last executing test programs:

2m50.300218976s ago: executing program 3 (id=837):
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000)=0x6, 0x5, 0x2)

2m50.055915315s ago: executing program 3 (id=841):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
readv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)

2m49.772124858s ago: executing program 3 (id=847):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getrandom(0x0, 0x0, 0x3)

2m49.389808981s ago: executing program 3 (id=853):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f0000000280)={[{@gid}, {@discard_size={'discard', 0x3d, 0x9}}, {@gid}, {@nodiscard}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@discard}, {@iocharset={'iocharset', 0x3d, 'cp866'}, 0x0}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@grpquota}, {@usrquota}, {@uid}, {@quota}, {@gid}, {@noquota}, {@errors_remount}, {@gid}, {@noquota}], [{@subj_type={'subj_type', 0x3d, '+-]{.&Q.'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$.+[**@(*(.'}}, {@measure}]}, 0x5, 0x60ea, &(0x7f000000c4c0)="$eJzs3b2PHGcdB/Dfvt5LiHNKEQULoYsTXkKIX4MxBEhSQEGTArlFti6XyMIBZBvkRBY+dA0FFX8BCIkSIUpEwR+QgpaOiopINhIoFYPm7nl8s+td75nz7ezd8/lI65nfPLO7z9x3Z1+8M/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73znUi4spP04K1iE9FL6IbsVLX6xGxsr6W1+9HxPOx0xzPRcRgKaK+/s4/z0S8FhEfnYi4d//ORr34/D778e0//O2333/q7b/+fnDmP3+81Xt92nq3b//y33+6e7BtBgAAgNJUVVV10sf8k+nzfbftTgEAc5Ff/6skL1+YuntIt/+rf7z950XYPrVarVar51g3VZPdbRYRsdW8Tv2ewdfxAHDEbMUnbXeBFsm/aP2IeKrtTgALrdN2BzgU9+7f2eikfDvN14P13fZ8LMhI/ludB+d3TJvOMn6MybweX9vRi2en9GdlTn1YJDn/7nj+V3bbh2m9w85/XqblP9w99ak4Of/eeP5jjk/+3Yn5lyrn33+s/HvyBwAAAACABZb//3+t5e9/lw6+KfvyqO9/1+fUBwAAAAAAAAB40g46/t8Dxv8DAACAhVV/Vq/9+sTesmm/xVYvv9yJeHpsfaAw6WSZ1bb7AQAAAAAAAAAAAAAl6e8ew3u5EzGIiKdXV6uqqi9N4/XjOuj1j7rStx9K1vaTPAAA7ProxNi5/J2I5Yi4nH7rb7C6ulpVyyur1Wq1spTfzw6XlquVxufaPK2XLQ338Ya4P6zqG1tuXK9p1uflWe3jt1ff17Dq7aNjT8gg/TWnNLcUNgAku69G97wiHTNV9cy0Nx8wwv5//Nj/2Y+2H6cAAADA4auqquqkn/M+mb7z77bdKQBgLvLr//j3AodSRxzu7avVarVarX5k3VRNdrdZRMRW8zr1ewbD8QPAEbMVn7TdBVok/6L1I+L5tjsBLLRO2x3gUNy7f2ejk/LtNF8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2+tqMXz07pz3Nz6sMiyfl3x/O/sts+TOsddv7zMi3/ejvXWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mu9/8yYDAAAAAAAAwJFz7/6djXzea/7+/zMT1nP+5/GU8+/Iv0g5/+5Y/l8cW6/XmP/4rb38/3X/zsbvbv3z03m63/yX8kwnPbI66RHRSffU6afpQbbuYduD3rC+p0Gn2+unY36qwbtxLa7HZpwdWbeb/h577edG2uueDkbaz4+09x9qvzDSPki/O1Ct5PbTsRE/iuvxzk573bY0Y/uXZ7RXM9pz/j37f5Fy/v3Gpc5/NbV3xqbR2DWb+31zOul+3rz22V+cPeRt2Y/t6D3YtqZ6+0610J+dv8lTw/jJzc0bp29fvXXrxrlIk5Gl5yNNnrCc/2DnsrT3/P/ibnt+3m/urx//fPjQ8/6s/BfFdvSn5v9iY77e3pfn3Lc25PyH6ZLzfye1T9r/j3b+0/f/V1roDwAAAAAAAAAAAAAAADxKVVU7p4i+GREX0/k/bZ2bCQDMV379r5K8XK1Wq9Vq9fGrm6rJ3mgWEfGX5nXq9ww/m3RjAMAi+29E/L3tTtAa+Rcs/95fPX2p7c4Ac3Xzgw9/cPX69c0bN9vuCQAAAAAAAADw/8rjf643xn9+KSLWxtYbGf/1rVg/6Pif/TzzYIDRJzzQ9xTb3WGv2xhu/IXYGZ/79LTxv0/Fo8f/7s+4v8GM9uGM9qUZ7csTl+6lNfFEj4ac/wuN8c7r/E+ODb9ewviv42PelyDnf6rxeK7z/8LYes38q98sXP5b+11xO7oj+Z+59f6Pz9z84MNXr71/9b3N9zZ/eOHcubMXLl68dOnSmXevXd88u/vv4fR6AeT889jXjgMtS84/Zy7/suT8P5dq+Zcl5//5VMu/LDn//H5P/mXJ+efPPvIvS87/5VTLvyw5/y+lWv5lyfm/kmr5lyXn/+VUy78sOf9XUy3/suT8T6da/mXJ+Z9J9T7y9/Pwx0jOP3/DZf8vS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzfy3V8i9Lzv8rqZZ/WXL+F1Mt/7Lk/L+aavmXJed/KdXyL0vO/2upln9Zcv5fT7X8y5Lzfz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/G6mWf1n2fv/fjBkzZvJM289MAAAAAAAAAAAAAMC4eRxO3PY2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl9sdcOIQZCcPI3ZJOYEJIlu7YTv/BvigmvDVAKJBT6gu1612bBb3jtEiiSTQMlEkZFFVXTi7aAUBupqrAqLmhFaS6qvlyV9oLeVFSVkBpVAQUkpLai2WrmPM/jmdnZObve8Xr2PJ+PFP+8O2fmnDnzzOx+1/nuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs73jT3uUZRFM3/Wn9sK4oXNf++ZXJb63Ovv95HCAAAAKzV/7b+fP6m9ImDK7hS2zZ/96p//Mbi4uJi8YHR3x3/0uJiumCyKMY3F0Xrsujyv3+w0b5N8EQx0Rhp+3ikYvejFZePVVw+XnH5porLN1dcPlFx+ZITsMSW8ucxrRvb2frrtvKUFjcX463Ldva41hONzSMj8Wc5LY3WdRbHjxXzxYlirpjp2L7cttHa/lt3NPf19iLua6RtXzuaK+RHnzoaj6ERzvHOjn1duc3oB28sJn/8o08d/eNzz93aa1aeho7bK4/znjubx/mZ8JnyWBvF5nRO4nGOtB3njh6PyWjHcTZa12v+vfs4n1/hcY5eOcx11f2YTxQjrb9/p3Wextp/rJfO047wuf+6qyiKi1cOu3ubJfsqRoqtHZ8ZufL4TJQrsnkbzaX00mJsVev0jhWs0+ac3dm5TrufE/HxvyNcb2yZY2h/mH7w6U1LHvfVrtOoea+Xe650r8FBP1eGZQ3GdfGd1p1+suca3Bnu/6fuXn4N9lw7PdZgut9ta/DOqjU4smm0dczpQWi0rnNlDe7q2H60tadGaz57d/81OH3u5JnphU988nXzJ48cnzs+d2rPrl0ze/bu3b9///Sx+RNzM+WfV3m2h9/WYiQ9B+4M5y4+B17TtW37Ul38yuCehxN9nofburYd9PNwrPvONdbnCbl0TZfPjUebJ33i0kixzHOs9fjcu/bnYbrfbc/DsbbnYc+vKT2eh2MreB42tzlz78q+Zxlr+6/XMVyrrwXb2tZg9/cj3Wtw0N+PDMsanAjr4l/vXf5rwY5wvE9Orfb7kdElazDd3fDa0/xM+n5/Yn9r9FqXtzUvuGFTcX5h7uz9jx85d+7sriKMdfGytrXSvV63tt2nYsl6HVn1ej04/6onb+vx+W3hXE28rvnHxLKPVXObB+7v/1i1vrr1Pp8dn91dhDFg630+e301b57PlCX7nM/mNp+ZXvv34imXtr3+ji/z+htz/wvl/tJNPTE6PlY+f0fT2RnveD3ufKjGWq9djda+n59e2evxePhvvV+Pb+7zery9a9tBvx6Pd9+5+HrcqPppx9p0P54TYZ2cmOn/etzcZvvu1a7Jsb6vx3eF2Qjn/7UhKaRc1LZ2llu3aV9jY+Phfo3FPXSu0z0d24+HbNbc19O7r26d3nNXeVuj6d5dsV7rdLJr20Gv0/R6tdw6bVT99O3qdD+eE2Fd3Lyn/zptbvPMA2t/7dwS/9r22rmpag2Oj25qHvN4WoTl6/3ilrgG7y+OFqeLE8Vs69JNrfXUaO1r6sGVrcFN4b/1fq3c3mcN3tO17aDXYPo6ttzaa4wtvfMD0P14ToR18dSD/ddgc5s37xvs9673hM+kbdq+d+3++dpyP/O6res0XcufeTWP82/29f/ZbHObE/tXmzP7n6f7wmdu6HGeup+/yz2nZov1OU/bw3E+t3/589Q8nuY2XzqwwvV0sCiKCx97uPXz3vDvK39+/rvf6Ph3l17/pnPhYw//8MZjf7ua4wdg43uhHFvLr3Vt/zK1kn//BwAAADaEmPtHwkzkfwAAAKiNmPvj/xWeyP8AAABQGzH3j4WZZJL/t7/5ufkXLhSpmb8YxMvTaXik3C52XGfCx5OLVzQ///DX5n7ylxdWtu+Roih++shv9Nx++yPxuEqT4Tgvv6Xz80uveGFF+z/82JXt2vvrXw63H+/PSpdBrwruTFEU37rpC639TH7wUms+88jh1nzvxSefaG7z/IHy43j9Z19Wbv8Hofx78NiRjus/G87D98OceUfv8xGv9/VLr92x7/1X9hev17jzxa27/dSHytuNvyfni0+U28fzvNzx/9Xnn/56c/vHX937+C+M9D7+p8Ptfi3M/35luX37Y9D8OF7vs+H44/7i9e7/6rd7Hv/lz5Xbn3lrud3hMOP+7wkf73zrc/Pt5+vxxpGO+1W8rdwu7n/mu7/dujzeXrz97uOfOHSp43x0r49n/rm8nemu7ePn436iv+jaf/N22tdn3P/Tv3W44zxX7f/ye599ZfN2u/d/X9d2o13X7/6NTX/42S/03F88noN/dqbj/hx8T3geh/0/9aGwHsPl/3P5Cx37jQ6/p/P1J27/5W0XOu5P9PYfl/u//Ibjrfkfkz/5/RtedOOLL97ePHdF8Z33lbdXtf/jf3S64/i/csu9rccjXh47+t37X07c/9mPT506vXB+frbtrLZ+d847y+PZPLFla/N4bwqvrd0fHzp97sNzZydnJmeKYrK+v0Lvqn01zB+W4+Jqr3/vY+HxvO33vrX17n/6fPz8vzxafv7SO8qvW68J230xfH5b+fgtNta4/6fuuKX1/G48U37c0WMfgB07/3P/ijYM97/7+4K43s+8/MOt89C8rPV1Iz6v13j835stb+eb4bwuht/MfOctV/bXvn383QiX3lc+39d8/sLLXHxc/yQ83u/6fnn78bji/f1e+D7m29s7X+/i+vjmhZHu22/9Fo+L4fWkuFheHreK5/vS87f0PLz4e0iKi7e2Pv6ddDu3rupuLmfhEwvTJ+ZPnX98+tzcwrnphU988tDJ0+dPnTvU+l2ehz5Sdf0rr09bW69Ps3N7HyhmthRFcbqYWYcXrGtz/M2/rez4zzx2dHbfzN2zc8eOnD927rEzc2ePH11YODo3u3D3kWPH5j5edf352Yd27T6wZ9/uqePzsw/tP3Bgz4Gp+VOnm4dRHlSFvTMfnTp19lDrKgsPPXBg14MPPjAzdfL07NxD+2Zmps5XXb/1tWmqee1fnzo7d+LIufmTc1ML85+ce2jXgb17d1f+NsCTZ44tTE6fPX9q+vzC3Nnp8r5Mnmt9uvm1r+r61NPCv5Xfz3ZrlL+Ir3j3fXvT72dt+tqnl72pcpOuXyD6XPhdNP/wkjP7V/JxzP3jYSaZ5H8AAADIQcz9m8JM5H8AAACojZj7N4eZyP8AAABQGzH3T4SZZJL/9f/1/1fW/y8v1//Pq/9/5mNlr3Sj9/9jf17/Pw/Xuf+/5v3r/+v/16//v/L+/EY/fv1//X+WGrb+f8z9W4oiy/wPAAAAOYi5f2uYifwPAAAAtRFz/w1hJvI/AAAA1EbM/S8KM8kk/+v/r6j/v7uqcFX//r/3/9f/LzZm/z8+OPr/2Vh1//79j3Z8qP8f6P/r/+v/6//r/7Nm48tecr36/zH33xhmkkn+BwAAgBzE3P/iMBP5HwAAAGoj5v6bwkzkfwAAAKiNmPu3hZlkkv/1/73/v/6//n+t+/9rff//toPR/98YvP9/fz36/7f33FD/f5X9/wn9/43Y/x8f7PEPd/+/8vD1/7kmhu39/2Puf0mYSSb5HwAAAHIQc/9Lw0zkfwAAAKiNmPtfFmYi/wMAAEBtxNx/c5hJJvlf/1//X/9f/1//v/f+q9//v/yb/v9w0f/vz/v/V/D+/3n1/wd8/MPd/x/0+/+Pv6X7+vr/9DJs/f+Y+18eZpJJ/gcAAIAcxNx/S5iJ/A8AAAC1EXP/K8JM5H8AAACojZj7t4eZZJL/9f/1//X/9f/1/3vvv7r/X9L/Hy76//0Nuv8/2vV5/f+S/r/+f+37/z2++dX/p5dh6//H3H9rmEkm+R8AAAByEHP/bWEm8j8AAADURsz9/y/MRP4HAACA2oi5f0eYSSb5X/9f/1//P6/+/32b9P/1/+tN/78/7/9fQf9f/1//f4Xv/7/Uavr/m6tujNoYtv5/zP2vDDPJJP8DAABADmLuf1WYifwPAAAAtRFz/+1hJvI/AAAA1EbM/ZNhJpnkf/3/evX///Svn7q90P/X/6/Yf037/3EZ6P9nTv+/P/3/Cvr/+v/6/+vS/ycfw9b/j7n/jjCTTPI/AAAA5CDm/jvDTOR/AAAAqI2Y++8KM5H/AQAAoDZi7t8ZZpJJ/tf/r1f/P9L/1//vt/+a9v8T/f+86f/30PYk1f+voP+v/599/z9+96v/z2AMW/8/5v5Xh5lkkv8BAAAgBzH33x1mIv8DAABAbcTc/5owE/kfAAAAaiPm/nvCTDLJ//r/+v/6//r/+v+996//vzHp//en/19B/1//P/v+v/f/Z7CGrf8fc/9rw0wyyf8AAACQg5j77w0zkf8BAACgNuL/v1n+f6/yPwAAANRRzP1TYSaZ5H/9f/3/nPr/Df1//X/9/9rT/+9P/7+C/r/+v/6//j8DNWz9/5j7Xxdmkkn+BwAAgBzE3H9/mIn8DwAAALURc/90mIn8DwAAALURc/9MmEkm+V//X/8/p/6/9//v6P9PFIX+v/5//ej/96f/X0H/X/+/bv3/otD/57oatv5/zP27wkwyyf8AAACQg5j7d4eZyP8AAABQGzH37wkzkf8BAACgNmLufyDMJJP8r/+v/6//n23/3/v/6//Xkv5/f/r/FfT/9f/r1v/3/v9cZ8PW/4+5/8Ewk0zyPwAAAOQg5v69YSbyPwAAANRGzP37wkzkfwAAAKiNmPv3h5lkkv/1/2vS///Nv+/Yt/6//n+//Q+m/79F/z9M/f/hUtP+f/fT4qrp/1fQ/9f/1//X/2eghq3/H3P/gTCTTPI/AAAA5CDm/teHmcj/AAAAUBsx9///MBP5HwAAAGoj5v6fCTPJJP/r/9ek/99F/1//v9/+vf+//n+d1bT/PzD6/xX0//X/9f/1/xmoa9//j39bWf8/5v6Hwkwyyf8AAACQg5j7fzbMRP4HAACA2oi5/w1hJvI/AAAA1EbM/QfDTDLJ//r/+v/6//r/16b//4ai2zD2/5uLR/+/XvT/+9P/r6D/r/+v/6//z0AN2/v/x9z/xjCTTPI/AAAA5CDm/ofDTOR/AAAAqI2Y+98UZiL/AwAAQG3E3P/mMJNM8r/+v/6//r/+v/f/771//f+NSf+/P/3/Cvr/+v/6//r/DNSw9f9j7n9LmEkm+R8AAAByEHP/W8NM5H8AAACojZj73xZmIv8DAABAbcTc//Ywk0zyv/6//r/+v/6//n/v/ev/b0z6//3p/1fQ/9f/1//X/2eghq3/H3P/z4WZZJL/AQAAIAcx9z8SZiL/AwAAQG3E3P+OMBP5HwAAAGoj5v53hplkkv/1//X/9f/1//X/e+9f/39j0v/vT/+/whD0/5tf0/T/N+bx6//r/7PUsPX/Y+5/V5hJJvkfAAAAchBz/8+Hmcj/AAAAUBsx9787zET+BwAAgNqIuf8Xwkwyyf/6//r/+v/6/1n0/5tX0v/Pgv5/f/r/FXr0/zd7/3/9f/1//X+u2rD1/2Puf0+YSSb5HwAAAHIQc/97w0zkfwAAAKiNmPvfF2Yi/wMAAEBtxNz/aJhJJvlf/z/L/n+6y/r/Jf3/DPr/3v8/G/r//en/VxiC9//X/9+4x6//r//PUsPW/4+5/7Ewk0zyPwAAAOQg5v73h5nI/wAAAFAbMff/YpiJ/A8AAAC1EXP/B8JMMsn/+v9Z9v+9//+69f/HOtZHTv3/ibbHM61L/X/9/3Wg/9+f/n8F/X/9/2Hu/4fVvGWZ6+v/M4yGrf8fc/8Hw0wyyf8AAACQg5j7fynMRP4HAACA2oi5/5fDTOR/AAAAqI2Y+38lzCST/K//r/+v/+/9/73/f+/96/9vTPr//en/V9D/1/8f5v5/Bf1/htGw9f9j7v/VMJNM8j8AAADkIOb+D4WZyP8AAABQGzH3Hwozkf8BAACgNmLuPxxmkkn+1//v7v/Hd1TV/9f/1//X/9f/34gG1/9/xY1Fof+v/6//r/+v/6//z1oMW/8/5v4jYSaZ5H8AAADIQcz9vxZmIv8DAABAbcTcfzTMRP4HAACA2oi5fzbMJJP8r//v/f8H1f//qf6//n+g/9+b/v/68P7//en/V9D/1//X/9f/Z6CGrf8fc/9cmEkm+R8AAABqLP04OOb+Y2Em8j8AAADURsz9x8NM5H8AAACojZj7Pxxmkkn+1//X//f+/9ej/z/Wsb3+f0n/X/9/EPT/+9P/r6D/r/+v/6//z0ANW/8/5v75MJNM8j8AAADkIOb+j4SZyP8AAABQGzH3fzTMRP4HAACA2oi5/0SYSSb5X/9f/z/3/n+jKC56/3/9/1771//fmPT/+9P/r6D/r/+v/6//z0ANW/8/5v6TYSaZ5H8AAADIQcz9p8JM5H8AAACojZj7T4eZyP8AAABQGzH3nwkzyST/6//r/+fe/y/+j737aLLrrPY4fK7LtqTRvR/hju/oDmHEV2DKjCrGDACTgzE5g8k5mJxzTibnnLPJOZpoqBJFa61ltfpob8l93Gfvdz3PZNEqiXPaOgj+qH619/L8/8M/X/9/jv5f/78LR/r7Ky/v11+0////O1xzV/2//l//P0n/r//X/3OhpfX/ufvvEbc02f8AAADQQe7+e8Yt9j8AAAAMI3f/veIW+x8AAACGkbv/mrilyf7X/+v/9f/6/0P9/436f/3/unn+/zT9/wz9v/5f/6//Z6eW1v/n7r933NJk/wMAAEAHufvvE7fY/wAAADCM3P33jVvsfwAAABhG7v77xS1N9r/+X/+v/9f/e/7/9tfX/6+T/n+a/n+G/l//r//X/7NTS+v/c/ffP25psv8BAACgg9z9D4hb7H8AAAAYRu7+B8Yt9j8AAAAMI3f/g+KWJvtf/6//1//r//X/219f/79ON2xu/TNB/3+U/n/GTP+/2ej/p1xyP7/921vP+78I/b/+n6OW1v/n7n9w3NJk/wMAAEAHufsfErfY/wAAADCM3P3Xxi32PwAAAAwjd/9D45Ym+1//r//X/+v/9f/bX1//v06e/z/t+P3///3P3e/Wt//3/P9pnv+v/9f/c6Gl9f+5+6+LW5rsfwAAAOggd//D4hb7HwAAAIaRu//hcYv9DwAAAMPI3f+IuKXJ/tf/t+n/D2oX/b/+X/+v/x+d/n+a5//POPhj7kx9qf/X/+v/9f8cz9L6/9z9j4xbmux/AAAA6CB3/6PiFvsfAAAAhpG7/9Fxi/0PAAAAw8jd/5i4pcn+1/+36f89/1//r//X/7eg/5+m/58xyvP/b+OnZt/9/HHt+/3r//X/HLW0/j93/2Pjlib7HwAAADrI3f+4uMX+BwAAgGHk7n983GL/AwAAwDBy9z8hbmmy//X/+v919P/5Cvp//b/+X/8/Tf8/Tf8/Y5T+/zbadz+/9vev/9f/c9TS+v/c/U+MW5rsfwAAAOggd/+T4hb7HwAAAIaRu//JcYv9DwAAAMPI3f+UuKXJ/tf/6//X0f97/r/+X/+v/780+v9p+v8Z+n/9v/5f/89OLa3/z91/fdzSZP8DAABAB7n7nxq32P8AAAAwjNz9T4tb7H8AAAAYRu7+p8ctTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f96vOr15RtzSZP8DAABAB7n7nxm32P8AAAAwjNz9z4pb7H8AAAAYRu7+Z8ctTfa//n8x/f9BzjdW/39ms9no/zdN+/8z5/1+1udS/6//PwH6/2n6/xn6f/2//l//z04tqP8/+Dp3/3Pilib7HwAAADrI3f/cuMX+BwAAgGHk7n9e3GL/AwAAwDBy9z8/bmmy//X/i+n/D4zV/3v+/4Wfj079v+f/H6X/Pxn6/2n6/xn6f/2//l//z04trf/P3f+CuOnqq27ztwgAAAAsTO7+F8YtTf7+HwAAADrI3f+iuMX+BwAAgJW6/siP5O5/cdzSZP/r/3fb/1993o/p//X/F34+9P/6f/3/7U//P03/P0P/r//X/+v/2aml9f+5+18StzTZ/wAAANBB7v4b4hb7HwAAAIaRu/+lcYv9DwAAAMPI3f+yuKXJ/tf/e/6//l//r//f/vr6/3XS/09bdv9/tv440f/r/9f4/nfQ/5+69V/q/xnDZfT/Z8+evfZ27/9z9788bmmy/wEAAKCD3P2viFvsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//37T/z4+6/v+A/l//v+319f/rpP+ftuz+3/P/9f/rfv+e/6//56ilPf8/d/+r45Ym+x8AAAA6yN3/mrjF/gcAAIBh5O5/bdxi/wMAAMAwcve/Lm5psv/1/037f8//1//r/0+6/79lo/8/Eavo/89c/PWX3v9fp//X/09o1//f+Y6HvtT/6/85amn9f+7+18ctTfY/AAAAdJC7/w1xi/0PAAAAw8jd/8a4xf4HAACAYeTuf1PcdGWT/a//1//r//X/+v/tr3/Cz/+/erPZ6P93YBX9/4Sl9/+e/6//n9Ku/7+A/l//z1FL6/9z9785bmmy/wEAAKCD3P1viVvsfwAAABhG7v63xi32PwAAAAwjd//b4pYm+1//r//X/+v/h+//r1tF/+/5/zui/5+m/5+h/9f/6//1/5yIffX/ufvfHrc02f8AAADQQe7+d8Qt9j8AAAAMI3f/O+MW+x8AAACGkbv/XXFLk/2v/9f/6//1/6cW1/+fPvTv1+T5//r/HdH/T9P/z9D/6//1/9fr/9mlpT3/P3f/u+OWJvsfAAAAOsjd/5649X/d2v8AAAAwjNz9741b7H8AAAAYRu7+98UtTfa//l//r//X/w///H/9fyv6/2n6/xn6f/2//t/z/9mppfX/ufvfH7c02f8AAADQQe7+D8Qt9j8AAAAMI3f/B+MW+x8AAACGkbv/xrilyf7X/+v/9f/6f/3/ud9D/f8Y9P/TTqb/P6P/1/9XP/9f8Z8C/b/+f+7XM6al9f+5+z8UtzTZ/wAAANBB7v4Pxy32PwAAAAwjd/9H4hb7HwAAAFbpyi0/lrv/o3FLk/2v/9f/6//1//r/7a+v/18n/f80z/+fof+/zH7+fw99tbbn/1/431/6f/0/u7f//v/c/2LLr3P3fyxuabL/AQAAoIPc/R+PW+x/AAAAGEbu/k/ELfY/AAAADCN3/yfjlib7X/+v/9f/6//1/9tfX/+/Tvr/afr/Gfr/vT4/f+3vX/+v/+eo/ff/h7/O3f+puKXJ/gcAAIAOcvd/Om6x/wEAAGAYufs/E7fY/wAAADCMg92fcVnD/a//1//r//X/+v/tr6//Xyf9/zT9/wz9v/5f/6//Z6eW1v9/9uBXnd58Lm5psv8BAACgg9z9n49b7H8AAAAYRu7+L8Qt9j8AAAAMI3f/F+OWJvu/Qf9/attP0/+vrf8/e/bstfp//f/h7+fW/v8m/T9F/z9N/z9D/6//1//r/9mppfX/ufu/FLc02f8AAADQQe7+L8ct9j8AAAAMI3f/V+IW+x8AAACGkbv/q3FLk/3foP/falH9/2n9v+f/6/83nv+v/98R/f80/f+MEfv/05f+7e+7nz+ufb9//b/+n6OW1v/n7v9a3NJk/wMAAEAHufu/HrfY/wAAADCM3P3fiFvsfwAAABhG7v5vxi1N9r/+/+T6///8s+vy/P8zm+3vX/+v/9f/6/9vb/r/afr/GSP2/5dh3/382t+//l//z1FL6/9z938rbmmy/wEAAKCD3P3fjlvsfwAAABhG7v7vxC32PwAAAAwjd/9345Ym+1//v4Dn/w/Y/3v+//bPh/5/0f3/Ffr/Mej/p+n/Z+j/9f/6/x31//lp1v93t7T+P3f/9+KWJvsfAAAAOsjd//24xf4HAACAYeTu/0HcYv8DAADAMHL33xS3nLf/t7Xdo9D/6//1//p//f/219f/r5P+f9ql9v+nNsfr/5P+X/+v/+/a/3v+P+csrf/P3f/DuMXf/wMAAMDqXHWRH8/d/6O4xf4HAACAYeTu/3HcYv8DAADAMHL3/yRuufmKfb2lE6X/1//r//X/+v/tr6//Xyf9/zTP/5+h/99FP38n/f8Y/f9mo//n+JbW/+fu/2nc4u//AQAAYBi5+38Wt9j/AAAAMIzc/T+PW+x/AAAAGEbu/l/ELU32v/5f/3/M/v8gzdT/n6P/P0f/v53+/2To/6fp/2fo/z3/X//v+f/s1NL6/9z9v4xbmux/AAAA6CB3/6/iFvsfAAAAhpG7/9dxi/0PAAAAw8jd/5u4pcn+31v/H/+o9f+r7/89/1//r//X/y+K/n+a/n+G/l//r//X/7NTS+v/c/f/Nm5psv8BAACgg9z9v4tb7H8AAAAYRu7+38ct9j8AAAAMI3f/H+KWJvvf8//1//p//b/+f/vr6//XSf8/Tf+/Xf1G6f/1//p//T87tbT+P3f/H+OWJvsfAAAAOsjd/6e4xf4HAACAYeTuvzlusf8BAABgGLn7/xy3NNn/+n/9v/5f/6//3/76+v910v9P22f/f5f/nn9Zz//fe/+fb0H/r//X/7MTS+v/c/f/JW5psv8BAACgg9z9f41b7H8AAAAYRu7+v8Ut9j8AAAAMI3f/3+OWJvt/pv8/VT9R/z9J/3/4/ev/t38+9P/H7v/PbPT/+v8Z+v9pnv8/Q//v+f/6f/0/O7W0/j93/z/ilib7HwAAADrI3X9L3GL/AwAAwDBy9/8zbrH/AQAAYBi5+/8VtzTZ/57/r//X/+v/V9T/H/p+9P/6/230/9P0/zP0//p//b/+n51aWv+fu//fAQAA//+2J1Da")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)

