbDelgf62MDbIANsSE2wkbYGBtjE2yCTbEpNsNm2BybYwtsgS2xJbbG1tgW22I7bIftsT12xI7YCTthZ+yMSZiEXbErdsNu2B27Yw/sgT2xJ/bCXtgH+2Bf7Iv9sB8mYzIOxIE4CAfhEByCw3AYDsfhOAJHYAqm4CgchaNxNI7BMTgWx+F4fAcn4ESchJNxCk7FVEzFaTgNp+N0nIEzcBbOwjRMw7k4F+fhPFyAC3AhLsRFuAiX4BJMx3TMwAzMxExcjssxC7NwJa7E1bga1+JaXI/rcSNuxM24GbfiVtyO23EH7sBduAv34B7ch/twP+7HA3gAszEbD+JBPISH8DAexhzMwSN4BI/iUTyGx/A4HscTeAJP4Sk8jafxDJ7Bc3gOL+AveBEv4WX0GGOlyG+vs7H2elvA3mBjbD77j3ERW9TG22K2uDW2kC3872K01ibY0raMLWudLWcT7W2/iyvbKraqrWbvttXtPbbG7+L69n7bwD5gG9oHbT17329x3l/jRvYh29g+bpvYJ2xT28o2s21sc/u4bWGfsC1tK9vatrGd7DO2s+1ik+yztqt97ndxhl1m19sNdqPdZPfbL+w5e94etd/bC/YX28/2t8Psa3a4fd2OsG/YFDvyd/F4+46dYCfaSXaynWKn/i6eZWfbNDvHzrUf2Hl2/u/idPuxXWgz7SK72C6xS3+Nr/SUaT+xy+2nNsuusCvtKrvarrFr7br/3esqu8VutdvsPvu53WF32l12t91j9/4aXzmPA/ZLm22/skfsd/aQ/doetsdsjv321/jK+R2zP9jj9kd7wp60p+xP9rT92Z6xZ389/yvn/pO9ZC9bbwUBSVKkKaA8lJdiKB/lp+solq6nAnQDRehGiqObqCDdTIWoMBWhohRPxag4GUKyRBRSCSpJUbqFStGtlEClqQyVJUflKJFuo/J0O1WgO6gi3UmV6C6qTFWoKlWju6k63UM1qCbVonupNtWhulSP7qP6dD81oAeoIT1IjeghakwPUxN6hJrSo9SMHqPm9Di1oCeoJbWi1tSG2tKT1I6eovbUgTrS09SJnqHO1IWS6FnqSs9RN3qeutML1INepJ70EvWi3tSHXqa+9Ar1o/6UTANoIL1Kg2gwDaGhNIxeo+H0Oo2gNyiFRtIoepNG01s0ht6msTSOxtM7NIEm0iSaTFNoKqXSu3Q2vUsRIYSYQTNpFs2mNJpDc+kDmkfzaQF9SAvpI1pEi2kJLaV0+pgyaBll0ie0nD6lLFpBK2kVraY1tJbW0XraQBtpE22mLbSVttF2+ox20E7aRbtpD+2lffQ57acv6AB9Sdn0FR2kv9Eh+poO0zeUQ9/SEfqOjtL3dIx+oOP0I52gk3SKfqLT9DOdobN0js7TBfqFLtIlukyeRAihDFWowyDME+YNY8J8Yf7wujA2vD4sEN4QRsIbw7jwprBgeHNYKCwcFgmLhvFhsbB4aEIMbUhhGJYIS4bR8JawVHhrmBCWDsuEZUMXlgsTw9vC8uHtYYXwjrBieGdYKbwrrBxWCR9/sFp4d1g9vCesEdYMa4X3hrXDOmHdsF54X1g/vD9sED4QNgwfDCuED4WNw4fDJuEjYdPw0bBZ+FjYPHw8bBE+EbYMW4WtwzZh2/DJsF34VNg+7BB2DJ8OO4XPhJ3DLmFS+GzYNXzuD48nhwPCgeGr4auh9w+oJdGl0fTox9GM6LJoZvST6PLop9Gs6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jbo1ui2qPf18goHTjrltAtcHpfXxbh8Lr+7zsW6610Bd4OLuBtdnLvJFXQ3u0KusCviirp4V8wVd8ahs45c6Eq4ki7qbnGl3K0uwZV2ZVxZ51w5l+jauLaurWvnnnLtXQfX0T3tnnbPuGdcF9fFPeu6uudcN/e86+5ecD3ci+5F95Lr5Xq7Pu5l19e94vq5/i7ZJbuBbqAb5Aa5IW6IG+aGueFuuBvhRrgUl+JGuVFutBvtxrgxbqwb68a78W6Cm+AmuUluipviUl2qm+amueluupvhZrhZbpZLc2lurpvr5rl5boFb4BYmLHSL3CK3xC1x6S7dZbgMl+ky3XK33GW5LLfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Xa3w+1wu9wut8ftcfvcPrff7XcH3AGX7bLdQXfQHXKH3GH3jctx37oj7jt31H3vjrkf3HH3ozvhTrpT7id32v3szriz7pw77y64X9xFd8lddt6lRt6NTIu8F5keeT8yIzIzMisyO5IWmROZG/kgMi8yP7Ig8mFkYeSjyKLI4siSyNJIeuTjSEZkWSQz8klkeeTTSFZkRWRlZFVkdWRNxPtiO0Jfwpf0UX+LL+Vv9Qm+tC/jy3rny/lEf5sv72/3FfwdvqK/01fyd/nKvoqv6p/wLX0r39q38W39k76df8q39x18R/+07+Sf8Z19F5/kn/Vd/XO+m3/ed/cv+B7+Rd/Tv+R7+d6+j3/Z9/Wv+H6+v0/2A/xA/6of5Af7IX6oH+Zf88P9636Ef8On+JF+lH/Tj/Zv+TH+bT/Wj/Pj/Tt+gp/oJ/nJfoqf6lP9u36af89P9+/7GX6mn+Vn+zQ/x8/1H/h5fr5f4D/0C/1HfpFf7Jf4pT7df+wz/DKf6T/xy/2nPsuv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+Z3+J1+l9/t9/i9fp//3O/3X/gD/kuf7b/yB/3f/CH/tT/sv/E5/lt/xH/nj/rv/TH/gz/uf/Qn/El/yv/kT/uf/Rl/1p/z5/0F/4u/6C/5y/w/a4wxxhhj/y3qD44P+Cffk7+tKwYKIa7fWTTnP9bcXOjv+8EyvlNECPFs/56P/tuqXTs5Ofm3x2YpEZRcLISIXM3PI67GK0RH8YxIEh1E+X/a32DZ+wL9Qf3onULk/4ecGHE1vlr/9v+k/pNPj8+oFJ6L+y/qLxYioeTVnHziany1foX/pH7hdn/Qf76vU4Vo/w85seJqfLV+onhKPCeS/t0jGWOMMcYYY4yxvxssq3b/o/vnK/fn8fpqTl5xNf6j+3PGGGOMMcYYY4xdey/07tPlyaSkDt158yc2Nf7/aIM3vPnLNtf6LxNjjDHGGGPsr3b1ov9ad8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVe/y8+TuxanyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2rf2vAAAA//9OzznX")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@cgroup=r6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
fchmod(0xffffffffffffffff, 0x0)

1.477803454s ago: executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1020, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="00000b0000000b006705000d6ffa"], 0x0, 0x0, 0x0, 0x0}, 0x0)

993.717633ms ago: executing program 1:
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000002940)=@hci={0x1f, 0x689, 0x2}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000029c0)="6203a105d755af176510122f1eafbcf704e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48b462428087ed4460", 0xda}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd706003994eb07de2f3c6a9448c3206cff6d290b433f331c2399", 0xbe}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000b40)="6f4720baeb5434a1c17a4b697e4611c434c1947f61d44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e542b3f3400b2d3acccc46500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea4a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc3370398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad24ee0a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320", 0x35b}], 0x4}, 0x0)

937.361323ms ago: executing program 2:
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20, 0x0, 0x0, 0xfffffffd}}, 0x120)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r1, 0xc0404807, &(0x7f0000000100)={0x0, "743fedd3add15c65712ea4c5a112f60f8377ba5089b34f08204569381985d16e9cfd3974fb09fa9fa4ff42a688e0302b715f37ed8ab4cc1e5f75db3bb5cfb510"})
write$UHID_DESTROY(r0, &(0x7f0000000040)={0xa}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48)

657.182939ms ago: executing program 4:
r0 = syz_open_dev$vbi(&(0x7f0000000240), 0x3, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000005440)={0xa, @pix_mp})

577.734335ms ago: executing program 1:
write$binfmt_script(0xffffffffffffffff, 0x0, 0x6db6e559)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket(0x11, 0x2, 0x0)
getsockopt$nfc_llcp(r0, 0x107, 0xf, 0x0, 0x20000000)

533.808438ms ago: executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0xd6e}})
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x7fff}})

432.439429ms ago: executing program 1:
r0 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, 0x0, 0x0)
eventfd2(0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)

0s ago: executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='ext4_ext_remove_space_done\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

(unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.823393][ T5124] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  882.839597][ T5124] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  882.852770][ T5124] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  882.865252][ T5124] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  882.878786][ T5124] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  882.888914][ T5124] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  883.202661][ T1092] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.825725][T14403] veth0_vlan: entered allmulticast mode
[  884.716991][T14406] loop0: detected capacity change from 0 to 16
[  884.775406][T14406] erofs: (device loop0): mounted with root inode @ nid 36.
[  884.792294][ T1092] bridge_slave_1: left allmulticast mode
[  884.809130][ T1092] bridge_slave_1: left promiscuous mode
[  884.830405][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[  884.832560][T14406] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  884.892371][T14406] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -5 in[46, 4050] out[1851]
[  884.914609][T14406] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  884.919082][ T1092] bridge_slave_0: left allmulticast mode
[  884.930080][ T5125] Bluetooth: hci2: command tx timeout
[  884.982842][ T1092] bridge_slave_0: left promiscuous mode
[  884.988970][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[  885.164298][T14412] loop0: detected capacity change from 0 to 1024
[  885.371138][   T62] hfsplus: b-tree write err: -5, ino 4
[  885.647320][   T29] audit: type=1804 audit(2000000664.759:746): pid=14417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1395325959/syzkaller.2yB8Kf/20/bus" dev="sda1" ino=1949 res=1 errno=0
[  887.004721][ T5125] Bluetooth: hci2: command tx timeout
[  887.673677][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  887.694382][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  887.787243][ T1092] bond0 (unregistering): Released all slaves
[  888.130484][T14427] loop3: detected capacity change from 0 to 32768
[  888.194002][T14427] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (14427)
[  888.355103][T14427] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  888.370297][T14427] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  888.494790][T14427] BTRFS info (device loop3): using free-space-tree
[  888.714738][T14443] netlink: 'syz-executor.4': attribute type 50 has an invalid length.
