last executing test programs:

1m27.647029595s ago: executing program 3 (id=19):
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000100)={0x15, 0x65, 0xffff, 0x9f2, 0x8, '9P2000.L'}, 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1m27.419236878s ago: executing program 3 (id=22):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r2 = dup3(r0, r1, 0x0)
read$FUSE(r2, &(0x7f00000052c0)={0x2020}, 0x2020)

1m27.191149431s ago: executing program 3 (id=25):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)

1m26.889724986s ago: executing program 3 (id=26):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r0 = open(&(0x7f0000000000)='./file1\x00', 0x0, 0x13)
fcntl$notify(r0, 0x402, 0x8000003d)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1m26.501607701s ago: executing program 3 (id=30):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/63, @ANYBLOB="fc"], 0x120}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)

1m25.672304463s ago: executing program 3 (id=36):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x40002004})
epoll_pwait(r1, &(0x7f0000000040)=[{}], 0x1, 0x10001, 0x0, 0x0)

1m25.411075367s ago: executing program 32 (id=36):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x40002004})
epoll_pwait(r1, &(0x7f0000000040)=[{}], 0x1, 0x10001, 0x0, 0x0)

3.368729922s ago: executing program 0 (id=559):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
setgid(0x0)

3.108109966s ago: executing program 0 (id=561):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x1, 0x0, 0x200, 0x2})
fcntl$lock(r0, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x5})
fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x1})
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3})

2.610558333s ago: executing program 2 (id=567):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500190084"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="030000"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x10}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.177523849s ago: executing program 2 (id=572):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x31)
r1 = openat(0xffffffffffffff9c, &(0x7f0000003040)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)={0x9, 0xfffffffffffffffc, 0x7, 0x1a0})

2.14632832s ago: executing program 0 (id=573):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000640)={r0, 0x40, 0x1})

1.951414933s ago: executing program 0 (id=575):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f000000b1c0)="02cbda572ec32cf73bdbc52bfa4e157261eb6cbd0d1d50c9d937a19739fcb9f8697bf69c0e2e526012185f1b86989056f9c2d38906e8a47b9b5fde55a777a6357ac40c211de6325f496fd86dac09bb38b62b37d715d06e3c61b172aa4a662cefc7810ba37161c637a9b56a7c7b022426826076f1d2bf3c3b6f92ab9c27d691385c3efc354f1423d01d6a49d534fca3f2bf518cd645cf18b4ac2d2ac4c5c29ba487c9d27bb488a73146d5b9e21427af37dee4a276646eb2519e4f6c76cce2f7bf7e708d5180959f71d3797220101849c5144ef8338a5a2079ecce466000cf290d4df42e82865512fb5fb01fb655613cf1c469682edd86a4bef86aa23240ca6a2ff38b59339f7530e8a8027aee0628e0f81b2f5c661b149d780f20ec54c8d3d42c0c49f83b1c0d4bec94bc9221e6fc7c75ebd3b68081df207721584055baeaf6429616d57cb35d2977d45971d209e4c45dfe3c5c105e0e2b49fc8685b4945f31c9468f3c950fcf70a8f45e5a3be62f73c228a6a34a99b6f584b42c50506a6c14187f44887270011cc98d7e5e258df533411c8d39bfa9e27014912ed9e9696fd4074fbefcd4817a344be5ea348f4a7a34733a5bc5674b1bcd39404d5a458d1e19b6d4bdb4e23403154249b5798dea7b60bbf0c09c25027a4efd49d36cbe65b7450c0bde580d356ad4e3cc7a9a57e6ac0b542592617869e57d9bed28f0590241bdeb51fa775aa8806a55df2c795a61146bdbe38eb7a716180bb9b728696bb0e78ff11f89b17c7e7fe9b14ea976ccd9991f01f5d0c4620053d0b5ce42af76591fd0706494b91a6dfc43560f9a9538ada19825ffe3a7cc7a56b755d46ae1189b1f1ac729d9938ad48a066624c1b28003a9d193b4b34c4ab2609949df96f693389f27dd3e1f42b178eb17079c1448d7e9fac30ddb53ce8e5a157db8296cd3069d332bad0528ae56a6db41ba84699b85f225a78a33879512a5f0b795fc58957ef6766afcf546fe36c8125276eeaac9d647b2459c164aae86a2703e85d4f552a0647cb4bdfaecf6ec3a264a6b6892a9a1ba08a9055e98b49edc4e1f8010f63f601a8251921df70e15011116c471a70a0580b1789bcff471dcc95ad209a44ca2453d58d3ea4c71e0383db68adf332a497a84faada33f18bd3cd79ff9d6809409769b02a66cf524534ab7134e3066eef904d8961195d9cdc396a012bb3bc1b1ccd60317d08cb059174642aa3f60584e58e7417c1736f6863fae9e7103158711167a53d7d5deddacee6958fd4c2e0672b8dd90b41512b1f59fc49099633860dd6902c1df3d5924b1cf81ec848d51129b3eddea619129e961390d65d2243d400a1e30e524eeee1a701da5e21598acf457947bad693892a2989097ecbe9607a33ffb33425ccac5e19ebd1f88bf3acc03331adf9697bed04b33ac9fceaa3bdc9a417b12108e10f9c45b6d36181099056a448689da4ef68beee35f5930ce4a5712cbed98239a674c5883d6a5e0df9c1cbe1eda8dc19d14c4abe896e3b28bb3d4b2a0e9ae31ca07b9819825f3a6ab82c5501becf023a656cbff569dbc3035ae3c585747fb459581629051286b170b679b683a0b2eea6ef3b41a68012e5f4d64f689c2b909cfd06d37c0a802be2d882351bffeddef1373d8cbafa10fefbc28b31a70b6e912fc61257aa76a0f0dc1d3ef72d2f61517a359053c3dcb7d49d8a4da61bcf3b3dafc0528bb037cec0d986b3949fff38a21dab6b8a3a167bacf067c5f7842ebebcc1bd54776b2e54a098303c6331beb16e42d0669a518af2d173405786439d739b813c145c4f9f98a537b1065bf4636c76e38b71943815a6d1227d0a6965dffc37c00444aebd2ec19286b83443902dba1354a69377e97070a79151e64711111bf3e0a755b0fb1a1d5d009fdf61b665b41a3b7dbd0655236360141c52b93bc907b0672743973c30d6c9ece47fa1fe3625cc8acbe305156012ef1c5ea140be70b804887be593f25faa13ee4ea2d9821d23c3e047d74ad4f7de4d95d275ea3e6c87479f1badfcef002ebc7020b581a096abac1a80ef6ff476a01b01f7c0fb1239fcc182f74e5b5965412c0f4170432af15daf457143b1f41422b8a7f9b81c15a156ddef9af95955090d013cd52aa66ebfbc87c8030e7f86b52aadaa2e63c261185eed7c46b5f8d56e8301a9cc1578aff77b42419a5eb2e263207ef259f4da6ca6466ac9326a633b39e005028c07c9aedf17a70e638d7ed84638406e6028be879fd0fe491152e181d5527933950eb67a52cf155d5c845a6425e41a47b44d9905de26e5132c8d594c1bf6d4f12dbcb96d7431a56546800275623679d6c189e0cebd1fb8063140b89d42da60ed06206d329c29841e69c820428bcde53c998bee0380a816d080b36f64574718b84e0ecafbfd2b9981f4886df258dbf1cfdb148b171516500572a7086516fd519bc861878ec2fceb6872229ff1e9782720e590d8ef4691fa9c4c54bfcc843015913a2ed40bf37048151d17b44365f7f8d3b816d1b1cd40dc5dda6ab8f637b5f6bae92580f1c269c9231c9a79d58d43208be7622147db352b1294260eeab12409f5b5ee94d99548640634bc9479a6e6e06cc8838bf85d9bd95452eaf8ad3cf6c070aac36a7d38fe23cebfaba46c74a6c5c98b1b5243edfe405161b8c3ea0cdb1bcb4e1041fc62451a6094b0c56ee2ed29520b87228959bc01a9a9f54d214704bd321b152a0e88d0646e99a92a390dfa6bc2c34d418e5e900a3b641ab34a5fd8de751bfb3253b7aae3948d871892d7b76b351b073a93f3ad82b0c59bc49ed922c8d63f8d12c14ce1912bf877bc7877f619b03d09200836c775675e0614efabfd5665c3bf12e6131a7232639729b79ac1c5e807246d30934b0f63b31a06c4722278299949c7785d796b6d3d4a5f2fa652b7fe8be447cafe93fcb07167f3ef16b94261fc3a9d22a57a7aac56562a231d79dbf3bdc1f436206337ff0f8e019d76b823c5976ee23ba4e553ec62d261bdc7da90fee46d3472cc267a7a74b88112ef765091df03bb59cf303feaa0149b371a7bdd75c0187ce842dd1e4cdaf7fc0f5ef7ffb559c535f19100ba653728cd936987731d5ac99cb9ef772975b17b2aff8b872df0d189c7944d63ed66cfce8ee92e7a1082c2a501007aacbe0011e6c32489bcb888e1c464bec59902d940d81136c543098a60104bcfd0f4e7c27cb114ff42e8d31fe09a4bcc21cae5ef2f8e4890bd8139fff1b1b2a39e29eaf2e5d2fb810ea37a13e6d2105a6c2ccd03fc110c6f9063e2433e1450dc8ebd8ede0445af662cf7ee705003630ab7d9fc6ed30169ed674dda2802d519e3b49016c6f11612ae53230b062281ddf7a678784516c3d177857f8bdbec7910af8c81333e471bd8a973ce858a14756ef6ec85498714fe8e1e6600023804004b968eea42c410bf0f5c5b2471835454f20230a6d342f96f71a2e64f54b838e5cd939d7a651d402fd60a8a2a081de0c536d5b81345d92165e79fa65140b91c23cdb5829db55f1f93b88bb43a355e9304a17355851d52c0d745b611a30eb400044dce6ac742bcce9df9583b827514af8a2ed4a04553817ba6ea22e9beaba65d32189a5c2bf65a09d2c8a8798c0645fb24157a4e71be7889fe65c34869d8852b21661407feed92afb0bfe582693a21c050e5adce1fe97755b0be276c36b81b89700b99d23d315a64f7e115eacdb3ade725cb3cfe36c27a5e2addad60290b022a9fc26132b5ec3b5f1d884399fd992525a3e17e18e7ee6078a64b7efc3bbd116e5c305d8ad935baff18ed94c7a8720e729132e110f986991a3ad21cc637282f55588b12756895e2d10afce85b1a04fc271b217278f156c7ffb1ed9dd52b18fc8b153802fc329dca81b278d715f6e31fbcc77d8ce5c2786573bacac30791aff5771fece44063d1e84abcd6a4ae016858893605eecf253c79e59c2152efbe9fdfee3c441e4bc9cb14fc96a675aa17bf7d2024d665fe3982b61888bbe7129a1ec8fafc3480170c71d05f5d22ef7ff0e2ca598fd02bbd0ad82e6ab0e775388bf3aa421c20b6a2a5e256386abff1103f46a8b5c54c2d54b81c50d8bd98aea724bda55f99d95956e939b85d59abdc50ea4cf1d44afa3e8dffc9d84c6b7d28b78c40d7498670602b97c5e2a6281c7876dabc1d14d156e827873818bc590644d2a1d084d39c84e78127b087bf2cd9353fd13d4ab12350318aedadaca6a2728267e6f5f16547caadf3ac2fade3c86b516c6ab53d61ea1c148835b9a2c91fd0ded7283ef720086dfc7728968924731715f78915045a69122d8b23a6db47cc6fccf402b9913e46c9a36924327ca9bba6bb8cf7cc80952501fc2181a2ec7ae4364cc6eac0cba0edda68f3b398a249d114702147f8b1cd9c7f8a15345f42a7a50334928eb4e2de974e4ae2ffb796bc640922f7ada0933460e0c0fc06276dfd228da9bfbbe5a3eade6f98594b0226339156022aad7aa8c9650417cb1551b3b6b31ce436396f68134a6ef23d6b926988fc410f81e1ae01282f244e70051f1b93644f78af3ef6359d106b291568e1ad00ad6ee102964fb7aaaec9732e43a21ea28cda496e4ae367ea738482e777290cca2ef61c8ff10c1b9546b5d395d21c98542f37578d297c13899247a6fdcdf0b8cba6b498875926a19852f97ef60dc1a0c4069fdd4d1fb87a6cd58b8786210687d644a4bad6f8fee0bc5fb94294cffc323e97597be6a5e457a5dd27fe2ebf5c34aef3bb5c43ba0a7d931e7ab02b7c290c5d04a41c01d14d6fc1ba80bfedf71caa0f7e59b135fad73e28d4861d601f79ad32edc6f8d1978d8ecf787f3c9ac71b2404939827b16f3915c8b1445dd1ec012aaeff88789c396665a50df52b244ce5b100d9a29ce52903b8f7f3662c0d0599fd1a7071798b759be02d58e5c6e4626b477653655fb7f5d7bc0ad94dbfe131c9ba5a994c1605c03b9f5173f8205c580bff685e693b23ab4cc7b2e4b21282b14f65684747ad98c0d855a205a6e17b5bb4c2b07097ae32393690e4e07a7f3e25d6bd01c1fb973a67edfa4e1d4a7a96b68570dd9d3bdfbe8a5a69adbd17167533ddbd2a58d70ca1ccea6428770dbcfeb47ddffa99e8b5e69bd34641c1f1a033e86215447fd2927482b12a85f11ae1d8b2054d7f642a9ba526e5a7d8e3d81bd394c264666f4b4dc3ff9c1584f277ff31a29c1358d9a953e0ae2822a3d174a0ce3da386083ae06f02723aea03931a38116a8e4afbc36fb9c094eb340214881a6f838f8d66141e451b9a1bd250363e591bc4ac566123a379272c08c0511e29e1dd1bc06869f3fd150bada9b28a6a71970ae3580d5bb0ab76b38068f504659bc335be1bb2a285329f749303600211d6ef7e151ad861b946d99f36d20074d65426f68a6758270ff946dd387ed3b150199fd81fd2e76a70a2fe2d7a2f8899079068ce48c5380db7e69a1a91f244ed32400e8d9e3097ec2065570dbde88faaee4a938f0b4cc20f31f175df62bf6cd88968ef7e24912dbbf91869eb9b34498d7f6000ef9a62c9441f4177ab5da1428d647b6e3cea1ca8a91b1a1246c2e048654e350cbf3dd4daaaa2558ff9c505ce0fcbcf93601a725289c38724290cffddf87e5345b43a66eb5f9fef718b0df4bcfe82c466017c3d8f0bbfd5544ff2d834a6e653ae789561df44281c8510b4bad838d04ab4a8e84fc4fc022bbe8454b36273cec843731c1df6fce42947a029f61e030990c0002b6f2c9c552227c8785c0b53683de3e518123548e332d25f2b270f595aad389951d1edbb9c6fb14cb4e479acff1ffac191da3d80a696b8be5919710c9137ecc0ca383d8666e30a356759a5299f44c2bfcd03a8df33de0e27d6038a9551cfc5ff43de0d42a6d033bf15f3a44d52f8a71554d1a2efb78042c1c9957256d7ea06b7751b40668feefff205c74f0f947ae0920aa746f17027bbef312708bf72fb23c12d0dcf6493584c1bdd0b5780017c038bc23fb6c25c560bb6da3775cf03502c07b987e64f8a2b84a870b5dd90c6aea7fad3d0a3ee46fda953dc085d272ee5855104b8bab8ed8bfd3338e75eb9ad8118f25c7e580fec613e30cf3eb7059e06d9be015709ba6c9de9dc9b6df8228b13f0439fa8d530aa9a4dc1d44abc3191c159a8816e7368fc5c6a0e57eb881d734c7a5459ba3be1b8a17b5ee6777ee42e962aee199f35ee2c2d4a39275e1dd6a8546daadc7ceab2c90667ad48c75bc7008ec2d7daa57562260d6d4509e67850e988b640569c050d3bedbd6c2de9b4f466e2d0c6f83c3c2392a5adcce1523e89f730a84f8cad28f84d1a0991f44aa4714f93088ec2a2836766d73569c7b0c1f70a067a3f0dff1d01661937aecb39e3d0f8e0ea282cffebbfdac63196eb13c4e53f144fc66a82cc0590f1d6d249c333420c24db92177c89cf0869346c34147dab6c3b94c325ef635d0e6d75c23906e71a7940e13364aef81b97108a4b209d372558d3bb0424ecb6a9a9ee28f7d1585c8af6f1256c812eb48515feda309a08f1a2954039ff0a60a2ab75717d2eb93024586837e552942eb63e0d6735d01258eb4dac6209370c109c1a1763dd742f3551276768648919f9093fd4e0cedff9442ac404e463eaea0ffe58a5085c987c093fd30e121218123457916ced3a7250a796a40451a4729125bce2ba5b6406e6626ecfb1d3f16287ba238feb575f60eba96443c60252d5927b81b73574ff1b7d424623b6cff5ce0d1b31b3d199c85da27f8736d990063f09dfef93402d880b2c5d7a9cdf45cbb4d1baf95be490f3dc9998c2c7ccfcc6e6395e7e09e6c44865834cd3e0968ffcc1d0f54406b55a8952cd8096e8968cdca3632b71546192c76472a66c4a8584eb748c1b3c30d52e8699adbef91329aefbf94d251d0b82bf42a648f73020881a914ea7c529802772b4b60617e9c1d9712a31d0ec3e92af4b97f50ec96e794486101a9e15daf8b7f13078d22767dc3b57bc0431ef39b3ca12b2932aa585bc856e8cf5496d78eaa50f06b483f416b31f78767bd25e260042e84c10e9cf9bb53a3f4fce11d703e90004949b55044907242f8eddef627cfc9642f4a828476074c298ea2d7b07ddb7b4a2b9f8f1e5a32fac7d105c5a12186da19ef5f6475763ee19aa670e7b45f37248fdfa796d6ae761dd77955851faa33675ee22e8174e0a126ac58b9998ccb5e4d12c3e00165533ddf710bf0ab0edf6ba1fecf9548ca1618fd980a4f9a35eeb5c1aa329a288378b9b5ed54b56075810cd22abf0c06ce0f1054805410375d6e41564b71b86cab6929c5c1cedb72e0b1237fdad44edbcfd326312caa49ed0c8f7c5a33986c89245fec75d0f9a34f744bf74d6e0f901c12ea25edd60c43d22f6644fa294534cac1c581b0cbf5d9765fc18fe6c223dcff4a85c7eeaf4cb1a9a889c236778b85e69d50d482743664bdeade11b4ced78c3d0b62ba07f98a898c6e89241ed6522fdfc430b75593673d43d695082b0114b25f231c8a141be953290b1a3855adc0146adee0b784fce2cf8243838bdcdbcf4e0dbcc2a9945deea1d02858a9e9dc54f0e818b81d024bd9b2e052a73fb59d037ab526c78faadfcdecc15f2a1d843e84aabc403e84b2fefbfbec982f22b89a2be560002d45ae12a8a2d00f0a3f55e26789a593fb8bdf20efb8a51e3d0dad9ad2caec39ea7392c58eebebc7201c78276f0127e43d5c8efef6e17ca522d69586a9e096efe80844c38841640238584936d8a96c0ba41dc0dc96a11623ff1e70ef54a9c43ec3cd0359dfdf55c8f8c306110d833d7de7a35f015369bf6d92b3b6f0f7dc717c84e51ce475df451b9a6a91c8d564aeb389267082b9cea77f09c6c6490084da3820f80d3e62bbd41a6540591c6c5cf2a18e4e829b82a6780b6b1f66d96fcfb1639a335a78f8c3ecf381148b2625859e514d35eb8c4acc98f7f8220e1827d7745f1f054691eeb1625e2d238ae03c93991058c1567be4938de2e60537749ee81f327f1f1e586ee3af4ccf53b29741c1bb0e774a1d27672ec27b43719d3710e9fd8634213738d98844717c8b1f707bd42f4077c9e59eb539f9cb32c11b47bcb7cb3efd3bf4994e90166a5ae380c821d2640fa99df59978e9b7e50f0b830943de787b1bf99e14edcdfe8565556ae2a8c0552d67898fd13551c007eb779edb60e85210a418cf0a4a41764fe9ece74f5d8000d168fab61588c5549113e8d8a059f17699d976fc7dc68cfd0ec404ef0c7eca459fbad1c40317d81b95a94b037cf96ba677697cfdce4c2c4e02cea296f25e556c02381ca891ddb6adcb0535e262b26290000c542e7616d63b211c16f86048079ca5167598aece3288f86658249e939cb6b59b6cdd3fce0e9ea81a3bb3f88908c600ea031b0028f12632d7ac2f81e54f7e7eb70ba70bc937571b242c4ef228f801b6a4376d11eabadaebb1322823eb30faf6cf21a8b38a769824e8b7009ff278f80ac2af39f0943a29458d127eabae81d2915557b09e3c49f8c22564edea93e8717306fb198dcc92eb3c9212f03dac94fa3fa1fa4e1dbd2119e024639f0ddc87cd906d3317c6ebc6e698257f73912ff46fe8d9adbd3f57ecc78cea5c1eb04ac5fd1bb79a53921fddaffd2d34f444b54208096cbd2aa3e26ca01359b05c10ff36e98e1ac97d51380c99e1b685928eced0d2f1e754001e7023d2473596feb7c7601619277dd7e844bd5544e7e360f8e4223fbd9e24b3fb69a34ced39bf7590fb853e44031d075fe647190ac7811522c73a6c6033457c14c415e4a84663d2540784a1cbb4a398f1d8612f4f3d334576c99d5721bbeac95cc34d18080e3b1365b6844152b8259c8d4618597f291f2b9e8812ab7729e108a8d44487f8993faabf6c6a8f49db727f17cdfec43b34c39cfdd3916fa6953e34f316100368c7b2836c11dcd4710986980356b7ec4ba23fab5cc5a8c6cacb61cc65570231407ca647946393031986cf4736280ed2d7976d66618fc240191455ae405f1d62145297179c040a707093fb8f60f5a3738b8bf78bbdf952478da7e9d3c892af5b83cd9dd4f00fcfa13beb9e6988e3c4b4e5300e3757a93efaef9023fb9d7442cb1a49d7efdec32ac1f98e6227cad38538f6383c3b6efca2fda7c101ec548c3549e7ac5e737478343ca47cdcd65acb71e0eade28c684b69785ae1fe31aaec713834b6635938d7d66426e965498978e4b467f6132daa6026c39dcbf95656b9be5c074badc18b5a74e12967b45e23099fa765ea5c8c18f0feae94755827e494f251ae96882b5c5f6d54713de02501faef1fcb59bf0d66f9d0cd3a493b139237aefdbd402a3df9dd5beb2887a055261a08047be52fa51f61636255870366e837f20d0f83b8557fa4a003647152ee27bd34b5af52743d4c431ff4a116ae1184c810e8397ef2a056845c6e3b5c0beafbf8f78488102412e04e47fb87be9a9ddc075ab519f424ebf821da659b18ae3b61a7b243ff94e3d1ba420cb342db7b8060937749892a7954d3ba5e63017703f5224602616ff6d3fec42444b2524f97dfa467d9db91681dce08de5ccb1ac2bf6cb5e6c1d586b2fc62e78b0bc23e1924a4f023adb39803fd6c3d52c40b13df9c6f54bb2b4ef88f5d0ffdfef13ae46dbf75aa6457da3bdc1781dc814b0b69debee7456aa7f75571caef87f624ef703fea75f136cc7f90af0ae558cf3de5e8cc92f3e803bd46e05f42e4167af8136db6982ad26a52778e1fefcbabe61a57f00cbf04e3c82445c04bbd8832b8bb9a7cb854a22f98cd7b422a7abafe6a00571539802e56f036d5a26d79a86cb100b90ae168d2406c2c0b9c5274ad69298e7983f4b30e006cf4882e90ca8af4e445dc06d0639231638dd39929065d920af913cc7284619fcacab0023893352468eec73d7014407e5d4bca9e49d412ffb12e68610c26206de0b3282e925b83389cbdfbc41cf279440a13838a1431ea4f1a371b6b143b914238773d171bc7b44c07729e8723fe51b8180fc9c9be6694477132cb82b22b2512518266781e687fcd460995ed581059d3c692ecbdc8daf3c76e5a5bc8e57973fed5fb3465a3dcb5557f92dba1e212f9bda66fc4829e10ce3e8b6c117b1214cb246211c861eaabf8ccaa94aedd58349399e619c2dc587719d7901d2cd85ced669d0ea898c4f127d1a4cf274aa0405d225605edf425dc9b7375c8ac2940bb369eec586097f0cc07940ecc8bd400976b9b36027a040be6e64a2fa4f7ba5d59ce9b4f76192d260d665290b20faa3a6a941939a0b3042ef4d8f9b980c71a13496b104965e1c3dab25cb46147bca6170baa0237c8a5cd1c437e43a50302490462585410f65e03186df5fc2c5bcd89f6d6a4ac34c971f0579070ab6e9a6a84159b2910a7ba797fb09dbd3ab88c23951b1a91df8cfc2d13de85dc715e2a111458acc4d640a59c199faa2bb28ec3309864fd8a6997ac89833853101a08198aa6ab3e5167b4e8e55843efae1ecd3fc6507f3a97bf2f8c4c4da4896c788a17a5fe8d8c3f79fe41dd7f4497380f1ffc8f8d6cc2c2dead697e4947cfe680a0e2b5100743444536134cde4378b0b1fe6ddc09dfe8d618f93edffeb7d097a37a19248be0bf9c4f536a484a5fc96f18f2eb4f6462b20bee241ce16b4790c854bca10914e3ba98eb0970765571a8ad45baba39d20b8c1bbb7c65717e265f5fc5edefb130aada09aa7f2c50c45de6de7327faef192977f499b7aed9e73c2ecb97f7256f89fc8b4834670f798438fac5a5045d61a7f429eba77de37517b984b0acfbd6f494a1414b0fc040244bb62a19150e0c15e5315b2618d05429263dd1847accc5de9baca08edc921ed9a0af00175c118ab801da9980098fc4a2bf16ba73e580000b49129a5fba00a1f2c45c0d0939be83ad93569dd61330913e8b381f9aff6d6a584862d636c1a4989dd3fd14853bf033be56f21a3cf1eb95d7df7c6436ff3d5a8f472bf4a3fa8b0b0741d953d9644e0ec801d4154336357d2d1492c6d336b9101827c1401898ecdca5a66c6f727d23d3ebb95530ecfee0f7649c221d2c131e56d37a8d422b0803ed0d623a2de36e9279c3c1c806654fbce9305cbb44210e282fa53c72f813440fd0cbfff492716c4a06cf99f4809481d51a03a88911f48f25db6784e16f3a251d5fb75fca164911e4a88d1b904b5372d8660d309f347dce2810552a4789af371f3e67418433cdb0d69a4fc562514cb396141f31312fab85f68c1ecd9d03ba37b40934535cc3e53c71a3a51663a479eca63dc5c15a387e5753cfa806402b6426b8dcaace2553d219b2ae02bd45fd4fde6e3e1bd6370d3e8d558aea69854381f1dad0fe2bbf1a73043f03aafe81c3a3d386c758abcb45cc537bf40d459e138f418802ec61abcad5e333389d74ea941eb5f26b25ed7642e0135fd8e3e2fc998613023dd5b804e2cf1a80ea60b353535b1446e3ebb542c1c15d87c6f5a4716455c8a9f52380161a5d23e9678417fe7ed64760e14c1390bcf73e1d531bb3548d7b9df25b6f85512667af396fad73110d1ab69a8ecdddaf29dc3701a5d927e599f5c2af293a6b276da7a5c917298ea24c2366d5e91593605fcbc4d6462", 0x2000, &(0x7f000000d8c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
umount2(&(0x7f0000000200)='./file0\x00', 0x1)