2m47.567055888s ago: executing program 3 (id=878):
r0 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r0, &(0x7f0000000240)={0x1d, 0x0, 0x0, {0x1, 0xf0, 0x2}, 0x1}, 0x18)

2m45.822912654s ago: executing program 3 (id=905):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_tgsigqueueinfo(0x0, 0x0, 0x39, 0x0)

2m45.359128355s ago: executing program 32 (id=905):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_tgsigqueueinfo(0x0, 0x0, 0x39, 0x0)

2m34.956873477s ago: executing program 1 (id=1010):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f0000004000)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, 0x0}}, {{&(0x7f0000000380)={0x2, 0x4e21, @loopback}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp_prespec={0x44, 0xc, 0x9, 0x3, 0x8, [{@loopback, 0xffff8001}]}]}}}], 0x20}}], 0x2, 0x40008c0)

2m34.508122394s ago: executing program 1 (id=1012):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x2200050, &(0x7f00000000c0)=ANY=[], 0xfe, 0x1af, &(0x7f0000000580)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5go5Lz+benMX13/n83zxc3rH8AGg+Hoe8vz3N8JCicsylEPCeLB5QnHosijqMQ0OSnvlp0ugr+vHZiGaTFftTc5FoDbqv6n/6s+GI7e9vqtrtt1fzQ+fpofu8NzeX3t6RzAnlvenAMAAAAAAAAAAAAAgH30VNKzNEHTB/wAAAAA7IyrfWbIkRT/2B8AAAAAAAAAAAAAAAAAAACA7C4CAAD//3Y4Qng=")
truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff)

2m34.003597868s ago: executing program 1 (id=1014):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x0, 0x0)
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000040)=""/55, 0x37}], 0x1, 0x0, 0x0)

2m33.556176243s ago: executing program 1 (id=1016):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3b0, 0xffffffff, 0xffffffff, 0x3b0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'ip6gretap0\x00', 'macsec0\x00'}, 0x0, 0x1c8, 0x1f0, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x29}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e0)

2m33.205044557s ago: executing program 1 (id=1017):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="2200000002000000"], 0x10)

2m32.866431659s ago: executing program 1 (id=1018):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='xfs\x00', 0x808000, 0x0)

2m17.569027281s ago: executing program 33 (id=1018):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='xfs\x00', 0x808000, 0x0)

1m57.88858244s ago: executing program 2 (id=1179):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x9b090c, 0x0, '\x00', @value64}})

1m57.253667324s ago: executing program 2 (id=1183):
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000400)={0x200000, 0x200000})
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000007c0)={@fallback, 0x9, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

1m56.365607785s ago: executing program 2 (id=1187):
r0 = syz_open_dev$evdev(&(0x7f00000001c0), 0x2ee, 0x8800)
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f000001ff40)=""/4096)

1m55.670888855s ago: executing program 2 (id=1189):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000600)='/sys/power/pm_trace', 0x169a82, 0x0)
sendfile(r0, r0, 0x0, 0x30)

1m54.898927804s ago: executing program 2 (id=1192):
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f016, 0x2})

1m54.113824607s ago: executing program 2 (id=1195):
mkdir(&(0x7f0000000600)='./file1\x00', 0x0)
mount(&(0x7f00000009c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a00)='./file1\x00', &(0x7f0000000080)='ocfs2\x00', 0x0, &(0x7f0000000a80)=',\x00')

1m38.624241469s ago: executing program 34 (id=1195):
mkdir(&(0x7f0000000600)='./file1\x00', 0x0)
mount(&(0x7f00000009c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a00)='./file1\x00', &(0x7f0000000080)='ocfs2\x00', 0x0, &(0x7f0000000a80)=',\x00')

1m24.500400588s ago: executing program 4 (id=1347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x800, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000dc0)={r0, &(0x7f0000000100), &(0x7f0000000000)=""/7, 0x2}, 0x20)

1m23.669143414s ago: executing program 4 (id=1351):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000feffffff00000000000000008500000041000000850000000e00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

1m21.951887637s ago: executing program 4 (id=1360):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=@newtaction={0xcc, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x5, 0x7218, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, 0xfffffffe}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x0, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xcc}}, 0x0)

1m21.202293429s ago: executing program 4 (id=1365):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SOUND_PCM_READ_BITS(r0, 0x80045005, &(0x7f0000000000))

1m20.050315068s ago: executing program 4 (id=1373):
r0 = openat$vmci(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION(r0, 0x79f, 0x0)

1m19.259026951s ago: executing program 4 (id=1378):
r0 = inotify_init1(0x0)
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x541b, 0x6)

1m4.057861382s ago: executing program 35 (id=1378):
r0 = inotify_init1(0x0)
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x541b, 0x6)