[  888.892705][T14393] chnl_net:caif_netlink_parms(): no params data found
[  888.933362][ T1092] hsr_slave_0: left promiscuous mode
[  888.968803][ T1092] hsr_slave_1: left promiscuous mode
[  889.029647][T14434] loop0: detected capacity change from 0 to 40427
[  889.046982][T14434] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  889.104507][T14434] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  889.114560][ T5125] Bluetooth: hci2: command tx timeout
[  890.254032][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  890.295784][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  890.305701][T14434] F2FS-fs (loop0): invalid crc value
[  890.338131][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  890.364598][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  890.377060][T14434] F2FS-fs (loop0): Found nat_bits in checkpoint
[  890.404686][T10411] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  890.529461][ T1092] veth0_macvtap: left promiscuous mode
[  890.546630][ T1092] veth1_vlan: left promiscuous mode
[  890.552071][ T1092] veth0_vlan: left promiscuous mode
[  891.953220][T14473] loop3: detected capacity change from 0 to 1024
[  892.100198][ T6604] hfsplus: b-tree write err: -5, ino 4
[  892.216284][ T5125] Bluetooth: hci2: command tx timeout
[  892.613673][T14471] loop0: detected capacity change from 0 to 40427
[  892.694986][T14471] F2FS-fs (loop0): invalid crc value
[  892.741343][T14471] F2FS-fs (loop0): Found nat_bits in checkpoint
[  892.988705][T14471] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  893.127979][T14471] syz-executor.0: attempt to access beyond end of device
[  893.127979][T14471] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  893.176783][T14471] syz-executor.0: attempt to access beyond end of device
[  893.176783][T14471] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  893.214254][T14471] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  894.164587][T14484] loop3: detected capacity change from 0 to 256
[  894.330309][   T29] audit: type=1804 audit(2000000673.459:747): pid=14486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1011489122/syzkaller.jRKRj6/60/bus" dev="sda1" ino=1963 res=1 errno=0
[  894.782805][   T29] audit: type=1326 audit(2000000673.819:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x0
[  895.837427][ T1092] team0 (unregistering): Port device team_slave_1 removed
[  896.154771][ T1092] team0 (unregistering): Port device team_slave_0 removed
[  896.678837][ T5125] Bluetooth: hci5: unexpected event for opcode 0x202d
[  899.013713][T14465] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  899.054827][T14465] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  899.266461][T14502] veth1_macvtap: left promiscuous mode
[  899.991394][T14393] bridge0: port 1(bridge_slave_0) entered blocking state
[  900.000261][T14393] bridge0: port 1(bridge_slave_0) entered disabled state
[  900.025652][T14393] bridge_slave_0: entered allmulticast mode
[  900.074097][T14393] bridge_slave_0: entered promiscuous mode
[  900.094573][T14393] bridge0: port 2(bridge_slave_1) entered blocking state
[  900.101809][T14393] bridge0: port 2(bridge_slave_1) entered disabled state
[  900.163864][T14393] bridge_slave_1: entered allmulticast mode
[  900.171637][T14393] bridge_slave_1: entered promiscuous mode
[  900.350188][T14393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  900.438051][T14393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  900.606903][T14528] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  900.773856][ T5125] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  900.783272][ T5125] Bluetooth: hci5: Injecting HCI hardware error event
[  900.796617][ T5125] Bluetooth: hci5: hardware error 0x00
[  900.942877][T14393] team0: Port device team_slave_0 added
[  901.045471][T14393] team0: Port device team_slave_1 added
[  902.132679][T14393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  902.184971][T14393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  902.332390][T14393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  902.419676][T14393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  902.493299][T14393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  902.710702][   T29] audit: type=1326 audit(2000000681.780:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14535 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe8a3c7cf69 code=0x0
[  902.932588][ T5125] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  903.170465][T14393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  903.636304][T14393] hsr_slave_0: entered promiscuous mode
[  903.693720][T14393] hsr_slave_1: entered promiscuous mode
[  903.713719][T14393] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  903.721371][T14393] Cannot create hsr debugfs directory
[  904.184240][T14556] bridge0: port 2(bridge_slave_1) entered disabled state
[  905.414138][T14393] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  905.477272][T14393] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  905.547334][T14393] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  905.610558][T14393] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  905.990304][T14393] 8021q: adding VLAN 0 to HW filter on device bond0
[  906.157067][T14393] 8021q: adding VLAN 0 to HW filter on device team0
[  906.198463][ T5167] bridge0: port 1(bridge_slave_0) entered blocking state
[  906.205717][ T5167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  906.274298][ T5167] bridge0: port 2(bridge_slave_1) entered blocking state
[  906.281596][ T5167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  906.837773][T14393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  906.995939][T14393] veth0_vlan: entered promiscuous mode
[  907.030723][T14393] veth1_vlan: entered promiscuous mode
[  907.187615][T14393] veth0_macvtap: entered promiscuous mode
[  907.243419][T14393] veth1_macvtap: entered promiscuous mode
[  907.281210][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.353394][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.372986][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.407715][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.438881][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.462876][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.483038][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.522923][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.547915][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.586271][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.606941][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.629608][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.665084][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  907.687313][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.719205][T14393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  907.793051][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  907.823752][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.862876][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  907.885374][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.913503][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  907.945354][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  907.975694][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  908.006828][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  908.034129][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  908.066220][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  908.098028][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  908.129937][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  908.161818][T14393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  908.190647][T14393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  908.227284][T14393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  908.316724][T14393] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  908.363162][T14393] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  908.371947][T14393] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  908.413003][T14393] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  908.786955][ T6604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  908.822950][ T6604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  908.944710][ T6602] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  908.959412][ T6602] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  909.201147][T14604] loop0: detected capacity change from 0 to 40427
[  909.230537][T14604] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  909.261161][T14604] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  909.312759][T14604] F2FS-fs (loop0): invalid crc value
[  909.424351][T14604] F2FS-fs (loop0): Found nat_bits in checkpoint
[  910.706538][T14621] loop1: detected capacity change from 0 to 4096
[  910.746920][T14604] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  910.752223][T14621] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  910.775243][T14621] ntfs3: loop1: Failed to load $MFT (-22).
[  910.782632][T14604] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  910.895876][   T29] audit: type=1326 audit(2000000689.991:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a3c7cf69 code=0x7ffc0000
[  910.898040][T14604] UBIFS error (pid: 14604): cannot open "./file0", error -22
[  910.983045][   T29] audit: type=1326 audit(2000000690.081:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe8a3c7cf69 code=0x7ffc0000
[  911.112790][   T29] audit: type=1326 audit(2000000690.081:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe8a3c7cfa3 code=0x7ffc0000
[  911.223909][   T29] audit: type=1326 audit(2000000690.331:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe8a3c7bcaf code=0x7ffc0000
[  911.402093][   T29] audit: type=1326 audit(2000000690.521:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe8a3c7cff7 code=0x7ffc0000
[  911.513570][T14633] loop3: detected capacity change from 0 to 64
[  911.577174][   T29] audit: type=1326 audit(2000000690.701:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8a3c7bb60 code=0x7ffc0000
[  911.633917][   T29] audit: type=1326 audit(2000000690.701:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe8a3c7be5a code=0x7ffc0000
[  911.702573][   T29] audit: type=1326 audit(2000000690.761:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a3c7cf69 code=0x7ffc0000
[  911.791028][   T29] audit: type=1326 audit(2000000690.861:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a3c7cf69 code=0x7ffc0000
[  911.883183][   T29] audit: type=1326 audit(2000000690.911:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14622 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe8a3c7cf69 code=0x7ffc0000
[  912.359528][T14631] loop1: detected capacity change from 0 to 32768
[  912.394751][T14631] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (14631)
[  912.436355][T14631] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  912.475777][T14631] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  912.505727][T14631] BTRFS info (device loop1): using free-space-tree
[  912.996459][T14666] netlink: 16186 bytes leftover after parsing attributes in process `syz-executor.3'.
[  913.307173][T14670] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  913.367798][T14393] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  913.482617][ T5125] Bluetooth: hci6: command 0x0406 tx timeout
[  913.551565][T14676] loop3: detected capacity change from 0 to 64
[  913.751637][T14671] syzkaller0: entered promiscuous mode
[  913.769111][T14671] syzkaller0: entered allmulticast mode
[  914.031064][T14686] x_tables: unsorted underflow at hook 3
[  914.642821][T14701] loop3: detected capacity change from 0 to 256
[  914.757678][T14706] loop0: detected capacity change from 0 to 256
[  914.784437][T14706] exfat: Deprecated parameter 'namecase'
[  914.801656][T14701] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc14df490, utbl_chksum : 0xe619d30d)
[  914.862340][T14706] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  915.672493][T14714] loop1: detected capacity change from 0 to 2048
[  915.731602][T14714] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  915.777553][T14714] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  918.646823][T14734] loop0: detected capacity change from 0 to 256
[  918.703324][T14734] exfat: Deprecated parameter 'namecase'
[  918.736670][T14734] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  918.762219][ T5125] Bluetooth: hci7: command 0x0406 tx timeout
[  925.134213][T14754] loop0: detected capacity change from 0 to 64
[  926.050907][T14764] loop0: detected capacity change from 0 to 512
[  926.180713][T14764] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  926.261157][T14764] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 1 (level 1)
[  926.322755][T14764] EXT4-fs (loop0): 1 truncate cleaned up
[  926.329966][T14764] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  926.506488][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  928.308938][T14772] loop0: detected capacity change from 0 to 40427
[  928.346220][T14772] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  928.371112][T14772] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  928.423502][T14772] F2FS-fs (loop0): invalid crc value
[  928.464208][T14772] F2FS-fs (loop0): Found nat_bits in checkpoint
[  928.641871][T14772] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  928.680097][T14772] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  928.862339][T13513] syz-executor.0: attempt to access beyond end of device
[  928.862339][T13513] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  928.910564][T13513] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  930.534687][T14785] loop0: detected capacity change from 0 to 1024
[  930.775239][T14785] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[  930.911025][T14785] loop0: detected capacity change from 0 to 1024
[  931.911413][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  931.917899][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  932.072334][   T62] hfsplus: b-tree write err: -5, ino 4
[  932.431630][T14793] loop0: detected capacity change from 0 to 2048
[  932.460036][T14793] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  932.497605][T14793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  935.809284][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.073897][T14806] loop0: detected capacity change from 0 to 32768
[  936.102512][T14806] XFS: noikeep mount option is deprecated.
[  936.206511][T14806] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  936.293274][T14806] XFS (loop0): Ending clean mount
[  936.302176][T14806] XFS (loop0): Quotacheck needed: Please wait.
[  936.515468][T14806] XFS (loop0): Quotacheck: Done.