1.778264425s ago: executing program 0 (id=576):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000000c0)={r0, 0x800, {0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a7ddf8a69ea917ded5ba193b3e7772fd29f35239d2", "530bf65043114b2e53000006000000000010e200", [0x1000000000]}})
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)

1.696188986s ago: executing program 1 (id=577):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001080)={{r0}, &(0x7f0000001000), &(0x7f0000001040)}, 0x20)
bpf$ITER_CREATE(0x21, 0x0, 0x0)

1.627164767s ago: executing program 1 (id=578):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f00000000c0)=ANY=[@ANYRES64=r1], 0x6)

1.587562428s ago: executing program 4 (id=579):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x8080)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r1, 0x4b52, &(0x7f0000000100)={0xfffffffffffffcf0, 0x0})

1.46830096s ago: executing program 2 (id=580):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x0)

1.45656757s ago: executing program 1 (id=581):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x35, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), 0x0}, 0x20)

1.356227911s ago: executing program 0 (id=582):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0x2400)

1.228365883s ago: executing program 4 (id=583):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r0)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r0)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000080)={0x2c, r1, 0xf03, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x15, 0x1, '\x00'/17}]}, 0x2c}}, 0x0)

1.192461593s ago: executing program 1 (id=584):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000240)={0x5, 0x4, 0x2, 0x81, 0x5, 0x1})

1.177482484s ago: executing program 2 (id=585):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
syz_io_uring_setup(0xc97, &(0x7f0000000700)={0x0, 0x6015, 0x800, 0xff7fffff, 0x11c}, &(0x7f00000003c0), &(0x7f0000000140))

1.008381046s ago: executing program 1 (id=586):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x51}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x40880, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={0x0, 0x5}, &(0x7f0000000300)=0x8)

964.125857ms ago: executing program 2 (id=587):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)='\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0x0, 0x0})
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
read(r1, 0x0, 0x58)

940.976707ms ago: executing program 4 (id=588):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x59b, &(0x7f0000002480)="$eJzs3T1sG2UfAPD/2fGbfuRt+krvK72gDhUgFamqk/QDClO7IipV6oDEUizHjaI4cRQ70EQZ0r1CdECAupQNBkYQAwNiQWJhZQExI1U0AqnpAEb+StvEDk6p6zT+/aSz77nn7P/z3Pl/9nO6kwMYWEdrD6mIZyLiYhIx+kDdUDQrjzbWW19byd9bW8knUa1e+jWJJCLurq3kW+snzeeDEbEaEf+PiG8yEcdTW+OWl5ZncsViYaFZHqvMzo+Vl5ZPTM/mpgpThblTL79y5uzpMxMnJzo3PrOzvl7/6ca7179/7daNTz87spp/P5fEuRhp1j3Yj8epsU0ycW7T8tO9CNZHSb8bwCNJN/O8lkr/i9FIN7O+neroE20a0GPV4YjqTiSrO1od2M2SneU/sGe0fgfUxr9th9Pp3v7+uH2+MQCpxV9vTo2aoca5idhXH5sc+C15aGRSG28e7m3TGACr1yJifGio9vlrTY2apPn5e3Tjj6OB9NTX5xs7auv+T20cf6LN8Wekde70H2od/9a3HP/ux093OP5d7DLGH2/+/FHH+Ncinm0bP9mIn7SJn4qIt7qMf/ONL892qqt+HHEs2sdvSbY/Pzx2ZbpYGG88to3x1bEjr27X/wMd4jfO2e6rf8202/7zXfb/i28/f251m/gvPr/9/m+3/fdHxHtdxv/P3U9e71R3+1pyp/YrYKf7v7bsVpfxXzp39McOVfu7fAsAAAAAAAAAAKCNVP1atiSV3ZhPpbLZxj28/40DqWKpXDl+pbQ4N9m45u1wZFKtK61GG+WkVp5oXo/bKp/cVD7Vuo44vb9ezuZLxck+9x0AAAAAAAAAAAAAAAAAAAB2i4Ob7v//PV2//3/z31UDe1Xnv/wG9jr5D4Pr4fxPIob71hTgCfP9DwOrKv9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAeuLihQu1qXpvbSVfK08OLS3OlN4+MVkoz2RnF/PZfGlhPjtVKk0VC9l8afbv3q9YKs2Px9zi1bFKoVwZKy8tX54tLc5VLk/P5qYKlwuZJ9IrAAAAAAAAAAAAAAAAAAAAeLqM1KcklY2IVH0+lcpmI/4dEYcjk1yZLhbGI+JQRPyQzgzXyhP9bjQAAAAAAAAAAAAAAAAAAADsMeWl5ZlcsVhYGJCZoS1Lvuu8ckSsPt5m1N5xR68anskVM819tVu24dM2c2j7ddLR9xbuxpk+H5gAAAAAAAAAAAAAAAAAAGAA3b/pt9tX/NnbBgEAAAAAAAAAAAAAAAAAAMBASv2SRERtOjb6wsjm2n8l6+n6c0S8c/PSB1dzlcrCRG35nY3llQ+by0/2o/1At1p52spjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L7y0vJMrlgsLPRwpt99BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgUfwUAAP//H1DQ4Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e00ecffffff940200000000002172b4ce359280e2004d02000000000000000000000000380001"], 0x78)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)

804.929519ms ago: executing program 1 (id=589):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e0100002b4101", @ANYRESHEX=0x0, @ANYRES64=r0], 0x0)