31.972118129s ago: executing program 6 (id=1622):
syz_mount_image$iso9660(&(0x7f0000000100), &(0x7f0000000280)='./file0\x00', 0x800000, &(0x7f0000000440)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRESOCT, @ANYRESHEX, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed3944440d445ac89758d3aa4a6c77ea3e1e50196a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad194301887b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c41f021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4ebe299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b95491ed", @ANYRES8=0x0], 0x3, 0x7cd, &(0x7f0000001780)="$eJzs3U9sHOXZAPBnjU3yGSlCfChEUQiTwCcFKZj1GsxncYBlPbYH1rur3XXlqKogIg6y4gCCopYcSnOBtmpV9dQj7ZVbb60qtVIPbU+VyqGX3pA4VbRqpapVVcnVzO46/rO2A3H+FH4/K57XM8/M+7zjyTw7tmc2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAo1WbL5clS1LPG0nKyw0hEJPf3Yxd3LF5fX1/vtQbb++WWyR79RpTyf3H4cBzrzTp2/7XFR/NPp+NE76sTcTifHI4r9xy99+n/HR0ZrL8z4Rt26jrjShHfzJO6dH5tbeWNm5DILfSdn++1dHTYzH8W3/f5tJF1mtlidT5Nsk4zmZmeLj++MNdJ5rJ62jnX6aaLSa2dVrvNdnKm9mgyOTMzlaQT55pLjfnZaj0dzHzqsUq5PJ08P9FKq+1Os/H48xOd2kJWr2eN+SKmUv5a5DFPJbXZ9gtZN+mm1cUkubi6tjK13+jyoMk9lp945N6P3/rob6sr+QG5W1Cpf2BWJicrlcnpJ2eefKpcHq2UK1tnlLeJjYgYicgjbspBy52jOGXu5WBO3HAARvr1P+qRRSOWYjmSIR9jUYvZaEczFvOv/zC2I6JvUP//7/E//26vfjfX/0GVP3Zt8fEo6v/J3lcnd6v/Q3M9yI+Rfj67LX8z3o4rcSnOx1qsxUq8cdMzusGPkYPd3nyk0YgsOtGMLBajWsxJ+nOSmInpmI5yvBgLMRedSGIusqhHGp04F53oRlocUbVoRxrV6EYz2pHEmajFo5HEZMzETExFEmlMxLloxlI0Yj5mo1ps5WKsFvt9alteR7/x0s9e+f3H7+ftjaDJPQZSyl/M5UF/3SNoR7m//vq/Hv0I9f+L7oDP4PDZrQ/qPwAAAPC5VSp++p5f/4/Fg0VrLqunX77daQEAAAAHqPjN/4l8Mpa3HoxSfv1fHhL54S3PDQAAADgYpeIeu1JEjMdDvdbgdqlhPwQAAAAA/gsVv/8/mU/GI94pZrj+BwAAgM+Zb+32jP2PBs/Y7bQOlX7xl2i3x0pXW8uPlC5X87jq5bt66/UnX9rYYnfueOlw9DZSbGt69Mo9pYgYraUnSoOnX/77UG/6SfH5+OjG6rs967+0LYGNNe7aPqQ8gSNXtiVwtOj4u3GqF3PqQm96oR/XfyLx+FxWTydqzfrTxSMR83/dt15d/XoUw/92Y/FIKS6urq1MvPza2oUil6v5Vq5e7j9AccdzFIfnUvS43t8D8eDwEY8VN2L0+x3v9Vve/A0YebZYfWTvPkub+3w3TvdiTo/3puNbx38473Ny4unJqFaPjHTT5e5b65tG389i8gZH/m483It5+MzDvcmQLCpbsnh1ZxaVzVn0d8I++2LfLMb6B9b7p95Z/vuvm6V0ar8sprZlcfhTZgFwu1wsnvpzrQr9T1GF/rXek9f/a3U36QX09c9yD2xsKj/LDcrAtrPcxdhYMlh/U60bjR3VffvLi9jWyy5n9DO9mDO91xOjx4fUlfKQM/rrq6//pn9Gf+KDH/7oKyd/+5PPXt0+iEd7Mf1J3PerXWpsPubvNRY3hrj8TL/x41377dQrpRiLuOurl1+Po2++feWx1cvnX1l5ZeXVSmVquvxEufxkJcaKlwr9idoDwBD7v8fOvhGlJ/a5qr5v408KJuLleC3W4kKcLe42iIiHhm91fNOfIZyN01FcLO9y1Tq+6R1ezu5zbXkttrIzdvC6Ykfs1KY99sAPisk/buI3BQBustP71OHrqf9n97nu3lrLt10dx+61fJj/v6l7AwC+GNL2J6Xx7nuldjtrvTg5MzNZ7S6kSbtZeyFpZ7PzaZI1umm7tlBtzKdJq93sNmuDHxzPpp2ks9RqNdvdZK7ZTlrNTrZcvPN70n/r9066WG10s1qnVU+rnTSpNRvdaq2bzGadWtK6+7l61llI28XKnVZay+ayWrWbNRtJp7nUrqUTSdJJ06S1NAjMZtNGN5vL8mYjabWzxWr7akTUlxbTZDbt1NpZq9vsbbDWjKKvrDHXbC8Wm53YOfw/3er9DQB3gjffvnLp/NrayhtbG0di+5xtjdEoGn/cK2bQuN1jBAC2UqUBAAAAAAAAAAAAAODOt/N2vXzuvrf0DWscik+/1qH4VF3cYCMf2q3q6/Y38tHeAWnc3sZLzzxzabeY5945tnB92xn+P2XYra7vHYm4+6ff78159laN9MPPdmCvl/aIuc0nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY4j8BAAD//4I3WI0=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)

30.861119826s ago: executing program 6 (id=1627):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100007856bb40da0b53813de20102030109021200010000000009040000000206"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000340)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="000004000000228b155e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

28.497220487s ago: executing program 7 (id=1637):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syncfs(r0)

27.88553351s ago: executing program 7 (id=1641):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x18, 0x1414, 0x1, 0x0, 0x2, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x6}]}, 0x18}}, 0x4010010)

27.794232024s ago: executing program 6 (id=1642):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x400, 0x260, 0x150, 0x150, 0x0, 0xf8010000, 0x330, 0x238, 0x238, 0x330, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @empty, [], [], 'veth0_to_team\x00', 'macvlan1\x00', {}, {}, 0x84}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@eui64={{0x28}}, @common=@inet=@sctp={{0x148}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)

27.178997168s ago: executing program 7 (id=1644):
r0 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400192446b6f18b593a10562c84d8c033ed7afe7027243de829e0000000a2bc560322fc11270cc15860342259b394dfca00000f7f8900000020000000e42471283ec681", 0x48}], 0x1)

26.608573322s ago: executing program 6 (id=1647):
syz_mount_image$btrfs(&(0x7f00000002c0), &(0x7f0000000280)='./file1\x00', 0x810, &(0x7f0000000400)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x2}}, {@space_cache_v2}, {@metadata_ratio={'metadata_ratio', 0x3d, 0xe3}}, {@acl}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@autodefrag}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x1f, 0x67, 0x37, 0x74, 0x65, 0x78, 0x78, 0x30]}}]}, 0x5, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
chmod(&(0x7f0000000080)='./file0\x00', 0x0)

26.454983117s ago: executing program 7 (id=1648):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000000)=""/108, &(0x7f0000000080)=0x18)

25.783749307s ago: executing program 7 (id=1652):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2004000, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
setxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='system.posix_acl_access\x00', 0x0, 0x0, 0x2)

24.403354466s ago: executing program 7 (id=1659):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev}}, [@migrate={0x50, 0x11, [{@in6=@mcast1, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in=@loopback, 0x32, 0x1, 0x0, 0x3504, 0xa, 0x2}]}]}, 0xa0}}, 0x0)

21.179165863s ago: executing program 6 (id=1674):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000400)={{0x2, 0x0, @local}, {0x0, @broadcast}, 0x6, {0x2, 0x4e20, @multicast2}, 'ip6tnl0\x00'})

21.178488989s ago: executing program 5 (id=1675):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001f11000000040000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

20.003924891s ago: executing program 5 (id=1680):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="240000003d0009002abd700000000000030000000404000004000180080009"], 0x24}}, 0x8004)

19.593494988s ago: executing program 6 (id=1683):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000500)='./file0\x00', 0x200000, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x1, 0x495, &(0x7f0000000a40)="$eJzs29trHGUYx/HfM8luNttqt22aVil0VVCpWHPo0XjRQwwVekjTRqSoEJtNXJoT2VTaIlq88dYbb0REQUGqaEHEG6+0d/4BCoKgF16I4F54AEGQmX1nZ7LZtkn3kGz7/UC7k3eemXkP+8777s67AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0uGnD/X02mrnAgAANNOJ0yM9fYz/AADcVc7w+R8AAOBuYvL0g0yDI0U7HvxdkjqWn7lwcXRwqPphnRYc2RbE+/9SvX39u/fs3bc/fL358fV2n06ePnMoe2R2em4+VyjkxrOjM/lzs+O5ZZ+h1uMr7QwqIDt9/sL4xEQh27erf9Hui5lfO9Z1Zwb2dR/0wtjRwaGh07GY9sRtX32JG83wk/K0TabfH/7MTkjyVHtd3OK902idQSF2BoUYHRwKCjKVH5tZ8HcOhxXhubI6ybCOmtAWNemS/HxZsj6f2RLydFCm7l+KdlJSW1gPjwVfDN/4wPa6XP62+fl8QdKDaoE2W8M65OknmaY3pDS8+s2KJmuXp4sy/TlQtFPB/cDvT/5t89iz2WdmJmZjscPmelSrjw/NtMbvTSl5OhHc8Ys2stqZQdP5k6W3ZdryySvBvELBvHTDwL4nT/XHZxhbb3EeP3aXmz8uZ0xOuNhhGzbz6l8uAAAAAAAAAFKHefpepuLX2SgxY/Jij4xTKj0Yyq5OFgE0inl6R6ZTI8Xga/j4upS22PqeslZ/9tfY/HemjszOXZrPT768UHV/OnXopcLC/Ni56rvV6d9n2+Ipt1rHUqOEeUrK9PxfH1v5uqX7v1sKEOXmo6eiNTOpyusH75t7S+uZwmdIB85ujW9XzfIKno/61zTztCDT4U3b3FqVtJbUmUpxX8j0x/vbXZyX9DMfnjZTOuNEfirX48d+I9MH/4WxwbIorXOxm6PYXj/WZHrr+OLY9S62K4rt82OHZLr+YvXYLVFsvx/7hkxzv2XD2LQfu8PFdkexu87NTo1Xq0pgpfz+/7NM73VlLewb7aX339L+/2o0FlypPNEN+nyt/T8TS7vi+vVZv///vS3oy0H/96r3/zdl+vTL7S6u1PeSbv/G4P+o/z8n0+R3i2PTLnZTFNu77IptEX77b5fp6JZr5bpx7e9aIGq1ePvfX/nuaFD7b4ylZdx1O+pTdEgqXLp8fmxqKjfPRq0brkavrJX8rJGNHWsjG2yscGOVb0xoCn/8/9yfRX31Y3m+48Z/9zElmln981o0/g9UnqhB4/+mWNqAm40k2qXUwvRcYquUKly6/Hh+emwyN5mb2d2zt2fP7gO9B/YnkuHkLtqqua7uRH77fyvTv+uulj/vLp7/VZ//pytP1KD23xxLSy+ar9RcdLj2vyrTA9evlb+XuNn8P/z+59GHSq/l/tmg9u+KpWXcde+pT9EBAAAAAAAAAAAAAAAAoKUlzNOHMh19ot3C35otZ/3fkh+gNWj9V3csbbxJv1eouVIBoAV48vSuTI+oaK/7Ceul4/FX3NH+DwAA///WsSBT")
mount(&(0x7f0000000240)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='ocfs2\x00', 0x0, 0x0)

19.354803216s ago: executing program 5 (id=1684):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(r0, 0x1, 0x7, 0x0, &(0x7f0000001240))

18.78780635s ago: executing program 5 (id=1686):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c00024000000000000078260c0002400005"], 0x140}}, 0x0)

18.125045295s ago: executing program 5 (id=1689):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x200c840, &(0x7f0000000240)={[{@discard}, {@noload}]}, 0x64, 0x537, &(0x7f0000000f80)="$eJzs3c9vI1cdAPDvOHZIdrN1Chygh1JoUXYFaycNbSMObREITpWAcl9C4kRRnDhKnHYTVTQRfwAXBEic4MIFif8AVeLCsUIqgjOIIhCCLRw4wA4ae5zNZu04G5w4JJ+PNDvvza/ve/bOjzfzMg7gynomIl6NiPtpmt6KiHI+vZAPsdcesuU+uPfWQjYkkaav/y2JJJ/W2VaSj6/nq41FxNe/EvGt5NG4Wzu7q/P1em0zz1ebaxvVrZ3d2ytr88u15dr67OzMi3Mvzb0wNz2Qet6IiJe/9Kfvf/enX375F5998w93/nLz21mxvpjPP1yPx1Q8bma76qXWZ3F4hc2IV04Z78IptmqYGz/ZOvtnWB4AAHrLrvE/HBGfiohbUY6R4y9nAQAAgP9D6SsT8e8kIu1utNvEsei5PAAAAHABFSJiIpJCJe8LMBGFQqXS7sP70biWvh3R/MxSY3t9MZsXMRmlwtJKvTad9xWejFKS5Wda6Qf559v5/fcjWvnZiHgyIr5XHm/lKwuN+uKwb34AAADAFXH9SPv/n+V2+x8AAAC4ZCaHXQAAAADgzGn/AwAAwOWn/Q8AAACX2ldfey0b0s7vXy++sbO92njj9mJta7Wytr1QWWhsblSWG43l1jv71vptr95obHwu1rfvVpu1rWZ1a2f3zlpje715Z+Whn8AGAAAAztGTn3jnd0lE7H1+vDVkRnssO3KuJQPOWvEgleTjLnv/759oj98/p0IB56LfOf035XMqCHDuisMuADA0pcdZ2N8JwKWU9Jnfs/POu/n4k4MtDwAAMHhTH+/9/L9w7Jp7x88GLjw7MVxdnef/TxzJA5df6/l/rw6/R7lYgEul5IwPV17f5/+9OgC8e9IIafp4JQIAAAZtojUkhUp+e28iCoVKJeJGq7t/KVlaqdem8+cDvy2XPpTlZ1prJn3bDAAAAAAAAAAAAAAAAAAAAAAAAABAW5omkQIAAACXWkThz8kv2+/ynyo/N3H0/sBo8q9y5D8R+uaPXv/B3flmc3Mmm/73g+nNH+bTnx/GHQwAAADgqE47vdOOBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBB+uDeWwudoTMtLZ993L9+ISImu8UvxlhrPBaliLj2jySKh9ZLImJkAPH39iPiY93iJ1mxDkJ2iz9+9vFjMv8UusW/PoD4cJW9kx1/Xs32v9GIOLz/FeKZ1rj7/leMeCh/Wq3jX3aA63L87Rz/Rnrs/zeObGuyR4yn3vt5tWf8/Yinit2PP534SY/4z56wjt/8xu5ur3npjyOmup5/kodiVZtrG9Wtnd3bK2vzy7Xl2vrs7MyLcy/NvTA3XV1aqdfyfx/ZfqlP2bL6X+sRf7JP/Z87Yf3/897dex/pUZws/s1nu8T/1U/yJR6NX8jPfZ/O09n8qU56r50+7Omf/frp4+q/2KP+/b7/myes/62vfeePEXH/0FcKAAzR1s7u6ny9Xts8NpFdtvRb5qImslb6BSiGxOkSJ/0veqrE2wPdYJqmafxve0oSQ//AO4lhH5kAAIBBe3DRP+ySAAAAAAAAAAAAAAAAAAAAwNV1Hq8TOxpz7yCVDOIV2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/HfAAAA///xwNLS")
unlink(&(0x7f00000000c0)='./file1\x00')

16.528898677s ago: executing program 5 (id=1697):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x271d, 0x0, &(0x7f0000000040))

9.221133741s ago: executing program 36 (id=1659):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@dev}}, [@migrate={0x50, 0x11, [{@in6=@mcast1, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in=@loopback, 0x32, 0x1, 0x0, 0x3504, 0xa, 0x2}]}]}, 0xa0}}, 0x0)

4.932255386s ago: executing program 9 (id=1754):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
preadv(r0, &(0x7f00000003c0)=[{0x0}, {&(0x7f0000000300)=""/138, 0x8a}], 0x2, 0x100, 0x0)

4.383588626s ago: executing program 37 (id=1683):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000500)='./file0\x00', 0x200000, &(0x7f0000000000)=ANY=[@ANYRES16=0x0], 0x1, 0x495, &(0x7f0000000a40)="$eJzs29trHGUYx/HfM8luNttqt22aVil0VVCpWHPo0XjRQwwVekjTRqSoEJtNXJoT2VTaIlq88dYbb0REQUGqaEHEG6+0d/4BCoKgF16I4F54AEGQmX1nZ7LZtkn3kGz7/UC7k3eemXkP+8777s67AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0uGnD/X02mrnAgAANNOJ0yM9fYz/AADcVc7w+R8AAOBuYvL0g0yDI0U7HvxdkjqWn7lwcXRwqPphnRYc2RbE+/9SvX39u/fs3bc/fL358fV2n06ePnMoe2R2em4+VyjkxrOjM/lzs+O5ZZ+h1uMr7QwqIDt9/sL4xEQh27erf9Hui5lfO9Z1Zwb2dR/0wtjRwaGh07GY9sRtX32JG83wk/K0TabfH/7MTkjyVHtd3OK902idQSF2BoUYHRwKCjKVH5tZ8HcOhxXhubI6ybCOmtAWNemS/HxZsj6f2RLydFCm7l+KdlJSW1gPjwVfDN/4wPa6XP62+fl8QdKDaoE2W8M65OknmaY3pDS8+s2KJmuXp4sy/TlQtFPB/cDvT/5t89iz2WdmJmZjscPmelSrjw/NtMbvTSl5OhHc8Ys2stqZQdP5k6W3ZdryySvBvELBvHTDwL4nT/XHZxhbb3EeP3aXmz8uZ0xOuNhhGzbz6l8uAAAAAAAAAFKHefpepuLX2SgxY/Jij4xTKj0Yyq5OFgE0inl6R6ZTI8Xga/j4upS22PqeslZ/9tfY/HemjszOXZrPT768UHV/OnXopcLC/Ni56rvV6d9n2+Ipt1rHUqOEeUrK9PxfH1v5uqX7v1sKEOXmo6eiNTOpyusH75t7S+uZwmdIB85ujW9XzfIKno/61zTztCDT4U3b3FqVtJbUmUpxX8j0x/vbXZyX9DMfnjZTOuNEfirX48d+I9MH/4WxwbIorXOxm6PYXj/WZHrr+OLY9S62K4rt82OHZLr+YvXYLVFsvx/7hkxzv2XD2LQfu8PFdkexu87NTo1Xq0pgpfz+/7NM73VlLewb7aX339L+/2o0FlypPNEN+nyt/T8TS7vi+vVZv///vS3oy0H/96r3/zdl+vTL7S6u1PeSbv/G4P+o/z8n0+R3i2PTLnZTFNu77IptEX77b5fp6JZr5bpx7e9aIGq1ePvfX/nuaFD7b4ylZdx1O+pTdEgqXLp8fmxqKjfPRq0brkavrJX8rJGNHWsjG2yscGOVb0xoCn/8/9yfRX31Y3m+48Z/9zElmln981o0/g9UnqhB4/+mWNqAm40k2qXUwvRcYquUKly6/Hh+emwyN5mb2d2zt2fP7gO9B/YnkuHkLtqqua7uRH77fyvTv+uulj/vLp7/VZ//pytP1KD23xxLSy+ar9RcdLj2vyrTA9evlb+XuNn8P/z+59GHSq/l/tmg9u+KpWXcde+pT9EBAAAAAAAAAAAAAAAAoKUlzNOHMh19ot3C35otZ/3fkh+gNWj9V3csbbxJv1eouVIBoAV48vSuTI+oaK/7Ceul4/FX3NH+DwAA///WsSBT")
mount(&(0x7f0000000240)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='ocfs2\x00', 0x0, 0x0)