[  936.752146][T13513] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  937.109310][    C1] vkms_vblank_simulate: vblank timer overrun
[  938.758387][    C1] vkms_vblank_simulate: vblank timer overrun
[  938.892526][    C1] vkms_vblank_simulate: vblank timer overrun
[  943.651083][T14845] fscrypt: key with description 'fscrypt:e8dab99234bb312e' has invalid payload
[  944.232498][ T5125] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  944.254115][ T5125] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  944.267210][ T5125] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  944.309888][ T5125] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  944.322498][ T5125] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  944.330929][ T5125] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  944.495957][ T6604] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  944.901931][T14857] loop0: detected capacity change from 0 to 164
[  944.940094][T14857] iso9660: Unknown parameter '"ë<(ŠF[hTôØë’n_²aË´�p¡Sõ	©imU2
[  944.940094][T14857] ¥ü±™Bk(ÚŸÛ^“'
[  945.064299][T14857] loop0: detected capacity change from 0 to 128
[  945.166627][ T5125] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  945.183777][ T5125] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  945.203660][ T5125] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  945.214747][ T5125] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  945.233025][ T5125] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  945.247775][ T5125] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  945.459853][ T5124] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  945.478313][ T5124] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  945.500853][ T5124] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  945.513965][ T5124] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  945.524606][ T5124] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  945.535404][ T5124] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  945.722055][ T6604] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  946.030648][ T6604] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  946.319821][T14843] loop3: detected capacity change from 0 to 32768
[  946.343246][ T6604] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  946.450050][ T5124] Bluetooth: hci2: command tx timeout
[  946.541918][T14843] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  946.624389][T14843] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop3": -EINTR
[  946.630221][T14843] XFS (loop3): log mount failed
[  947.319700][ T5124] Bluetooth: hci4: command tx timeout
[  947.366664][T14858] chnl_net:caif_netlink_parms(): no params data found
[  947.452811][ T6604] bridge_slave_1: left allmulticast mode
[  947.458937][ T6604] bridge_slave_1: left promiscuous mode
[  947.519814][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state
[  947.640664][ T5124] Bluetooth: hci7: command tx timeout
[  947.671776][ T6604] bridge_slave_0: left allmulticast mode
[  947.677590][ T6604] bridge_slave_0: left promiscuous mode
[  947.736266][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state
[  948.073104][T14882] loop0: detected capacity change from 0 to 32768
[  948.529669][ T5124] Bluetooth: hci2: command tx timeout
[  948.759582][ T5124] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  948.963104][T14897] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  949.399465][ T5124] Bluetooth: hci4: command tx timeout
[  949.721415][ T5124] Bluetooth: hci7: command tx timeout
[  950.400268][ T6604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  950.440436][ T6604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  950.481909][ T6604] bond0 (unregistering): Released all slaves
[  950.538595][T14849] chnl_net:caif_netlink_parms(): no params data found
[  950.600319][ T5124] Bluetooth: hci2: command tx timeout
[  950.826067][T14907] loop0: detected capacity change from 0 to 32768
[  950.929028][   T29] kauditd_printk_skb: 34 callbacks suppressed
[  950.929050][   T29] audit: type=1326 audit(2000000730.054:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14913 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x0
[  951.053906][T14907] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  951.065901][T14861] chnl_net:caif_netlink_parms(): no params data found
[  951.298051][T14907] XFS (loop0): Ending clean mount
[  951.331336][T14858] bridge0: port 1(bridge_slave_0) entered blocking state
[  951.362546][T14858] bridge0: port 1(bridge_slave_0) entered disabled state
[  951.394446][T14858] bridge_slave_0: entered allmulticast mode
[  951.425795][T14858] bridge_slave_0: entered promiscuous mode
[  951.479270][ T5124] Bluetooth: hci4: command tx timeout
[  951.739389][T13513] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  951.806220][ T5124] Bluetooth: hci7: command tx timeout
[  951.964553][T14858] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.002331][T14858] bridge0: port 2(bridge_slave_1) entered disabled state
[  952.050675][T14858] bridge_slave_1: entered allmulticast mode
[  952.063432][T14858] bridge_slave_1: entered promiscuous mode
[  952.330298][ T6604] hsr_slave_0: left promiscuous mode
[  952.431455][T14928] loop0: detected capacity change from 0 to 1024
[  952.449417][ T6604] hsr_slave_1: left promiscuous mode
[  952.456956][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  952.469812][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_0
[  952.511932][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  952.529221][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_1
[  952.666275][ T6604] veth1_macvtap: left promiscuous mode
[  952.683373][ T5124] Bluetooth: hci2: command tx timeout
[  952.701457][ T6604] veth0_macvtap: left promiscuous mode
[  952.707205][ T6604] veth1_vlan: left promiscuous mode
[  952.721700][T14932] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  952.771770][ T6604] veth0_vlan: left promiscuous mode
[  953.090329][   T29] audit: type=1326 audit(2000000732.224:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14937 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7325a7cf69 code=0x0
[  953.559318][ T5124] Bluetooth: hci4: command tx timeout
[  953.880430][ T5124] Bluetooth: hci7: command tx timeout
[  957.213635][ T6604] team0 (unregistering): Port device team_slave_1 removed
[  957.453016][ T6604] team0 (unregistering): Port device team_slave_0 removed
[  960.870349][T14858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  961.004666][T14961] loop0: detected capacity change from 0 to 1024
[  961.161973][T14858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  961.360801][   T29] audit: type=1326 audit(2000000740.485:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14964 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7325a7cf69 code=0x0
[  961.528928][T14849] bridge0: port 1(bridge_slave_0) entered blocking state
[  961.536218][T14849] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.608609][T14849] bridge_slave_0: entered allmulticast mode
[  961.616351][T14849] bridge_slave_0: entered promiscuous mode
[  961.640907][T14849] bridge0: port 2(bridge_slave_1) entered blocking state
[  961.658353][T14849] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.690854][T14849] bridge_slave_1: entered allmulticast mode
[  961.710907][T14849] bridge_slave_1: entered promiscuous mode
[  961.782591][T14861] bridge0: port 1(bridge_slave_0) entered blocking state
[  961.808563][T14861] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.815982][T14861] bridge_slave_0: entered allmulticast mode
[  961.840334][T14861] bridge_slave_0: entered promiscuous mode
[  961.887474][T14858] team0: Port device team_slave_0 added
[  961.921741][T14858] team0: Port device team_slave_1 added
[  962.098795][T14861] bridge0: port 2(bridge_slave_1) entered blocking state
[  962.106283][T14861] bridge0: port 2(bridge_slave_1) entered disabled state
[  962.149484][T14861] bridge_slave_1: entered allmulticast mode
[  962.157309][T14861] bridge_slave_1: entered promiscuous mode
[  962.330764][T14849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  962.488702][T14858] batman_adv: batadv0: Adding interface: batadv_slave_0
[  962.496559][T14858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  962.606891][T14858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  962.654008][T14849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  962.882534][T14861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  962.917613][T14858] batman_adv: batadv0: Adding interface: batadv_slave_1
[  962.948408][T14858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  963.004189][T14858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  963.308552][T14849] team0: Port device team_slave_0 added
[  963.337984][T14861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  963.614327][T14982] loop0: detected capacity change from 0 to 128
[  963.653252][T14849] team0: Port device team_slave_1 added
[  963.832027][T14861] team0: Port device team_slave_0 added
[  963.849382][T14982] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  963.970665][T14849] batman_adv: batadv0: Adding interface: batadv_slave_0
[  963.990741][T14849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  964.108708][T14849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  964.145387][T14861] team0: Port device team_slave_1 added
[  964.350375][T14977] loop3: detected capacity change from 0 to 32768
[  964.372165][T14858] hsr_slave_0: entered promiscuous mode
[  964.400751][T14977] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (14977)
[  964.414996][T14858] hsr_slave_1: entered promiscuous mode
[  964.450531][T14858] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  964.479009][T14977] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  964.492818][T14858] Cannot create hsr debugfs directory
[  964.548345][T14977] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  964.575828][T14977] BTRFS info (device loop3): using free-space-tree
[  964.590560][T14849] batman_adv: batadv0: Adding interface: batadv_slave_1
[  964.597677][T14849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  964.680045][T14982] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  964.780075][T14849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  965.317465][T10411] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  965.536031][ T6604] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  965.672087][T14861] batman_adv: batadv0: Adding interface: batadv_slave_0
[  965.690428][T14861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  965.793629][T14861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  965.836192][T14861] batman_adv: batadv0: Adding interface: batadv_slave_1
[  965.875020][T14861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  965.978814][T14861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  966.393795][ T6604] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  966.722480][T14849] hsr_slave_0: entered promiscuous mode
[  966.790126][T14849] hsr_slave_1: entered promiscuous mode
[  966.827949][T14849] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  966.858167][T14849] Cannot create hsr debugfs directory
[  967.015595][ T6604] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  967.099285][T14861] hsr_slave_0: entered promiscuous mode
[  967.133592][T14861] hsr_slave_1: entered promiscuous mode
[  967.159281][T14861] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  967.175180][T14861] Cannot create hsr debugfs directory
[  967.504238][ T6604] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  967.757398][T15018] loop3: detected capacity change from 0 to 1024
[  968.012637][T15018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  968.513540][T10411] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  969.718139][T15034] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  969.718139][T15034] The task syz-executor.0 (15034) triggered the difference, watch for misbehavior.
[  970.077140][ T6604] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.414986][ T6604] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.472815][T15039] loop0: detected capacity change from 0 to 512
[  970.568701][T15039] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  970.628278][T15039] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 2683928664 (level 1)
[  970.677851][T15039] EXT4-fs (loop0): Remounting filesystem read-only
[  970.684905][T15039] EXT4-fs (loop0): 1 truncate cleaned up
[  970.702431][T15039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  970.840409][ T6604] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.888304][T14858] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  970.969050][T15027] loop3: detected capacity change from 0 to 32768
[  971.012083][T14858] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  971.184530][T15027] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  971.195439][ T6604] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.280775][T14858] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  971.308980][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  971.353658][T14858] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  971.479814][T15027] XFS (loop3): Ending clean mount
[  972.020147][ T6604] bridge_slave_1: left allmulticast mode
[  972.025874][ T6604] bridge_slave_1: left promiscuous mode
[  972.049698][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state
[  972.089146][T10411] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  972.110363][ T6604] bridge_slave_0: left allmulticast mode
[  972.116080][ T6604] bridge_slave_0: left promiscuous mode
[  972.170406][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state
[  972.219884][ T6604] bridge_slave_1: left allmulticast mode
[  972.225704][ T6604] bridge_slave_1: left promiscuous mode
[  972.295997][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state
[  972.372864][ T6604] bridge_slave_0: left allmulticast mode
[  972.398015][ T6604] bridge_slave_0: left promiscuous mode
[  972.427715][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state
[  974.935053][T15061] loop3: detected capacity change from 0 to 32768
[  974.971627][T15061] XFS: attr2 mount option is deprecated.
[  974.989760][T15061] XFS: noikeep mount option is deprecated.
[  975.130211][T15061] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  975.597668][T15061] XFS (loop3): Ending clean mount
[  975.694968][T15061] XFS (loop3): Quotacheck needed: Please wait.
[  975.947530][T15061] XFS (loop3): Quotacheck: Done.
[  976.102518][ T6604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  976.134697][ T6604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  976.154537][ T6604] bond0 (unregistering): Released all slaves
[  976.357520][T10411] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  976.953727][ T6604] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  976.981578][ T6604] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  977.017926][ T6604] bond0 (unregistering): Released all slaves
[  977.365267][T15071] loop0: detected capacity change from 0 to 2048
[  977.398838][T14858] 8021q: adding VLAN 0 to HW filter on device bond0
[  977.545630][T14858] 8021q: adding VLAN 0 to HW filter on device team0
[  978.952012][    C1] vkms_vblank_simulate: vblank timer overrun
[  979.077737][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  979.084967][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  979.213226][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  979.220519][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  979.273449][T14849] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  979.595674][T14849] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  979.758999][T14849] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  979.807709][T14849] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  980.709255][ T6604] hsr_slave_0: left promiscuous mode
[  980.735708][ T6604] hsr_slave_1: left promiscuous mode
[  980.759100][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  980.787087][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_0
[  980.797911][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  980.805422][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_1
[  980.877394][ T6604] hsr_slave_0: left promiscuous mode
[  980.889005][ T6604] hsr_slave_1: left promiscuous mode
[  980.918003][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  980.925523][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_0
[  981.017480][T15096] loop3: detected capacity change from 0 to 2048
[  981.081694][ T6604] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  981.119805][T15096] Alternate GPT is invalid, using primary GPT.
[  981.126143][T15096]  loop3: p1 p2 p3
[  981.136905][ T6604] batman_adv: batadv0: Removing interface: batadv_slave_1
[  981.683718][ T6604] veth1_macvtap: left promiscuous mode
[  981.697832][ T6604] veth0_macvtap: left promiscuous mode
[  981.703593][ T6604] veth1_vlan: left promiscuous mode
[  981.719600][ T6604] veth0_vlan: left promiscuous mode
[  981.750672][ T6604] veth1_macvtap: left promiscuous mode
[  981.766671][ T6604] veth0_macvtap: left promiscuous mode
[  981.777494][ T6604] veth1_vlan: left promiscuous mode
[  981.782915][ T6604] veth0_vlan: left promiscuous mode
[  982.040088][T15098] netlink: 248 bytes leftover after parsing attributes in process `syz-executor.3'.