704.277641ms ago: executing program 2 (id=590):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x450, &(0x7f00000069c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998247856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f0b00f694c5bef739aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404c669485a2e714ec9bb31ae0f201ca2e5b9ece2b035fbe2ee8d90aa87a986a307fe4fe90b7b2a48217f79001e60692c", @ANYRESDEC], 0x2, 0x5567, &(0x7f0000006f40)="$eJzs3M1rI+UfAPAnyb6//coPD952YBFa2IRN9wW9Vd3FF+xSfDl40jRJQ3aTTGnStPYk6FE8+J+IgifBi3+DB8/exIPiTVBmnulqrS5bk23a3c8HJt+ZZ5585/sMoeWbhATgqTWX/PpzKVwKZ0MIlRDChVLI90vFlluK4dkQwuUQQvkvW6kYfzBwKoRwLoRwKUsewjfDOCc79dnV8ZWbP73+y9ffnT5x/vOvvp/dqoFZey6E0F+P+1v9GNNOjPeK8ca4m8f+jXER44n+/eI4jXGrvZpn2Grszmvk8Xonzk/XN4dZXOs1mlnsdNfy8fVBvOBw3NnNkz/hXmMjP261V/PYHaZ57OzEurZ34t/LneEo5mkV+T7I04fRaDfG8fZ2O65n/X4em4NRMR7zpq32dhbHRSwuF5ppr5XXsTrJnT7a3ugONreTcXtj2E0Hyc1a/fla/Va1vpG22qP2jWqj37p1I5nv9LJp1VG70V/qpGmn16410/5CMt9pNqv1ejJ/u73abQySer12vXatenOh2LuavHL3naTXSuaz+FJ3sHmq2xsma+lGEp+xkCzWrr+wkFypJ28tryQrb965s7zy9nu337374vJrLxeT9pWVzC9eW1ys1q9VF+sLR2D92f/dR1z/aJL1f1wUfYD1lya7PfBwXmAAB7av/w/T7f8rQf8P7Hfc+/8wzf4/a6ke2v+f+e83+og7UP9bnrz/n6j/Par9/zFeP0xE/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8NT64eQXr+Y7c/H4fDF+sRj6f3FcCiGUQwi//4NKOLUnZ6XIc/Jf5p/8Ww3flkKeIbvG6WI7F0JYKrbf/ve47wIAAAA8ub788PKnsVuPD3OzLojDFN+GKV94f0r5SlnOuR+nlK2cPTwzpWT56/tE2J5StvzOnZlSsviW24lpZXskld3w0cU/B/MFlWIoH2o5AADAoajsCYfbhQAAAHCYPpl1AcxGKTz4EHj3C/ynYyg+2jy75xwAAABwDJVmXQAAAADw2OX9v9//AwAAgCdb/P0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uVEbiOIA/GwwkH8KinJPK7lBGSkhxxyBAtIEJZAW0gA1kFvuuUSwwh4heRek1TJeC/R9km3GRr+ZAS5vLAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB06U+1mf9afPkZi+ty9ofr5JoPAAAA8NSu2szrF9Om/S6d/5BOfUrtIiLKiDhXuw9i1MocpJzqwvurR2P4HVEnHPsYp+1tRHxN2/+PXX8KAAAAcL+2q/Wsqdab3bTvAfGamkWb8v23THlFRFTTv5nSyuPuc6aw+vc9jB+Z0uoFrEmmsGbJbXj+2ihXJ22D1iHNZLKsv8S6VXbTLwAA0Kd2JXChCgEAAOAOfO97APSjOO1O9xnHzSHdEHzTagEAAAA3qOh7AAAAAEDn6vr/Fp7/98/fEgAAAODFmuf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KVdtZlvV+vZpevLZ+bsD9fJNyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7Yn3sUAGEwBqCf4u8mvf9NHZSIjl2d3oNCSCilAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQM/wnhq/8DRHVU1pE+bUraqWTAlrpoQtc8KeC63zyHn9+SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GN+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7Yt40qDAD457PPTQuIEFCGACoSAyw0cUtLRxhAEQN/AlKUOiXgUmgz0CoCZYEJZe6CYEQICRS2/g+dG6lL2TpkCBIz6M53ybV1qSnNnUt+P+n5fbYv733vfIry5V0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDaeSdeSoq4nT1MD+PytZu768tZv31Pn7m+eWsua1ncethE37z9+JOfbC9XnxyfrTz5qv5kAAAAOBzaZX0fEbfTrcWsT6bz+j8tj8lq/u+fGcZlPX9v3b+9uz5VvDVX1v+//Xrnhb2JpofzZIOurA76C/en0jmgJU68Zx96RCc/8/nvXtr5B5K8v/H8Tpqfz9a3N268283DI3VkCwA8ihNlnwVT+z8PZX2v4dwAOBw6lcK7rP/b083mBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCHnY14qoxbETHX2Y8z27vry6P665u35sp25tq1zeqY2RBpRKysDvppjWuZdJevXP1kaTDoXxoZRDzwrf8eHI+Igxn5AUGMeOvDMb484p+PKS7PqGcV/y5oTUYajQZJ8fkUr3TrveoONiivvcc/ckPfkAAA+N9Ki5bV9bfTrcXstdZMxF8/3F3/v1aJY8z6/85HZ25W56rW/73aVjj55tcufDZ/+crVN1YvLJ3vn+9/+ubJ3lu9U2dPnz47n52rhfmVSPoLTacJAADAE6xbtGr9n8zcv/9/rBLHmPX/59/1vqzO1Vb/j7S/6dd0JgAAAIdRdy967pU//2iNOKLV7cYXS2trl3rDx73nJ4ePtab7iI4UrVr/t2eazgoAAACow85G6679/3OVOMbc/3/6xxd/ro7ZjoijERcjon9i+eLgXH3LmWh1/KFyPlG36ZUCAADQlKNFq+7/p/n9/8neLQ9JRLz+6jAu/9fVOPV/+72vf6rOVb3//1R9S5xIyezwfOT9bERntumMAAAAeBKNu9U7VbSs2P893Vr8+JdjH3Td/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQt78DAAD//77oN4s=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
fallocate(r0, 0x8, 0x4000, 0x4000)

520.153413ms ago: executing program 4 (id=591):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

324.479936ms ago: executing program 4 (id=592):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000002600000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
close(0xffffffffffffffff)

0s ago: executing program 4 (id=593):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)

kernel console output (not intermixed with test programs):