4.352499279s ago: executing program 9 (id=1756):
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000001c0))

3.802749598s ago: executing program 9 (id=1758):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000200))

3.522088026s ago: executing program 8 (id=1759):
r0 = fsopen(&(0x7f0000000400)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

3.2553306s ago: executing program 0 (id=1760):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='attr/keycreate\x00')
write$binfmt_elf32(r0, 0x0, 0x0)

3.243966457s ago: executing program 9 (id=1761):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x200000000000b, 0x0, 0x0)

3.005037024s ago: executing program 8 (id=1762):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000080)={0x0, 0x0, 0x102, 0x6, {0x4ee1, 0x1, 0x5, 0xc15}})

2.596050697s ago: executing program 9 (id=1763):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
rmdir(&(0x7f0000000180)='./file0/../file0\x00')

2.368356775s ago: executing program 8 (id=1764):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0xfffffff0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000760009eeffffffffffffff0400000000", @ANYRES32=0x0, @ANYBLOB="04000d80080005"], 0x24}, 0x1, 0x5502000000000000}, 0x0)

2.232884674s ago: executing program 0 (id=1765):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0xd, @pix={0x9, 0x7, 0x49323159, 0xb, 0x5a, 0x1, 0x179ee65b607ea572, 0x3ff, 0x1, 0x6, 0x1, 0x1}})

1.559189121s ago: executing program 0 (id=1766):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x200}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.531789835s ago: executing program 8 (id=1767):
r0 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000001100), &(0x7f0000001240)=0x4)

1.286914993s ago: executing program 38 (id=1697):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x271d, 0x0, &(0x7f0000000040))

1.233669619s ago: executing program 9 (id=1769):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc0585609, &(0x7f0000000140)={0x0, 0x0, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "08a48acf"}})

1.072416907s ago: executing program 8 (id=1770):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8}, @IFLA_GRE_IFLAGS={0x6}]}}}, @IFLA_MASTER={0x8}]}, 0x4c}, 0x1, 0xba01}, 0x0)

989.832209ms ago: executing program 0 (id=1771):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000080)={0x2, 0x2, 0x6, 0x4, '\x00', 0x5})

518.769077ms ago: executing program 0 (id=1772):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x12, 0x4)

407.046188ms ago: executing program 8 (id=1773):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000b80)=ANY=[@ANYBLOB="54020000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000a55b0ca9cce75f5c91c906cf8542b42be0001"], 0x254}}, 0x0)

0s ago: executing program 0 (id=1774):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d413600000000000002900000043000000", 0x6033)

kernel console output (not intermixed with test programs):