[  984.399532][    C1] vkms_vblank_simulate: vblank timer overrun
[  985.608920][ T6604] team0 (unregistering): Port device team_slave_1 removed
[  985.825004][ T6604] team0 (unregistering): Port device team_slave_0 removed
[  991.311347][ T6604] team0 (unregistering): Port device team_slave_1 removed
[  991.637260][ T6604] team0 (unregistering): Port device team_slave_0 removed
[  993.336316][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[  993.342693][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[  995.345897][T14849] 8021q: adding VLAN 0 to HW filter on device bond0
[  995.470124][T14849] 8021q: adding VLAN 0 to HW filter on device team0
[  995.719124][ T5167] bridge0: port 1(bridge_slave_0) entered blocking state
[  995.726412][ T5167] bridge0: port 1(bridge_slave_0) entered forwarding state
[  995.791711][ T5167] bridge0: port 2(bridge_slave_1) entered blocking state
[  995.799007][ T5167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  995.986899][T14861] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  996.045754][T14861] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  996.105900][T14861] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  996.149073][T14858] 8021q: adding VLAN 0 to HW filter on device batadv0
[  996.179248][T15124] loop0: detected capacity change from 0 to 1024
[  996.210200][T14861] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  996.520706][T14858] veth0_vlan: entered promiscuous mode
[  996.557211][T15124] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[  996.603511][T14858] veth1_vlan: entered promiscuous mode
[  996.757699][T15124] loop0: detected capacity change from 0 to 1024
[  996.982443][T14858] veth0_macvtap: entered promiscuous mode
[  997.070758][T14858] veth1_macvtap: entered promiscuous mode
[  997.109512][T14861] 8021q: adding VLAN 0 to HW filter on device bond0
[  997.886662][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.894815][ T3788] hfsplus: b-tree write err: -5, ino 4
[  997.898907][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.912995][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.923810][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  997.946493][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  997.966887][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.001587][   T29] audit: type=1326 audit(2000000777.138:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[  998.005204][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  998.054803][   T29] audit: type=1326 audit(2000000777.168:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[  998.105834][   T29] audit: type=1326 audit(2000000777.218:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[  998.115197][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.184965][   T29] audit: type=1326 audit(2000000777.218:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3a58e7a6e7 code=0x7ffc0000
[  998.185274][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  998.232688][   T29] audit: type=1326 audit(2000000777.218:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3a58e403d9 code=0x7ffc0000
[  998.277443][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.295405][   T29] audit: type=1326 audit(2000000777.218:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3a58e7a6e7 code=0x7ffc0000
[  998.320925][T14858] batman_adv: batadv0: Interface activated: batadv_slave_0
[  998.367690][   T29] audit: type=1326 audit(2000000777.218:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3a58e403d9 code=0x7ffc0000
[  998.388714][T14861] 8021q: adding VLAN 0 to HW filter on device team0
[  998.444273][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  998.470896][   T29] audit: type=1326 audit(2000000777.218:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3a58e7a6e7 code=0x7ffc0000
[  998.510725][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.531645][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  998.552882][   T29] audit: type=1326 audit(2000000777.218:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3a58e403d9 code=0x7ffc0000
[  998.576244][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.589556][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  998.610539][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.620937][   T29] audit: type=1326 audit(2000000777.218:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15135 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3a58e7a6e7 code=0x7ffc0000
[  998.654341][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  998.697076][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.725290][T14858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  998.753456][T14858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  998.767205][T14858] batman_adv: batadv0: Interface activated: batadv_slave_1
[  998.802774][ T5168] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.810064][ T5168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  998.850493][T14858] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  998.865242][T14858] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  998.874108][T14858] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  998.905222][T14858] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  998.977413][T14849] 8021q: adding VLAN 0 to HW filter on device batadv0
[  999.007895][ T5170] bridge0: port 2(bridge_slave_1) entered blocking state
[  999.015178][ T5170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  999.196295][T15148] trusted_key: encrypted_key: hex blob is missing
[  999.284245][T15148] netlink: 'syz-executor.0': attribute type 7 has an invalid length.
[  999.559046][ T6604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  999.585740][ T6604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  999.689088][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  999.720449][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1000.357423][T14849] veth0_vlan: entered promiscuous mode
[ 1000.424400][T14849] veth1_vlan: entered promiscuous mode
[ 1000.607431][T14861] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1000.739693][T14849] veth0_macvtap: entered promiscuous mode
[ 1000.799681][T14849] veth1_macvtap: entered promiscuous mode
[ 1001.015709][T15173] Invalid ELF header type: 0 != 1
[ 1001.035749][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.089429][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.124846][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.177890][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.216839][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.306179][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.393593][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.446617][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.468864][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.517141][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.554914][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1001.591948][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.616993][T14849] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1001.673365][T14861] veth0_vlan: entered promiscuous mode
[ 1001.852113][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.943552][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.998516][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1002.050184][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1002.084881][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1002.124400][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1002.155077][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1002.196342][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1002.225216][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1002.244931][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1002.267899][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1002.304884][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1002.337680][T14849] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1002.401872][T14849] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.475374][T14849] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.484160][T14849] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.529923][T14849] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.578616][T14861] veth1_vlan: entered promiscuous mode
[ 1002.909699][T14861] veth0_macvtap: entered promiscuous mode
[ 1002.982568][T14861] veth1_macvtap: entered promiscuous mode
[ 1003.113112][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.118706][T15199] loop3: detected capacity change from 0 to 2048
[ 1003.181680][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.217452][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.539659][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.690166][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.690224][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.690297][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.690341][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.690413][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.690457][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.690559][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.690605][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1003.690647][T14861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1003.690690][T14861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1004.507861][T14861] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1004.851735][T15209] loop0: detected capacity change from 0 to 256
[ 1006.938573][ T1092] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.366447][ T5125] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1007.391228][ T5125] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1007.402063][ T5125] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1007.441749][T13067] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1007.455130][T13067] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1007.463258][T13067] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1007.682596][T13067] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1007.700609][T13067] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1007.729506][T13067] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1007.774588][T13067] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1007.801569][T13067] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1007.811497][T13067] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1007.856754][ T1092] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.045701][T15249] loop0: detected capacity change from 0 to 512
[ 1008.076712][T15249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1008.111727][T15249] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1008.131326][T15249] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 248: padding at end of block bitmap is not set
[ 1008.160096][T15249] __quota_error: 95 callbacks suppressed
[ 1008.160123][T15249] Quota error (device loop0): write_blk: dquota write failed
[ 1008.174637][T15249] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[ 1008.185062][T15249] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 1
[ 1008.261293][T15249] EXT4-fs (loop0): 1 truncate cleaned up
[ 1008.273122][T15249] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1008.317388][ T1092] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.357280][T15249] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1008.370829][T15253] loop1: detected capacity change from 0 to 256
[ 1008.421885][T15249] EXT4-fs error (device loop0): __ext4_remount:6503: comm syz-executor.0: Abort forced by user
[ 1008.462329][T15249] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[ 1008.583836][T15249] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[ 1008.596125][T15249] ext4 filesystem being remounted at /root/syzkaller-testdir1011489122/syzkaller.jRKRj6/199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1008.637008][ T1092] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.662032][T15249] Quota error (device loop0): write_blk: dquota write failed
[ 1008.702706][T15249] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1008.726227][T15249] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 1
[ 1008.902892][T15261] Quota error (device loop0): write_blk: dquota write failed
[ 1008.976927][T15261] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1009.009542][T15255] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1009.054551][T15261] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 1
[ 1009.119160][T15262] loop1: detected capacity change from 0 to 40427
[ 1009.141229][T15262] F2FS-fs (loop1): invalid crc value
[ 1009.185284][T15262] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1009.268985][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1009.279090][T15262] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 1009.287153][T12338] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-5
[ 1009.364401][T12338] EXT4-fs error (device loop0): ext4_release_dquot:6883: comm kworker/u8:1: Failed to release dquot type 1
[ 1009.565329][T13067] Bluetooth: hci2: command tx timeout
[ 1009.897068][T13067] Bluetooth: hci7: command tx timeout
[ 1010.460400][T14858] syz-executor.1: attempt to access beyond end of device
[ 1010.460400][T14858] loop1: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[ 1010.514878][ T1092] bridge_slave_1: left allmulticast mode
[ 1010.520600][ T1092] bridge_slave_1: left promiscuous mode
[ 1010.528771][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1010.539772][ T1092] bridge_slave_0: left allmulticast mode
[ 1010.547723][ T1092] bridge_slave_0: left promiscuous mode
[ 1010.555927][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1010.567356][T14858] syz-executor.1: attempt to access beyond end of device
[ 1010.567356][T14858] loop1: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[ 1010.645059][T14858] F2FS-fs (loop1): Issue discard(4614, 4614, 1019) failed, ret: -5
[ 1010.694210][T14858] F2FS-fs (loop1): Issue discard(5637, 5637, 10747) failed, ret: -5
[ 1010.805057][T15276] loop0: detected capacity change from 0 to 2048
[ 1010.888593][T15276] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1011.642643][T13067] Bluetooth: hci2: command tx timeout
[ 1011.958189][T13067] Bluetooth: hci7: command tx timeout
[ 1012.252805][T15286] netlink: 287 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1012.987702][T15296] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[ 1013.023125][T15296] overlayfs: missing 'lowerdir'
[ 1013.394557][T15298] syz-executor.0[15298] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1013.394734][T15298] syz-executor.0[15298] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1013.646233][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1013.691482][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1013.714665][ T1092] bond0 (unregistering): Released all slaves
[ 1013.725548][T13067] Bluetooth: hci2: command tx timeout
[ 1014.044737][T13067] Bluetooth: hci7: command tx timeout
[ 1014.745821][ T1092] hsr_slave_0: left promiscuous mode
[ 1014.813576][T15320] loop0: detected capacity change from 0 to 2048
[ 1014.820221][ T1092] hsr_slave_1: left promiscuous mode
[ 1014.845708][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1014.853211][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1014.905131][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1014.940077][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1015.271153][ T1092] veth1_macvtap: left promiscuous mode
[ 1015.351633][ T1092] veth0_macvtap: left promiscuous mode
[ 1015.351860][ T1092] veth1_vlan: left promiscuous mode
[ 1015.352000][ T1092] veth0_vlan: left promiscuous mode
[ 1015.795565][T13067] Bluetooth: hci2: command tx timeout
[ 1016.123799][T13067] Bluetooth: hci7: command tx timeout
[ 1016.751036][T15348] loop1: detected capacity change from 0 to 128
[ 1016.803245][T15348] befs: Invalid uid -1, using default
[ 1016.873705][T15348] befs: (loop1): No write support. Marking filesystem read-only
[ 1016.947426][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1016.965849][T15348] befs: (loop1): invalid magic header
[ 1017.197567][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1017.585467][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1017.680872][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1017.832654][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1018.301940][T15346] loop3: detected capacity change from 0 to 32768
[ 1018.371551][T15346] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (15346)
[ 1018.475013][T15346] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1018.523651][T15346] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1018.542909][T15346] BTRFS info (device loop3): using free-space-tree
[ 1019.083576][   T29] audit: type=1800 audit(2000000798.220:902): pid=15346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0
[ 1019.119531][ T1092] team0 (unregistering): Port device team_slave_1 removed
[ 1019.386050][ T1092] team0 (unregistering): Port device team_slave_0 removed
[ 1019.600129][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1019.623427][   T29] audit: type=1800 audit(2000000798.760:903): pid=15346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0
[ 1019.881727][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1020.322255][T10411] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1023.137356][T15238] chnl_net:caif_netlink_parms(): no params data found
[ 1023.378335][T15383] loop0: detected capacity change from 0 to 1024
[ 1023.506594][T15242] chnl_net:caif_netlink_parms(): no params data found
[ 1023.523067][   T29] audit: type=1804 audit(2000000802.650:904): pid=15383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name=2F726F6F742F73797A6B616C6C65722D74657374646972313031313438393132322F73797A6B616C6C65722E6A524B526A362F3230392F66696C65302FD770A323F5EA9EBF6B5DBBAA7B61A86EC7AB9CBC91CEE05508 dev="loop0" ino=27 res=1 errno=0
[ 1023.785487][T15149] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1023.831983][T15238] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1023.857458][T15238] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1023.914451][T15238] bridge_slave_0: entered allmulticast mode
[ 1023.935962][T15238] bridge_slave_0: entered promiscuous mode
[ 1024.004392][T15238] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.023065][T15149] usb 2-1: Using ep0 maxpacket: 8
[ 1024.035028][T15238] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1024.042366][T15238] bridge_slave_1: entered allmulticast mode
[ 1024.053183][T15149] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 15
[ 1024.062331][T15149] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[ 1024.064773][T15238] bridge_slave_1: entered promiscuous mode
[ 1024.171911][T15149] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[ 1024.225678][T15400] syz-executor.0[15400] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1024.225846][T15400] syz-executor.0[15400] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1024.248443][T15149] usb 2-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[ 1024.311353][T15149] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1024.321798][T15242] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.343478][T15242] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1024.362404][T15149] usb 2-1: Product: syz
[ 1024.363096][T15242] bridge_slave_0: entered allmulticast mode
[ 1024.366925][T15149] usb 2-1: Manufacturer: syz
[ 1024.394897][T15242] bridge_slave_0: entered promiscuous mode
[ 1024.398391][T15149] usb 2-1: SerialNumber: syz
[ 1024.412219][T15238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1024.440156][T15149] usb 2-1: config 0 descriptor??