ce team0
[   74.354282][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   74.373384][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.389563][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.397123][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.430998][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.438289][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.452999][  T142] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.460235][  T142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.479568][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   74.498211][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.505666][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.534768][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.542396][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.584090][  T142] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.592002][  T142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.672557][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.826257][ T5785] veth0_vlan: entered promiscuous mode
[   74.850912][ T5785] veth1_vlan: entered promiscuous mode
[   74.959932][ T5785] veth0_macvtap: entered promiscuous mode
[   74.989721][ T5785] veth1_macvtap: entered promiscuous mode
[   75.057229][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.090472][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.098037][ T5796] Bluetooth: hci0: command tx timeout
[   75.124561][ T5785] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.145061][ T5785] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.153839][ T5785] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.163604][ T5785] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.175542][ T5796] Bluetooth: hci1: command tx timeout
[   75.181098][ T5793] Bluetooth: hci2: command tx timeout
[   75.181128][   T50] Bluetooth: hci3: command tx timeout
[   75.222051][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.267865][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.354038][ T5787] veth0_vlan: entered promiscuous mode
[   75.371946][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.417108][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.421242][ T5787] veth1_vlan: entered promiscuous mode
[   75.436977][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.464570][ T5786] veth0_vlan: entered promiscuous mode
[   75.502429][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.514869][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.547324][ T5786] veth1_vlan: entered promiscuous mode
[   75.571342][ T5787] veth0_macvtap: entered promiscuous mode
[   75.583411][ T5787] veth1_macvtap: entered promiscuous mode
[   75.618065][ T5788] veth0_vlan: entered promiscuous mode
[   75.632851][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.645684][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.658957][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.678401][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.689762][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.703073][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.728348][ T5788] veth1_vlan: entered promiscuous mode
[   75.758140][ T5787] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.774516][ T5787] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.793382][ T5787] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.803747][ T5787] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.853093][ T5786] veth0_macvtap: entered promiscuous mode
[   75.884469][ T5786] veth1_macvtap: entered promiscuous mode
[   75.953769][ T1121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.971356][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.983755][ T1121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.987609][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.001911][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.016134][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.028403][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.071111][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.082540][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.093201][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.095575][ T5879] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   76.104416][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.126909][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.141793][ T5788] veth0_macvtap: entered promiscuous mode
[   76.167723][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.177033][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.189799][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.199551][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.212959][ T5788] veth1_macvtap: entered promiscuous mode
[   76.231590][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.240604][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.282795][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.293924][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.306080][ T5879] usb 1-1: Using ep0 maxpacket: 8
[   76.307135][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.320463][ T5879] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   76.322603][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.335059][ T5879] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   76.342070][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.362472][ T5879] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   76.362498][ T5879] usb 1-1: config 1 has no interface number 1
[   76.371749][ T5879] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   76.386650][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.404297][ T5879] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   76.411096][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.428561][ T5879] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   76.440724][ T5879] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.449757][ T5879] usb 1-1: Product: syz
[   76.454105][ T5879] usb 1-1: Manufacturer: syz
[   76.463982][ T5879] usb 1-1: SerialNumber: syz
[   76.490039][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.511079][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.524419][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.536512][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.547244][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.558989][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.573366][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.580059][ T5883] syz.1.2[5883]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   76.634355][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.651905][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.653521][ T5883] loop1: detected capacity change from 0 to 2048
[   76.662247][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.683651][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.754975][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.773330][ T5883] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.798566][ T5879] usb 1-1: 2:1 : invalid UAC_AS_GENERAL desc
[   76.820213][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.880651][ T5879] usb 1-1: USB disconnect, device number 2
[   76.925258][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.960937][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.061026][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.093903][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.139849][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.156154][ T1121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.167986][ T1121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.175844][   T50] Bluetooth: hci0: command tx timeout
[   77.255045][   T50] Bluetooth: hci2: command tx timeout
[   77.255992][ T5793] Bluetooth: hci1: command tx timeout
[   77.265251][   T50] Bluetooth: hci3: command tx timeout
[   77.780099][ T5899] loop0: detected capacity change from 0 to 2048
[   77.874544][ T5899] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   78.226860][ T5838] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   78.338722][ T5896] loop1: detected capacity change from 0 to 32768
[   78.358623][ T5896] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.6 (5896)
[   78.399642][ T5896] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   78.421285][ T5896] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[   78.428116][ T5838] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   78.439290][ T5896] BTRFS info (device loop1): using free space tree
[   78.472848][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.508100][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.548162][ T5896] BTRFS info (device loop1): enabling ssd optimizations
[   78.564850][ T5838] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   78.606881][ T5896] BTRFS info (device loop1): auto enabling async discard
[   78.646377][ T5838] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   78.675092][ T5838] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   78.704367][ T5838] usb 3-1: Manufacturer: syz
[   78.725832][ T5838] usb 3-1: config 0 descriptor??
[   79.182636][ T5838] appleir 0003:05AC:8243.0001: unknown main item tag 0x0
[   79.216958][ T5838] appleir 0003:05AC:8243.0001: No inputs registered, leaving
[   79.255755][   T50] Bluetooth: hci0: command tx timeout
[   79.301362][ T5787] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   79.317247][ T5838] appleir 0003:05AC:8243.0001: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[   79.335994][   T50] Bluetooth: hci1: command tx timeout
[   79.340582][ T5793] Bluetooth: hci2: command tx timeout
[   79.341588][   T50] Bluetooth: hci3: command tx timeout
[   79.459398][ T5924] loop0: detected capacity change from 0 to 32768
[   79.485792][ T5924] =======================================================
[   79.485792][ T5924] WARNING: The mand mount option has been deprecated and
[   79.485792][ T5924]          and is ignored by this kernel. Remove the mand
[   79.485792][ T5924]          option from the mount to silence this warning.
[   79.485792][ T5924] =======================================================
[   79.589835][ T5838] usb 3-1: USB disconnect, device number 2
[   79.773732][ T5924] JBD2: Ignoring recovery information on journal
[   79.806898][ T5935] fido_id[5935]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[   79.814701][ T5939] process 'syz.1.15' launched '/dev/fd/3' with NULL argv: empty string added
[   79.863162][ T5942] overlay: Unknown parameter '/'
[   79.906867][ T5924] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   80.268636][ T5924] syz.0.11 (5924) used greatest stack depth: 17680 bytes left
[   80.423665][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[   80.574906][ T5838] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   80.775867][ T5838] usb 3-1: Using ep0 maxpacket: 32
[   80.786660][ T5838] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[   80.807005][ T5838] usb 3-1: config 0 has no interface number 0
[   80.829817][ T5838] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   80.843822][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.877994][ T5838] usb 3-1: Product: syz
[   80.885395][ T5838] usb 3-1: Manufacturer: syz
[   80.890053][ T5838] usb 3-1: SerialNumber: syz
[   80.892485][ T5961] loop3: detected capacity change from 0 to 1024
[   80.924059][ T5838] usb 3-1: config 0 descriptor??
[   80.942373][ T5838] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   80.992078][ T5961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.161900][ T5838] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[   81.172631][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.180322][ T5838] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[   81.205694][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.222938][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.242804][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.259508][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.272810][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.308814][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.321359][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.333609][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.356636][ T5788] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #11: comm syz-executor: invalid size
[   81.651182][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[   81.651660][ T5863] usb 3-1: USB disconnect, device number 3
[   81.702555][ T5863] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[   81.728334][ T5863] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[   81.759886][ T5863] quatech2 3-1:0.51: device disconnected
[   81.872211][ T5983] netlink: 96 bytes leftover after parsing attributes in process `syz.0.35'.
[   81.884178][ T5983] netlink: 96 bytes leftover after parsing attributes in process `syz.0.35'.
[   81.893032][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.907476][   T27] cfg80211: failed to load regulatory.db
[   82.028120][   T58] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.149163][   T58] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.284369][   T58] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.408519][   T58] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.944012][   T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.954281][   T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   82.963021][   T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.971372][   T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.981057][   T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   82.989312][   T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.584523][ T6017] loop0: detected capacity change from 0 to 2048
[   83.616904][ T5995] loop2: detected capacity change from 0 to 32768
[   83.649473][ T5995] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.40 (5995)
[   83.655389][ T5793] Bluetooth: hci3: command tx timeout
[   83.749460][ T5995] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   83.812686][ T5995] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   83.870658][ T5995] BTRFS info (device loop2): setting nodatacow, compression disabled
[   83.896090][ T5995] BTRFS info (device loop2): max_inline at 0
[   83.907802][ T5995] BTRFS info (device loop2): enabling disk space caching
[   83.924347][ T6017] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.945548][ T5995] BTRFS info (device loop2): turning off barriers
[   83.952031][ T5995] BTRFS info (device loop2): turning on flush-on-commit
[   83.959129][ T5995] BTRFS info (device loop2): doing ref verification
[   83.966205][ T5995] BTRFS info (device loop2): force clearing of disk cache
[   83.973553][ T5995] BTRFS info (device loop2): enabling ssd optimizations
[   84.002111][ T5995] BTRFS info (device loop2): max_inline at 4096
[   84.016688][ T5995] BTRFS info (device loop2): disk space caching is enabled
[   84.054230][ T6000] chnl_net:caif_netlink_parms(): no params data found
[   84.135700][ T5995] BTRFS info (device loop2): auto enabling async discard
[   84.163033][ T5995] BTRFS info (device loop2): rebuilding free space tree
[   84.294642][ T5995] BTRFS info (device loop2): disabling free space tree
[   84.357926][ T5995] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   84.424953][ T5995] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   84.446410][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.103912][ T5793] Bluetooth: hci2: command tx timeout
[   85.243880][ T6000] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.254714][ T5786] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   85.287032][ T6000] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.305506][ T6074] netlink: 32 bytes leftover after parsing attributes in process `syz.1.50'.
[   85.317915][ T6000] bridge_slave_0: entered allmulticast mode
[   85.331240][ T6000] bridge_slave_0: entered promiscuous mode
[   85.366120][ T6000] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.373460][ T6000] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.454008][ T6000] bridge_slave_1: entered allmulticast mode
[   85.487508][ T6000] bridge_slave_1: entered promiscuous mode
[   85.906125][ T5838] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   86.225977][ T5838] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[   86.242523][ T6000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.284961][ T6127] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   86.320278][ T5838] usb 3-1: config 0 has no interface number 0
[   86.351183][ T5838] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[   86.505103][ T5838] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[   86.602013][   T58] hsr_slave_0: left promiscuous mode
[   86.608459][ T5838] usb 3-1: config 0 interface 255 has no altsetting 0
[   86.639924][ T5838] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[   86.650809][   T58] hsr_slave_1: left promiscuous mode
[   86.663590][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.672797][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.691301][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.702884][ T5838] usb 3-1: config 0 descriptor??
[   86.716850][ T5838] ums-realtek 3-1:0.255: USB Mass Storage device detected
[   86.732414][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.754838][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.764087][   T58] bridge_slave_1: left allmulticast mode
[   86.774496][   T58] bridge_slave_1: left promiscuous mode
[   86.785050][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.859697][   T58] bridge_slave_0: left allmulticast mode
[   86.877283][   T58] bridge_slave_0: left promiscuous mode
[   86.892869][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.931050][ T5838] usb 3-1: USB disconnect, device number 4
[   86.943729][ T6146] Driver unsupported XDP return value 0 on prog  (id 13) dev N/A, expect packet loss!
[   87.035142][   T58] veth1_macvtap: left promiscuous mode
[   87.044104][   T58] veth0_macvtap: left promiscuous mode
[   87.085923][   T58] veth1_vlan: left promiscuous mode
[   87.102305][   T58] veth0_vlan: left promiscuous mode
[   87.175036][ T5793] Bluetooth: hci2: command tx timeout
[   88.044333][ T6152] loop0: detected capacity change from 0 to 32768
[   88.123062][ T6152] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.59 (6152)
[   88.186029][ T6152] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   88.277774][ T6152] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   88.323296][   T58] team0 (unregistering): Port device team_slave_1 removed
[   88.357270][ T6152] BTRFS info (device loop0): setting nodatacow, compression disabled
[   88.424962][ T6152] BTRFS info (device loop0): max_inline at 0
[   88.466746][ T6152] BTRFS info (device loop0): enabling disk space caching
[   88.499335][ T6152] BTRFS info (device loop0): turning off barriers
[   88.595811][ T6152] BTRFS info (device loop0): turning on flush-on-commit
[   88.634509][ T6152] BTRFS info (device loop0): doing ref verification
[   88.634843][   T58] team0 (unregistering): Port device team_slave_0 removed
[   88.669468][ T6164] loop2: detected capacity change from 0 to 256
[   88.675095][ T6152] BTRFS info (device loop0): force clearing of disk cache
[   88.684210][ T6152] BTRFS info (device loop0): enabling ssd optimizations
[   88.725290][ T6152] BTRFS info (device loop0): max_inline at 4096
[   88.815169][ T6152] BTRFS info (device loop0): disk space caching is enabled
[   88.957968][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   89.125119][ T6152] BTRFS info (device loop0): auto enabling async discard
[   89.196913][ T6152] BTRFS info (device loop0): rebuilding free space tree
[   89.260039][ T5793] Bluetooth: hci2: command tx timeout
[   89.301647][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.367660][ T6152] BTRFS info (device loop0): disabling free space tree
[   89.422092][ T6152] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   89.479343][ T6184] loop2: detected capacity change from 0 to 512
[   89.510892][ T6184] EXT4-fs: Ignoring removed mblk_io_submit option
[   89.528277][ T6152] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   89.558315][ T6184] EXT4-fs: Ignoring removed bh option
[   89.588440][ T6184] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   89.639343][ T6184] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   89.697633][ T6184] EXT4-fs (loop2): 1 truncate cleaned up
[   89.730483][ T6184] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.755669][ T6162] loop1: detected capacity change from 0 to 32768
[   89.852234][ T6162] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   89.899513][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.078768][ T5785] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   90.108546][ T6162] XFS (loop1): Ending clean mount
[   90.191216][ T6196] syz.2.67 uses obsolete (PF_INET,SOCK_PACKET)
[   90.255439][ T6162] XFS (loop1): Quotacheck needed: Please wait.
[   90.404259][ T6162] XFS (loop1): Quotacheck: Done.
[   90.624996][ T5863] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   90.686263][ T5787] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   90.825123][ T5863] usb 3-1: Using ep0 maxpacket: 16
[   90.904923][ T5863] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[   90.914303][ T5863] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.928021][ T5863] usb 3-1: Product: syz
[   90.932980][ T5863] usb 3-1: Manufacturer: syz
[   90.939891][ T5863] usb 3-1: SerialNumber: syz
[   90.957890][ T5863] usb 3-1: config 0 descriptor??
[   91.323907][ T6203] input: syz0 as /devices/virtual/input/input5
[   91.342039][ T5793] Bluetooth: hci2: command tx timeout
[   91.376508][   T58] bond0 (unregistering): Released all slaves
[   91.391204][ T5863] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[   91.454472][ T5863] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   91.502157][ T5863] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[   91.515581][ T5863] usb 3-1: media controller created
[   91.553926][ T5863] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   91.596187][ T6198] dtv5100: wlen = 0, aborting.
[   91.686586][ T5863] zl10353_read_register: readreg error (reg=127, ret==0)
[   91.709690][ T6000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.722313][ T5863] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[   91.731217][ T5863] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[   91.753630][ T5863] usb 3-1: USB disconnect, device number 5
[   91.859997][ T6000] team0: Port device team_slave_0 added
[   91.897618][ T6000] team0: Port device team_slave_1 added
[   91.926911][ T5863] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[   92.097432][ T6000] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.120040][ T6000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.220639][ T6000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.259855][ T6000] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.298113][ T6000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.394797][ T6000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.592354][ T6000] hsr_slave_0: entered promiscuous mode
[   92.610628][ T6000] hsr_slave_1: entered promiscuous mode