invalid variable length fields: delete?, fixing
[  112.358156][ T6976] bcachefs (loop5): accounting_read... done
[  112.390432][ T6976] bcachefs (loop5): alloc_read... done
[  112.416551][ T6976] bcachefs (loop5): stripes_read... done
[  112.448625][ T6976] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean
[  112.504914][ T6976] bcachefs (loop5): done starting filesystem
[  112.641651][ T7026] netlink: 108 bytes leftover after parsing attributes in process `syz.0.479'.
[  112.672263][ T7026] netlink: 236 bytes leftover after parsing attributes in process `syz.0.479'.
[  112.862655][ T5833] bcachefs (loop5): shutting down
[  112.918534][ T6998] loop3: detected capacity change from 0 to 32768
[  112.999408][ T5833] bcachefs (loop5): shutdown complete
[  113.016017][ T7035] loop1: detected capacity change from 0 to 16
[  113.062879][ T7035] erofs (device loop1): mounted with root inode @ nid 36.
[  113.065487][ T6998] JBD2: Ignoring recovery information on journal
[  113.199771][ T6998] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  113.254201][ T7043] loop4: detected capacity change from 0 to 64
[  113.446815][ T5834] ocfs2: Unmounting device (7,3) on (node local)
[  113.784749][ T7042] loop0: detected capacity change from 0 to 32768
[  114.668775][ T7094] loop3: detected capacity change from 0 to 256
[  114.817571][ T7094] FAT-fs (loop3): Directory bread(block 64) failed
[  114.831889][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  114.848218][ T7094] FAT-fs (loop3): Directory bread(block 65) failed
[  114.868138][ T7094] FAT-fs (loop3): Directory bread(block 66) failed
[  114.932796][ T7094] FAT-fs (loop3): Directory bread(block 67) failed
[  114.952442][ T7094] FAT-fs (loop3): Directory bread(block 68) failed
[  114.998908][ T7094] FAT-fs (loop3): Directory bread(block 69) failed
[  115.014208][ T7094] FAT-fs (loop3): Directory bread(block 70) failed
[  115.023502][ T7094] FAT-fs (loop3): Directory bread(block 71) failed
[  115.031374][ T7094] FAT-fs (loop3): Directory bread(block 72) failed
[  115.041440][ T7094] FAT-fs (loop3): Directory bread(block 73) failed
[  115.083160][    T8] usb 5-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=74.01
[  115.101432][ T7104] loop1: detected capacity change from 0 to 4096
[  115.101848][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.142076][ T7104] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  115.180443][    T8] usb 5-1: config 0 descriptor??
[  115.422515][    T8] usb 5-1: string descriptor 0 read error: -71
[  115.431003][    T8] ttusbir 5-1:0.0: cannot find expected altsetting
[  115.458403][    T8] usb 5-1: USB disconnect, device number 2
[  115.509948][ T7042] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  115.531578][ T7042] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  115.539836][ T7042] bcachefs (loop0): Version upgrade required:
[  115.539836][ T7042] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  115.539836][ T7042] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  115.539836][ T7042]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  115.649144][ T7042] bcachefs (loop0): dropping and reconstructing all alloc info
[  115.908090][ T7042] bcachefs (loop0): check_topology... done
[  115.932047][ T7042] bcachefs (loop0): accounting_read... done
[  115.976716][ T7042] bcachefs (loop0): alloc_read... done
[  115.988474][ T7042] bcachefs (loop0): stripes_read... done
[  116.026264][ T7042] bcachefs (loop0): snapshots_read... done
[  116.063953][ T7104] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  116.081600][ T7042] bcachefs (loop0): check_allocations...
[  116.111933][ T5932] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  116.291996][ T5932] usb 4-1: Using ep0 maxpacket: 8
[  116.308665][ T5932] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  116.333077][ T5932] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.341148][ T5932] usb 4-1: Product: syz
[  116.345596][ T5932] usb 4-1: Manufacturer: syz
[  116.350309][ T5932] usb 4-1: SerialNumber: syz
[  116.363685][ T5932] usb 4-1: config 0 descriptor??
[  116.435113][ T5932] usb 4-1: selecting invalid altsetting 3
[  116.441259][ T5932] comedi comedi0: could not set alternate setting 3 in high speed
[  116.449223][ T5932] usbdux 4-1:0.0: driver 'usbdux' failed to auto-configure device.
[  116.462407][ T5932] usbdux 4-1:0.0: probe with driver usbdux failed with error -22
[  116.612238][ T7042]  done
[  116.695268][ T7133] loop1: detected capacity change from 0 to 1024
[  116.731635][ T7133] syz.1.521: attempt to access beyond end of device
[  116.731635][ T7133] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  116.818618][ T7042] bcachefs (loop0): going read-write
[  116.844512][    T8] usb 4-1: USB disconnect, device number 4
[  116.869912][ T7042] bcachefs (loop0): bch2_copygc_start(): error creating copygc thread EINTR
[  116.892086][ T7042] bcachefs (loop0): error starting copygc thread
[  116.898467][ T7042] bcachefs (loop0): bch2_fs_start(): error starting filesystem EINTR
[  116.920456][ T7042] bcachefs (loop0): shutting down
[  116.969356][ T7138] loop2: detected capacity change from 0 to 1024
[  117.013003][ T7042] bcachefs (loop0): going read-only
[  117.019068][ T7042] bcachefs (loop0): finished waiting for writes to stop
[  117.043234][ T7138] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=804ec119, mo2=0002]
[  117.054148][ T7042] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[  117.065971][ T7042] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[  117.098222][ T7042] bcachefs (loop0): unshutdown complete, journal seq 11
[  117.106636][ T7042] bcachefs (loop0): done going read-only, filesystem not clean
[  117.180430][ T7138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.186771][ T7042] bcachefs (loop0): shutdown complete
[  117.498315][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.855098][ T7172] netlink: 16 bytes leftover after parsing attributes in process `syz.3.538'.
[  117.880901][ T7174] loop2: detected capacity change from 0 to 1024
[  118.144496][ T7179] SET target dimension over the limit!
[  118.170411][   T35] hfsplus: b-tree write err: -5, ino 4
[  118.582326][ T7188] bond1: entered promiscuous mode
[  118.630719][ T7203] netlink: 'syz.3.545': attribute type 2 has an invalid length.
[  118.864251][ T7214] random: crng reseeded on system resumption
[  119.494254][ T7224] loop4: detected capacity change from 0 to 32768
[  119.727973][ T7235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.558'.
[  119.833813][ T7224] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  119.946432][ T7243] loop1: detected capacity change from 0 to 4096
[  120.010964][ T7243] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  120.052271][ T5843] ocfs2: Unmounting device (7,4) on (node local)
[  120.172210][ T7243] ntfs3(loop1): failed to convert "c46c" to iso8859-14
[  120.422140][ T7254] loop2: detected capacity change from 0 to 2048
[  120.524754][ T7254] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  121.324171][ T7042] bcachefs: bch2_fs_get_tree() error: EINTR
[  121.389582][ T7231] loop5: detected capacity change from 0 to 32768
[  121.545461][ T7231] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  121.571870][ T7231] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  121.836441][ T7231] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  121.944255][    T8] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  121.961074][    T8] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  122.082645][ T7310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.580'.
[  122.254932][    T8] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 293ms
[  122.322853][    T8] gfs2: fsid=syz:syz.0: jid=0: Done
[  122.360012][ T7231] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  122.691123][ T7290] loop3: detected capacity change from 0 to 32768
[  122.768556][ T7318] loop2: detected capacity change from 0 to 4096
[  122.850169][ T7318] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  123.013879][ T7311] loop4: detected capacity change from 0 to 32768
[  123.072796][ T7311] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.581 (7311)
[  123.100837][ T5926] XFS (loop3): Metadata CRC error detected at xfs_sb_read_verify+0x305/0x440, xfs_sb block 0x0 
[  123.113845][ T7318] ntfs3(loop2): It is recommened to use chkdsk.
[  123.130230][ T7311] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  123.201932][ T7311] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  123.212593][   T29] audit: type=1326 audit(1733890314.098:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8813b7ff19 code=0x7ffc0000
[  123.242223][ T5926] XFS (loop3): Unmount and run xfs_repair
[  123.247298][ T7347] loop5: detected capacity change from 0 to 512
[  123.256798][ T7311] BTRFS info (device loop4): using free-space-tree
[  123.263672][ T5926] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  123.271084][ T5926] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00  XFSB.......... .
[  123.280419][ T5926] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  123.289658][ T5926] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  123.298807][ T5926] 00000030: 00 00 00 00 00 00 00 05 00 00 00 00 00 00 24 40  ..............$@
[  123.308142][ T5926] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42  ......$A......$B
[  123.317260][ T5926] 00000050: 00 00 00 02 00 00 20 00 00 00 00 01 00 00 00 00  ...... .........
[  123.326453][ T5926] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00  ................
[  123.335667][ T5926] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32  ...............2
[  123.366934][ T7290] XFS (loop3): SB validate failed with error -74.
[  123.373572][   T29] audit: type=1326 audit(1733890314.158:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8813b7ff19 code=0x7ffc0000
[  123.395990][   T29] audit: type=1326 audit(1733890314.188:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f8813b7ff19 code=0x7ffc0000
[  123.418188][   T29] audit: type=1326 audit(1733890314.188:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8813b7ff19 code=0x7ffc0000
[  123.440898][   T29] audit: type=1326 audit(1733890314.188:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7344 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8813b7ff19 code=0x7ffc0000
[  123.533478][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  123.636527][ T7359] netlink: 28 bytes leftover after parsing attributes in process `syz.1.592'.
[  123.646075][ T7359] netlink: 28 bytes leftover after parsing attributes in process `syz.1.592'.
[  123.720586][ T7362] loop1: detected capacity change from 0 to 24
[  123.753534][ T7347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.822699][ T7362] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  123.860030][ T7347] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  123.941956][ T7362] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  124.260373][ T5843] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  124.273219][    T8] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  124.285780][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  124.286462][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.297261][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  124.467622][ T7387] xt_hashlimit: max too large, truncated to 1048576
[  124.579354][ T7392] netlink: 44 bytes leftover after parsing attributes in process `syz.3.602'.
[  124.594174][ T7366] loop2: detected capacity change from 0 to 32768
[  124.670874][    T8] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  124.691894][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.700974][    T8] usb 1-1: Product: syz
[  124.707995][    T8] usb 1-1: Manufacturer: syz
[  124.717562][    T8] usb 1-1: SerialNumber: syz
[  124.757776][ T7395] loop3: detected capacity change from 0 to 1024
[  124.781660][    T8] usb 1-1: config 0 descriptor??
[  124.825717][ T7329] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  124.862181][    T8] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  124.963959][ T2941] hfsplus: b-tree write err: -5, ino 4
[  125.047400][ T7329] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  125.357743][ T5926] usb 1-1: USB disconnect, device number 3
[  125.470975][ T7414] loop3: detected capacity change from 0 to 512
[  125.554521][ T7414] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  125.564549][ T7412] Illegal XDP return value 4294967274 on prog  (id 26) dev N/A, expect packet loss!
[  125.675113][ T7414] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.609: corrupted in-inode xattr: e_value out of bounds
[  125.726617][ T7414] EXT4-fs (loop3): Remounting filesystem read-only
[  125.760461][ T7414] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.201713][ T7444] loop0: detected capacity change from 0 to 2048
[  126.217624][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.221556][ T7444] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  126.381457][ T7444] syz.0.619: attempt to access beyond end of device
[  126.381457][ T7444] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  126.396495][ T7453] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  126.965802][ T7476] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  127.072495][ T7480] loop1: detected capacity change from 0 to 1024
[  127.215919][ T7485] netlink: 'syz.4.634': attribute type 21 has an invalid length.
[  127.495611][ T7498] loop4: detected capacity change from 0 to 256
[  127.700276][ T7505] loop2: detected capacity change from 0 to 1764
[  127.786467][ T7505] iso9660: Corrupted directory entry in block 2 of inode 1920
[  128.460659][ T7530] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  129.044238][ T7552] loop3: detected capacity change from 0 to 256
[  129.067545][ T7552] exfat: Deprecated parameter 'utf8'
[  129.081954][ T5889] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  129.098907][ T7552] exfat: Deprecated parameter 'utf8'
[  129.103609][ T7510] loop0: detected capacity change from 0 to 32768
[  129.127921][ T7552] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  129.128451][ T7510] XFS (loop0): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  129.162469][    T8] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  129.323338][ T7510] XFS (loop0): Ending clean mount
[  129.335018][    T8] usb 2-1: unable to get BOS descriptor or descriptor too short
[  129.342036][ T5889] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  129.343540][    T8] usb 2-1: not running at top speed; connect to a high speed hub
[  129.352045][ T5889] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.373841][ T7569] netlink: 'syz.3.669': attribute type 1 has an invalid length.
[  129.390647][ T5889] usb 5-1: config 0 descriptor??
[  129.397329][    T8] usb 2-1: config 3 has an invalid interface number: 106 but max is 0
[  129.414368][ T7569] netlink: 224 bytes leftover after parsing attributes in process `syz.3.669'.
[  129.429224][ T7570] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  129.431851][    T8] usb 2-1: config 3 has no interface number 0
[  129.449443][ T7570] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  129.479716][    T8] usb 2-1: config 3 interface 106 altsetting 10 endpoint 0xD has invalid maxpacket 512, setting to 64
[  129.516903][    T8] usb 2-1: config 3 interface 106 altsetting 10 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  129.549188][    T8] usb 2-1: config 3 interface 106 has no altsetting 0
[  129.561118][    T8] usb 2-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a
[  129.575838][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.592120][ T5824] XFS (loop0): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  129.612474][    T8] usb 2-1: Product: syz
[  129.616831][    T8] usb 2-1: Manufacturer: syz
[  129.621479][    T8] usb 2-1: SerialNumber: syz
[  129.631347][ T7549] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  129.639172][ T7549] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  129.857972][    T8] kobil_sct 2-1:3.106: KOBIL USB smart card terminal converter detected
[  129.868498][    T8] usb 2-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  129.888045][    T8] usb 2-1: USB disconnect, device number 6
[  129.900965][    T8] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  129.911388][    T8] kobil_sct 2-1:3.106: device disconnected
[  129.917699][ T5889] usb 5-1: Cannot set MAC address
[  129.922970][ T5889] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  130.000587][ T5889] usb 5-1: USB disconnect, device number 3
[  130.054352][ T7584] loop3: detected capacity change from 0 to 256
[  130.186102][ T7587] ieee802154 phy0 wpan0: encryption failed: -90
[  130.326798][   T29] audit: type=1800 audit(1733890321.178:33): pid=7584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.675" name="file1" dev="loop3" ino=1048611 res=0 errno=0
[  130.526448][ T7595] loop3: detected capacity change from 0 to 1024
[  130.587038][ T7595] EXT4-fs: Ignoring removed orlov option
[  130.622717][ T7599] netlink: 24 bytes leftover after parsing attributes in process `syz.0.682'.
[  130.635776][ T7595] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.702821][ T7595] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  130.734500][ T7595] System zones: 0-1, 3-36
[  130.767541][ T7595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.791742][ T7606] dvmrp0: entered allmulticast mode
[  130.990857][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.356814][ T7619] loop1: detected capacity change from 0 to 32768
[  131.931905][ T5932] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  132.029995][ T7652] loop2: detected capacity change from 0 to 256
[  132.067836][ T7652] exfat: Deprecated parameter 'namecase'
[  132.101989][ T7652] exfat: Deprecated parameter 'namecase'
[  132.118274][ T5932] usb 4-1: Using ep0 maxpacket: 32
[  132.149955][ T5932] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  132.153089][ T7656] netlink: 'syz.4.710': attribute type 10 has an invalid length.
[  132.182322][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.205778][ T7656] netlink: 55 bytes leftover after parsing attributes in process `syz.4.710'.
[  132.228048][ T7652] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  132.246024][ T5932] usb 4-1: config 0 descriptor??
[  132.274716][ T7660] netlink: 8 bytes leftover after parsing attributes in process `syz.1.711'.
[  132.372909][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  132.379342][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  132.502096][ T5932] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  132.548593][ T5932] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  132.640740][ T7671] capability: warning: `syz.4.718' uses deprecated v2 capabilities in a way that may be insecure
[  132.680295][ T5932] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  132.694817][ T5932] usb 4-1: media controller created
[  132.717086][ T5932] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  132.742417][ T7672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'.
[  132.824244][ T5932] az6027: usb out operation failed. (-71)
[  132.853829][ T5932] az6027: usb out operation failed. (-71)
[  132.860874][ T5932] stb0899_attach: Driver disabled by Kconfig
[  132.876623][ T5932] az6027: no front-end attached
[  132.876623][ T5932] 
[  132.890330][ T5932] az6027: usb out operation failed. (-71)
[  132.991609][ T7659] loop5: detected capacity change from 0 to 32768
[  133.001129][ T7659] (syz.5.712,7659,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  133.017727][ T7659] (syz.5.712,7659,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  133.026312][ T5932] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  133.106221][ T5932] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input10
[  133.131481][ T5932] dvb-usb: schedule remote query interval to 400 msecs.
[  133.139078][ T5932] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  133.155621][ T5932] usb 4-1: USB disconnect, device number 5
[  133.157195][ T7659] JBD2: Ignoring recovery information on journal
[  133.265883][ T7682] 8021q: adding VLAN 0 to HW filter on device bond1
[  133.286232][ T7688] netlink: 80 bytes leftover after parsing attributes in process `syz.4.725'.
[  133.395260][ T7659] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  133.439311][ T5932] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  133.604318][ T7698] netlink: 'syz.1.730': attribute type 1 has an invalid length.
[  133.913263][ T7686] loop0: detected capacity change from 0 to 32768
[  134.064895][ T7686] JBD2: Ignoring recovery information on journal
[  134.139077][ T7712] loop3: detected capacity change from 0 to 8
[  134.198228][ T7712] SQUASHFS error: zlib decompression failed, data probably corrupt
[  134.209990][ T5833] ocfs2: Unmounting device (7,5) on (node local)
[  134.224467][ T7686] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  134.336968][ T7724] libceph: resolve '0' (ret=-3): failed
[  134.367764][ T7726] netlink: 8 bytes leftover after parsing attributes in process `syz.4.737'.
[  134.458257][ T7712] SQUASHFS error: Failed to read block 0x4e8: -5
[  134.474550][   T29] audit: type=1800 audit(1733890325.348:34): pid=7712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.736" name="file1" dev="loop3" ino=5 res=0 errno=0
[  135.048602][ T7754] loop4: detected capacity change from 0 to 1024
[  135.186731][ T5824] ocfs2: Unmounting device (7,0) on (node local)
[  135.380781][ T7768] loop2: detected capacity change from 0 to 64
[  135.658466][ T7766] loop5: detected capacity change from 0 to 32768
[  135.669695][ T7766] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.755 (7766)
[  135.689712][ T7754] MTD: Couldn't look up './file0': -15
[  135.696091][ T7768] Trying to free block not in datazone
[  135.705472][ T7768] Trying to free block not in datazone
[  135.710953][ T7768] Trying to free block not in datazone
[  135.725270][ T7766] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  135.737766][ T7766] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  135.753399][ T7768] Trying to free block not in datazone
[  135.758890][ T7768] minix_free_block (loop2:6): bit already cleared
[  135.783099][ T7779] netlink: 448 bytes leftover after parsing attributes in process `syz.0.759'.
[  135.785577][ T7766] BTRFS info (device loop5): using free-space-tree
[  135.801973][ T7768] Trying to free block not in datazone
[  135.810203][   T11] hfsplus: b-tree write err: -5, ino 4
[  135.829871][ T7768] Trying to free block not in datazone
[  135.923849][ T5889] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  136.004961][ T7795] loop0: detected capacity change from 0 to 4096
[  136.026479][ T7795] ntfs3(loop0): It is recommened to use chkdsk.
[  136.086008][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00
[  136.122315][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00
[  136.130230][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00
[  136.165967][ T5889] usb 2-1: Using ep0 maxpacket: 16
[  136.175286][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00
[  136.186250][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc1c00
[  136.196182][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc2c00
[  136.204866][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc4c00
[  136.214402][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffc8c00
[  136.222903][ T7795] ntfs3(loop0): try to read out of volume at offset 0x3fffffd0c00
[  136.245075][ T5889] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  136.254122][ T5889] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  136.264573][ T5889] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  136.281037][ T5889] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  136.290379][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.298481][ T5889] usb 2-1: Product: syz
[  136.302824][ T5889] usb 2-1: Manufacturer: syz
[  136.307439][ T5889] usb 2-1: SerialNumber: syz
[  136.441759][ T5833] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  137.029611][ T7816] loop2: detected capacity change from 0 to 32768
[  137.040661][ T7816] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.772 (7816)
[  137.053869][ T5889] usb 2-1: 0:2 : does not exist
[  137.130980][ T7816] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  137.151884][ T7816] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  137.160942][ T7816] BTRFS info (device loop2): using free-space-tree
[  137.198753][ T5889] usb 2-1: USB disconnect, device number 7
[  137.708171][ T6002] udevd[6002]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.772334][ T7854] netlink: 8 bytes leftover after parsing attributes in process `syz.5.778'.
[  137.994533][ T7863] netlink: 92 bytes leftover after parsing attributes in process `syz.3.785'.
[  138.003709][ T7863] netlink: 133 bytes leftover after parsing attributes in process `syz.3.785'.
[  138.012733][ T7863] netlink: 133 bytes leftover after parsing attributes in process `syz.3.785'.
[  138.193892][ T7834] loop4: detected capacity change from 0 to 32768
[  138.422333][ T7871] netlink: 'syz.5.787': attribute type 1 has an invalid length.
[  138.430033][ T7871] netlink: 'syz.5.787': attribute type 2 has an invalid length.
[  138.512146][ T5829] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  139.056831][ T7890] net_ratelimit: 337 callbacks suppressed
[  139.056854][ T7890] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  139.060815][ T7882] loop0: detected capacity change from 0 to 8192
[  139.166549][ T7882] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  139.274495][ T7882] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  139.319607][ T7894] loop1: detected capacity change from 0 to 64
[  139.321621][ T7882] FAT-fs (loop0): Filesystem has been set read-only
[  139.472196][ T7894] syz.1.799: attempt to access beyond end of device
[  139.472196][ T7894] loop1: rw=0, sector=3594, nr_sectors = 2 limit=64
[  139.518449][ T7894] Buffer I/O error on dev loop1, logical block 1797, async page read
[  139.530768][ T5824] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  139.542913][ T7894] syz.1.799: attempt to access beyond end of device
[  139.542913][ T7894] loop1: rw=0, sector=3594, nr_sectors = 2 limit=64
[  139.586209][ T7894] Buffer I/O error on dev loop1, logical block 1797, async page read
[  140.000930][ T7921] loop2: detected capacity change from 0 to 256
[  140.029760][ T7921] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  140.151028][ T7921] syz.2.809: attempt to access beyond end of device
[  140.151028][ T7921] loop2: rw=0, sector=275, nr_sectors = 1 limit=256
[  140.772103][ T7964] netlink: 'syz.1.823': attribute type 1 has an invalid length.
[  141.019305][ T7978] loop4: detected capacity change from 0 to 64
[  141.503503][ T7994] ipvlan1: entered allmulticast mode
[  141.508851][ T7994] veth0_vlan: entered allmulticast mode
[  141.596871][ T8005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.843'.
[  142.192310][ T8029] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  142.461920][ T5943] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  142.672277][ T5943] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  142.683945][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.728961][ T5943] usb 5-1: Product: syz
[  142.739623][ T5943] usb 5-1: Manufacturer: syz
[  142.749715][ T5943] usb 5-1: SerialNumber: syz
[  142.755008][ T8046] loop2: detected capacity change from 0 to 4096
[  142.770721][ T5943] usb 5-1: config 0 descriptor??
[  142.826684][ T8046] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  142.872409][ T8052] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.974582][ T8046] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  143.067175][ T5943] mos7840 5-1:0.0: required endpoints missing
[  143.134241][ T8058] loop0: detected capacity change from 0 to 16
[  143.141116][ T8058] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  143.293308][ T5943] usb 5-1: USB disconnect, device number 4
[  143.634651][ T8032] loop3: detected capacity change from 0 to 32768