[ 1024.442532][T15242] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.460439][T15385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1024.463589][T15242] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1024.498040][T15242] bridge_slave_1: entered allmulticast mode
[ 1024.517299][T15242] bridge_slave_1: entered promiscuous mode
[ 1024.538353][T15238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1024.691369][T15149] powermate: Expected payload of 3--6 bytes, found 1024 bytes!
[ 1024.743822][T15149] input: Griffin SoundKnob as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input26
[ 1024.801002][T15242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1024.824799][    C0] powermate: config urb returned -71
[ 1024.831225][    C0] powermate: config urb returned -71
[ 1024.836838][    C0] powermate: config urb returned -71
[ 1024.842537][    C0] powermate: config urb returned -71
[ 1024.846565][T15242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1024.868699][T15149] usb 2-1: USB disconnect, device number 12
[ 1024.874680][    C0] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[ 1024.958421][T15238] team0: Port device team_slave_0 added
[ 1025.013929][T15238] team0: Port device team_slave_1 added
[ 1025.083863][T15407] loop0: detected capacity change from 0 to 128
[ 1025.100672][T15407] befs: Invalid uid -1, using default
[ 1025.127670][T15407] befs: (loop0): No write support. Marking filesystem read-only
[ 1025.192552][T15407] befs: (loop0): invalid magic header
[ 1025.270511][T15242] team0: Port device team_slave_0 added
[ 1025.417699][T15242] team0: Port device team_slave_1 added
[ 1025.475379][T15238] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1025.507104][T15238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.363269][T15238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1026.466189][T15238] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1026.513132][T15238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1026.565823][T15238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1027.373717][T15431] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1027.403583][T15242] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1027.434805][T15242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1027.533360][T15242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1027.583013][T15242] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1027.590171][T15242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1027.644617][T15440] loop0: detected capacity change from 0 to 8
[ 1027.677683][T15242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1027.957811][T15238] hsr_slave_0: entered promiscuous mode
[ 1027.987503][T15238] hsr_slave_1: entered promiscuous mode
[ 1028.006137][T15238] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1028.022872][T15238] Cannot create hsr debugfs directory
[ 1028.137622][ T4871] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1028.257265][T15445] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[ 1028.352942][ T4871] usb 4-1: Using ep0 maxpacket: 8
[ 1028.393960][ T4871] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 15
[ 1028.483172][ T4871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[ 1028.533332][ T4871] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[ 1028.555429][T15447] loop1: detected capacity change from 0 to 512
[ 1028.579809][ T4871] usb 4-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[ 1028.603094][T15242] hsr_slave_0: entered promiscuous mode
[ 1028.608893][ T4871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1028.663468][ T4871] usb 4-1: Product: syz
[ 1028.667707][ T4871] usb 4-1: Manufacturer: syz
[ 1028.683498][T15242] hsr_slave_1: entered promiscuous mode
[ 1028.713699][ T4871] usb 4-1: SerialNumber: syz
[ 1028.732713][T15242] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1028.746499][ T4871] usb 4-1: config 0 descriptor??
[ 1028.751796][T15242] Cannot create hsr debugfs directory
[ 1028.787688][T15443] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1029.164900][ T4871] powermate: Expected payload of 3--6 bytes, found 1024 bytes!
[ 1029.221227][ T4871] input: Griffin SoundKnob as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input27
[ 1029.310351][    C0] powermate: config urb returned -71
[ 1029.316157][    C0] powermate: config urb returned -71
[ 1029.321846][    C0] powermate: config urb returned -71
[ 1029.327648][    C0] powermate: config urb returned -71
[ 1029.383965][ T4871] usb 4-1: USB disconnect, device number 23
[ 1029.384030][    C0] powermate 4-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[ 1029.935064][ T1092] bridge_slave_1: left allmulticast mode
[ 1029.940903][ T1092] bridge_slave_1: left promiscuous mode
[ 1030.007869][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1030.079751][T15462] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[ 1030.090041][ T1092] bridge_slave_0: left allmulticast mode
[ 1030.100602][ T1092] bridge_slave_0: left promiscuous mode
[ 1030.144154][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1030.161846][T15462] overlayfs: missing 'lowerdir'
[ 1030.569020][T15472] loop1: detected capacity change from 0 to 512
[ 1030.705948][T15472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1030.740006][T15472] ext4 filesystem being mounted at /root/syzkaller-testdir2272543669/syzkaller.7yad3v/40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1030.761601][T15478] loop0: detected capacity change from 0 to 8
[ 1030.993572][   T29] audit: type=1800 audit(2000000810.111:905): pid=15482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0
[ 1031.514827][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1032.449043][T15500] loop1: detected capacity change from 0 to 2048
[ 1032.547098][T15500] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1032.794914][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1033.053077][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1033.102666][T15504] loop1: detected capacity change from 0 to 64
[ 1033.140989][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1033.160833][ T1092] bond0 (unregistering): Released all slaves
[ 1033.488448][T15481] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[ 1033.627406][ T1092] hsr_slave_0: left promiscuous mode
[ 1033.667904][ T1092] hsr_slave_1: left promiscuous mode
[ 1033.698677][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1033.734268][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1033.767796][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1033.905645][ T1092] veth1_macvtap: left promiscuous mode
[ 1033.924421][ T1092] veth0_macvtap: left promiscuous mode
[ 1033.941828][ T1092] veth1_vlan: left promiscuous mode
[ 1033.949919][T15515] loop0: detected capacity change from 0 to 512
[ 1033.959187][ T1092] veth0_vlan: left promiscuous mode
[ 1034.019445][T15515] EXT4-fs (loop0): revision level too high, forcing read-only mode
[ 1034.042305][T15515] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[ 1034.058862][T15515] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1034.116779][T15515] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13
[ 1034.172301][T15515] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13
[ 1034.200174][T15515] EXT4-fs (loop0): 1 truncate cleaned up
[ 1034.212346][T15515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1034.321179][T15515] EXT4-fs warning (device loop0): dx_probe:892: inode #2: comm syz-executor.0: dx entry: limit 65535 != root limit 120
[ 1034.382291][T15515] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended
[ 1034.548383][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1034.950749][T15520] loop3: detected capacity change from 0 to 32768
[ 1034.962711][T15520] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (15520)
[ 1034.990691][T15520] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1035.001709][T15520] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1035.010705][T15520] BTRFS info (device loop3): using free-space-tree
[ 1035.237631][T15537] loop0: detected capacity change from 0 to 64
[ 1035.628523][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1035.628523][ T6602] loop0: rw=1, sector=65, nr_sectors = 1 limit=64
[ 1035.672115][ T6602] Buffer I/O error on dev loop0, logical block 65, lost async page write
[ 1035.722167][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1035.722167][ T6602] loop0: rw=1, sector=66, nr_sectors = 1 limit=64
[ 1035.766316][ T6602] Buffer I/O error on dev loop0, logical block 66, lost async page write
[ 1035.786877][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1035.786877][ T6602] loop0: rw=1, sector=67, nr_sectors = 1 limit=64
[ 1035.842006][ T6602] Buffer I/O error on dev loop0, logical block 67, lost async page write
[ 1035.860826][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1035.860826][ T6602] loop0: rw=1, sector=68, nr_sectors = 1 limit=64
[ 1035.888799][ T6602] Buffer I/O error on dev loop0, logical block 68, lost async page write
[ 1035.909187][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1035.909187][ T6602] loop0: rw=1, sector=72, nr_sectors = 1 limit=64
[ 1035.966568][ T6602] Buffer I/O error on dev loop0, logical block 72, lost async page write
[ 1036.022054][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1036.022054][ T6602] loop0: rw=1, sector=73, nr_sectors = 1 limit=64
[ 1036.052116][ T6602] Buffer I/O error on dev loop0, logical block 73, lost async page write
[ 1036.071598][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1036.071598][ T6602] loop0: rw=1, sector=76, nr_sectors = 1 limit=64
[ 1036.362103][ T6602] Buffer I/O error on dev loop0, logical block 76, lost async page write
[ 1036.372153][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1036.372153][ T6602] loop0: rw=1, sector=77, nr_sectors = 1 limit=64
[ 1036.409920][ T6602] Buffer I/O error on dev loop0, logical block 77, lost async page write
[ 1036.444930][ T6602] kworker/u8:13: attempt to access beyond end of device
[ 1036.444930][ T6602] loop0: rw=1, sector=78, nr_sectors = 88 limit=64
[ 1036.500038][T10411] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1036.776177][T15546] loop0: detected capacity change from 0 to 64
[ 1038.383522][ T1092] team0 (unregistering): Port device team_slave_1 removed
[ 1038.682674][ T1092] team0 (unregistering): Port device team_slave_0 removed
[ 1039.685734][T15554] loop3: detected capacity change from 0 to 32768
[ 1039.864881][T15554] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1040.217897][T15554] XFS (loop3): Ending clean mount
[ 1040.366520][T15563] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x333/0x1190, inode 0x423 dinode
[ 1040.402636][T15563] XFS (loop3): Unmount and run xfs_repair
[ 1040.421732][T15563] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[ 1040.441743][T15563] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[ 1040.519138][T15563] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1040.551742][T15563] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 a5 b6 11  4.Xh....4.Xh....
[ 1040.566842][T15563] 00000030: 34 f7 58 68 a5 a5 b6 11 00 00 00 00 00 00 00 20  4.Xh........... 
[ 1040.612265][T15563] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1040.673649][T15563] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 6b 5f 93 07  ............k_..
[ 1040.742593][T15563] 00000060: ff ff ff ff a7 f7 55 74 00 00 00 00 00 00 00 04  ......Ut........
[ 1040.771683][T15563] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[ 1040.904493][T10411] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1041.871830][T15552] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[ 1042.210172][T15569] loop1: detected capacity change from 0 to 512
[ 1042.294004][T15569] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1042.315998][T15569] ext4 filesystem being mounted at /root/syzkaller-testdir2272543669/syzkaller.7yad3v/49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1042.509908][   T29] audit: type=1326 audit(2000000821.632:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1042.648039][   T29] audit: type=1326 audit(2000000821.632:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1042.771457][   T29] audit: type=1800 audit(2000000821.632:908): pid=15569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0
[ 1042.803773][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1042.881540][   T29] audit: type=1326 audit(2000000821.692:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1042.987133][   T29] audit: type=1326 audit(2000000821.692:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1043.039727][   T29] audit: type=1326 audit(2000000821.692:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1043.097059][T15580] loop0: detected capacity change from 0 to 64
[ 1043.191672][   T29] audit: type=1326 audit(2000000821.722:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1043.287435][   T29] audit: type=1326 audit(2000000821.722:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x7ffc0000
[ 1043.366095][   T29] audit: type=1326 audit(2000000821.722:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3a58e7a6e7 code=0x7ffc0000
[ 1043.432778][   T29] audit: type=1326 audit(2000000821.722:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3a58e403d9 code=0x7ffc0000
[ 1043.810855][T15238] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1043.876604][T15238] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1043.907463][T15238] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1043.935974][T15238] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1044.149193][T15596] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[ 1044.460434][T15598] netlink: 16126 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1044.551759][T15598] netlink: 105116 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1044.772127][T15242] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1044.883281][T15242] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1044.934648][T15242] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1044.978500][T15242] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1045.449753][T15238] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1045.554424][T15238] 8021q: adding VLAN 0 to HW filter on device team0
[ 1045.635115][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1045.642399][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1045.736621][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1045.743950][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1045.830483][T15600] loop0: detected capacity change from 0 to 32768
[ 1045.856644][T15242] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1045.966260][T15600] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1045.978220][T15600] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1046.076236][T15242] 8021q: adding VLAN 0 to HW filter on device team0
[ 1046.136258][T15600] XFS (loop0): Ending clean mount
[ 1046.165412][ T4871] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1046.172670][ T4871] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1046.213608][T15600] XFS (loop0): Quotacheck needed: Please wait.