[   92.635861][ T6000] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.656393][ T6000] Cannot create hsr debugfs directory
[   92.982211][ T6220] loop1: detected capacity change from 0 to 32768
[   93.007538][ T6220] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.76 (6220)
[   93.047262][ T6220] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.086926][ T6220] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   93.105426][ T6220] BTRFS info (device loop1): setting nodatacow, compression disabled
[   93.126021][ T6220] BTRFS info (device loop1): max_inline at 0
[   93.143489][ T6220] BTRFS info (device loop1): enabling disk space caching
[   93.162039][ T6220] BTRFS info (device loop1): turning off barriers
[   93.169243][ T6220] BTRFS info (device loop1): turning on flush-on-commit
[   93.177537][ T6220] BTRFS info (device loop1): doing ref verification
[   93.187849][ T6220] BTRFS info (device loop1): force clearing of disk cache
[   93.207972][ T6220] BTRFS info (device loop1): enabling ssd optimizations
[   93.232598][ T6220] BTRFS info (device loop1): max_inline at 4096
[   93.239386][ T5863] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   93.268790][ T6220] BTRFS info (device loop1): disk space caching is enabled
[   93.287479][ T6000] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.354200][ T6000] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.384337][ T6000] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.424225][ T6000] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.441829][ T6220] BTRFS info (device loop1): auto enabling async discard
[   93.465554][ T5863] usb 1-1: Using ep0 maxpacket: 32
[   93.474981][ T6220] BTRFS info (device loop1): rebuilding free space tree
[   93.477497][ T5863] usb 1-1: config 0 has no interfaces?
[   93.506932][ T6220] BTRFS info (device loop1): disabling free space tree
[   93.513914][ T6220] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   93.525595][ T6220] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   93.538896][ T5863] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   93.586682][ T5863] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   93.631579][ T5863] usb 1-1: Product: syz
[   93.665442][ T5863] usb 1-1: Manufacturer: syz
[   93.684166][ T5863] usb 1-1: SerialNumber: syz
[   93.713825][ T5863] usb 1-1: config 0 descriptor??
[   93.820227][ T6000] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.830082][ T5787] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.922067][ T6000] 8021q: adding VLAN 0 to HW filter on device team0
[   93.959192][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.966444][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.972585][   T23] usb 1-1: USB disconnect, device number 3
[   94.022189][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.029415][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.191238][  T786] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   94.426082][  T786] usb 3-1: config 0 interface 0 has no altsetting 0
[   94.432849][  T786] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[   94.475380][  T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.492836][  T786] usb 3-1: config 0 descriptor??
[   94.751328][ T6000] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.777929][ T6289] loop1: detected capacity change from 0 to 8192
[   94.821430][ T6289] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   94.847228][ T6289] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[   94.857724][ T6289] REISERFS (device loop1): using ordered data mode
[   94.864352][ T6289] reiserfs: using flush barriers
[   94.880761][ T6289] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   94.899616][ T6289] REISERFS (device loop1): checking transaction log (loop1)
[   94.923025][ T6289] REISERFS (device loop1): Using r5 hash to sort names
[   94.937753][ T6289] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[   95.008542][   T28] audit: type=1800 audit(1752523546.952:2): pid=6289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.85" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=4 res=0 errno=0
[   95.556334][  T786] video4linux radio48: keene_cmd_set failed (-71)
[   95.563230][  T786] radio-keene 3-1:0.0: V4L2 device registered as radio48
[   95.638035][  T786] usb 3-1: USB disconnect, device number 6
[   95.866593][ T6000] veth0_vlan: entered promiscuous mode
[   95.905603][ T6000] veth1_vlan: entered promiscuous mode
[   96.062996][ T6000] veth0_macvtap: entered promiscuous mode
[   96.134164][ T6000] veth1_macvtap: entered promiscuous mode
[   96.249163][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.274961][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.307023][ T6308] loop1: detected capacity change from 0 to 32768
[   96.318907][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.354768][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.382440][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.425513][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.459843][ T6000] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.510867][ T6308] ERROR: (device loop1): jfs_readdir: JFS:Dtree error: ino = 2, bn=44, index = 3
[   96.510867][ T6308] 
[   96.545351][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.569305][ T6308] ERROR: (device loop1): remounting filesystem as read-only
[   96.574828][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.608326][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.636773][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.688163][ T6000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.709482][ T6000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.737308][ T6000] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.794163][ T6000] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.803217][ T6000] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.812313][ T6000] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.823355][ T6000] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.894617][ T6323] loop0: detected capacity change from 0 to 32768
[   96.913911][ T6323] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.105721][ T6108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.113669][ T6108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.132882][ T6347] Bluetooth: MGMT ver 1.22
[   97.184456][ T6323] XFS (loop0): Ending clean mount
[   97.198849][ T6323] XFS (loop0): Quotacheck needed: Please wait.
[   97.236240][ T6124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.244090][ T6124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.362023][ T6323] XFS (loop0): Quotacheck: Done.
[   97.697167][ T5785] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.503899][ T6354] loop2: detected capacity change from 0 to 32768
[   98.633466][ T6354] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.721608][ T6361] loop1: detected capacity change from 0 to 32768
[   98.840984][ T6354] XFS (loop2): Ending clean mount
[   98.875067][ T6361] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   99.089402][ T6361] XFS (loop1): Ending clean mount
[   99.135427][ T6361] XFS (loop1): Quotacheck needed: Please wait.
[   99.197120][ T5786] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   99.243155][ T6361] XFS (loop1): Quotacheck: Done.
[   99.448850][ T5787] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   99.607536][ T6407] netlink: 8 bytes leftover after parsing attributes in process `syz.4.104'.
[   99.647996][ T6407] gtp0: entered promiscuous mode
[   99.674910][ T6407] gtp0: entered allmulticast mode
[  100.009950][ T6421] netlink: 'syz.4.107': attribute type 13 has an invalid length.
[  100.061066][ T6424] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.432472][ T6436] loop0: detected capacity change from 0 to 512
[  100.477612][ T6436] EXT4-fs (loop0): orphan cleanup on readonly fs
[  100.578019][ T6436] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.110: bg 0: block 248: padding at end of block bitmap is not set
[  100.653303][ T6436] Quota error (device loop0): write_blk: dquota write failed
[  100.675686][ T6436] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  100.688329][ T6436] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.110: Failed to acquire dquot type 1
[  100.719572][ T6436] EXT4-fs (loop0): 1 truncate cleaned up
[  100.741662][ T6421] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.750976][ T6421] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.761506][ T6436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.076111][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.472475][ T6421] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.542554][ T6421] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.564838][  T787] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  101.718833][ T6450] loop1: detected capacity change from 0 to 32768
[  101.745522][ T6450] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.115 (6450)
[  101.806958][  T787] usb 1-1: config 0 has an invalid interface number: 214 but max is 0
[  101.817300][ T6450] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  101.825019][  T787] usb 1-1: config 0 has no interface number 0
[  101.853447][  T787] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  101.859461][ T6450] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  101.876075][ T6450] BTRFS info (device loop1): setting nodatacow, compression disabled
[  101.905160][ T6450] BTRFS info (device loop1): max_inline at 0
[  101.914082][  T787] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  101.934868][ T6450] BTRFS info (device loop1): enabling disk space caching
[  101.944958][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.953198][  T787] usb 1-1: Product: syz
[  101.953318][ T6450] BTRFS info (device loop1): turning off barriers
[  101.978350][ T6450] BTRFS info (device loop1): turning on flush-on-commit
[  101.983585][  T787] usb 1-1: Manufacturer: syz
[  101.994879][  T787] usb 1-1: SerialNumber: syz
[  101.995242][ T6450] BTRFS info (device loop1): doing ref verification
[  102.016934][  T787] usb 1-1: config 0 descriptor??
[  102.025095][ T6450] BTRFS info (device loop1): force clearing of disk cache
[  102.036293][ T6450] BTRFS info (device loop1): enabling ssd optimizations
[  102.045765][ T6450] BTRFS info (device loop1): max_inline at 4096
[  102.052133][ T6450] BTRFS info (device loop1): disk space caching is enabled
[  102.164452][ T6450] BTRFS info (device loop1): auto enabling async discard
[  102.173703][ T6450] BTRFS info (device loop1): rebuilding free space tree
[  102.231764][  T787] usbtouchscreen 1-1:0.214: Failed to read FW rev: -71
[  102.248178][  T787] usbtouchscreen: probe of 1-1:0.214 failed with error -71
[  102.252246][ T6450] BTRFS info (device loop1): disabling free space tree
[  102.263059][  T787] usb 1-1: USB disconnect, device number 4
[  102.279798][ T6450] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  102.297187][ T6421] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.314181][ T6450] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  102.318200][ T6421] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.357363][ T6421] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.371464][ T6421] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.558021][ T5787] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  103.247625][ T6490] loop0: detected capacity change from 0 to 2048
[  103.292458][ T6490] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  103.319611][ T6490] UDF-fs: Scanning with blocksize 512 failed
[  103.375843][ T6490] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.432451][   T28] audit: type=1800 audit(1752523555.382:3): pid=6490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.122" name="file1" dev="loop0" ino=818 res=0 errno=0
[  103.848683][ T6506] loop1: detected capacity change from 0 to 4096
[  103.924664][ T6506] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  104.163248][ T6506] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  104.277655][   T28] audit: type=1800 audit(1752523556.232:4): pid=6506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.126" name="file0" dev="loop1" ino=0 res=0 errno=0
[  104.414984][   T28] audit: type=1804 audit(1752523556.362:5): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.126" name="/newroot/42/file0/file0" dev="loop1" ino=0 res=1 errno=0
[  104.604916][ T5879] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  104.835629][ T5879] usb 3-1: Using ep0 maxpacket: 8
[  104.843748][ T5879] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  104.856636][ T5879] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  104.878780][ T5879] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  104.901945][ T5879] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  104.939377][ T5879] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  104.976479][ T5879] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  104.987196][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.222648][ T5879] usb 3-1: usb_control_msg returned -32
[  105.247588][ T5879] usbtmc 3-1:16.0: can't read capabilities
[  105.858067][   T23] usb 3-1: USB disconnect, device number 7
[  105.887163][ T6561] loop1: detected capacity change from 0 to 256
[  106.068222][ T6561] FAT-fs (loop1): Directory bread(block 64) failed
[  106.090545][ T6561] FAT-fs (loop1): Directory bread(block 65) failed
[  106.128148][ T6561] FAT-fs (loop1): Directory bread(block 66) failed
[  106.148372][ T6561] FAT-fs (loop1): Directory bread(block 67) failed
[  106.185053][ T6561] FAT-fs (loop1): Directory bread(block 68) failed
[  106.191634][ T6561] FAT-fs (loop1): Directory bread(block 69) failed
[  106.218231][ T6561] FAT-fs (loop1): Directory bread(block 70) failed
[  106.234863][ T6561] FAT-fs (loop1): Directory bread(block 71) failed
[  106.255445][ T6561] FAT-fs (loop1): Directory bread(block 72) failed
[  106.262024][ T6561] FAT-fs (loop1): Directory bread(block 73) failed
[  106.348467][   T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  106.365084][   T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  106.380151][   T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  106.405879][   T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  106.415793][   T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  106.427556][   T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  106.899617][ T6592] tipc: Started in network mode
[  106.909797][ T6592] tipc: Node identity 4, cluster identity 4711
[  106.916590][ T6592] tipc: Node number set to 4
[  107.143055][ T6597] netlink: 'syz.0.150': attribute type 21 has an invalid length.
[  107.164000][ T6597] netlink: 14548 bytes leftover after parsing attributes in process `syz.0.150'.
[  107.312776][ T6586] loop1: detected capacity change from 0 to 32768
[  107.348103][ T6586] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.146 (6586)
[  107.408616][ T6586] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  107.436377][ T6586] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  107.451730][ T6586] BTRFS info (device loop1): using free space tree
[  107.595333][ T6586] BTRFS info (device loop1): enabling ssd optimizations
[  107.649901][ T6586] BTRFS info (device loop1): auto enabling async discard
[  107.660705][ T6626] netlink: 'syz.0.152': attribute type 3 has an invalid length.
[  107.681708][ T6626] netlink: 'syz.0.152': attribute type 1 has an invalid length.
[  107.702409][ T6622] warning: `syz.0.152' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  107.725644][ T6626] netlink: 199820 bytes leftover after parsing attributes in process `syz.0.152'.
[  107.815264][ T6114] hsr_slave_0: left promiscuous mode
[  107.836441][ T6114] hsr_slave_1: left promiscuous mode
[  107.877687][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.929830][ T6114] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.939060][ T6114] bridge_slave_1: left allmulticast mode
[  107.954929][ T6114] bridge_slave_1: left promiscuous mode
[  107.960841][ T6114] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.976679][ T6114] bridge_slave_0: left allmulticast mode
[  107.983591][ T6114] bridge_slave_0: left promiscuous mode
[  107.990051][ T6114] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.321651][ T5787] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  108.402080][   T28] audit: type=1326 audit(1752523560.352:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fad5f12ab19 code=0x7ffc0000
[  108.469365][   T28] audit: type=1326 audit(1752523560.352:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5f18e929 code=0x7ffc0000
[  108.534931][   T28] audit: type=1326 audit(1752523560.352:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5f18e929 code=0x7ffc0000
[  108.543113][ T5793] Bluetooth: hci2: command tx timeout
[  108.564054][   T28] audit: type=1326 audit(1752523560.352:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5f18e929 code=0x7ffc0000
[  108.638715][   T28] audit: type=1326 audit(1752523560.352:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5f18e929 code=0x7ffc0000
[  108.718021][   T28] audit: type=1326 audit(1752523560.352:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fad5f12ab19 code=0x7ffc0000
[  108.783741][   T28] audit: type=1326 audit(1752523560.352:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad5f18e929 code=0x7ffc0000
[  108.840321][   T28] audit: type=1326 audit(1752523560.392:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fad5f12ab19 code=0x7ffc0000
[  108.913832][   T28] audit: type=1326 audit(1752523560.392:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fad5f12ab19 code=0x7ffc0000
[  108.924872][ T5838] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  108.965310][   T28] audit: type=1326 audit(1752523560.392:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.2.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fad5f12ab19 code=0x7ffc0000
[  109.139098][ T5838] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  109.171630][ T5838] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  109.193128][ T5838] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  109.202420][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.250665][ T6645] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  109.262530][ T5838] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[  109.501190][  T787] usb 1-1: USB disconnect, device number 5
[  109.542486][ T6114] team0 (unregistering): Port device team_slave_1 removed
[  109.660387][ T6114] team0 (unregistering): Port device team_slave_0 removed
[  109.709022][ T6114] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  109.721983][ T6655] block nbd2: shutting down sockets
[  109.783950][ T6114] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.367917][ T6662] loop1: detected capacity change from 0 to 128
[  110.413693][ T6662] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  110.459563][ T6657] loop2: detected capacity change from 0 to 40427
[  110.511199][ T6657] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  110.537408][ T6662] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  110.573239][ T6657] F2FS-fs (loop2): invalid crc value
[  110.610988][ T6657] F2FS-fs (loop2): Found nat_bits in checkpoint
[  110.622673][ T5793] Bluetooth: hci2: command tx timeout
[  110.743745][ T6657] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  110.982463][ T5786] syz-executor: attempt to access beyond end of device
[  110.982463][ T5786] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.012304][ T5786] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  111.217522][ T6114] bond0 (unregistering): Released all slaves
[  111.537684][ T6571] chnl_net:caif_netlink_parms(): no params data found
[  111.778531][ T6671] loop0: detected capacity change from 0 to 32768
[  111.792692][ T6676] loop1: detected capacity change from 0 to 32768
[  111.837716][ T6671] (syz.0.169,6671,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  111.859795][ T6676] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.172 (6676)
[  111.878325][ T6671] (syz.0.169,6671,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  111.896373][ T6571] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.903616][ T6571] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.965270][ T6571] bridge_slave_0: entered allmulticast mode
[  111.991437][ T6671] JBD2: Ignoring recovery information on journal
[  111.996385][ T6571] bridge_slave_0: entered promiscuous mode
[  112.019841][ T6676] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.124971][ T6571] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.132245][ T6571] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.145279][ T6676] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  112.153991][ T6676] BTRFS info (device loop1): force clearing of disk cache
[  112.184114][ T6571] bridge_slave_1: entered allmulticast mode
[  112.198490][ T6671] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  112.222728][ T6676] BTRFS info (device loop1): enabling auto defrag
[  112.238611][ T6571] bridge_slave_1: entered promiscuous mode
[  112.251588][ T6676] BTRFS info (device loop1): max_inline at 0
[  112.301168][ T6676] BTRFS info (device loop1): enabling disk space caching
[  112.340705][ T6676] BTRFS info (device loop1): disk space caching is enabled
[  112.428595][ T6571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.469356][ T6571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.511421][ T6676] BTRFS info (device loop1): enabling ssd optimizations
[  112.519332][  T786] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  112.550210][ T6676] BTRFS info (device loop1): rebuilding free space tree
[  112.591779][ T6676] BTRFS info (device loop1): disabling free space tree
[  112.609174][ T6676] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  112.646868][ T6676] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  112.689146][ T6571] team0: Port device team_slave_0 added
[  112.698090][ T5793] Bluetooth: hci2: command tx timeout
[  112.724046][ T6571] team0: Port device team_slave_1 added
[  112.735390][  T786] usb 3-1: Using ep0 maxpacket: 32
[  112.746820][  T786] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  112.765074][  T786] usb 3-1: config 0 has no interface number 0
[  112.774663][  T786] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  112.784281][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.807820][  T786] usb 3-1: Product: syz
[  112.814432][  T786] usb 3-1: Manufacturer: syz
[  112.826350][  T786] usb 3-1: SerialNumber: syz
[  112.866932][  T786] usb 3-1: config 0 descriptor??
[  112.882198][  T786] smsc95xx v2.0.0
[  112.918419][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[  113.042343][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.093875][ T5787] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  113.104971][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.194942][ T6571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.251842][ T6571] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.306771][  T786] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  113.324826][ T6571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.384868][  T786] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  113.469376][ T6571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.804254][ T6571] hsr_slave_0: entered promiscuous mode
[  113.823319][ T6571] hsr_slave_1: entered promiscuous mode