[  143.685713][ T8070] loop1: detected capacity change from 0 to 4096
[  143.738327][ T8070] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  143.866652][ T8076] netlink: 16 bytes leftover after parsing attributes in process `syz.5.876'.
[  144.092991][ T8080] loop4: detected capacity change from 0 to 512
[  144.227467][ T8080] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.279394][ T8088] netlink: 256 bytes leftover after parsing attributes in process `syz.1.881'.
[  144.467010][ T5843] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  144.559391][ T8084] "syz.5.882" (8084) uses obsolete ecb(arc4) skcipher
[  144.967174][ T8112] loop4: detected capacity change from 0 to 256
[  145.000339][ T8114] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  145.138791][ T8116] loop5: detected capacity change from 0 to 4096
[  145.171132][ T8116] NILFS (loop5): invalid segment: Checksum error in segment payload
[  145.179884][ T8116] NILFS (loop5): trying rollback from an earlier position
[  145.212609][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.242381][ T8116] NILFS (loop5): recovery complete
[  145.252542][ T8119] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.654141][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.812014][   T80] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  145.968389][   T80] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  145.973332][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.001859][   T80] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.014722][   T80] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  146.040388][   T80] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  146.062256][   T80] usb 1-1: Manufacturer: syz
[  146.073629][   T80] usb 1-1: config 0 descriptor??
[  146.163507][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.242300][   T80] rc_core: IR keymap rc-hauppauge not found
[  146.248264][   T80] Registered IR keymap rc-empty
[  146.296240][   T80] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  146.333972][   T80] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input11
[  146.392710][    C1] igorplugusb 1-1:0.0: Error: urb status = -32
[  146.417600][   T80] usb 1-1: USB disconnect, device number 4
[  146.563304][ T8129] loop4: detected capacity change from 0 to 32768
[  146.620418][ T8129] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.902 (8129)
[  146.652228][   T12] bridge_slave_1: left allmulticast mode
[  146.675474][   T12] bridge_slave_1: left promiscuous mode
[  146.681601][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.697762][ T8129] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  146.749147][ T8129] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  146.797601][ T8129] BTRFS info (device loop4): disk space caching is enabled
[  146.826900][ T8129] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  146.892771][   T12] bridge_slave_0: left allmulticast mode
[  146.913050][   T12] bridge_slave_0: left promiscuous mode
[  146.952893][ T8169] IPVS: set_ctl: invalid protocol: 94 10.1.1.1:20002
[  146.957182][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.133007][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  147.222031][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  147.230103][ T5836] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  147.239330][ T5836] Bluetooth: hci4: Injecting HCI hardware error event
[  147.247998][ T5836] Bluetooth: hci4: hardware error 0x00
[  147.261630][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  147.270538][ T5827] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  147.281537][ T5827] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  147.289135][ T5827] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  147.394115][ T8129] BTRFS info (device loop4): rebuilding free space tree
[  147.414445][ T8191] loop0: detected capacity change from 0 to 256
[  147.425801][ T8191] exfat: Deprecated parameter 'utf8'
[  147.621100][ T8191] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5b52992a, utbl_chksum : 0xe619d30d)
[  147.639405][ T8206] loop2: detected capacity change from 0 to 64
[  147.646762][ T8129] BTRFS info (device loop4): disabling free space tree
[  147.665693][ T8129] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  147.751990][ T8129] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  148.127029][ T5843] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  148.310554][ T8220] loop1: detected capacity change from 0 to 64
[  148.730855][ T8230] netlink: 8 bytes leftover after parsing attributes in process `syz.4.936'.
[  149.021887][   T29] audit: type=1400 audit(1733890339.888:35): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=8238 comm="syz.4.940"
[  149.122558][ T8246] netlink: 'syz.2.942': attribute type 2 has an invalid length.
[  149.130281][ T8246] netlink: 12 bytes leftover after parsing attributes in process `syz.2.942'.
[  149.303921][ T5827] Bluetooth: hci3: command tx timeout
[  149.506708][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  149.573748][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  149.600691][ T8260] netlink: 2384 bytes leftover after parsing attributes in process `syz.2.951'.
[  149.623676][ T5836] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  149.650470][   T12] bond0 (unregistering): Released all slaves
[  149.689149][ T8264] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  149.740356][ T8248] bridge1: entered promiscuous mode
[  149.845894][ T8178] lo speed is unknown, defaulting to 1000
[  150.234351][ T8281] loop4: detected capacity change from 0 to 64
[  150.248623][ T8287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.957'.
[  150.405637][ T8281] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  150.644653][ T8178] chnl_net:caif_netlink_parms(): no params data found
[  151.075904][ T8327] loop0: detected capacity change from 0 to 128
[  151.376098][ T8335] netlink: 8 bytes leftover after parsing attributes in process `syz.5.977'.
[  151.386310][ T5836] Bluetooth: hci3: command tx timeout
[  151.402796][ T8335] netlink: 16 bytes leftover after parsing attributes in process `syz.5.977'.
[  151.451979][ T5926] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  151.553531][ T8336] IPv6: NLM_F_CREATE should be specified when creating new route
[  151.576102][ T8336] netlink: 1 bytes leftover after parsing attributes in process `syz.1.976'.
[  151.601458][ T8335] erspan1: entered promiscuous mode
[  151.622564][ T8335] erspan1: entered allmulticast mode
[  151.656753][ T5926] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  151.675085][ T8178] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.690858][ T5926] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.699532][ T8178] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.729857][ T5926] usb 5-1: Product: syz
[  151.734776][ T8178] bridge_slave_0: entered allmulticast mode
[  151.764701][ T5926] usb 5-1: Manufacturer: syz
[  151.769358][ T5926] usb 5-1: SerialNumber: syz
[  151.787540][ T8178] bridge_slave_0: entered promiscuous mode
[  151.809870][ T5926] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  151.831754][ T8178] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.838972][ T8178] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.844190][ T8344] netlink: 'syz.1.981': attribute type 6 has an invalid length.
[  151.885546][    T8] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  151.902282][ T8178] bridge_slave_1: entered allmulticast mode
[  151.905394][ T8344] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.981'.
[  151.911350][ T8178] bridge_slave_1: entered promiscuous mode
[  151.932507][ T8342] loop0: detected capacity change from 0 to 4096
[  151.995253][ T8342] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  152.053795][   T12] hsr_slave_0: left promiscuous mode
[  152.126581][   T12] hsr_slave_1: left promiscuous mode
[  152.175366][ T8342] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  152.182368][ T8350] QAT: Invalid ioctl 21531
[  152.200407][ T8342] ntfs3(loop0): ino=1c, "file0" attr_set_size
[  152.207642][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.214620][ T8342] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  152.242006][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.276659][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.295942][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.340847][ T5824] ntfs3(loop0): ino=1a, ntfs_sync_fs failed, -22.
[  152.519034][   T12] veth1_macvtap: left promiscuous mode
[  152.631493][   T12] veth0_macvtap: left promiscuous mode
[  152.682110][   T12] veth1_vlan: left promiscuous mode
[  152.687503][   T12] veth0_vlan: left promiscuous mode
[  152.822057][ T8363] loop2: detected capacity change from 0 to 256
[  152.920157][ T8361] xt_time: invalid argument - start or stop time greater than 23:59:59
[  153.519595][ T5836] Bluetooth: hci3: command tx timeout
[  153.624667][ T8363] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x59626b74, utbl_chksum : 0xe619d30d)
[  153.762343][ T8363] syz.2.991: attempt to access beyond end of device
[  153.762343][ T8363] loop2: rw=524288, sector=280, nr_sectors = 128 limit=256
[  153.826864][ T8376] netlink: 'syz.1.997': attribute type 30 has an invalid length.
[  153.866640][ T8363] syz.2.991: attempt to access beyond end of device
[  153.866640][ T8363] loop2: rw=524288, sector=408, nr_sectors = 256 limit=256
[  153.995607][ T8363] syz.2.991: attempt to access beyond end of device
[  153.995607][ T8363] loop2: rw=0, sector=280, nr_sectors = 8 limit=256
[  154.161909][   T29] audit: type=1800 audit(1733890345.038:36): pid=8363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.991" name="file1" dev="loop2" ino=1048618 res=0 errno=0
[  154.997410][ T5943] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  155.181953][ T5943] usb 1-1: Using ep0 maxpacket: 32
[  155.236786][ T5943] usb 1-1: config 0 has an invalid interface number: 60 but max is 0
[  155.278397][ T5943] usb 1-1: config 0 has no interface number 0
[  155.334782][ T5943] usb 1-1: config 0 interface 60 altsetting 9 endpoint 0x6 has invalid wMaxPacketSize 0
[  155.421936][ T5943] usb 1-1: config 0 interface 60 altsetting 9 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  155.490981][ T5943] usb 1-1: config 0 interface 60 has no altsetting 0
[  155.534889][ T5943] usb 1-1: New USB device found, idVendor=0499, idProduct=105a, bcdDevice=6d.c9
[  155.550551][ T5836] Bluetooth: hci3: command tx timeout
[  155.613749][ T5943] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.652219][ T8370] loop5: detected capacity change from 0 to 32768
[  155.658890][ T5943] usb 1-1: Product: syz
[  155.677588][ T5943] usb 1-1: Manufacturer: syz
[  155.738027][ T5943] usb 1-1: SerialNumber: syz
[  155.786678][ T5943] usb 1-1: config 0 descriptor??
[  156.069064][ T5943] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  156.171361][ T5943] snd-usb-audio 1-1:0.60: probe with driver snd-usb-audio failed with error -2
[  156.269692][ T5943] usb 1-1: USB disconnect, device number 5
[  156.564381][ T6835] udevd[6835]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.60/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.194170][ T8405] loop1: detected capacity change from 0 to 64
[  157.282507][    C0] sched: DL replenish lagged too much
[  158.390741][ T8398] loop2: detected capacity change from 0 to 32768
[  158.439010][ T8398] XFS: noikeep mount option is deprecated.
[  158.500103][ T8398] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  158.650175][ T8398] XFS (loop2): Ending clean mount
[  158.730762][ T8398] XFS (loop2): Quotacheck needed: Please wait.
[  158.834249][ T8426] syz.1.1018: attempt to access beyond end of device
[  158.834249][ T8426] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  158.887142][ T8398] XFS (loop2): Quotacheck: Done.
[  159.080643][   T12] team0 (unregistering): Port device team_slave_1 removed
[  159.161169][ T5829] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  159.430925][   T12] team0 (unregistering): Port device team_slave_0 removed
[  161.039709][ T8178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  161.072446][ T8412] 
@�: renamed from vlan0 (while UP)
[  161.228888][ T8178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.669145][ T8178] team0: Port device team_slave_0 added
[  161.783000][ T8178] team0: Port device team_slave_1 added
[  162.222909][ T8178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  162.301015][ T8178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.521942][ T8178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  162.633389][ T8178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  162.640480][ T8178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.891963][ T8178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.368326][ T8178] hsr_slave_0: entered promiscuous mode
[  163.483635][ T8178] hsr_slave_1: entered promiscuous mode
[  163.644048][ T8178] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  163.714202][ T8178] Cannot create hsr debugfs directory
[  165.147221][ T8488] loop5: detected capacity change from 0 to 4096
[  165.220424][ T8488] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  165.416269][ T8178] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  165.572068][ T8178] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  165.632392][ T8488] ntfs3(loop5): failed to convert "c46c" to cp850
[  165.685455][ T8178] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  165.866327][ T8178] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  166.077415][ T8504] loop0: detected capacity change from 0 to 164
[  166.736407][ T8178] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.995367][ T8178] 8021q: adding VLAN 0 to HW filter on device team0
[  167.021186][ T8517] loop4: detected capacity change from 0 to 2048
[  167.133544][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.140700][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.243687][ T8517] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  167.269772][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.276970][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.293615][ T8523] netlink: zone id is out of range
[  167.298761][ T8523] netlink: del zone limit has 4 unknown bytes
[  167.597717][ T8178] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  167.782262][ T8178] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  168.296720][ T5843] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.925571][ T8546] loop0: detected capacity change from 0 to 64
[  169.192514][ T8546] hfs: request for non-existent node 16777216 in B*Tree
[  169.199995][ T8546] hfs: request for non-existent node 16777216 in B*Tree
[  169.280926][ T8178] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.364272][ T8546] hfs: request for non-existent node 16777216 in B*Tree
[  169.445387][ T8546] hfs: request for non-existent node 16777216 in B*Tree
[  170.636655][ T8532] loop5: detected capacity change from 0 to 32768
[  170.831480][ T8532] JBD2: Ignoring recovery information on journal
[  171.112696][ T8532] JBD2: journal reset failed
[  171.176761][ T8532] (syz.5.1052,8532,1):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  171.255809][ T8532] (syz.5.1052,8532,1):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[  171.432447][ T8583] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  171.465343][ T8178] veth0_vlan: entered promiscuous mode
[  171.571628][ T8178] veth1_vlan: entered promiscuous mode
[  171.933349][ T8178] veth0_macvtap: entered promiscuous mode
[  172.011602][ T8178] veth1_macvtap: entered promiscuous mode
[  172.170512][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.322370][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.407316][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.477597][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.552401][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.582452][ T8599] netlink: 'syz.2.1072': attribute type 1 has an invalid length.
[  172.615180][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.663366][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.721373][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.802897][ T8178] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.936592][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.020473][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.132054][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.212587][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.293625][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.378329][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.477658][ T8178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.571871][ T8178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.616650][ T8610] loop4: detected capacity change from 0 to 1024
[  173.678413][ T8178] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.872924][ T8178] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.961238][ T8616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1079'.
[  173.992138][ T8178] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.992188][ T8178] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.992228][ T8178] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.062780][ T8616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1079'.
[  174.762579][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.770478][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.128021][ T8628] loop5: detected capacity change from 0 to 512
[  175.142963][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.151711][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.347694][ T8629] loop2: detected capacity change from 0 to 2048
[  175.394551][ T8628] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #15: comm syz.5.1084: casefold flag without casefold feature
[  175.492005][ T8629] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.548020][ T8628] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.1084: couldn't read orphan inode 15 (err -117)
[  175.692205][ T8628] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.741982][ T8629] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376)
[  176.267296][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.351621][ T8644] loop6: detected capacity change from 0 to 2048
[  176.564717][ T8644] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  176.688512][ T8651] loop2: detected capacity change from 0 to 8
[  176.743116][ T5827] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  176.753264][ T5827] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  176.763804][ T5827] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  176.772984][ T5827] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  176.780585][ T5827] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  176.788027][ T5827] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  176.857642][ T8651] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  177.074318][ T8650] lo speed is unknown, defaulting to 1000
[  177.380249][ T8661] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1093'.
[  177.612183][ T8657] loop5: detected capacity change from 0 to 8192
[  177.762569][ T8657] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  178.084557][ T8657] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF
[  178.206809][ T8657] FAT-fs (loop5): Filesystem has been set read-only
[  178.332360][ T8673] tmpfs: Bad value for 'mpol'
[  178.645640][ T8650] chnl_net:caif_netlink_parms(): no params data found
[  178.839144][ T5827] Bluetooth: hci6: command tx timeout
[  179.212009][  T967] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  179.407800][  T967] usb 1-1: config 0 has an invalid interface number: 69 but max is 0
[  179.407837][  T967] usb 1-1: config 0 has no interface number 0
[  179.407876][  T967] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  179.407910][  T967] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  179.430843][  T967] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  179.430886][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.430924][  T967] usb 1-1: Product: syz
[  179.430945][  T967] usb 1-1: Manufacturer: syz
[  179.430966][  T967] usb 1-1: SerialNumber: syz
[  179.434585][  T967] usb 1-1: config 0 descriptor??
[  179.439972][ T8683] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  179.454379][  T967] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  179.500686][  T967] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  179.966059][  T967] usb 1-1: USB disconnect, device number 6
[  179.992350][  T967] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  179.992826][  T967] cyberjack 1-1:0.69: device disconnected
[  180.076727][ T8650] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.076804][ T8650] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.076950][ T8650] bridge_slave_0: entered allmulticast mode
[  180.094178][ T8650] bridge_slave_0: entered promiscuous mode
[  180.117018][ T8650] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.117100][ T8650] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.117320][ T8650] bridge_slave_1: entered allmulticast mode
[  180.132774][ T8650] bridge_slave_1: entered promiscuous mode
[  180.619689][ T8710] veth0_to_batadv: entered promiscuous mode
[  180.619723][ T8710] veth0_to_batadv: entered allmulticast mode
[  180.703990][ T8650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  180.744223][ T8650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.902430][ T5827] Bluetooth: hci6: command tx timeout
[  181.207300][ T8650] team0: Port device team_slave_0 added
[  181.244361][ T8719] loop5: detected capacity change from 0 to 64
[  181.316428][ T8650] team0: Port device team_slave_1 added
[  181.369023][ T8719] syz.5.1114: attempt to access beyond end of device
[  181.369023][ T8719] loop5: rw=0, sector=1024, nr_sectors = 2 limit=64
[  181.369092][ T8719] Buffer I/O error on dev loop5, logical block 512, async page read
[  181.369165][ T8719] syz.5.1114: attempt to access beyond end of device
[  181.369165][ T8719] loop5: rw=0, sector=113152, nr_sectors = 2 limit=64
[  181.369202][ T8719] Buffer I/O error on dev loop5, logical block 56576, async page read
[  182.316006][ T8650] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.316031][ T8650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.316066][ T8650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.318028][ T8650] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.318048][ T8650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.318083][ T8650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.868033][    C1] vkms_vblank_simulate: vblank timer overrun
[  182.989347][ T5827] Bluetooth: hci6: command tx timeout
[  182.995250][ T8650] hsr_slave_0: entered promiscuous mode
[  183.048273][ T8650] hsr_slave_1: entered promiscuous mode
[  183.072246][ T8747] tmpfs: Bad value for 'mpol'
[  183.100259][ T8650] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  183.100358][ T8650] Cannot create hsr debugfs directory
[  183.325653][ T8751] loop5: detected capacity change from 0 to 256
[  183.454834][ T8751] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d)
[  184.902487][ T8650] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  185.015317][ T8650] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  185.062185][ T5827] Bluetooth: hci6: command tx timeout
[  185.103673][ T8650] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  185.266139][ T8650] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  185.714839][ T8786] loop5: detected capacity change from 0 to 512
[  185.831055][ T8786] EXT4-fs: Ignoring removed nobh option
[  185.906431][ T8786] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  186.077826][ T8650] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.096846][ T8786] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  186.181519][ T8650] 8021q: adding VLAN 0 to HW filter on device team0
[  186.290374][ T8786] EXT4-fs (loop5): 1 truncate cleaned up
[  186.291383][ T8786] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.403417][ T2911] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.403534][ T2911] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.405094][ T2911] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.405168][ T2911] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.417568][ T8786] fscrypt (loop5, inode 15): Error -61 getting encryption context
[  186.640975][ T8650] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  186.641010][ T8650] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  186.851952][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.132444][   T29] audit: type=1326 audit(1733890377.978:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11897ff19 code=0x7ffc0000
[  187.132506][   T29] audit: type=1326 audit(1733890377.978:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11897ff19 code=0x7ffc0000
[  187.189267][   T29] audit: type=1326 audit(1733890378.078:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7ff11897ff19 code=0x7ffc0000
[  187.189326][   T29] audit: type=1326 audit(1733890378.078:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11897ff19 code=0x7ffc0000
[  187.189370][   T29] audit: type=1326 audit(1733890378.078:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8807 comm="syz.4.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff11897ff19 code=0x7ffc0000
[  187.481391][ T8813] loop5: detected capacity change from 0 to 1024
[  187.603331][ T8813] hfsplus: bad catalog entry type
[  188.679537][ T8650] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.081057][ T8796] tty tty25: ldisc open failed (-12), clearing slot 24
[  190.378600][ T8854] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1162'.
[  190.919218][ T8650] veth0_vlan: entered promiscuous mode
[  190.970227][ T8860] loop0: detected capacity change from 0 to 4096
[  191.106088][ T8650] veth1_vlan: entered promiscuous mode
[  191.211903][ T8860] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  191.401453][ T8650] veth0_macvtap: entered promiscuous mode
[  191.455158][ T8869] loop6: detected capacity change from 0 to 2048
[  191.639416][ T8873] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  191.718207][ T8650] veth1_macvtap: entered promiscuous mode
[  191.728652][ T8869] NILFS error (device loop6): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  191.860760][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.963637][ T8869] Remounting filesystem read-only
[  192.018222][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.132054][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.260186][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.331916][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.451880][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.532059][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.631891][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.641775][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.733740][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.799138][ T8650] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.924401][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.062480][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.162076][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.294623][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.375121][ T8896] loop6: detected capacity change from 0 to 256
[  193.411861][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.549171][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.643969][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.805647][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.842347][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  193.848822][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  193.889133][ T8650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.981433][ T8650] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.080937][ T8650] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.304800][ T8650] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.453971][ T8650] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.572028][ T8650] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.580800][ T8650] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.663024][ T8916] capability: warning: `syz.2.1183' uses 32-bit capabilities (legacy support in use)