[ 1046.293478][ T4871] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1046.300800][ T4871] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1046.334238][T15604] loop1: detected capacity change from 0 to 32768
[ 1046.422023][T15604] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (15604)
[ 1046.506092][T15604] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1046.506415][T15600] XFS (loop0): Quotacheck: Done.
[ 1046.541309][T15604] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1046.550352][T15604] BTRFS info (device loop1): using free-space-tree
[ 1046.759101][T13513] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1047.035583][T15238] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1047.262873][T14858] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1047.477571][T15242] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1047.850304][T15242] veth0_vlan: entered promiscuous mode
[ 1047.917004][T15602] loop3: detected capacity change from 0 to 32768
[ 1047.953320][T15242] veth1_vlan: entered promiscuous mode
[ 1048.117247][T15242] veth0_macvtap: entered promiscuous mode
[ 1048.225317][T15242] veth1_macvtap: entered promiscuous mode
[ 1048.274181][T15650] loop1: detected capacity change from 0 to 64
[ 1048.460595][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.498534][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.537061][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.581556][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.620920][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.661198][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.691287][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.730658][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.760966][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.791402][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.830188][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1048.863137][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.883286][T15242] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1048.931896][T15238] veth0_vlan: entered promiscuous mode
[ 1048.940374][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1048.975972][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.011900][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1049.027805][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.055462][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1049.083077][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.110912][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1049.132888][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.154602][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1049.185141][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.214157][T15242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1049.238333][T15242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1049.299168][T15242] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1049.352481][T15242] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.400964][T15242] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.409811][T15242] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.451638][T15242] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.507857][T15238] veth1_vlan: entered promiscuous mode
[ 1049.832294][T15238] veth0_macvtap: entered promiscuous mode
[ 1050.286829][T15238] veth1_macvtap: entered promiscuous mode
[ 1050.334474][ T6615] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1050.362979][ T6615] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1050.450270][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.509239][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.564007][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.589988][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.630965][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.666091][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.702685][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.737880][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.770751][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.810765][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.840750][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.870961][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.900397][T15667] loop1: detected capacity change from 0 to 32768
[ 1050.900761][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1050.957989][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1050.989189][T15238] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1051.056861][T12338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1051.068217][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.119361][T12338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1051.140726][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.176940][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.215984][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.238955][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.270816][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.290817][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.317742][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.350845][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.380830][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.400813][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.430734][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.450781][T15238] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1051.473590][T15238] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1051.512644][T15238] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1051.571490][T15238] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1051.580362][T15238] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1051.631729][T15238] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1051.660784][T15238] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1052.161510][ T6615] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1052.169414][ T6615] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1052.260194][ T6611] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1052.291764][ T6611] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1052.351529][    T8] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1052.600782][    T8] usb 4-1: Using ep0 maxpacket: 16
[ 1052.661235][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1052.718374][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1052.762150][    T8] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1052.800729][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.824137][    T8] usb 4-1: config 0 descriptor??
[ 1053.348109][T15683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1053.408207][T15683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1053.469516][    T8] hid (null): report_id 0 is invalid
[ 1053.481650][ T5167] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1053.506933][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.540279][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.560589][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.591242][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.598713][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.637355][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.680595][ T5167] usb 3-1: Using ep0 maxpacket: 32
[ 1053.680818][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.692229][ T5167] usb 3-1: config 0 has no interfaces?
[ 1053.723932][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.740738][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.760240][    T8] hid-generic 0003:0158:0100.000D: unknown main item tag 0x0
[ 1053.770268][ T5167] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1053.811857][    T8] hid-generic 0003:0158:0100.000D: report_id 0 is invalid
[ 1053.812345][ T5167] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 1053.819164][    T8] hid-generic 0003:0158:0100.000D: item 0 1 1 8 parsing failed
[ 1053.820099][    T8] hid-generic 0003:0158:0100.000D: probe with driver hid-generic failed with error -22
[ 1053.850698][ T5167] usb 3-1: Product: syz
[ 1053.854951][ T5167] usb 3-1: Manufacturer: syz
[ 1053.887599][ T5167] usb 3-1: config 0 descriptor??
[ 1053.924120][    T8] usb 4-1: USB disconnect, device number 24
[ 1054.002824][T15691] loop1: detected capacity change from 0 to 40427
[ 1054.048168][T15691] F2FS-fs (loop1): invalid crc value
[ 1054.067947][T15691] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1054.197282][T15691] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1054.672235][   T58] usb 3-1: USB disconnect, device number 12
[ 1054.764855][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.771902][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.299955][T15730] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[ 1056.525698][   T29] kauditd_printk_skb: 62 callbacks suppressed
[ 1056.525720][   T29] audit: type=1326 audit(2000000000.240:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15737 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f063a47cf69 code=0x0
[ 1059.537723][   T29] audit: type=1326 audit(2000000000.130:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15781 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f063a47cf69 code=0x0
[ 1059.576658][T15779] loop0: detected capacity change from 0 to 32768
[ 1059.600226][T15767] loop1: detected capacity change from 0 to 40427
[ 1059.620929][T15779] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (15779)
[ 1059.645331][T15767] F2FS-fs (loop1): invalid crc value
[ 1059.669110][T15779] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1059.686081][T15767] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1059.693125][T15779] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 1059.720558][T15779] BTRFS info (device loop0): using free-space-tree
[ 1059.833126][T15767] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1059.877672][T15783] f2fs_ckpt-7:1: attempt to access beyond end of device
[ 1059.877672][T15783] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[ 1059.912728][T15783] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1059.922541][T15783] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1060.031396][T15779] BTRFS info (device loop0): checking UUID tree
[ 1060.405687][T15771] loop3: detected capacity change from 0 to 32768
[ 1060.491591][T13513] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1060.528602][T15771] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (15771)
[ 1060.630179][T15771] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1060.676812][T15771] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1060.730678][T15771] BTRFS info (device loop3): using free-space-tree
[ 1061.179856][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1061.457967][T15832] loop0: detected capacity change from 0 to 1024
[ 1061.590064][ T5167] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1061.617398][T15771] BTRFS error (device loop3): open_ctree failed
[ 1061.808762][ T5167] usb 5-1: Using ep0 maxpacket: 16
[ 1061.840743][ T6615] hfsplus: b-tree write err: -5, ino 4
[ 1061.853026][ T5167] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1061.941769][ T5167] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1061.951628][ T5167] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.959678][ T5167] usb 5-1: Product: syz
[ 1061.967642][ T5167] usb 5-1: Manufacturer: syz
[ 1061.972397][ T5167] usb 5-1: SerialNumber: syz
[ 1061.979523][ T5167] usb 5-1: config 0 descriptor??
[ 1061.990467][ T5167] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input28
[ 1062.306318][ T5172] usb 5-1: USB disconnect, device number 17
[ 1062.412441][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1062.744316][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1063.917694][T15859] loop1: detected capacity change from 0 to 32768
[ 1063.959731][T15859] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (15859)
[ 1064.052873][T15859] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1064.083946][T15859] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1064.116050][T15859] BTRFS info (device loop1): using free-space-tree
[ 1064.454058][T15867] loop0: detected capacity change from 0 to 32768
[ 1064.654376][T15859] BTRFS info (device loop1): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[ 1064.748216][T14858] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1065.679295][T15864] loop3: detected capacity change from 0 to 32768
[ 1065.686433][   T29] audit: type=1326 audit(2000000000.100:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15893 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7325a7cf69 code=0x0
[ 1065.959728][T15864] 
[ 1065.959728][T15864]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1065.959728][T15864] 
[ 1065.989924][ T5167] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1066.191161][ T5167] usb 5-1: too many configurations: 12, using maximum allowed: 8
[ 1066.255475][T10411] 
[ 1066.255475][T10411]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1066.255475][T10411] 
[ 1066.325046][T10411] 
[ 1066.325046][T10411]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1066.325046][T10411] 
[ 1066.339016][ T5167] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[ 1066.358933][ T5167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.413409][ T5167] usb 5-1: config 0 descriptor??
[ 1066.598488][T15902] loop0: detected capacity change from 0 to 1024
[ 1066.635924][T15902] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1066.661888][T15902] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1066.702810][ T5167] usb 5-1: string descriptor 0 read error: -71
[ 1066.729504][T15902] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1066.754551][ T5167] usb 5-1: USB disconnect, device number 18
[ 1066.802731][T15902] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003]
[ 1066.887967][T15902] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1067.234027][T15902] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[ 1067.363548][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1067.510815][   T29] audit: type=1326 audit(2000000001.930:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15914 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e01e7cf69 code=0x0
[ 1067.802528][ T5200] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1067.960084][T15918] loop1: detected capacity change from 0 to 8192
[ 1068.019498][ T5200] usb 4-1: Using ep0 maxpacket: 16
[ 1068.031519][T15918]  loop1: p3 p4 < >
[ 1068.046076][T15918] loop1: p3 start 619312 is beyond EOD, truncated
[ 1068.057515][ T5200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1068.096146][ T5200] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1068.125623][ T5200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.148930][ T5200] usb 4-1: Product: syz
[ 1068.157945][ T5200] usb 4-1: Manufacturer: syz
[ 1068.175724][ T5200] usb 4-1: SerialNumber: syz
[ 1068.205566][ T5200] usb 4-1: config 0 descriptor??
[ 1068.234646][ T5200] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input29
[ 1068.674536][T15923] loop0: detected capacity change from 0 to 32768
[ 1068.703131][ T5200] usb 4-1: USB disconnect, device number 25
[ 1068.726286][T15923] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (15923)
[ 1068.780050][T15923] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1068.799305][T15923] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 1068.839282][T15923] BTRFS info (device loop0): using free-space-tree
[ 1069.313619][T15923] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[ 1069.468418][T15938] loop1: detected capacity change from 0 to 32768
[ 1069.475824][T13513] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1069.510305][T15938] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (15938)
[ 1069.584162][T15938] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1069.637647][T15938] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1069.658731][T15938] BTRFS info (device loop1): using free-space-tree
[ 1069.883118][T15977] loop3: detected capacity change from 0 to 2048
[ 1070.018890][T15981] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1070.150265][T15986] loop0: detected capacity change from 0 to 64
[ 1070.217760][T15986] hfs: bad catalog entry type 7
[ 1070.249744][T14858] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1070.386359][T15987] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1072.188053][T16003] loop1: detected capacity change from 0 to 32768
[ 1072.223398][T13067] Bluetooth: hci4: command 0x0406 tx timeout
[ 1072.289088][T16003] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (16003)
[ 1073.909894][T16003] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1073.933127][T16003] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[ 1073.969004][T16003] BTRFS info (device loop1): using free-space-tree
[ 1074.139624][T16003] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1074.200452][T16003] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1074.288646][T16003] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1074.461181][T16003] BTRFS error (device loop1): open_ctree failed
[ 1075.289401][T16045] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1075.571886][   T29] audit: type=1804 audit(2000000009.990:982): pid=16046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2225032620/syzkaller.nfzLtg/21/file0" dev="sda1" ino=1946 res=1 errno=0
[ 1075.660806][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1075.957946][T16062] loop1: detected capacity change from 0 to 8
[ 1075.967446][T16062] SQUASHFS error: Failed to read block 0x62: -5
[ 1075.988895][T16062] squashfs image failed sanity check
[ 1076.085196][T16062] loop1: detected capacity change from 0 to 512
[ 1076.166530][T16062] overlayfs: upper fs does not support tmpfile.