[  113.833227][ T6571] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.843963][ T6571] Cannot create hsr debugfs directory
[  113.854451][  T786] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  113.879104][  T786] smsc95xx: probe of 3-1:0.67 failed with error -71
[  113.909222][  T786] usb 3-1: USB disconnect, device number 8
[  114.561485][ T6751] loop1: detected capacity change from 0 to 2048
[  114.607947][ T6751] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  114.781992][ T5793] Bluetooth: hci2: command tx timeout
[  115.225660][ T6571] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  115.262517][ T6571] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  115.293129][ T6571] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  115.323139][ T6571] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  115.540923][ T6782] netlink: 64 bytes leftover after parsing attributes in process `syz.0.186'.
[  115.567413][ T6780] loop1: detected capacity change from 0 to 4096
[  115.593909][ T6780] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  115.642806][ T6571] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.715070][ T6780] ntfs3: loop1: Failed to load $Extend (-22).
[  115.721454][ T6780] ntfs3: loop1: Failed to initialize $Extend.
[  115.727266][ T6571] 8021q: adding VLAN 0 to HW filter on device team0
[  115.813042][ T6108] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.820266][ T6108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.852681][ T6108] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.860108][ T6108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.885100][ T6780] ntfs3: loop1: ino=22, "blkio.bfq.io_merged_recursive" mmap(write) compressed not supported
[  116.282871][ T6798] syzkaller1: entered promiscuous mode
[  116.321958][ T6798] syzkaller1: entered allmulticast mode
[  116.346001][ T5838] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  116.582441][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.608720][ T5838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.614204][ T6571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.651461][ T5838] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  116.679208][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.713910][ T5838] usb 1-1: config 0 descriptor??
[  116.763552][ T6816] loop2: detected capacity change from 0 to 2048
[  116.848403][ T6816] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.175443][ T5838] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0
[  117.221978][ T5838] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  117.375440][ T5838] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE
[  117.424625][ T6830] loop2: detected capacity change from 0 to 8192
[  117.501301][ T6830] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  117.586091][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  117.586107][   T28] audit: type=1800 audit(1752523569.532:45): pid=6830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.197" name="file1" dev="loop2" ino=1048599 res=0 errno=0
[  117.628773][ T6571] veth0_vlan: entered promiscuous mode
[  117.679474][ T6571] veth1_vlan: entered promiscuous mode
[  117.734580][ T6571] veth0_macvtap: entered promiscuous mode
[  117.747888][ T6571] veth1_macvtap: entered promiscuous mode
[  117.780899][ T5838] cp2112 0003:10C4:EA90.0002: error setting SMBus config
[  117.800824][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.817225][ T5838] cp2112: probe of 0003:10C4:EA90.0002 failed with error -71
[  117.835712][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.861565][ T5838] usb 1-1: USB disconnect, device number 6
[  117.874947][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.904484][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.923758][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  117.945032][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  117.963386][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.990403][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.003125][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.021935][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.054207][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.069735][ T6571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.081117][ T6571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.104514][ T6571] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.134110][ T6571] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.144102][ T6571] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.154461][ T6571] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.170737][ T6571] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.414175][ T6108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.451542][ T6862] GUP no longer grows the stack in syz.2.203 (6862): 200000004000-200000008000 (200000002000)
[  118.455255][ T6108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.485064][ T6862] CPU: 1 PID: 6862 Comm: syz.2.203 Not tainted 6.6.98-syzkaller #0
[  118.493354][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  118.503676][ T6862] Call Trace:
[  118.507265][ T6862]  <TASK>
[  118.510399][ T6862]  dump_stack_lvl+0x16c/0x230
[  118.515739][ T6862]  ? show_regs_print_info+0x20/0x20
[  118.522037][ T6862]  ? load_image+0x3b0/0x3b0
[  118.526577][ T6862]  ? find_vma+0x12e/0x1b0
[  118.531169][ T6862]  __get_user_pages+0xfb9/0x1470
[  118.537149][ T6862]  ? populate_vma_page_range+0x370/0x370
[  118.543305][ T6862]  get_user_pages_remote+0x3de/0xc10
[  118.548837][ T6862]  ? get_dump_page+0x200/0x200
[  118.553933][ T6862]  __access_remote_vm+0x1ff/0x570
[  118.559438][ T6862]  ? generic_access_phys+0x650/0x650
[  118.565030][ T6862]  ? alloc_pages+0x4dc/0x740
[  118.570297][ T6862]  ? do_raw_spin_unlock+0x121/0x230
[  118.575908][ T6862]  proc_pid_cmdline_read+0x551/0x830
[  118.583861][ T6862]  ? schedule+0xc7/0x170
[  118.588780][ T6862]  ? comm_show+0x150/0x150
[  118.595612][ T6862]  ? common_file_perm+0x110/0x1f0
[  118.601224][ T6862]  ? fsnotify_perm+0x271/0x5e0
[  118.606454][ T6862]  do_iter_read+0x506/0xc80
[  118.611179][ T6862]  ? comm_show+0x150/0x150
[  118.615934][ T6862]  ? vfs_iter_read+0xa0/0xa0
[  118.620662][ T6862]  ? __import_iovec+0x5f2/0x860
[  118.625563][ T6862]  ? import_iovec+0x73/0xa0
[  118.630204][ T6862]  do_preadv+0x1fa/0x330
[  118.634807][ T6862]  ? do_writev+0x410/0x410
[  118.639542][ T6862]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  118.645859][ T6862]  ? lock_chain_count+0x20/0x20
[  118.651041][ T6862]  ? lockdep_hardirqs_on+0x98/0x150
[  118.657179][ T6862]  do_syscall_64+0x55/0xb0
[  118.661986][ T6862]  ? clear_bhb_loop+0x40/0x90
[  118.667055][ T6862]  ? clear_bhb_loop+0x40/0x90
[  118.672999][ T6862]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  118.679389][ T6862] RIP: 0033:0x7fad5f18e929
[  118.684389][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.705628][ T6862] RSP: 002b:00007fad60034038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  118.714154][ T6862] RAX: ffffffffffffffda RBX: 00007fad5f3b5fa0 RCX: 00007fad5f18e929
[  118.722240][ T6862] RDX: 0000000000000001 RSI: 0000200000000d00 RDI: 0000000000000003
[  118.730381][ T6862] RBP: 00007fad5f210b39 R08: 0000000000000200 R09: 0000000000000000
[  118.738482][ T6862] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  118.746938][ T6862] R13: 0000000000000000 R14: 00007fad5f3b5fa0 R15: 00007ffda4f08488
[  118.755584][ T6862]  </TASK>
[  118.812807][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.879582][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.144345][ T6879] gre0: Master is either lo or non-ether device
[  119.620433][ T6859] loop1: detected capacity change from 0 to 40427
[  119.676295][ T6859] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  119.720531][ T6859] F2FS-fs (loop1): invalid crc value
[  119.750299][ T6859] F2FS-fs (loop1): Found nat_bits in checkpoint
[  119.895376][ T6859] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  119.990496][ T6875] loop0: detected capacity change from 0 to 32768
[  120.036039][ T6875] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.207 (6875)
[  120.076254][ T5787] syz-executor: attempt to access beyond end of device
[  120.076254][ T5787] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  120.122059][ T6875] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.126088][ T5787] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  120.189699][ T6875] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  120.245228][ T6875] BTRFS info (device loop0): using free space tree
[  120.460204][ T6875] BTRFS info (device loop0): enabling ssd optimizations
[  120.470295][ T6875] BTRFS info (device loop0): auto enabling async discard
[  120.724560][ T5785] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  120.821368][ T5837] kernel write not supported for file /snd/pcmC0D0p (pid: 5837 comm: kworker/0:4)
[  121.328192][ T6940] loop1: detected capacity change from 0 to 1024
[  121.350179][ T6926] loop2: detected capacity change from 0 to 32768
[  121.531710][ T6926] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  121.562785][ T6947] loop0: detected capacity change from 0 to 1024
[  121.616159][ T6947] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.680378][ T6947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.759349][ T6926] XFS (loop2): Ending clean mount
[  121.796845][ T6926] XFS (loop2): Quotacheck needed: Please wait.
[  121.873752][ T6926] XFS (loop2): Quotacheck: Done.
[  121.936467][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.084038][ T6936] loop4: detected capacity change from 0 to 32768
[  122.121542][ T5786] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  122.133166][ T6936] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.218 (6936)
[  122.166784][ T6936] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.190292][ T6936] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  122.202664][ T6936] BTRFS info (device loop4): use zlib compression, level 3
[  122.210134][ T6936] BTRFS info (device loop4): turning on sync discard
[  122.230551][ T6936] BTRFS info (device loop4): doing ref verification
[  122.279786][ T6936] BTRFS info (device loop4): disabling tree log
[  122.328209][ T6936] BTRFS info (device loop4): enabling tree log
[  122.360362][ T6936] BTRFS info (device loop4): enabling ssd optimizations
[  122.399299][ T6936] BTRFS info (device loop4): using spread ssd allocation scheme
[  122.420803][ T6936] BTRFS info (device loop4): not using ssd optimizations
[  122.454099][ T6936] BTRFS info (device loop4): not using spread ssd allocation scheme
[  122.499950][ T6936] BTRFS info (device loop4): using free space tree
[  122.765125][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  122.892374][   T28] audit: type=1800 audit(1752523574.842:46): pid=6936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.218" name="file1" dev="loop4" ino=260 res=0 errno=0
[  122.980393][   T28] audit: type=1800 audit(1752523574.892:47): pid=6936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.218" name="file1" dev="loop4" ino=260 res=0 errno=0
[  122.997898][ T6995] mmap: syz.1.224 (6995) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  123.015484][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  123.268089][ T6571] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  123.520544][ T5937] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop4 scanned by udevd (5937)
[  123.532919][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  123.541708][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  124.028878][ T7018] netlink: 'syz.2.227': attribute type 1 has an invalid length.
[  124.060899][ T7018] netlink: 'syz.2.227': attribute type 2 has an invalid length.
[  124.884842][ T5837] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  125.093500][ T5837] usb 2-1: Using ep0 maxpacket: 16
[  125.109017][ T5837] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  125.124363][ T5837] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  125.147016][ T5837] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  125.176151][ T5837] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  125.258850][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.278113][ T5837] usb 2-1: Product: syz
[  125.314659][ T5837] usb 2-1: Manufacturer: syz
[  125.340350][ T5837] usb 2-1: SerialNumber: syz
[  125.613309][ T7033] loop1: detected capacity change from 0 to 1024
[  125.713958][ T7033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.129396][ T5837] usb 2-1: 0:2 : does not exist
[  126.166095][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  126.185078][ T5837] usb 2-1: USB disconnect, device number 2
[  126.241809][ T5937] udevd[5937]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.299095][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  126.320687][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  126.495310][ T7045] loop4: detected capacity change from 0 to 32768
[  126.564856][ T7045] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  126.631990][ T7045] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  126.824893][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.076837][ T6571] ocfs2: Unmounting device (7,4) on (node local)
[  127.337837][ T7074] program syz.0.241 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.412455][ T7057] loop2: detected capacity change from 0 to 40427
[  127.454944][ T7057] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  127.493591][ T7057] F2FS-fs (loop2): Image doesn't support compression
[  127.535437][ T7057] F2FS-fs (loop2): heap/no_heap options were deprecated
[  127.589089][ T7057] F2FS-fs (loop2): Image doesn't support compression
[  127.616056][ T7057] F2FS-fs (loop2): invalid crc value
[  127.640927][ T7057] F2FS-fs (loop2): Found nat_bits in checkpoint
[  127.658887][ T7084] input: syz0 as /devices/virtual/input/input7
[  127.851126][ T7057] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  127.952103][ T7057] syz.2.238: attempt to access beyond end of device
[  127.952103][ T7057] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  127.991978][ T7057] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  128.020572][ T7057] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  128.445600][ T7099] loop1: detected capacity change from 0 to 1024
[  128.557248][ T7077] loop4: detected capacity change from 0 to 32768
[  128.584416][ T7077] XFS: ikeep mount option is deprecated.
[  128.695952][ T7077] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  128.909342][ T6124] hfsplus: b-tree write err: -5, ino 4
[  129.032354][ T7077] XFS (loop4): Ending clean mount
[  129.049096][ T7077] XFS (loop4): Quotacheck needed: Please wait.
[  129.223482][ T7077] XFS (loop4): Quotacheck: Done.
[  129.508312][ T6571] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.307650][ T7123] loop1: detected capacity change from 0 to 40427
[  130.364826][ T7123] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(0) root(83886083)
[  130.374100][ T7123] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  130.434883][ T7123] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[  130.443316][ T7123] F2FS-fs (loop1): heap/no_heap options were deprecated
[  130.486024][ T7123] F2FS-fs (loop1): Image doesn't support compression
[  130.539793][ T7123] F2FS-fs (loop1): invalid crc value
[  130.572835][ T7123] F2FS-fs (loop1): Found nat_bits in checkpoint
[  130.824902][ T7123] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  130.842301][ T7123] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  131.069798][ T5787] syz-executor: attempt to access beyond end of device
[  131.069798][ T5787] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.117298][ T5787] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  131.430393][ T7189] loop4: detected capacity change from 0 to 1024
[  131.453510][ T7189] EXT4-fs: Ignoring removed orlov option
[  131.514210][ T7189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.590494][ T7191] loop2: detected capacity change from 0 to 8192
[  131.625757][ T7191] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  131.638420][ T7189] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  131.644328][ T7191] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  131.722513][ T7191] REISERFS (device loop2): using ordered data mode
[  131.759741][ T7191] reiserfs: using flush barriers
[  131.777489][ T7198] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2797: inode #12: comm syz.4.265: corrupted in-inode xattr: bad magic number in in-inode xattr
[  131.804953][ T7191] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  131.833231][ T7198] EXT4-fs (loop4): Remounting filesystem read-only
[  131.865502][ T7191] REISERFS (device loop2): checking transaction log (loop2)
[  131.890168][ T7191] REISERFS (device loop2): Using r5 hash to sort names
[  131.914591][ T7191] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  131.991514][ T6571] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.143347][ T7203] loop1: detected capacity change from 0 to 2048
[  132.281394][ T7184] loop0: detected capacity change from 0 to 32768
[  132.304177][ T7207] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  132.422192][ T7184] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  132.675719][ T7207] NILFS error (device loop1): nilfs_sufile_mark_dirty: active segment 3 is erroneous
[  132.734938][ T7207] Remounting filesystem read-only
[  132.759632][ T6114] NILFS (loop1): discard dirty page: offset=0, ino=6
[  132.783677][ T6114] NILFS (loop1): discard dirty block: blocknr=3, size=1024
[  132.814928][ T6114] NILFS (loop1): discard dirty block: blocknr=36, size=1024
[  132.825875][ T7184] XFS (loop0): Ending clean mount
[  132.828709][ T6114] NILFS (loop1): discard dirty block: blocknr=37, size=1024
[  132.855050][ T6114] NILFS (loop1): discard dirty block: blocknr=38, size=1024
[  132.884975][ T6114] NILFS (loop1): discard dirty page: offset=229376, ino=3
[  132.896260][ T7184] XFS (loop0): Quotacheck needed: Please wait.
[  132.896421][ T6114] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  132.935861][ T6114] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  132.964816][ T6114] NILFS (loop1): discard dirty block: blocknr=50, size=1024
[  132.972217][ T7184] XFS (loop0): Quotacheck: Done.
[  132.994944][ T6114] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.039010][ T5787] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  133.050051][ T7228] loop2: detected capacity change from 0 to 4096
[  133.077136][ T7228] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  133.104179][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=2
[  133.113829][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.123734][ T7228] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  133.134525][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  133.150236][ T7228] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  133.155798][ T5785] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  133.172020][ T7228] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  133.182066][ T5787] NILFS (loop1): discard dirty block: blocknr=18, size=1024
[  133.184305][ T7228] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  133.190636][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.223205][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.232297][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  133.285194][ T7228] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  133.295021][ T7228] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  133.333584][ T7228] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  133.406354][ T7232] loop4: detected capacity change from 0 to 128
[  133.415645][ T7232] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  133.436238][ T7228] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  133.521177][ T7228] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  133.563792][ T7228] ntfs: volume version 3.1.
[  134.137558][ T5879] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  134.264993][ T5863] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  134.303035][ T7256] loop2: detected capacity change from 0 to 512
[  134.316435][ T7256] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  134.331247][ T7256] EXT4-fs (loop2): 1 truncate cleaned up
[  134.339759][ T7256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.352365][ T5879] usb 1-1: Using ep0 maxpacket: 32
[  134.367518][ T5879] usb 1-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.387356][ T7256] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.284: corrupted in-inode xattr: overlapping e_value 
[  134.405144][ T5879] usb 1-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  134.422778][ T5879] usb 1-1: config 0 interface 0 has no altsetting 0
[  134.424275][ T7256] EXT4-fs (loop2): Remounting filesystem read-only
[  134.429861][ T5879] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  134.429888][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.435139][ T5879] usb 1-1: config 0 descriptor??
[  134.444833][ T7256] EXT4-fs warning (device loop2): ext4_xattr_set_entry:1781: inode #15: comm syz.2.284: unable to update i_inline_off
[  134.484354][ T5863] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  134.494496][  T787] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  134.505212][ T5863] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.513661][ T5863] usb 2-1: Product: syz
[  134.519069][ T5863] usb 2-1: Manufacturer: syz
[  134.520855][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.524408][ T5863] usb 2-1: SerialNumber: syz
[  134.545708][ T5863] usb 2-1: config 0 descriptor??
[  134.556717][ T5863] gspca_main: sunplus-2.14.0 probing 055f:c230
[  134.694874][  T787] usb 5-1: Using ep0 maxpacket: 8
[  134.703245][  T787] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  134.713138][  T787] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.728330][  T787] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  134.738692][  T787] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  134.749178][  T787] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.769944][  T787] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  134.782661][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.873533][ T5879] betop 0003:20BC:5500.0003: collection stack underflow
[  134.904819][ T5879] betop 0003:20BC:5500.0003: item 0 0 0 12 parsing failed
[  134.913540][ T5879] betop 0003:20BC:5500.0003: parse failed
[  134.919699][ T5879] betop: probe of 0003:20BC:5500.0003 failed with error -22
[  135.002510][  T787] usb 5-1: usb_control_msg returned -32
[  135.013305][  T787] usbtmc 5-1:16.0: can't read capabilities
[  135.017830][ T7269] netlink: 32 bytes leftover after parsing attributes in process `syz.2.289'.
[  135.095403][  T787] usb 1-1: USB disconnect, device number 7
[  135.192620][ T7273] loop2: detected capacity change from 0 to 512
[  135.202277][ T7273] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  135.220560][ T7273] EXT4-fs (loop2): 1 truncate cleaned up
[  135.229373][ T7273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.253339][ T7273] syz.2.291 (pid 7273) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  135.301089][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.368658][ T7276] usbtmc 5-1:16.0: INITIATE_CLEAR returned 0