[  195.034023][ T8920] geneve2: entered promiscuous mode
[  195.105377][ T8920] geneve2: entered allmulticast mode
[  195.456926][ T8925] netlink: 516 bytes leftover after parsing attributes in process `syz.6.1186'.
[  195.583872][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.687641][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.952534][ T5831] Bluetooth: hci2: command 0x0406 tx timeout
[  195.958612][ T5831] Bluetooth: hci0: command 0x0406 tx timeout
[  195.965844][ T5139] Bluetooth: hci5: command 0x0406 tx timeout
[  195.972017][ T5848] Bluetooth: hci1: command 0x0406 tx timeout
[  196.061474][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.131984][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.346654][ T8937] loop6: detected capacity change from 0 to 64
[  196.763541][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1191'.
[  196.891120][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1191'.
[  197.322216][ T8949] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  197.682597][ T8953] (syz.2.1195,8953,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  197.795525][ T8953] (syz.2.1195,8953,1):ocfs2_fill_super:1178 ERROR: status = -22
[  198.373628][ T8964] netlink: 'syz.5.1200': attribute type 1 has an invalid length.
[  198.444611][ T8966] xt_l2tp: missing protocol rule (udp|l2tpip)
[  198.461162][ T8964] netlink: 'syz.5.1200': attribute type 2 has an invalid length.
[  198.579477][ T8961] loop7: detected capacity change from 0 to 4096
[  199.180427][ T8973] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1205'.
[  200.820431][ T9001] loop5: detected capacity change from 0 to 256
[  202.735725][ T8991] loop4: detected capacity change from 0 to 32768
[  203.918822][ T9043] loop5: detected capacity change from 0 to 4096
[  204.002584][ T9048] delete_channel: no stack
[  204.100760][ T9043] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  204.992192][ T9064] netlink: zone id is out of range
[  205.133077][ T9066] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  205.384593][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1244'.
[  206.337421][ T9085] loop7: detected capacity change from 0 to 256
[  206.586363][ T9085] FAT-fs (loop7): Directory bread(block 64) failed
[  206.660952][ T9085] FAT-fs (loop7): Directory bread(block 65) failed
[  206.744589][ T9085] FAT-fs (loop7): Directory bread(block 66) failed
[  206.751213][ T9085] FAT-fs (loop7): Directory bread(block 67) failed
[  206.839788][ T9085] FAT-fs (loop7): Directory bread(block 68) failed
[  206.911294][ T9085] FAT-fs (loop7): Directory bread(block 69) failed
[  206.985347][ T9085] FAT-fs (loop7): Directory bread(block 70) failed
[  207.040928][ T9085] FAT-fs (loop7): Directory bread(block 71) failed
[  207.084573][ T9085] FAT-fs (loop7): Directory bread(block 72) failed
[  207.119098][ T9085] FAT-fs (loop7): Directory bread(block 73) failed
[  210.423875][ T9148] loop6: detected capacity change from 0 to 64
[  210.614917][ T9148] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  211.354422][ T9159] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1275'.
[  211.703704][ T9163] 8021q: adding VLAN 0 to HW filter on device bond1
[  212.425769][ T9173] netlink: 'syz.4.1279': attribute type 10 has an invalid length.
[  212.476602][ T9173] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  213.167012][ T9182] loop6: detected capacity change from 0 to 256
[  213.286291][ T9182] exfat: Deprecated parameter 'utf8'
[  213.487207][ T9182] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  213.829671][ T9157] loop7: detected capacity change from 0 to 32768
[  215.782721][ T5839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  215.813510][ T5839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  215.823456][ T5839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  215.844572][ T5839] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  215.855596][ T5839] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  215.882005][ T5839] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  216.070056][ T9217] lo speed is unknown, defaulting to 1000
[  216.562006][  T967] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  216.802702][  T967] usb 7-1: Using ep0 maxpacket: 16
[  216.884607][  T967] usb 7-1: config 4 has an invalid interface number: 51 but max is 0
[  216.982339][  T967] usb 7-1: config 4 has no interface number 0
[  217.061171][  T967] usb 7-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  217.164299][  T967] usb 7-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  217.277278][  T967] usb 7-1: config 4 interface 51 has no altsetting 0
[  217.362769][  T967] usb 7-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  217.450730][  T967] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.529288][  T967] usb 7-1: Product: syz
[  217.573819][ T9217] chnl_net:caif_netlink_parms(): no params data found
[  217.593512][  T967] usb 7-1: Manufacturer: syz
[  217.598179][  T967] usb 7-1: SerialNumber: syz
[  217.765749][ T9223] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  217.838237][ T9223] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  217.944163][ T5839] Bluetooth: hci7: command tx timeout
[  218.228575][  T967] cdc_eem 7-1:4.51: probe with driver cdc_eem failed with error -71
[  218.288671][ T9252] xt_hashlimit: Unknown mode mask 258, kernel too old?
[  218.393415][  T967] usb 7-1: USB disconnect, device number 2
[  218.776750][ T9217] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.872037][ T9217] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.945375][ T9217] bridge_slave_0: entered allmulticast mode
[  218.994946][ T9217] bridge_slave_0: entered promiscuous mode
[  219.084908][ T9217] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.202040][ T9217] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.209366][ T9217] bridge_slave_1: entered allmulticast mode
[  219.405246][ T9217] bridge_slave_1: entered promiscuous mode
[  220.029007][ T9217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.042265][ T5839] Bluetooth: hci7: command tx timeout
[  220.193716][ T9217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  220.428938][ T9279] No such timeout policy "syz0"
[  220.779627][ T9217] team0: Port device team_slave_0 added
[  220.907479][ T9217] team0: Port device team_slave_1 added
[  221.156007][ T9290] netlink: 'syz.0.1317': attribute type 3 has an invalid length.
[  221.813766][ T9217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.820777][ T9217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.102083][ T5839] Bluetooth: hci7: command tx timeout
[  222.187642][ T9217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.343451][ T9217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.435286][ T9217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.699931][ T9217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.744945][ T9319] loop4: detected capacity change from 0 to 128
[  222.894059][ T9319] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  223.136290][   T29] audit: type=1326 audit(1733890414.028:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff653f7ff19 code=0x7ffc0000
[  223.230539][ T9326] loop7: detected capacity change from 0 to 256
[  223.358111][ T9326] exFAT-fs (loop7): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  223.391941][   T29] audit: type=1326 audit(1733890414.028:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff653f7ff19 code=0x7ffc0000
[  223.583296][ T9217] hsr_slave_0: entered promiscuous mode
[  223.655534][   T29] audit: type=1326 audit(1733890414.108:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff653f7ff19 code=0x7ffc0000
[  223.693040][ T9217] hsr_slave_1: entered promiscuous mode
[  223.762073][   T11] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  223.853610][ T9217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  223.861251][ T9217] Cannot create hsr debugfs directory
[  223.936169][   T29] audit: type=1326 audit(1733890414.108:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff653f7ff19 code=0x7ffc0000
[  224.183980][ T5839] Bluetooth: hci7: command tx timeout
[  224.222066][   T29] audit: type=1326 audit(1733890414.108:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9323 comm="syz.0.1330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff653f7ff19 code=0x7ffc0000
[  224.265572][ T9336] xt_addrtype: ipv6 does not support BROADCAST matching
[  224.863068][ T9342] loop0: detected capacity change from 0 to 2048
[  225.011890][ T9342] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  226.134675][ T9217] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  226.557092][ T9217] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  226.804359][ T9217] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  227.032478][ T9217] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  228.068926][ T9217] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.180951][ T9217] 8021q: adding VLAN 0 to HW filter on device team0
[  228.384274][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.391433][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.602736][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.609956][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.566805][ T9217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.088244][ T9443] netlink: 'syz.5.1375': attribute type 39 has an invalid length.
[  232.322802][ T9443] veth0_macvtap: left promiscuous mode
[  232.968186][ T9217] veth0_vlan: entered promiscuous mode
[  233.100987][ T9217] veth1_vlan: entered promiscuous mode
[  233.294273][ T9458] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1382'.
[  233.341324][ T9217] veth0_macvtap: entered promiscuous mode
[  233.488878][ T9217] veth1_macvtap: entered promiscuous mode
[  233.686665][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.801928][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.888204][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  233.985467][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.063442][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.131988][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.191895][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.264936][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.337347][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.396780][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.448765][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.475100][ T9476] netlink: 'syz.5.1391': attribute type 3 has an invalid length.
[  234.512011][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.524124][ T9476] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.1391'.
[  234.586432][ T9217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.709433][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.830578][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.934601][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.021587][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.091998][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.164421][ T9482] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1394'.
[  235.185885][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.217207][ T9480] loop6: detected capacity change from 0 to 2048
[  235.241931][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.287644][ T9480] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  235.307203][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.348896][ T9480] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  235.385864][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.489200][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.557154][ T9217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.638157][ T9217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.715138][ T9217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.826453][ T9217] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.891989][ T9217] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.900759][ T9217] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.072167][ T9217] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.335964][   T29] audit: type=1326 audit(1733890427.228:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9492 comm="syz.7.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82be97ff19 code=0x7ffc0000
[  236.541894][   T29] audit: type=1326 audit(1733890427.228:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9492 comm="syz.7.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82be97ff19 code=0x7ffc0000
[  236.796963][   T29] audit: type=1326 audit(1733890427.268:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9492 comm="syz.7.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f82be97ff19 code=0x7ffc0000
[  236.841403][ T2911] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.934806][ T9501] loop6: detected capacity change from 0 to 256
[  236.989959][ T2911] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.009242][   T29] audit: type=1326 audit(1733890427.268:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9492 comm="syz.7.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82be97ff19 code=0x7ffc0000
[  237.467795][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.542109][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.826019][ T9490] loop0: detected capacity change from 0 to 32768
[  238.919285][ T9490] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1398 (9490)
[  240.259870][ T9548] loop7: detected capacity change from 0 to 256
[  240.566741][ T9548] FAT-fs (loop7): Directory bread(block 64) failed
[  240.681969][ T9548] FAT-fs (loop7): Directory bread(block 65) failed
[  240.742564][ T9548] FAT-fs (loop7): Directory bread(block 66) failed
[  240.749152][ T9548] FAT-fs (loop7): Directory bread(block 67) failed
[  240.882290][ T9548] FAT-fs (loop7): Directory bread(block 68) failed
[  240.888892][ T9548] FAT-fs (loop7): Directory bread(block 69) failed
[  241.032261][ T9548] FAT-fs (loop7): Directory bread(block 70) failed
[  241.038864][ T9548] FAT-fs (loop7): Directory bread(block 71) failed
[  241.160641][ T9561] gretap1: entered allmulticast mode
[  241.192483][ T9548] FAT-fs (loop7): Directory bread(block 72) failed
[  241.272192][ T9548] FAT-fs (loop7): Directory bread(block 73) failed
[  241.320216][ T9566] loop6: detected capacity change from 0 to 1024
[  241.887555][ T9568] loop5: detected capacity change from 0 to 512
[  242.221062][ T9568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.370254][ T9568] ext4 filesystem being mounted at /218/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  242.470445][ T9579] loop6: detected capacity change from 0 to 512
[  242.622904][ T9579] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.669693][ T9584] netlink: 3 bytes leftover after parsing attributes in process `syz.8.1432'.
[  242.687827][ T9568] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  242.862870][ T9579] tmpfs: Bad value for 'mpol'
[  243.140488][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.255593][ T8178] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.970397][ T9601] kernel profiling enabled (shift: 63)
[  244.014335][ T9601] profiling shift: 63 too large
[  244.218790][ T9597] loop5: detected capacity change from 0 to 4096
[  244.288736][ T9597] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  247.431953][ T5889] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  247.692878][ T5889] usb 6-1: Using ep0 maxpacket: 16
[  247.757632][ T5889] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[  247.852388][ T5889] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  247.952024][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.061154][ T5889] usb 6-1: Product: syz
[  248.083171][ T5889] usb 6-1: Manufacturer: syz
[  248.122271][ T9670] Zero length message leads to an empty skb
[  248.141886][ T5889] usb 6-1: SerialNumber: syz
[  248.222163][ T5889] usb 6-1: config 0 descriptor??
[  248.294393][ T5889] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  248.386816][ T5889] usb 6-1: Detected FT232R
[  248.504279][  T967] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  248.709350][ T5889] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  248.742083][  T967] usb 1-1: Using ep0 maxpacket: 32
[  248.789109][ T5889] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  248.804198][  T967] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.900133][ T5889] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  248.917825][  T967] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.031989][ T5889] usb 6-1: USB disconnect, device number 6
[  249.041998][  T967] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  249.130051][ T9684] loop8: detected capacity change from 0 to 512
[  249.153406][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.172622][ T5889] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  249.256239][ T5889] ftdi_sio 6-1:0.0: device disconnected
[  249.276958][ T9684] EXT4-fs: Ignoring removed mblk_io_submit option
[  249.367269][  T967] hub 1-1:4.0: USB hub found
[  249.509287][  T967] hub 1-1:4.0: config failed, hub has too many ports! (err -19)
[  249.519393][ T9684] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  249.685426][ T9684] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.1466: attempt to clear invalid blocks 2 len 1
[  249.883036][  T967] usb 1-1: USB disconnect, device number 7
[  249.906242][ T9684] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  250.024093][ T9695] loop5: detected capacity change from 0 to 8
[  250.136712][ T9684] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.1466: invalid indirect mapped block 1819239214 (level 0)
[  250.161990][ T9695] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  250.362577][ T9684] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.1466: invalid indirect mapped block 1819239214 (level 1)
[  250.435788][ T5846] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  250.472776][ T5846] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  250.486986][ T5846] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  250.495068][ T5846] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  250.503309][ T5846] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  250.510602][ T5846] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  250.664509][ T9684] EXT4-fs (loop8): 1 truncate cleaned up
[  250.777430][ T9684] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.819303][ T9698] lo speed is unknown, defaulting to 1000
[  251.434853][ T9217] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.132177][ T9722] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1474'.
[  252.132213][ T9722] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1474'.
[  252.355737][ T9698] chnl_net:caif_netlink_parms(): no params data found
[  252.581998][ T5846] Bluetooth: hci8: command tx timeout
[  253.309814][ T9742] loop0: detected capacity change from 0 to 512
[  253.416178][ T9742] EXT4-fs: Ignoring removed mblk_io_submit option
[  253.493464][ T9698] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.500887][ T9698] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.521636][ T9742] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  253.686900][ T9698] bridge_slave_0: entered allmulticast mode
[  253.704771][ T9742] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[  253.743102][ T9698] bridge_slave_0: entered promiscuous mode
[  253.780611][ T9742] System zones: 1-12
[  253.820742][ T9698] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.828806][ T9742] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1482: corrupted in-inode xattr: e_value size too large
[  253.926193][ T9698] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.011134][ T9698] bridge_slave_1: entered allmulticast mode
[  254.025579][ T9742] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.1482: couldn't read orphan inode 15 (err -117)
[  254.073266][ T9698] bridge_slave_1: entered promiscuous mode
[  254.153630][ T9742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.212187][ T9753] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  254.428799][ T9757] QAT: failed to copy from user.
[  254.669615][ T5846] Bluetooth: hci8: command tx timeout
[  254.714001][ T9761] loop6: detected capacity change from 0 to 1024
[  254.759103][ T9698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  254.915184][ T9698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.929053][ T5824] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.246180][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  255.262035][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  255.719871][ T9698] team0: Port device team_slave_0 added
[  255.813817][ T9698] team0: Port device team_slave_1 added
[  256.446705][ T9698] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.534790][ T9698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.742040][ T5846] Bluetooth: hci8: command tx timeout
[  256.770865][ T9698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  256.880387][ T9698] batman_adv: batadv0: Adding interface: batadv_slave_1
[  256.989303][ T9698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.212738][ T9698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.280840][ T9787] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1500'.
[  257.927169][ T9804] ax25_connect(): syz.8.1508 uses autobind, please contact jreuter@yaina.de
[  257.939858][ T9698] hsr_slave_0: entered promiscuous mode
[  258.104667][ T9698] hsr_slave_1: entered promiscuous mode
[  258.263677][ T9698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  258.271344][ T9698] Cannot create hsr debugfs directory
[  258.668667][ T9813] tmpfs: Bad value for 'mpol'
[  258.822062][ T5846] Bluetooth: hci8: command tx timeout
[  259.290785][ T9789] loop0: detected capacity change from 0 to 32768
[  259.397009][ T9789] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  259.612933][ T9789] XFS (loop0): Ending clean mount
[  259.619251][ T9830] netlink: 'syz.7.1518': attribute type 1 has an invalid length.
[  259.925345][ T5824] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  260.255332][ T9836] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  261.017692][ T9842] netlink: 'syz.7.1524': attribute type 1 has an invalid length.
[  261.088665][ T9842] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1524'.
[  261.124144][ T9843] 9pnet: Found fid 0 not clunked
[  261.418075][ T9849] netlink: 'syz.5.1527': attribute type 1 has an invalid length.
[  261.525831][ T9849] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1527'.
[  261.766583][ T9853] loop7: detected capacity change from 0 to 1024
[  261.845186][ T9698] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  261.978143][ T9698] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  261.993392][ T9855] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  262.143597][ T9698] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  262.234936][ T9698] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  263.115764][ T9698] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.289615][ T9698] 8021q: adding VLAN 0 to HW filter on device team0
[  263.554316][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.561470][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.733763][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.740948][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.248547][ T9698] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  264.453303][ T9698] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  264.707344][ T9897] loop0: detected capacity change from 0 to 256
[  264.859934][ T9897] FAT-fs (loop0): Directory bread(block 64) failed
[  264.885467][ T9903] loop6: detected capacity change from 0 to 512
[  264.957527][ T9897] FAT-fs (loop0): Directory bread(block 65) failed
[  264.988546][ T9903] EXT4-fs: Ignoring removed nobh option
[  265.011996][ T9897] FAT-fs (loop0): Directory bread(block 66) failed
[  265.018584][ T9897] FAT-fs (loop0): Directory bread(block 67) failed
[  265.153301][ T9897] FAT-fs (loop0): Directory bread(block 68) failed
[  265.159919][ T9897] FAT-fs (loop0): Directory bread(block 69) failed
[  265.177884][ T9906] batadv1: entered promiscuous mode
[  265.274605][ T9906] 8021q: adding VLAN 0 to HW filter on device batadv1
[  265.285684][ T9903] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.298477][ T9897] FAT-fs (loop0): Directory bread(block 70) failed
[  265.357895][ T9897] FAT-fs (loop0): Directory bread(block 71) failed
[  265.422238][ T9903] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.435997][ T9911] loop7: detected capacity change from 0 to 128
[  265.444328][ T9897] FAT-fs (loop0): Directory bread(block 72) failed
[  265.450911][ T9897] FAT-fs (loop0): Directory bread(block 73) failed
[  265.545719][ T9911] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  265.557478][ T9913] loop8: detected capacity change from 0 to 64
[  265.705855][ T9911] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 550)
[  265.772115][ T9911] FAT-fs (loop7): Filesystem has been set read-only
[  265.873080][   T29] audit: type=1800 audit(1733890456.768:51): pid=9897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1549" name="file1" dev="loop0" ino=1048648 res=0 errno=0
[  265.934506][ T8178] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.282623][ T8650] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 550)
[  266.633526][ T9698] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.120149][ T9931] loop6: detected capacity change from 0 to 256
[  267.482685][ T9931] FAT-fs (loop6): Directory bread(block 64) failed
[  267.489378][ T9931] FAT-fs (loop6): Directory bread(block 65) failed
[  267.511277][ T9939] loop5: detected capacity change from 0 to 256
[  267.671611][ T9931] FAT-fs (loop6): Directory bread(block 66) failed
[  267.733805][ T9939] Invalid source name
[  267.751519][ T9931] FAT-fs (loop6): Directory bread(block 67) failed
[  267.822012][ T9939] UBIFS error (pid: 9939): cannot open "ubifs", error -22
[  267.842842][ T9931] FAT-fs (loop6): Directory bread(block 68) failed
[  268.000456][ T9931] FAT-fs (loop6): Directory bread(block 69) failed
[  268.109380][ T9931] FAT-fs (loop6): Directory bread(block 70) failed
[  268.149948][ T9931] FAT-fs (loop6): Directory bread(block 71) failed
[  268.225061][ T9931] FAT-fs (loop6): Directory bread(block 72) failed
[  268.333909][ T9931] FAT-fs (loop6): Directory bread(block 73) failed
[  268.552202][   T29] audit: type=1800 audit(1733890459.428:52): pid=9943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.8.1566" name="/newroot/33/file0" dev="tmpfs" ino=185 res=0 errno=0
[  269.142558][ T9962] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1570'.
[  269.494302][ T9698] veth0_vlan: entered promiscuous mode
[  269.724247][ T9698] veth1_vlan: entered promiscuous mode
[  269.920579][ T9974] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1575'.
[  270.136119][ T5889] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  270.193824][ T9698] veth0_macvtap: entered promiscuous mode
[  270.225502][ T9980] loop5: detected capacity change from 0 to 2048
[  270.284140][ T9698] veth1_macvtap: entered promiscuous mode
[  270.368104][ T9980] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  270.454075][ T5889] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  270.553705][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.564555][ T5889] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 3
[  270.665580][ T5889] usb 9-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  270.685273][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  270.796584][ T5889] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.815251][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  270.897226][ T5889] usb 9-1: config 0 descriptor??