[ 1076.179324][ T5170] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1076.388814][ T5170] usb 3-1: Using ep0 maxpacket: 16
[ 1076.430548][ T5170] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1078.188587][ T5170] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1078.241547][ T5170] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.352564][ T5170] usb 3-1: Product: syz
[ 1078.356814][ T5170] usb 3-1: Manufacturer: syz
[ 1078.383904][ T5170] usb 3-1: SerialNumber: syz
[ 1078.391341][T16060] loop0: detected capacity change from 0 to 32768
[ 1078.396593][ T5170] usb 3-1: config 0 descriptor??
[ 1078.460450][ T5170] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input30
[ 1078.474273][T16060] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (16060)
[ 1078.598483][T16060] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1078.637926][T16060] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[ 1078.671655][T16060] BTRFS info (device loop0): using free-space-tree
[ 1078.773201][T16060] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1078.839204][T16060] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1078.864371][T16060] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1078.880003][ T5172] usb 3-1: USB disconnect, device number 13
[ 1079.077429][T16060] BTRFS error (device loop0): open_ctree failed
[ 1080.608490][ T5172] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1080.841434][ T5172] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1080.888578][ T5172] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1080.930094][ T5172] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1080.957538][ T5172] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1080.981577][ T5172] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1081.002150][ T5172] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1081.035465][ T5172] usb 4-1: Manufacturer: syz
[ 1081.077172][ T5172] usb 4-1: config 0 descriptor??
[ 1081.532993][ T5172] appleir 0003:05AC:8243.000E: unknown main item tag 0x0
[ 1081.638379][ T5170] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1081.685411][ T5172] appleir 0003:05AC:8243.000E: No inputs registered, leaving
[ 1081.748907][ T5172] appleir 0003:05AC:8243.000E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1081.858488][ T5170] usb 5-1: Using ep0 maxpacket: 16
[ 1081.909345][ T5170] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1081.991402][ T5170] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 1082.019588][ T5170] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.058208][ T5170] usb 5-1: Product: syz
[ 1082.065114][ T5170] usb 5-1: Manufacturer: syz
[ 1082.081926][T16129] loop1: detected capacity change from 0 to 256
[ 1082.088353][ T5170] usb 5-1: SerialNumber: syz
[ 1082.114081][ T5170] usb 5-1: config 0 descriptor??
[ 1082.151685][ T5170] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input31
[ 1082.165578][T16129] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[ 1082.628225][T16133] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1082.641195][T16133] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[ 1082.651111][T16133] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[ 1082.660625][T16133] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1083.307874][T16123] loop0: detected capacity change from 0 to 32768
[ 1083.335845][T16123] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (16123)
[ 1083.342430][   T58] usb 5-1: USB disconnect, device number 19
[ 1083.455574][T16137] loop1: detected capacity change from 0 to 256
[ 1083.541999][T16137] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1083.934757][T16123] BTRFS error (device loop0): open_ctree failed
[ 1083.945031][ T5170] usb 4-1: USB disconnect, device number 26
[ 1086.088481][T16162] nfs: Unknown parameter 'ñ&\^'
[ 1086.152865][T16162] loop0: detected capacity change from 0 to 1024
[ 1086.161804][T16162] EXT4-fs: Ignoring removed i_version option
[ 1086.168053][T16162] EXT4-fs: Ignoring removed oldalloc option
[ 1086.174317][T16162] EXT4-fs: Ignoring removed i_version option
[ 1086.180510][T16162] EXT4-fs: Ignoring removed orlov option
[ 1086.186245][T16162] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1087.001904][   T29] audit: type=1326 audit(2000000021.421:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16157 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7325a7cf69 code=0x0
[ 1087.659002][T16174] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1087.669845][T16174] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[ 1087.679313][T16174] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[ 1087.687671][T16174] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1088.303407][T16175] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[ 1088.375960][T16175] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[ 1088.515048][T16175] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1088.587083][T16175] overlayfs: missing 'lowerdir'
[ 1089.405889][T16179] loop1: detected capacity change from 0 to 32768
[ 1089.437791][T16179] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (16179)
[ 1089.528177][T16179] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1089.540732][   T29] audit: type=1326 audit(2000000023.962:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16196 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f46c5a7cf69 code=0x0
[ 1089.697713][T16179] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[ 1089.750033][T16179] BTRFS info (device loop1): using free-space-tree
[ 1091.173107][T16190] loop0: detected capacity change from 0 to 40427
[ 1091.267640][T16190] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1091.812290][T16232] evm: overlay not supported
[ 1092.580926][T14858] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1092.943971][T16244] loop0: detected capacity change from 0 to 512
[ 1093.038383][T16244] EXT4-fs: Ignoring removed oldalloc option
[ 1093.044530][T16244] EXT4-fs: Ignoring removed bh option
[ 1093.154703][T16244] EXT4-fs error (device loop0): __ext4_iget:4906: inode #11: block 1: comm syz-executor.0: invalid block
[ 1093.327394][T16244] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 11 (err -117)
[ 1093.493532][T16244] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1094.286568][T16244] fuse: Unknown parameter 'roo
€'
[ 1094.755024][T13513] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1094.801084][T16262] loop3: detected capacity change from 0 to 2048
[ 1094.896855][T16262] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1095.028274][T16266] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1097.715612][T16295] loop1: detected capacity change from 0 to 4096
[ 1098.624070][T16308] loop1: detected capacity change from 0 to 1024
[ 1098.726016][T12338] hfsplus: b-tree write err: -5, ino 4
[ 1098.905186][T16314] loop3: detected capacity change from 0 to 512
[ 1098.956310][T16313] loop0: detected capacity change from 0 to 2048
[ 1099.061291][T16316] loop1: detected capacity change from 0 to 512
[ 1099.082422][T16314] FAT-fs (loop3): bogus sectors per cluster 69
[ 1099.090261][T16313] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1099.128251][T16316] EXT4-fs: Ignoring removed oldalloc option
[ 1099.138611][T16314] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1099.177055][T16316] EXT4-fs: Ignoring removed bh option
[ 1099.252042][T16316] EXT4-fs error (device loop1): __ext4_iget:4906: inode #11: block 1: comm syz-executor.1: invalid block
[ 1099.312556][T16316] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 11 (err -117)
[ 1099.677922][T16316] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1099.918470][T16316] fuse: Unknown parameter 'roo
€'
[ 1100.395526][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1101.009211][T16330] loop3: detected capacity change from 0 to 256
[ 1105.380218][T16374] loop0: detected capacity change from 0 to 2048
[ 1105.464180][T16374] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1105.545662][T16382] netlink: 'syz-executor.1': attribute type 15 has an invalid length.
[ 1105.585083][T16382] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1106.436248][ T5200] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1106.626479][ T5200] usb 2-1: Using ep0 maxpacket: 8
[ 1106.638554][ T5200] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1106.701445][ T5200] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1106.753078][ T5200] usb 2-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[ 1106.806532][ T5200] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1106.867402][ T5200] usb 2-1: config 0 descriptor??
[ 1107.346205][ T5200] belkin 0003:1020:0006.000F: unexpected long global item
[ 1107.354705][ T5200] belkin 0003:1020:0006.000F: parse failed
[ 1107.361144][ T5200] belkin 0003:1020:0006.000F: probe with driver belkin failed with error -22
[ 1107.586768][    T8] usb 2-1: USB disconnect, device number 13
[ 1107.682631][T16417] loop0: detected capacity change from 0 to 256
[ 1107.731131][T16417] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1107.853058][T16417] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 324)
[ 1107.892022][T16420] xt_l2tp: invalid flags combination: 0
[ 1107.897880][T16417] FAT-fs (loop0): Filesystem has been set read-only
[ 1107.930628][T16417] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 324)
[ 1107.961715][T16417] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 324)
[ 1108.597125][T16438] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1108.797106][T16438] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1109.838123][T16441] batman_adv: batadv1: Adding interface: netdevsim0
[ 1109.844795][T16441] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1110.113911][T16441] batman_adv: batadv1: Interface activated: netdevsim0
[ 1111.193709][T16469] loop3: detected capacity change from 0 to 1024
[ 1111.223283][T16468] loop0: detected capacity change from 0 to 1024
[ 1111.283776][T16468] EXT4-fs: Ignoring removed nobh option
[ 1111.311435][T16468] EXT4-fs: test_dummy_encryption requires encrypt feature
[ 1113.220950][T16496] hub 9-0:1.0: USB hub found
[ 1113.325743][T16496] hub 9-0:1.0: 8 ports detected
[ 1114.477905][   T62] hfsplus: b-tree write err: -5, ino 4
[ 1115.927009][   T29] audit: type=1800 audit(2000000050.314:985): pid=16519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1952 res=0 errno=0
[ 1116.191869][ T1246] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.199237][ T1246] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.745251][   T29] audit: type=1326 audit(2000000051.154:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16533 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f063a47cf69 code=0x0
[ 1118.123600][T16569] nfs: Unknown parameter 'ñ&\^'
[ 1118.191657][T16569] loop3: detected capacity change from 0 to 1024
[ 1118.200948][T16569] EXT4-fs: Ignoring removed i_version option
[ 1118.207119][T16569] EXT4-fs: Ignoring removed oldalloc option
[ 1118.213297][T16569] EXT4-fs: Ignoring removed i_version option
[ 1118.219486][T16569] EXT4-fs: Ignoring removed orlov option
[ 1118.225314][T16569] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1118.575479][   T29] audit: type=1326 audit(2000000052.964:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e01e7cf69 code=0x0
[ 1119.095419][   T29] audit: type=1326 audit(2000000053.504:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16557 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a58e7cf69 code=0x0
[ 1119.603039][T16584] loop1: detected capacity change from 0 to 4096
[ 1119.685111][T16584] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1119.733644][T16584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1119.926920][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1120.002766][   T29] audit: type=1800 audit(2000000054.414:989): pid=16597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1934 res=0 errno=0
[ 1120.126227][   T29] audit: type=1800 audit(2000000054.414:990): pid=16597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1934 res=0 errno=0
[ 1120.405606][T16606] loop3: detected capacity change from 0 to 64
[ 1120.756788][T16608] hub 9-0:1.0: USB hub found
[ 1120.767786][T16608] hub 9-0:1.0: 8 ports detected
[ 1122.101796][T16602] loop0: detected capacity change from 0 to 40427
[ 1122.148394][T16602] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 1122.174795][T16602] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1122.224539][T16602] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1122.338500][T16636] loop1: detected capacity change from 0 to 512
[ 1122.371908][T16636] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature
[ 1122.421301][T16636] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[ 1122.459475][T16602] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1122.496384][T16636] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1122.504915][T16602] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1122.621602][T16636] netlink: 'syz-executor.1': attribute type 1 has an invalid length.
[ 1122.857087][T14858] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1122.873416][    T8] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1123.091982][    T8] usb 4-1: Using ep0 maxpacket: 8
[ 1123.155623][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1123.214768][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1123.254710][    T8] usb 4-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[ 1123.288956][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1123.326066][    T8] usb 4-1: config 0 descriptor??