[  135.575054][  T787] usb 5-1: USB disconnect, device number 2
[  135.590696][ T5863] gspca_sunplus: reg_r err -71
[  135.615099][ T5863] sunplus: probe of 2-1:0.0 failed with error -71
[  135.648350][ T5863] usb 2-1: USB disconnect, device number 3
[  135.669554][ T7277] loop2: detected capacity change from 0 to 32768
[  135.699282][ T7277] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  135.818700][ T5936] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  135.881172][ T7281] loop0: detected capacity change from 0 to 1024
[  135.905814][ T7281] EXT4-fs: Ignoring removed orlov option
[  135.933568][ T7281] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.973452][ T5858] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  135.998216][ T7281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.020067][ T5858] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  136.301987][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.525159][ T5879] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  136.731420][ T5879] usb 2-1: Using ep0 maxpacket: 32
[  136.749220][ T5879] usb 2-1: config 0 has an invalid interface number: 126 but max is 0
[  136.778619][ T5879] usb 2-1: config 0 has no interface number 0
[  136.785972][ T5879] usb 2-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  136.798069][ T5879] usb 2-1: config 0 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0
[  136.808556][ T5879] usb 2-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0
[  136.829536][ T5879] usb 2-1: config 0 interface 126 has no altsetting 0
[  136.848351][ T5879] usb 2-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  136.859615][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.869772][ T5879] usb 2-1: Product: syz
[  136.884769][ T7311] loop0: detected capacity change from 0 to 2048
[  136.892214][ T7311] EXT4-fs: Ignoring removed nobh option
[  136.894821][ T5879] usb 2-1: Manufacturer: syz
[  136.912851][ T5879] usb 2-1: SerialNumber: syz
[  136.925657][ T7311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.954677][ T7315] xt_CT: You must specify a L4 protocol and not use inversions on it
[  136.955943][ T5879] usb 2-1: config 0 descriptor??
[  137.039535][ T7291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  137.094314][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.331965][ T7322] netlink: 164 bytes leftover after parsing attributes in process `syz.4.310'.
[  137.345002][  T787] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  137.349904][ T7322] netlink: 164 bytes leftover after parsing attributes in process `syz.4.310'.
[  137.363146][ T7322] netlink: 60 bytes leftover after parsing attributes in process `syz.4.310'.
[  137.504112][ T7291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.515122][ T7291] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.529444][  T787] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.541506][ T5879] ir_usb 2-1:0.126: IR Dongle converter detected
[  137.548221][  T787] usb 3-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  137.562036][  T787] usb 3-1: config 0 interface 0 has no altsetting 0
[  137.569031][  T787] usb 3-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00
[  137.581012][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.593423][  T787] usb 3-1: config 0 descriptor??
[  137.738208][ T5879] usb 2-1: IR Dongle converter now attached to ttyUSB0
[  137.942894][ T5837] usb 2-1: USB disconnect, device number 4
[  137.959467][ T5837] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0
[  137.971615][ T5837] ir_usb 2-1:0.126: device disconnected
[  138.224810][  T787] usb 3-1: string descriptor 0 read error: -71
[  138.243640][  T787] uclogic 0003:5543:3031.0005: failed retrieving string descriptor #200: -71
[  138.264825][  T787] uclogic 0003:5543:3031.0005: failed retrieving pen parameters: -71
[  138.273050][  T787] uclogic 0003:5543:3031.0005: failed probing pen v2 parameters: -71
[  138.312774][  T787] uclogic 0003:5543:3031.0005: failed probing parameters: -71
[  138.331569][  T787] uclogic: probe of 0003:5543:3031.0005 failed with error -71
[  138.358969][  T787] usb 3-1: USB disconnect, device number 9
[  139.701027][ T5863] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  139.743144][ T7348] loop0: detected capacity change from 0 to 32768
[  139.812276][ T7358] loop2: detected capacity change from 0 to 32768
[  139.831697][ T7348] JBD2: Ignoring recovery information on journal
[  139.894238][ T7358] JBD2: Ignoring recovery information on journal
[  139.904987][ T5863] usb 5-1: Using ep0 maxpacket: 32
[  139.916995][ T5863] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.934829][ T5863] usb 5-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00
[  139.952471][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.965423][ T5863] usb 5-1: config 0 descriptor??
[  140.065637][ T7358] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  140.099371][ T7348] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  140.204228][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  140.204245][   T28] audit: type=1800 audit(1752523592.152:49): pid=7348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.322" name="file1" dev="loop0" ino=16946 res=0 errno=0
[  140.262355][ T7348] OCFS2: ERROR (device loop0): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  140.289694][ T7348] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  140.301648][ T7348] OCFS2: Returning error to the calling process.
[  140.309692][ T7348] (syz.0.322,7348,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -5
[  140.321737][ T7348] (syz.0.322,7348,1):__ocfs2_claim_clusters:2355 ERROR: status = -5
[  140.330212][ T7348] (syz.0.322,7348,1):__ocfs2_claim_clusters:2363 ERROR: status = -5
[  140.340245][ T7348] (syz.0.322,7348,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -5
[  140.350400][ T7348] (syz.0.322,7348,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -5
[  140.354574][ T5786] ocfs2: Unmounting device (7,2) on (node local)
[  140.363241][ T7348] (syz.0.322,7348,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -5
[  140.388105][ T7348] (syz.0.322,7348,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -5
[  140.430050][ T7348] (syz.0.322,7348,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -5
[  140.447667][ T5863] wacom 0003:056A:4004.0006: hidraw0: USB HID vb.27 Device [HID 056a:4004] on usb-dummy_hcd.4-1/input0
[  140.493140][ T7348] (syz.0.322,7348,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -5
[  140.519232][ T7381] loop1: detected capacity change from 0 to 512
[  140.524770][ T7348] (syz.0.322,7348,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -5
[  140.544365][ T7381] EXT4-fs: Ignoring removed nobh option
[  140.587429][ T7381] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.337: iget: bad i_size value: 38620345925642
[  140.607270][ T7348] (syz.0.322,7348,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -5
[  140.636586][ T5863] usb 5-1: USB disconnect, device number 3
[  140.657601][ T7348] (syz.0.322,7348,0):ocfs2_lock_allocators:2672 ERROR: status = -5
[  140.667052][ T7381] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.337: couldn't read orphan inode 15 (err -117)
[  140.683143][ T7348] (syz.0.322,7348,0):ocfs2_write_begin_nolock:1744 ERROR: status = -5
[  140.693267][ T7348] (syz.0.322,7348,0):ocfs2_dio_wr_get_block:2243 ERROR: status = -5
[  140.702922][ T7381] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.712586][ T7382] fido_id[7382]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  140.724357][ T7348] (syz.0.322,7348,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -5
[  140.809942][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[  140.955006][ T5858] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  140.985198][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.134819][ T5858] usb 3-1: Using ep0 maxpacket: 8
[  141.165231][ T5858] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  141.174579][ T5858] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  141.242877][ T5858] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  141.279380][ T5858] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  141.308487][ T5858] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  141.350664][ T5858] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  141.371412][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.613255][ T5858] usb 3-1: GET_CAPABILITIES returned 0
[  141.622491][ T5858] usbtmc 3-1:16.0: can't read capabilities
[  141.819508][  T786] usb 3-1: USB disconnect, device number 10
[  141.878725][ T7393] loop1: detected capacity change from 0 to 32768
[  141.890108][ T7393] XFS: ikeep mount option is deprecated.
[  141.930627][ T7393] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  142.033446][ T7393] XFS (loop1): Ending clean mount
[  142.044574][ T7393] XFS (loop1): Quotacheck needed: Please wait.
[  142.134085][ T7393] XFS (loop1): Quotacheck: Done.
[  142.261275][ T5787] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  142.273945][ T7417] loop4: detected capacity change from 0 to 256
[  142.300288][ T7417] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.723940][ T7423] syzkaller1: entered promiscuous mode
[  142.734634][ T7423] syzkaller1: entered allmulticast mode
[  142.768957][ T7425] loop0: detected capacity change from 0 to 256
[  142.855022][ T5858] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  143.046338][ T7435] loop2: detected capacity change from 0 to 1024
[  143.061909][ T7435] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  143.076660][ T7435] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  143.087662][ T5858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.120110][ T5858] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  143.149256][ T7435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.183845][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.200377][ T7443] vlan2: entered promiscuous mode
[  143.206270][ T7443] syz_tun: entered promiscuous mode
[  143.225242][ T5858] usb 5-1: config 0 descriptor??
[  143.271715][ T7445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  143.297088][ T7435] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.355: missing EA_INODE flag
[  143.337201][ T7435] EXT4-fs (loop2): Remounting filesystem read-only
[  143.418394][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.587724][ T7452] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  143.673405][ T5858] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor
[  143.699493][ T5858] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0007/input/input11
[  143.892570][ T5858] keytouch 0003:0926:3333.0007: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  144.220532][ T5837] usb 5-1: USB disconnect, device number 4
[  144.517842][ T7458] loop0: detected capacity change from 0 to 32768
[  144.534101][ T7458] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10
[  144.733486][ T5937] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10
[  144.766849][ T7463] loop2: detected capacity change from 0 to 32768
[  144.799727][ T7463] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.365 (7463)
[  144.881905][ T7463] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  144.906302][ T7463] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  144.949090][ T7463] BTRFS info (device loop2): force clearing of disk cache
[  144.979803][ T7463] BTRFS info (device loop2): enabling auto defrag
[  145.025771][ T7463] BTRFS info (device loop2): max_inline at 0
[  145.040023][ T7481] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  145.045119][ T7463] BTRFS info (device loop2): enabling disk space caching
[  145.077349][ T7463] BTRFS info (device loop2): disk space caching is enabled
[  145.258887][ T7463] BTRFS info (device loop2): enabling ssd optimizations
[  145.323406][ T7463] BTRFS info (device loop2): rebuilding free space tree
[  145.361543][ T7503] loop0: detected capacity change from 0 to 512
[  145.372983][ T7463] BTRFS info (device loop2): disabling free space tree
[  145.389202][ T7463] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  145.407244][ T7503] EXT4-fs: Ignoring removed i_version option
[  145.434226][ T7463] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  145.447446][ T7503] EXT4-fs: Ignoring removed nobh option
[  145.478270][ T7503] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  145.536379][ T7503] EXT4-fs (loop0): 1 truncate cleaned up
[  145.571469][ T7503] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.665673][ T5786] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  145.701413][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.716743][ T7542] loop0: detected capacity change from 0 to 16
[  146.798533][ T7542] erofs: (device loop0): mounted with root inode @ nid 36.
[  147.056528][ T7548] loop1: detected capacity change from 0 to 128
[  147.070465][ T7548] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  147.126888][ T7548] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  147.211856][   T28] audit: type=1800 audit(1752523599.162:50): pid=7548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="+}[@" name="+}[@" dev="loop1" ino=1048605 res=0 errno=0
[  147.355659][ T7552] program syz.0.399 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.442107][ T7540] loop4: detected capacity change from 0 to 32768
[  147.532287][ T7540] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  147.650498][ T7540] XFS (loop4): Ending clean mount
[  147.912332][ T7583] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  148.022016][ T6571] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  148.363289][ T7597] loop2: detected capacity change from 0 to 8192
[  148.566089][ T7599] netlink: 104 bytes leftover after parsing attributes in process `syz.2.418'.
[  148.665326][ T7602] loop1: detected capacity change from 0 to 512
[  148.682935][ T7602] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c11d, mo2=0002]
[  148.691271][ T7602] System zones: 1-12
[  148.701488][ T7602] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.419: corrupted in-inode xattr: e_value size too large
[  148.723871][ T7602] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.419: couldn't read orphan inode 15 (err -117)
[  148.753154][ T7602] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.827184][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.763373][ T7637] loop0: detected capacity change from 0 to 2048
[  149.813245][ T7637] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  149.900265][ T5937] udevd[5937]: incorrect nilfs2 checksum on /dev/loop0
[  149.918338][ T7642] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.454910][ T5858] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  150.478099][ T7631] loop1: detected capacity change from 0 to 40427
[  150.507432][ T7631] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  150.518367][ T7631] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  150.568275][ T7631] F2FS-fs (loop1): Found nat_bits in checkpoint
[  150.658277][ T5858] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  150.684763][ T5858] usb 3-1: config 1 has no interface number 0
[  150.690924][ T5858] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.721099][ T5858] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  150.721138][ T7631] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  150.737726][ T5858] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  150.749188][ T7631] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  150.759597][ T5858] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  150.769955][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.778617][ T5858] usb 3-1: Product: syz
[  150.784016][ T5858] usb 3-1: Manufacturer: syz
[  150.789593][ T5858] usb 3-1: SerialNumber: syz
[  150.904986][ T5879] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  151.108766][ T5879] usb 1-1: Using ep0 maxpacket: 8
[  151.133716][ T5879] usb 1-1: config 0 has no interfaces?
[  151.154904][ T5879] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  151.177986][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.199529][ T5879] usb 1-1: config 0 descriptor??
[  151.631249][ T7663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.632236][ T5858] cdc_ncm 3-1:1.1: bind() failure
[  151.643951][ T7674] loop1: detected capacity change from 0 to 1024
[  151.652180][ T7663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.674667][ T5879] usb 1-1: USB disconnect, device number 8
[  151.704584][ T7674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.761203][   T28] audit: type=1800 audit(1752523603.712:51): pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.448" name="file1" dev="overlay" ino=15 res=0 errno=0
[  151.816611][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.886923][   T27] usb 3-1: USB disconnect, device number 11
[  152.027922][ T7683] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	S+¼ÿÿÿÿ
[  152.451043][ T5858] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  152.500063][ T7699] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  152.524228][ T7699] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  152.688170][ T5858] usb 5-1: Using ep0 maxpacket: 8
[  152.704952][ T7705] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  152.725872][ T5858] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  152.747774][ T5858] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  152.762503][ T5858] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  152.777606][ T5858] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  152.792333][ T5858] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  152.807229][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.842824][ T5858] hub 5-1:1.0: bad descriptor, ignoring hub
[  152.857020][ T5858] hub: probe of 5-1:1.0 failed with error -5
[  152.863812][ T5858] cdc_wdm 5-1:1.0: skipping garbage
[  152.885671][ T5858] cdc_wdm 5-1:1.0: skipping garbage
[  152.895590][ T5858] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  152.901556][ T5858] cdc_wdm 5-1:1.0: Unknown control protocol
[  153.015088][ T5863] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  153.041987][ T7701] loop2: detected capacity change from 0 to 32768
[  153.079428][ T7701] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  153.109867][   T28] audit: type=1326 audit(1752523605.062:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7717 comm="syz.0.465" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69bb78e929 code=0x0
[  153.203290][ T5863] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  153.228960][ T7701] XFS (loop2): Starting recovery (logdev: internal)
[  153.231886][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.255333][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.265565][ T5863] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  153.280470][ T5863] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  153.288859][ T7701] XFS (loop2): Ending recovery (logdev: internal)
[  153.294894][ T5863] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  153.318648][ T5863] usb 2-1: Manufacturer: syz
[  153.332710][ T5863] usb 2-1: config 0 descriptor??
[  153.402208][   T27] usb 5-1: reset high-speed USB device number 5 using dummy_hcd
[  153.419546][ T5786] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  153.731880][ T7726] loop2: detected capacity change from 0 to 1024
[  153.761135][ T5863] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  153.773144][ T5863] appleir 0003:05AC:8243.0008: No inputs registered, leaving
[  153.776239][ T7726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.799021][ T5863] appleir 0003:05AC:8243.0008: hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  153.945388][ T5863] usb 5-1: USB disconnect, device number 5
[  153.987158][   T27] usb 2-1: USB disconnect, device number 5
[  154.066893][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.080541][ T7731] loop0: detected capacity change from 0 to 512
[  154.110274][ T7731] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  154.160709][ T7731] EXT4-fs (loop0): 1 truncate cleaned up
[  154.168869][ T7731] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.208317][ T7731] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.469: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  154.286549][ T7731] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem
[  154.320397][ T7736] loop2: detected capacity change from 0 to 2048
[  154.353584][ T7736] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  154.406606][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.907361][ T7742] loop2: detected capacity change from 0 to 32768
[  154.967521][ T7742] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  154.977146][ T7742] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.111823][ T7742] XFS (loop2): Ending clean mount
[  155.139197][ T7742] XFS (loop2): Quotacheck needed: Please wait.
[  155.267814][ T7742] XFS (loop2): Quotacheck: Done.
[  155.326849][   T28] audit: type=1800 audit(1752523607.242:53): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.473" name="file1" dev="loop2" ino=4422 res=0 errno=0
[  155.442306][ T5786] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.528742][ T7769] raw_sendmsg: syz.1.479 forgot to set AF_INET. Fix it!
[  155.647019][ T7764] loop0: detected capacity change from 0 to 32768
[  155.833687][   T28] audit: type=1800 audit(1752523607.782:54): pid=7764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.478" name="file1" dev="loop0" ino=4 res=0 errno=0
[  156.116133][ T7775] loop1: detected capacity change from 0 to 4096
[  156.157150][ T7764] read_mapping_page failed!
[  156.161339][ T7775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.394048][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.807033][ T7802] loop0: detected capacity change from 0 to 512
[  156.873154][ T7802] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  156.888662][ T7802] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  156.905249][ T7802] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)!
[  156.916272][ T7802] EXT4-fs (loop0): group descriptors corrupted!
[  157.067000][ T7809] netlink: 'syz.1.494': attribute type 12 has an invalid length.
[  157.175239][ T7793] loop4: detected capacity change from 0 to 32768
[  157.244937][ T7793] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.325597][ T5837] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  157.490245][ T7793] XFS (loop4): Ending clean mount
[  157.500214][ T7793] XFS (loop4): Quotacheck needed: Please wait.
[  157.569326][ T7793] XFS (loop4): Quotacheck: Done.
[  157.576552][ T5837] usb 3-1: Using ep0 maxpacket: 8
[  157.584040][ T5837] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.604417][ T5837] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.614410][ T5837] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.624750][ T5837] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.638082][ T5837] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  157.648796][ T5837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.692209][ T7819] loop1: detected capacity change from 0 to 32768
[  157.755707][ T7819] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.776861][ T6571] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.877506][ T5837] usb 3-1: GET_CAPABILITIES returned 0
[  157.883102][ T5837] usbtmc 3-1:16.0: can't read capabilities
[  157.924585][ T7819] XFS (loop1): Ending clean mount
[  157.960255][ T7819] XFS (loop1): Quotacheck needed: Please wait.
[  158.048725][ T7819] XFS (loop1): Quotacheck: Done.
[  158.085630][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  158.096331][ T5837] usb 3-1: USB disconnect, device number 12
[  158.147691][   T28] audit: type=1800 audit(1752523610.102:55): pid=7819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.496" name="file0" dev="overlay" ino=9284 res=0 errno=0
[  158.184005][ T7825] loop0: detected capacity change from 0 to 32768
[  158.218977][ T7825] 
[  158.218977][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.218977][ T7825] 
[  158.263620][ T7825] 
[  158.263620][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.263620][ T7825] 
[  158.280143][ T7825] 
[  158.280143][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.280143][ T7825] 
[  158.305893][ T7825] 
[  158.305893][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.305893][ T7825] 
[  158.317228][ T5787] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.332842][ T7825] 
[  158.332842][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.332842][ T7825] 
[  158.343943][ T7825] 
[  158.343943][ T7825]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.343943][ T7825] 
[  158.370688][  T110] 
[  158.370688][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.370688][  T110] 
[  158.393713][ T6130] 
[  158.393713][ T6130]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.393713][ T6130] 
[  158.408687][ T6130] 
[  158.408687][ T6130]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.408687][ T6130] 
[  158.420368][ T5785] 
[  158.420368][ T5785]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.420368][ T5785] 
[  158.434270][  T111] 
[  158.434270][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.434270][  T111] 
[  158.451016][ T5785] 
[  158.451016][ T5785]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.451016][ T5785] 
[  158.766291][ T7843] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  159.187215][ T7847] loop0: detected capacity change from 0 to 32768
[  159.224395][ T7847] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  159.273495][ T7847] XFS (loop0): Ending clean mount
[  159.437276][ T5785] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  159.921250][ T7868] loop1: detected capacity change from 0 to 256
[  159.938380][ T7868] exfat: Deprecated parameter 'utf8'
[  159.954072][ T7868] exfat: Deprecated parameter 'namecase'
[  159.981854][ T7870] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  159.992912][ T7870] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  160.019781][ T7868] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  160.245648][ T7874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.513'.
[  160.615184][ T5793] Bluetooth: hci0: command 0x0c1a tx timeout
[  160.625323][   T50] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  160.760358][ T7893] loop0: detected capacity change from 0 to 1024
[  160.773044][ T7866] loop2: detected capacity change from 0 to 32768
[  160.807398][ T7866] XFS: noikeep mount option is deprecated.
[  160.863032][ T7866] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.984381][ T7866] XFS (loop2): Ending clean mount
[  160.993929][ T7866] XFS (loop2): Quotacheck needed: Please wait.
[  161.038765][   T12] hfsplus: b-tree write err: -5, ino 4
[  161.049899][ T7905] tipc: Started in network mode
[  161.067968][ T7905] tipc: Node identity ff75fd7589343b37, cluster identity 4711
[  161.099653][ T7905] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  161.115100][ T7866] XFS (loop2): Quotacheck: Done.
[  161.237362][ T7907] loop1: detected capacity change from 0 to 4096
[  161.240296][ T5786] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.268633][ T7907] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  161.358204][ T7907] ntfs3: loop1: Inode r=19 is not in use!
[  161.364438][ T7907] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  161.379089][ T7907] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  161.647251][ T7915] syzkaller1: entered promiscuous mode
[  161.684743][ T7915] syzkaller1: entered allmulticast mode
[  161.939117][ T7928] loop4: detected capacity change from 0 to 512
[  162.011798][ T7928] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.533: casefold flag without casefold feature
[  162.037519][ T7928] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.533: couldn't read orphan inode 15 (err -117)
[  162.056334][ T7928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.164968][ T5837] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  162.225664][ T6571] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.370382][ T5837] usb 1-1: Using ep0 maxpacket: 8
[  162.390719][ T5837] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  162.412279][ T5837] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  162.449214][ T5837] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  162.494769][ T5837] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  162.515199][ T5837] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  162.534315][ T5837] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  162.547537][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.778831][ T5837] usb 1-1: GET_CAPABILITIES returned 0
[  162.784738][ T5837] usbtmc 1-1:16.0: can't read capabilities
[  163.038642][ T7927] usbtmc 1-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[  163.246859][  T787] usb 1-1: USB disconnect, device number 9
[  163.351325][ T7962] netlink: 'syz.1.547': attribute type 2 has an invalid length.
[  163.381914][ T7960] loop4: detected capacity change from 0 to 32768
[  163.458750][ T7960] JBD2: Ignoring recovery information on journal
[  163.521040][ T7960] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  163.625583][ T7968] loop2: detected capacity change from 0 to 16
[  163.646050][ T7968] erofs: (device loop2): mounted with root inode @ nid 36.
[  163.680729][   T28] audit: type=1800 audit(1752523615.632:56): pid=7968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.549" name="file1" dev="loop2" ino=86 res=0 errno=0
[  163.930272][ T6571] ocfs2: Unmounting device (7,4) on (node local)
[  164.147130][ T7983] loop1: detected capacity change from 0 to 16
[  164.151855][ T7982] loop2: detected capacity change from 0 to 256
[  164.209092][ T7983] erofs: (device loop1): mounted with root inode @ nid 36.
[  164.250868][ T7982] FAT-fs (loop2): Directory bread(block 64) failed
[  164.267644][ T7983] erofs: (device loop1): erofs_fill_dentries: bogus dirent @ nid 36
[  164.295080][ T7982] FAT-fs (loop2): Directory bread(block 65) failed
[  164.325677][ T7982] FAT-fs (loop2): Directory bread(block 66) failed
[  164.348548][ T7982] FAT-fs (loop2): Directory bread(block 67) failed
[  164.357401][ T7982] FAT-fs (loop2): Directory bread(block 68) failed
[  164.366869][ T7982] FAT-fs (loop2): Directory bread(block 69) failed
[  164.377120][ T7982] FAT-fs (loop2): Directory bread(block 70) failed
[  164.415353][ T7982] FAT-fs (loop2): Directory bread(block 71) failed
[  164.422143][ T7982] FAT-fs (loop2): Directory bread(block 72) failed
[  164.469883][ T7982] FAT-fs (loop2): Directory bread(block 73) failed
[  164.485133][ T7989] loop4: detected capacity change from 0 to 1024
[  164.599405][ T7991] support for the xor transformation has been removed.
[  164.718547][ T7989] syz.4.555: attempt to access beyond end of device
[  164.718547][ T7989] loop4: rw=2049, sector=5778, nr_sectors = 2 limit=1024
[  164.771654][ T7989] Buffer I/O error on dev loop4, logical block 2889, lost async page write
[  165.164423][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.567'.
[  165.179892][ T8006] loop1: detected capacity change from 0 to 4096
[  165.192754][ T8008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.567'.
[  165.202633][ T8006] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  165.240903][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.567'.
[  165.264155][ T8008] netlink: 12 bytes leftover after parsing attributes in process `syz.2.567'.
[  165.333301][ T8008] Zero length message leads to an empty skb
[  165.632502][ T8014] loop4: detected capacity change from 0 to 4096
[  165.729309][ T8020] loop2: detected capacity change from 0 to 1024
[  165.770657][ T8020] EXT4-fs: inline encryption not supported
[  165.801265][ T8020] EXT4-fs: Ignoring removed bh option
[  165.909137][ T8020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.928413][ T8030] loop6: detected capacity change from 0 to 524287999
[  166.152763][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.580586][ T8046] netlink: 'syz.4.583': attribute type 1 has an invalid length.
[  166.720666][ T8052] sctp: [Deprecated]: syz.1.586 (pid 8052) Use of struct sctp_assoc_value in delayed_ack socket option.
[  166.720666][ T8052] Use struct sctp_sack_info instead
[  166.821998][ T8056] loop4: detected capacity change from 0 to 1024
[  166.876777][ T8056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.891433][ T8056] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.043048][ T8044] loop0: detected capacity change from 0 to 32768
[  167.087928][ T8044] (syz.0.582,8044,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  167.104234][ T8044] (syz.0.582,8044,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  167.143979][ T6571] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.180976][ T8044] JBD2: Ignoring recovery information on journal
[  167.224914][  T787] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  167.317769][ T8044] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  167.438029][   T28] audit: type=1326 audit(1752523619.392:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.466431][  T787] usb 2-1: Using ep0 maxpacket: 16
[  167.486667][  T787] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  167.500243][   T28] audit: type=1326 audit(1752523619.392:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.528222][  T787] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.551006][  T787] usb 2-1: config 0 has no interface number 0
[  167.556128][   T28] audit: type=1326 audit(1752523619.432:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.570495][  T787] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  167.593583][  T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.602312][  T787] usb 2-1: Product: syz
[  167.624997][  T787] usb 2-1: Manufacturer: syz
[  167.635165][  T787] usb 2-1: SerialNumber: syz
[  167.646041][   T28] audit: type=1326 audit(1752523619.432:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.657760][ T8044] 
[  167.669058][   T28] audit: type=1326 audit(1752523619.432:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.670624][ T8044] ======================================================
[  167.670632][ T8044] WARNING: possible circular locking dependency detected
[  167.693674][   T28] audit: type=1326 audit(1752523619.442:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.699931][ T8044] 6.6.98-syzkaller #0 Not tainted
[  167.699941][ T8044] ------------------------------------------------------
[  167.699947][ T8044] syz.0.582/8044 is trying to acquire lock:
[  167.699956][ T8044] ffff88805ca32658
[  167.707149][   T28] audit: type=1326 audit(1752523619.442:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.730010][ T8044]  (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}, at: ocfs2_del_inode_from_orphan+0x135/0x740
[  167.730080][ T8044] 
[  167.730080][ T8044] but task is already holding lock:
[  167.730086][ T8044] ffff88805c8b22e0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_end_io+0x38c/0x10f0
[  167.730123][ T8044] 
[  167.730123][ T8044] which lock already depends on the new lock.
[  167.730123][ T8044] 
[  167.730128][ T8044] 
[  167.730128][ T8044] the existing dependency chain (in reverse order) is:
[  167.730133][ T8044] 
[  167.730133][ T8044] -> #3 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}:
[  167.730159][ T8044]        down_write+0x97/0x1f0
[  167.735366][   T28] audit: type=1326 audit(1752523619.442:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.742259][ T8044]        ocfs2_create_local_dquot+0x1a4/0x1790
[  167.748341][   T28] audit: type=1326 audit(1752523619.452:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8068 comm="syz.4.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0dc318e929 code=0x7ffc0000
[  167.751882][ T8044]        ocfs2_acquire_dquot+0x7cf/0xaf0
[  167.786332][  T787] usb 2-1: config 0 descriptor??
[  167.786604][ T8044]        dqget+0x77c/0xeb0
[  167.797087][  T787] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  167.805413][ T8044]        __dquot_initialize+0x3ba/0xcb0
[  167.805444][ T8044]        ocfs2_get_init_inode+0x13c/0x1b0
[  167.805463][ T8044]        ocfs2_mknod+0x867/0x20f0
[  167.805479][ T8044]        ocfs2_mkdir+0x196/0x410
[  167.805495][ T8044]        vfs_mkdir+0x296/0x440
[  167.805511][ T8044]        do_mkdirat+0x1d4/0x440
[  167.805527][ T8044]        __x64_sys_mkdirat+0x89/0xa0
[  167.816530][  T787] usb 2-1: No valid video chain found.
[  167.825645][ T8044]        do_syscall_64+0x55/0xb0
[  167.825677][ T8044]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  167.825695][ T8044] 
[  167.825695][ T8044] -> #2 (&dquot->dq_lock){+.+.}-{3:3}:
[  167.980426][ T8044]        __mutex_lock+0x129/0xcc0
[  167.985622][ T8044]        dqget+0x6fc/0xeb0
[  167.990144][ T8044]        __dquot_initialize+0x3ba/0xcb0
[  167.996769][ T8044]        ocfs2_get_init_inode+0x13c/0x1b0
[  168.002599][ T8044]        ocfs2_mknod+0x867/0x20f0
[  168.008370][ T8044]        ocfs2_mkdir+0x196/0x410
[  168.014192][ T8044]        vfs_mkdir+0x296/0x440
[  168.019151][ T8044]        do_mkdirat+0x1d4/0x440
[  168.024194][ T8044]        __x64_sys_mkdirat+0x89/0xa0
[  168.029835][ T8044]        do_syscall_64+0x55/0xb0
[  168.034856][ T8044]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.041700][ T8044] 
[  168.041700][ T8044] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}:
[  168.052410][ T8044]        down_write+0x97/0x1f0
[  168.057201][ T8044]        ocfs2_evict_inode+0x1313/0x3e60
[  168.063065][ T8044]        evict+0x486/0x870
[  168.067535][ T8044]        ocfs2_dentry_iput+0x248/0x370
[  168.073175][ T8044]        __dentry_kill+0x431/0x650
[  168.078369][ T8044]        dentry_kill+0xb8/0x290
[  168.083569][ T8044]        dput+0xfe/0x1e0
[  168.087831][ T8044]        do_renameat2+0x8b1/0xc70
[  168.093223][ T8044]        __x64_sys_renameat2+0xd2/0xe0
[  168.099846][ T8044]        do_syscall_64+0x55/0xb0
[  168.105011][ T8044]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.111661][ T8044] 
[  168.111661][ T8044] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]){+.+.}-{3:3}:
[  168.123409][ T8044]        __lock_acquire+0x2ddb/0x7c80
[  168.129149][ T8044]        lock_acquire+0x197/0x410
[  168.135206][ T8044]        down_write+0x97/0x1f0
[  168.141095][ T8044]        ocfs2_del_inode_from_orphan+0x135/0x740
[  168.147540][ T8044]        ocfs2_dio_end_io+0x47b/0x10f0
[  168.153177][ T8044]        dio_complete+0x254/0x710
[  168.158194][ T8044]        __blockdev_direct_IO+0x2dc8/0x3420
[  168.166524][ T8044]        ocfs2_direct_IO+0x240/0x2b0
[  168.174298][ T8044]        generic_file_direct_write+0x1d4/0x3e0
[  168.181359][ T8044]        __generic_file_write_iter+0x11b/0x230
[  168.188325][ T8044]        ocfs2_file_write_iter+0x1582/0x1d00
[  168.194417][ T8044]        vfs_write+0x43b/0x940
[  168.199378][ T8044]        ksys_write+0x147/0x250
[  168.204249][ T8044]        do_syscall_64+0x55/0xb0
[  168.209384][ T8044]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.215821][ T8044] 
[  168.215821][ T8044] other info that might help us debug this:
[  168.215821][ T8044] 
[  168.226074][ T8044] Chain exists of:
[  168.226074][ T8044]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type] --> &dquot->dq_lock --> &ocfs2_quota_ip_alloc_sem_key
[  168.226074][ T8044] 
[  168.243287][ T8044]  Possible unsafe locking scenario:
[  168.243287][ T8044] 
[  168.250819][ T8044]        CPU0                    CPU1
[  168.256278][ T8044]        ----                    ----
[  168.261838][ T8044]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  168.267817][ T8044]                                lock(&dquot->dq_lock);
[  168.274744][ T8044]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  168.282983][ T8044]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]);
[  168.290510][ T8044] 
[  168.290510][ T8044]  *** DEADLOCK ***
[  168.290510][ T8044] 
[  168.299138][ T8044] 4 locks held by syz.0.582/8044:
[  168.304438][ T8044]  #0: ffff88801df519c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2a3/0x330
[  168.314387][ T8044]  #1: ffff88807d154418 (sb_writers#15){.+.+}-{0:0}, at: vfs_write+0x20e/0x940
[  168.325228][ T8044]  #2: ffff88805c8b2658 (&sb->s_type->i_mutex_key#22){+.+.}-{3:3}, at: ocfs2_file_write_iter+0x40b/0x1d00
[  168.339010][ T8044]  #3: ffff88805c8b22e0 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_dio_end_io+0x38c/0x10f0
[  168.350455][ T8044] 
[  168.350455][ T8044] stack backtrace:
[  168.356571][ T8044] CPU: 0 PID: 8044 Comm: syz.0.582 Not tainted 6.6.98-syzkaller #0
[  168.365617][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.376807][ T8044] Call Trace:
[  168.380727][ T8044]  <TASK>
[  168.383716][ T8044]  dump_stack_lvl+0x16c/0x230
[  168.388495][ T8044]  ? load_image+0x3b0/0x3b0
[  168.393278][ T8044]  ? show_regs_print_info+0x20/0x20
[  168.398947][ T8044]  ? print_circular_bug+0x12b/0x1a0
[  168.404618][ T8044]  check_noncircular+0x2bd/0x3c0
[  168.409757][ T8044]  ? print_deadlock_bug+0x5d0/0x5d0
[  168.415047][ T8044]  ? lockdep_lock+0xe0/0x220
[  168.419660][ T8044]  ? _find_first_zero_bit+0xd3/0x100
[  168.425051][ T8044]  __lock_acquire+0x2ddb/0x7c80
[  168.430282][ T8044]  ? ocfs2_get_system_file_inode+0x1e3/0x7b0
[  168.436280][ T8044]  ? __lock_acquire+0x7c80/0x7c80
[  168.441302][ T8044]  ? verify_lock_unused+0x140/0x140
[  168.446647][ T8044]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  168.452281][ T8044]  ? do_raw_spin_lock+0x121/0x2c0
[  168.457404][ T8044]  ? mutex_unlock+0x10/0x10
[  168.461909][ T8044]  lock_acquire+0x197/0x410
[  168.466408][ T8044]  ? ocfs2_del_inode_from_orphan+0x135/0x740
[  168.472384][ T8044]  ? ocfs2_get_system_file_inode+0x1f1/0x7b0
[  168.478417][ T8044]  ? __might_sleep+0xe0/0xe0
[  168.483040][ T8044]  ? read_lock_is_recursive+0x20/0x20
[  168.488493][ T8044]  ? ocfs2_fast_symlink_read_folio+0x530/0x530
[  168.494828][ T8044]  ? do_raw_spin_unlock+0x121/0x230
[  168.500046][ T8044]  down_write+0x97/0x1f0
[  168.504304][ T8044]  ? ocfs2_del_inode_from_orphan+0x135/0x740
[  168.510540][ T8044]  ? down_read_killable+0x340/0x340
[  168.515839][ T8044]  ocfs2_del_inode_from_orphan+0x135/0x740
[  168.521852][ T8044]  ? __might_sleep+0xe0/0xe0
[  168.526635][ T8044]  ? read_lock_is_recursive+0x20/0x20
[  168.532134][ T8044]  ? ocfs2_add_inode_to_orphan+0x710/0x710
[  168.538037][ T8044]  ? __lock_acquire+0x1334/0x7c80
[  168.543060][ T8044]  ? down_write+0x162/0x1f0
[  168.549557][ T8044]  ? down_read_killable+0x340/0x340
[  168.554749][ T8044]  ocfs2_dio_end_io+0x47b/0x10f0
[  168.559972][ T8044]  ? ocfs2_dio_wr_get_block+0x17a0/0x17a0
[  168.565915][ T8044]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  168.571997][ T8044]  ? _raw_spin_unlock+0x40/0x40
[  168.577047][ T8044]  ? debug_check_no_obj_freed+0x51f/0x540
[  168.582968][ T8044]  ? mark_lock+0x94/0x320
[  168.587305][ T8044]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  168.593826][ T8044]  ? lock_chain_count+0x20/0x20
[  168.598717][ T8044]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  168.604643][ T8044]  ? lockdep_hardirqs_on+0x98/0x150
[  168.609962][ T8044]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  168.615881][ T8044]  ? ocfs2_dio_wr_get_block+0x17a0/0x17a0
[  168.621686][ T8044]  dio_complete+0x254/0x710
[  168.626211][ T8044]  __blockdev_direct_IO+0x2dc8/0x3420
[  168.631629][ T8044]  ? show_vfsstat+0x3a0/0x3a0
[  168.636389][ T8044]  ? __mod_timer+0x984/0xdb0
[  168.641064][ T8044]  ? ocfs2_lock_get_block+0x60/0x60
[  168.646269][ T8044]  ? filemap_write_and_wait_range+0x160/0x1f0
[  168.652511][ T8044]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  168.658500][ T8044]  ? file_update_time+0x197/0x1b0
[  168.663697][ T8044]  ? ocfs2_lock_get_block+0x60/0x60
[  168.668888][ T8044]  ocfs2_direct_IO+0x240/0x2b0
[  168.673746][ T8044]  generic_file_direct_write+0x1d4/0x3e0
[  168.679752][ T8044]  __generic_file_write_iter+0x11b/0x230
[  168.685988][ T8044]  ? ocfs2_file_write_iter+0x1559/0x1d00
[  168.691610][ T8044]  ocfs2_file_write_iter+0x1582/0x1d00
[  168.697149][ T8044]  ? ocfs2_file_read_iter+0xa30/0xa30
[  168.702565][ T8044]  ? lock_acquire+0x1f2/0x410
[  168.707253][ T8044]  ? rcu_read_lock_any_held+0xb4/0x120
[  168.712794][ T8044]  ? rcu_read_lock_bh_held+0xe0/0xe0
[  168.718182][ T8044]  vfs_write+0x43b/0x940
[  168.722549][ T8044]  ? file_end_write+0x250/0x250
[  168.727508][ T8044]  ? __fget_files+0x44a/0x4d0
[  168.733643][ T8044]  ? __fdget_pos+0x2a3/0x330
[  168.738596][ T8044]  ? ksys_write+0x75/0x250
[  168.743023][ T8044]  ksys_write+0x147/0x250
[  168.747390][ T8044]  ? __ia32_sys_read+0x90/0x90
[  168.752160][ T8044]  ? lockdep_hardirqs_on+0x98/0x150
[  168.757361][ T8044]  do_syscall_64+0x55/0xb0
[  168.761860][ T8044]  ? clear_bhb_loop+0x40/0x90
[  168.766578][ T8044]  ? clear_bhb_loop+0x40/0x90
[  168.771263][ T8044]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  168.777157][ T8044] RIP: 0033:0x7f69bb78e929
[  168.781593][ T8044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.801206][ T8044] RSP: 002b:00007f69bc53d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  168.809710][ T8044] RAX: ffffffffffffffda RBX: 00007f69bb9b5fa0 RCX: 00007f69bb78e929
[  168.817857][ T8044] RDX: 0000000000002400 RSI: 0000200000000000 RDI: 0000000000000005
[  168.825912][ T8044] RBP: 00007f69bb810b39 R08: 0000000000000000 R09: 0000000000000000
[  168.833878][ T8044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.841862][ T8044] R13: 0000000000000000 R14: 00007f69bb9b5fa0 R15: 00007fff26d86e88
[  168.850143][ T8044]  </TASK>
[  168.877353][   T27] usb 2-1: USB disconnect, device number 6
[  169.011422][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[  169.069124][ T8063] loop2: detected capacity change from 0 to 40427
[  169.091099][ T8063] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  169.109277][ T8063] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  169.129427][ T8063] F2FS-fs (loop2): invalid crc value
[  169.187862][ T8063] F2FS-fs (loop2): Found nat_bits in checkpoint
[  169.255753][ T8063] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  169.263255][ T8063] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  169.335059][   T50] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  169.336206][ T5793] Bluetooth: hci0: command 0x0c1a tx timeout
[  169.805453][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  169.805467][   T28] audit: type=1800 audit(1752523621.762:69): pid=8063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.590" name="file1" dev="loop2" ino=10 res=0 errno=0
[  169.833586][ T5786] syz-executor: attempt to access beyond end of device
[  169.833586][ T5786] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  169.848331][ T5786] F2FS-fs (loop2): Stopped filesystem due to reason: 3