[ 1123.525375][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1123.565495][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1123.614912][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1123.674091][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1123.740566][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1123.793433][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1124.695988][ T9884] ==================================================================
[ 1124.704139][ T9884] BUG: KASAN: use-after-free in sysv_new_inode+0xfd3/0x1170
[ 1124.711571][ T9884] Read of size 2 at addr ffff88805790d1ce by task syz-executor.4/9884
[ 1124.713107][    T8] belkin 0003:1020:0006.0011: unexpected long global item
[ 1124.719745][ T9884] 
[ 1124.719775][ T9884] CPU: 1 PID: 9884 Comm: syz-executor.4 Not tainted 6.10.0-rc2-next-20240607-syzkaller #0
[ 1124.719800][ T9884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1124.719816][ T9884] Call Trace:
[ 1124.719827][ T9884]  <TASK>
[ 1124.719843][ T9884]  dump_stack_lvl+0x241/0x360
[ 1124.719872][ T9884]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1124.719908][ T9884]  ? __pfx__printk+0x10/0x10
[ 1124.727288][ T5170] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1124.729408][ T9884]  ? _printk+0xd5/0x120
[ 1124.729446][ T9884]  ? __virt_addr_valid+0x183/0x520
[ 1124.729480][ T9884]  ? __virt_addr_valid+0x183/0x520
[ 1124.729514][ T9884]  print_report+0x169/0x550
[ 1124.729539][ T9884]  ? __virt_addr_valid+0x183/0x520
[ 1124.729571][ T9884]  ? __virt_addr_valid+0x183/0x520
[ 1124.729604][ T9884]  ? __virt_addr_valid+0x44e/0x520
[ 1124.729638][ T9884]  ? __phys_addr+0xba/0x170
[ 1124.729672][ T9884]  ? sysv_new_inode+0xfd3/0x1170
[ 1124.729709][ T9884]  kasan_report+0x143/0x180
[ 1124.729735][ T9884]  ? sysv_new_inode+0xfd3/0x1170
[ 1124.729776][ T9884]  sysv_new_inode+0xfd3/0x1170
[ 1124.729824][ T9884]  ? __pfx_sysv_new_inode+0x10/0x10
[ 1124.729883][ T9884]  ? _raw_spin_unlock+0x3e/0x50
[ 1124.729911][ T9884]  ? __d_add+0x500/0x800
[ 1124.729952][ T9884]  sysv_mknod+0x4e/0xe0
[ 1124.729979][ T9884]  ? __pfx_sysv_create+0x10/0x10
[ 1124.730006][ T9884]  path_openat+0x1425/0x3280
[ 1124.730066][ T9884]  ? __pfx_path_openat+0x10/0x10
[ 1124.730113][ T9884]  do_filp_open+0x235/0x490
[ 1124.730150][ T9884]  ? __pfx_do_filp_open+0x10/0x10
[ 1124.730199][ T9884]  ? _raw_spin_unlock+0x28/0x50
[ 1124.730226][ T9884]  ? alloc_fd+0x5a1/0x640
2033/05/18 03:34:19 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[ 1124.730252][ T9884]  do_sys_openat2+0x13e/0x1d0
[ 1124.730281][ T9884]  ? __might_fault+0xaa/0x120
[ 1124.730309][ T9884]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1124.730337][ T9884]  ? rcu_is_watching+0x15/0xb0
[ 1124.730369][ T9884]  ? __rseq_handle_notify_resume+0x353/0x14e0
[ 1124.730407][ T9884]  __x64_sys_openat+0x247/0x2a0
[ 1124.730438][ T9884]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1124.730473][ T9884]  ? do_syscall_64+0x100/0x230
[ 1124.730498][ T9884]  ? do_syscall_64+0xb6/0x230
[ 1124.730522][ T9884]  do_syscall_64+0xf3/0x230
[ 1124.730546][ T9884]  ? clear_bhb_loop+0x35/0x90
[ 1124.730575][ T9884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1124.730601][ T9884] RIP: 0033:0x7f124b67cf69
[ 1124.730637][ T9884] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1124.730659][ T9884] RSP: 002b:00007f124c45b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1124.730688][ T9884] RAX: ffffffffffffffda RBX: 00007f124b7b3f80 RCX: 00007f124b67cf69
[ 1124.730708][ T9884] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[ 1124.730726][ T9884] RBP: 00007f124b6da6fe R08: 0000000000000000 R09: 0000000000000000
[ 1124.730743][ T9884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1124.730760][ T9884] R13: 000000000000000b R14: 00007f124b7b3f80 R15: 00007ffebe09e648
[ 1124.730788][ T9884]  </TASK>
[ 1124.730798][ T9884] 
[ 1124.730805][ T9884] The buggy address belongs to the physical page:
[ 1124.730821][ T9884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2468 pfn:0x5790d
[ 1124.730846][ T9884] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1124.730882][ T9884] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[ 1124.730903][ T9884] raw: 0000000000002468 0000000000000000 00000000ffffffff 0000000000000000
[ 1124.730917][ T9884] page dumped because: kasan: bad access detected
[ 1124.730935][ T9884] page_owner tracks the page as freed
[ 1124.730944][ T9884] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 16012, tgid 16011 (syz-executor.4), ts 1073575940970, free_ts 1074951310017
[ 1124.743171][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1124.751025][ T9884]  post_alloc_hook+0x1f3/0x230
[ 1124.751063][ T9884]  get_page_from_freelist+0x2cbd/0x2d70
[ 1124.751090][ T9884]  __alloc_pages_noprof+0x256/0x6c0
[ 1124.751115][ T9884]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1124.751138][ T9884]  folio_alloc_mpol_noprof+0x36/0x50
[ 1124.751162][ T9884]  shmem_alloc_and_add_folio+0x2ce/0x14e0
[ 1124.751195][ T9884]  shmem_get_folio_gfp+0xa22/0x2660
[ 1124.751223][ T9884]  shmem_write_begin+0x170/0x4d0
[ 1124.751255][ T9884]  generic_perform_write+0x322/0x640
[ 1124.751287][ T9884]  shmem_file_write_iter+0xfc/0x120
[ 1124.751320][ T9884]  vfs_write+0xa72/0xc90
[ 1124.751353][ T9884]  ksys_write+0x1a0/0x2c0
[ 1124.751384][ T9884]  do_syscall_64+0xf3/0x230
[ 1124.751404][ T9884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1124.751429][ T9884] page last free pid 16012 tgid 16011 stack trace:
[ 1124.751444][ T9884]  free_unref_folios+0x103a/0x1b00
[ 1124.751468][ T9884]  folios_put_refs+0x76e/0x860
[ 1124.751498][ T9884]  shmem_undo_range+0x6de/0x1df0
[ 1124.751525][ T9884]  shmem_evict_inode+0x29b/0xa80
[ 1124.751547][ T9884]  evict+0x2a8/0x630
[ 1124.751574][ T9884]  __dentry_kill+0x20d/0x630
[ 1124.756090][    T8] belkin 0003:1020:0006.0011: parse failed
[ 1124.757796][ T9884]  dput+0x19f/0x2b0
[ 1124.757826][ T9884]  __fput+0x68c/0x8b0
[ 1124.762578][    T8] belkin 0003:1020:0006.0011: probe with driver belkin failed with error -22
[ 1124.767666][ T9884]  __x64_sys_close+0x7f/0x110
[ 1124.767698][ T9884]  do_syscall_64+0xf3/0x230
[ 1124.767718][ T9884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1124.767742][ T9884] 
[ 1124.767750][ T9884] Memory state around the buggy address:
[ 1124.767763][ T9884]  ffff88805790d080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1124.773015][T15149] hid-generic 0000:0000:FFFFFFFD.0010: unknown main item tag 0x0
[ 1124.779866][ T9884]  ffff88805790d100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1124.779885][ T9884] >ffff88805790d180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1124.779898][ T9884]                                               ^
[ 1124.779912][ T9884]  ffff88805790d200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1124.779928][ T9884]  ffff88805790d280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1124.779940][ T9884] ==================================================================
[ 1125.260484][ T9884] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1125.260506][ T9884] CPU: 1 PID: 9884 Comm: syz-executor.4 Not tainted 6.10.0-rc2-next-20240607-syzkaller #0
[ 1125.260535][ T9884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[ 1125.260550][ T9884] Call Trace:
[ 1125.260562][ T9884]  <TASK>
[ 1125.260574][ T9884]  dump_stack_lvl+0x241/0x360
[ 1125.260607][ T9884]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1125.260646][ T9884]  ? __pfx__printk+0x10/0x10
[ 1125.260682][ T9884]  ? preempt_schedule+0xe1/0xf0
[ 1125.260715][ T9884]  ? vscnprintf+0x5d/0x90
[ 1125.260745][ T9884]  panic+0x349/0x870
[ 1125.260780][ T9884]  ? check_panic_on_warn+0x21/0xb0
[ 1125.260817][ T9884]  ? __pfx_panic+0x10/0x10
[ 1125.260857][ T9884]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 1125.260888][ T9884]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1125.260916][ T9884]  ? print_report+0x502/0x550
[ 1125.260945][ T9884]  check_panic_on_warn+0x86/0xb0
[ 1125.260979][ T9884]  ? sysv_new_inode+0xfd3/0x1170
[ 1125.261040][ T9884]  end_report+0x77/0x160
[ 1125.261070][ T9884]  kasan_report+0x154/0x180
[ 1125.261096][ T9884]  ? sysv_new_inode+0xfd3/0x1170
[ 1125.261139][ T9884]  sysv_new_inode+0xfd3/0x1170
[ 1125.261187][ T9884]  ? __pfx_sysv_new_inode+0x10/0x10
[ 1125.261248][ T9884]  ? _raw_spin_unlock+0x3e/0x50
[ 1125.261275][ T9884]  ? __d_add+0x500/0x800
[ 1125.261318][ T9884]  sysv_mknod+0x4e/0xe0
[ 1125.261345][ T9884]  ? __pfx_sysv_create+0x10/0x10
[ 1125.261371][ T9884]  path_openat+0x1425/0x3280
[ 1125.261427][ T9884]  ? __pfx_path_openat+0x10/0x10
[ 1125.261476][ T9884]  do_filp_open+0x235/0x490
[ 1125.261512][ T9884]  ? __pfx_do_filp_open+0x10/0x10
[ 1125.261563][ T9884]  ? _raw_spin_unlock+0x28/0x50
[ 1125.261589][ T9884]  ? alloc_fd+0x5a1/0x640
[ 1125.261619][ T9884]  do_sys_openat2+0x13e/0x1d0
[ 1125.261649][ T9884]  ? __might_fault+0xaa/0x120
[ 1125.261679][ T9884]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1125.261709][ T9884]  ? rcu_is_watching+0x15/0xb0
[ 1125.261740][ T9884]  ? __rseq_handle_notify_resume+0x353/0x14e0
[ 1125.261783][ T9884]  __x64_sys_openat+0x247/0x2a0
[ 1125.261816][ T9884]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1125.261849][ T9884]  ? do_syscall_64+0x100/0x230
[ 1125.261875][ T9884]  ? do_syscall_64+0xb6/0x230
[ 1125.261900][ T9884]  do_syscall_64+0xf3/0x230
[ 1125.261924][ T9884]  ? clear_bhb_loop+0x35/0x90
[ 1125.261953][ T9884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.261980][ T9884] RIP: 0033:0x7f124b67cf69
[ 1125.262003][ T9884] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1125.262025][ T9884] RSP: 002b:00007f124c45b0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1125.262058][ T9884] RAX: ffffffffffffffda RBX: 00007f124b7b3f80 RCX: 00007f124b67cf69
[ 1125.262077][ T9884] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[ 1125.262096][ T9884] RBP: 00007f124b6da6fe R08: 0000000000000000 R09: 0000000000000000
[ 1125.262113][ T9884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1125.262130][ T9884] R13: 000000000000000b R14: 00007f124b7b3f80 R15: 00007ffebe09e648
[ 1125.262158][ T9884]  </TASK>
[ 1125.264075][ T9884] Kernel Offset: disabled