[  270.945777][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.026355][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.155336][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.279385][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.398720][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.433255][ T5889] Bluetooth: Can't get version to change to load ram patch err
[  271.440878][ T5889] Bluetooth: Loading patch file failed
[  271.506421][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.540380][ T5889] ath3k 9-1:0.0: probe with driver ath3k failed with error -71
[  271.590512][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.631632][ T5889] usb 9-1: USB disconnect, device number 2
[  271.687560][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.757474][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.806608][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.853903][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.901247][ T9698] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.093250][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.231553][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.347451][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.462558][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.557784][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.572806][T10009] netlink: 'syz.0.1589': attribute type 1 has an invalid length.
[  272.655744][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.764384][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.841950][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.938247][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.050625][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.126515][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.231205][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.351995][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.441869][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.573567][ T9698] batman_adv: batadv0: Interface activated: batadv_slave_1
[  273.773511][ T9698] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.858188][ T9698] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.936565][ T9698] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.000094][ T9698] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.705037][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.824113][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.027528][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.108703][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.412415][T10038] batadv1: entered promiscuous mode
[  275.438021][T10013] loop7: detected capacity change from 0 to 32768
[  275.463055][T10038] 8021q: adding VLAN 0 to HW filter on device batadv1
[  275.624775][T10013] __jfs_setxattr: xattr_size = 74, new_size = 12820
[  275.836348][T10040] xt_CT: You must specify a L4 protocol and not use inversions on it
[  276.756215][T10024] loop0: detected capacity change from 0 to 32768
[  277.232756][T10050] mmap: syz.8.1609 (10050): VmData 175878144 exceed data ulimit 4095. Update limits or use boot option ignore_rlimit_data.
[  277.332074][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1605'.
[  277.340993][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1605'.
[  277.522011][T10052] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1605'.
[  277.700198][T10034] loop5: detected capacity change from 0 to 32768
[  277.825540][T10034] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1602 (10034)
[  278.015098][T10034] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  278.142430][T10034] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  278.252172][T10034] BTRFS info (device loop5): using free-space-tree
[  278.302414][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  278.404108][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  278.427827][T10067] netlink: 'syz.0.1610': attribute type 1 has an invalid length.
[  278.498178][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  278.498489][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  278.622123][T10067] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1610'.
[  278.682617][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  278.682902][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  278.762438][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  278.865601][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  279.000532][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  279.045783][T10082] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1619'.
[  279.100410][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  279.100715][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  279.222969][T10034] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  279.251996][  T967] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  279.415284][T10034] BTRFS error (device loop5): open_ctree failed
[  279.503882][T10089] Device name cannot be null; rc = [-22]
[  279.602873][  T967] usb 10-1: Using ep0 maxpacket: 32
[  279.695801][  T967] usb 10-1: unable to get BOS descriptor or descriptor too short
[  279.786045][  T967] usb 10-1: config index 0 descriptor too short (expected 34347, got 43)
[  279.891040][  T967] usb 10-1: config 31 has too many interfaces: 196, using maximum allowed: 32
[  279.964492][T10092] loop6: detected capacity change from 0 to 764
[  279.980989][  T967] usb 10-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config
[  280.065067][T10092] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  280.100990][  T967] usb 10-1: config 31 has 1 interface, different from the descriptor's value: 196
[  280.219145][  T967] usb 10-1: config 31 has no interface number 0
[  280.286180][  T967] usb 10-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[  280.347424][T10097] loop0: detected capacity change from 0 to 256
[  280.407779][  T967] usb 10-1: config 31 interface 81 altsetting 3 endpoint 0x83 has invalid wMaxPacketSize 0
[  280.453171][T10097] exfat: Deprecated parameter 'namecase'
[  280.531602][  T967] usb 10-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 0
[  280.614428][T10097] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  280.666863][  T967] usb 10-1: config 31 interface 81 has no altsetting 0
[  280.850507][  T967] usb 10-1: string descriptor 0 read error: -22
[  280.920917][T10097] exFAT-fs (loop0): start_clu is invalid cluster(0x0)
[  280.940824][  T967] usb 10-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[  281.094673][  T967] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.266645][  T967] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:31.81/input/input13
[  281.552278][   T80] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  281.793214][   T80] usb 7-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  281.868031][   T80] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.940970][  T967] usb 10-1: USB disconnect, device number 2
[  281.958721][   T80] usb 7-1: Product: syz
[  282.011888][   T80] usb 7-1: Manufacturer: syz
[  282.073671][   T80] usb 7-1: SerialNumber: syz
[  282.232330][   T80] r8152-cfgselector 7-1: Unknown version 0x0000
[  282.298618][   T80] r8152-cfgselector 7-1: config 0 descriptor??
[  282.546907][T10114] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1633'.
[  282.932124][   T80] r8152-cfgselector 7-1: USB disconnect, device number 3
[  283.497634][T10126] IPv6: syztnl0: Disabled Multicast RS
[  283.759065][T10128] xt_hashlimit: max too large, truncated to 1048576
[  283.978518][T10131] netlink: 'syz.7.1641': attribute type 79 has an invalid length.
[  284.198201][T10135] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1643'.
[  284.583076][T10133] xt_CT: No such helper "snmp"
[  284.986398][T10142] loop8: detected capacity change from 0 to 256
[  285.289769][T10113] loop5: detected capacity change from 0 to 32768
[  285.940860][T10154] loop7: detected capacity change from 0 to 512
[  285.968316][T10152] loop8: detected capacity change from 0 to 256
[  286.176767][T10158] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1654'.
[  286.243184][T10154] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  286.348949][T10154] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.052185][T10168] openvswitch: netlink: Tunnel attr 228 out of range max 16
[  287.162636][ T8650] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  287.590230][T10171] loop8: detected capacity change from 0 to 512
[  287.747094][T10171] overlay: Unknown parameter '/�)��4�N�{��̏����0�\g�֛��"YK��67js!��FB'
[  287.941416][T10145] loop6: detected capacity change from 0 to 32768
[  287.989933][T10145] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1647 (10145)
[  288.212428][T10145] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  288.342398][T10145] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  288.431921][T10145] BTRFS info (device loop6): using free-space-tree
[  288.521045][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  288.521353][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  288.607425][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  288.713542][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  288.763136][T10183] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1664'.
[  288.863089][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  288.863377][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  288.939590][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  289.087510][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  289.170078][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  289.273312][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  289.361674][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  289.470940][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  289.580121][T10145] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  289.786242][T10145] BTRFS error (device loop6): open_ctree failed
[  290.620298][T10214] netlink: 'syz.5.1675': attribute type 10 has an invalid length.
[  290.712174][T10214] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1675'.
[  290.778636][T10214] bridge0: port 3(dummy0) entered blocking state
[  290.829775][T10214] bridge0: port 3(dummy0) entered disabled state
[  290.908358][T10214] dummy0: entered allmulticast mode
[  290.933419][T10214] dummy0: entered promiscuous mode
[  291.003496][T10214] bridge0: port 3(dummy0) entered blocking state
[  291.010569][T10214] bridge0: port 3(dummy0) entered forwarding state
[  291.042551][T10219] loop8: detected capacity change from 0 to 512
[  291.122640][T10219] EXT4-fs: Ignoring removed nobh option
[  291.128265][T10219] EXT4-fs: Ignoring removed nobh option
[  291.252753][T10219] EXT4-fs (loop8): failed to initialize system zone (-117)
[  291.332184][T10219] EXT4-fs (loop8): mount failed
[  291.851539][T10226] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  292.090016][T10232] loop6: detected capacity change from 0 to 128
[  292.202313][T10232] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  292.326439][T10232] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  292.483554][T10232] syz.6.1683: attempt to access beyond end of device
[  292.483554][T10232] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  292.512551][T10230] loop8: detected capacity change from 0 to 4096
[  292.612801][T10232] (syz.6.1683,10232,1):ocfs2_get_sector:1769 ERROR: status = -5
[  292.707826][T10232] (syz.6.1683,10232,1):ocfs2_sb_probe:749 ERROR: status = -5
[  292.766898][T10232] (syz.6.1683,10232,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  292.865528][T10232] (syz.6.1683,10232,1):ocfs2_fill_super:1178 ERROR: status = -5
[  293.012658][T10239] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1686'.
[  293.050475][T10240] loop0: detected capacity change from 0 to 16
[  293.082408][T10240] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  293.158806][T10215] loop9: detected capacity change from 0 to 32768
[  293.307434][T10215] (syz.9.1676,10215,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  293.420868][T10215] (syz.9.1676,10215,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  293.642122][T10215] (syz.9.1676,10215,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  293.674255][T10244] loop5: detected capacity change from 0 to 512
[  293.758973][T10215] JBD2: Ignoring recovery information on journal
[  293.767161][T10244] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  293.842029][T10244] System zones: 0-2, 18-18, 34-34
[  294.045831][T10244] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1689: bg 0: block 248: padding at end of block bitmap is not set
[  294.083744][T10215] JBD2: journal reset failed
[  294.102246][T10215] (syz.9.1676,10215,1):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  294.156883][T10215] (syz.9.1676,10215,1):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[  294.168550][T10244] Quota error (device loop5): write_blk: dquota write failed
[  294.208416][T10244] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  294.312319][T10244] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.1689: Failed to acquire dquot type 1
[  294.423872][T10244] EXT4-fs (loop5): 1 truncate cleaned up
[  294.459588][T10244] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.560657][T10244] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.033686][T10261] loop8: detected capacity change from 0 to 256
[  297.622109][ T5889] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  297.729633][T10273] loop0: detected capacity change from 0 to 40427
[  297.787152][T10273] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  297.819499][T10273] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  297.831390][ T5889] usb 9-1: Using ep0 maxpacket: 32
[  297.888013][ T5889] usb 9-1: config 8 has an invalid interface number: 4 but max is 1
[  297.907045][T10273] F2FS-fs (loop0): invalid crc value
[  297.921884][ T5889] usb 9-1: config 8 has an invalid interface number: 149 but max is 1
[  297.971699][ T5889] usb 9-1: config 8 has no interface number 0
[  298.005622][T10273] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  298.016862][ T5889] usb 9-1: config 8 has no interface number 1
[  298.041944][ T5889] usb 9-1: config 8 interface 4 has no altsetting 0
[  298.067354][ T5889] usb 9-1: config 8 interface 149 has no altsetting 0
[  298.122237][ T5889] usb 9-1: New USB device found, idVendor=1bbb, idProduct=011e, bcdDevice=7c.dc
[  298.162138][ T5889] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.170159][ T5889] usb 9-1: Product: syz
[  298.232356][ T5889] usb 9-1: Manufacturer: syz
[  298.268476][ T5889] usb 9-1: SerialNumber: syz
[  298.350843][T10273] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  298.391942][T10273] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  298.551611][ T5889] option 9-1:8.149: GSM modem (1-port) converter detected
[  298.616023][ T5889] usb 9-1: USB disconnect, device number 3
[  298.643898][ T5889] option 9-1:8.149: device disconnected
[  298.913154][T10304] loop9: detected capacity change from 0 to 2048
[  298.970668][T10304] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  299.168869][ T9698] UDF-fs: warning (device loop9): udf_evict_inode: Inode 1367 (mode 120777) has inode size 14 different from extent length 512. Filesystem need not be standards compliant.
[  299.802854][T10310] loop8: detected capacity change from 0 to 1024
[  299.887890][T10312] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709527469)
[  299.979177][T10312] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  300.116519][   T12] hfsplus: b-tree write err: -5, ino 4
[  300.360064][T10316] loop9: detected capacity change from 0 to 256
[  300.495189][T10316] FAT-fs (loop9): Directory bread(block 64) failed
[  300.535509][T10316] FAT-fs (loop9): Directory bread(block 65) failed
[  300.562098][T10316] FAT-fs (loop9): Directory bread(block 66) failed
[  300.568672][T10316] FAT-fs (loop9): Directory bread(block 67) failed
[  300.648841][T10316] FAT-fs (loop9): Directory bread(block 68) failed
[  300.692040][T10316] FAT-fs (loop9): Directory bread(block 69) failed
[  300.738458][T10316] FAT-fs (loop9): Directory bread(block 70) failed
[  300.775469][T10316] FAT-fs (loop9): Directory bread(block 71) failed
[  300.812217][T10316] FAT-fs (loop9): Directory bread(block 72) failed
[  300.818780][T10316] FAT-fs (loop9): Directory bread(block 73) failed
[  301.701546][T10331] loop8: detected capacity change from 0 to 4096
[  301.868161][T10337] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  301.885362][T10336] netlink: 'syz.0.1731': attribute type 8 has an invalid length.
[  301.990181][T10336] bridge2: entered allmulticast mode
[  301.995776][T10331] NILFS error (device loop8): nilfs_dotdot: directory #12 missing '.'
[  302.049222][T10331] Remounting filesystem read-only
[  302.522486][T10344] tmpfs: Bad value for 'mpol'
[  303.343820][  T967] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  303.395154][ T5846] Bluetooth: hci6: command 0x0406 tx timeout
[  303.542414][  T967] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  303.591891][  T967] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  303.649701][  T967] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  303.731895][  T967] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.802001][  T967] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.857651][  T967] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  303.921937][  T967] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  303.992061][  T967] usb 9-1: Product: syz
[  303.996306][  T967] usb 9-1: Manufacturer: syz
[  304.065117][ T5846] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  304.084638][ T5846] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  304.102890][ T5846] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  304.118031][ T5846] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  304.125888][ T5846] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  304.149895][  T967] cdc_wdm 9-1:1.0: skipping garbage
[  304.162291][ T5846] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  304.245194][  T967] cdc_wdm 9-1:1.0: skipping garbage
[  304.323748][  T967] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  304.329728][  T967] cdc_wdm 9-1:1.0: Unknown control protocol
[  304.358969][T10361] lo speed is unknown, defaulting to 1000
[  304.462328][  T967] usb 9-1: USB disconnect, device number 4
[  305.003763][T10371] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode 802.3ad(4)
[  305.359254][T10377] loop8: detected capacity change from 0 to 1024
[  305.377879][T10361] chnl_net:caif_netlink_parms(): no params data found
[  305.533320][T10377] hfsplus: bad catalog entry type
[  306.066431][T10361] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.115116][T10361] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.129418][T10384] loop8: detected capacity change from 0 to 2048
[  306.172754][T10361] bridge_slave_0: entered allmulticast mode
[  306.208427][T10361] bridge_slave_0: entered promiscuous mode
[  306.241844][T10387] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  306.277125][ T5846] Bluetooth: hci9: command tx timeout
[  306.312698][T10361] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.358145][T10361] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.412134][T10361] bridge_slave_1: entered allmulticast mode
[  306.449183][T10361] bridge_slave_1: entered promiscuous mode
[  306.865971][T10361] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.927726][T10361] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.972880][T10374] loop0: detected capacity change from 0 to 32768
[  307.037816][T10374] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1748 (10374)
[  307.197865][T10374] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  307.300017][T10361] team0: Port device team_slave_0 added
[  307.316688][T10374] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  307.402042][T10374] BTRFS info (device loop0): using free-space-tree
[  307.482117][T10397] netlink: 'syz.8.1757': attribute type 1 has an invalid length.
[  307.535994][T10361] team0: Port device team_slave_1 added
[  307.560644][T10397] netlink: 'syz.8.1757': attribute type 2 has an invalid length.
[  307.629553][T10397] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1757'.
[  307.883637][T10361] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.945156][T10361] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.971390][    C1] vkms_vblank_simulate: vblank timer overrun
[  308.185548][T10361] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.234067][ T5824] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  308.313939][T10361] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.320968][T10361] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.362126][ T5846] Bluetooth: hci9: command tx timeout
[  308.625071][T10361] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  309.291640][T10424] loop9: detected capacity change from 0 to 1024
[  309.322776][ T5839] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  309.363156][T10361] hsr_slave_0: entered promiscuous mode
[  309.373743][ T5839] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  309.396793][ T5839] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  309.413684][ T5839] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  309.424606][ T5839] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  309.442077][ T5839] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  309.518188][T10361] hsr_slave_1: entered promiscuous mode
[  309.529468][T10424] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.644544][T10361] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  309.675262][T10361] Cannot create hsr debugfs directory
[  309.842794][T10424] EXT4-fs warning (device loop9): empty_inline_dir:1839: bad inline directory (dir #12) - no `..'
[  310.037048][T10425] lo speed is unknown, defaulting to 1000
[  310.432042][ T5846] Bluetooth: hci9: command tx timeout
[  311.546364][   T30] INFO: task kworker/u8:5:996 blocked for more than 143 seconds.
[  311.563994][   T30]       Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[  311.572792][ T5846] Bluetooth: hci10: command tx timeout
[  311.634566][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  311.758024][   T30] task:kworker/u8:5    state:D stack:22280 pid:996   tgid:996   ppid:2      flags:0x00004000
[  311.925555][   T30] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[  312.041942][   T30] Call Trace:
[  312.099999][   T30]  <TASK>
[  312.154630][   T30]  __schedule+0x1850/0x4c30
[  312.159230][   T30]  ? __pfx___schedule+0x10/0x10
[  312.226385][   T30]  ? __pfx_lock_release+0x10/0x10
[  312.231486][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.322958][   T30]  ? kthread_data+0x52/0xd0
[  312.327526][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.401992][   T30]  ? wq_worker_sleeping+0x66/0x240
[  312.407177][   T30]  ? schedule+0x90/0x320
[  312.411456][   T30]  schedule+0x14b/0x320
[  312.474988][   T30]  schedule_timeout+0xb0/0x290
[  312.479818][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  312.502207][ T5846] Bluetooth: hci9: command tx timeout
[  312.535765][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  312.614341][   T30]  ? wait_for_completion+0x2fe/0x620
[  312.619717][   T30]  ? wait_for_completion+0x2fe/0x620
[  312.651986][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  312.657283][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.714650][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  312.719939][   T30]  ? wait_for_completion+0x2fe/0x620
[  312.775067][   T30]  wait_for_completion+0x355/0x620
[  312.841166][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  312.863291][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.868975][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.928976][   T30]  ? __init_swait_queue_head+0xae/0x150
[  312.982073][   T30]  __synchronize_srcu+0x357/0x400
[  312.994909][   T30]  ? __pfx___synchronize_srcu+0x10/0x10
[  313.000504][   T30]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  313.047100][   T30]  ? ktime_get_mono_fast_ns+0x303/0x320
[  313.072618][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.078477][   T30]  ? synchronize_srcu+0x2a7/0x2d0
[  313.108077][   T30]  ? process_scheduled_works+0x976/0x1840
[  313.144778][   T30]  fsnotify_mark_destroy_workfn+0x146/0x350
[  313.150746][   T30]  ? __pfx_fsnotify_mark_destroy_workfn+0x10/0x10
[  313.189272][   T30]  ? process_scheduled_works+0x976/0x1840
[  313.222063][   T30]  process_scheduled_works+0xa68/0x1840
[  313.227725][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  313.264560][   T30]  ? assign_work+0x364/0x3d0
[  313.269261][   T30]  worker_thread+0x870/0xd30
[  313.291737][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.298548][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.323258][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  313.329218][   T30]  ? __kthread_parkme+0x169/0x1d0
[  313.362150][   T30]  ? __pfx_worker_thread+0x10/0x10
[  313.367437][   T30]  kthread+0x2f2/0x390
[  313.371548][   T30]  ? __pfx_worker_thread+0x10/0x10
[  313.422080][   T30]  ? __pfx_kthread+0x10/0x10
[  313.426770][   T30]  ret_from_fork+0x4d/0x80
[  313.431226][   T30]  ? __pfx_kthread+0x10/0x10
[  313.474138][   T30]  ret_from_fork_asm+0x1a/0x30
[  313.479002][   T30]  </TASK>
[  313.512705][   T30] 
[  313.512705][   T30] Showing all locks held in the system:
[  313.520488][   T30] 2 locks held by kworker/0:0/8:
[  313.562435][   T30] 2 locks held by kworker/u8:0/11:
[  313.567694][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  313.622832][ T5846] Bluetooth: hci10: command tx timeout
[  313.631292][   T30]  #1: ffffc90000107d00 ((quota_release_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  313.662103][   T30] 3 locks held by kworker/u8:1/12:
[  313.667262][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  313.714493][   T30]  #1: ffffc90000117d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  313.749026][   T30]  #2: ffffffff8fcb1388 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  313.771980][   T30] 1 lock held by khungtaskd/30:
[  313.776860][   T30]  #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  313.811380][   T30] 2 locks held by kworker/u8:5/996:
[  313.818296][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  313.851927][   T30]  #1: ffffc900039cfd00 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  313.878909][   T30] 2 locks held by kworker/u8:7/2941:
[  313.892135][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  313.919944][   T30]  #1: ffffc9000b67fd00 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  313.953109][   T30] 1 lock held by dhcpcd/5495:
[  313.957830][   T30]  #0: ffffffff8fcb1388 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_deladdr+0x1a1/0x7b0
[  313.983361][   T30] 2 locks held by getty/5578:
[  313.988067][   T30]  #0: ffff88814d3460a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  314.022060][   T30]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  314.042111][   T30] 2 locks held by kworker/0:3/5830:
[  314.047346][   T30] 1 lock held by syz-executor/5833:
[  314.063511][   T30]  #0: ffff8880513760e0 (&type->s_umount_key#31){++++}-{4:4}, at: deactivate_super+0xb5/0xf0
[  314.097999][   T30] 4 locks held by kworker/0:6/5892:
[  314.110623][   T30] 4 locks held by syz.1.1018/8426:
[  314.121902][   T30]  #0: ffff88805c954d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x203/0x510
[  314.142110][   T30]  #1: ffff88805c954078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x5c8/0x11c0
[  314.168720][   T30]  #2: ffffffff8fe11ce8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa6/0x240
[  314.191586][   T30]  #3: ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830
[  314.222231][   T30] 1 lock held by syz-executor/8650:
[  314.227573][   T30]  #0: ffff8880223560e0 (&type->s_umount_key#31){++++}-{4:4}, at: deactivate_super+0xb5/0xf0
[  314.255407][   T30] 2 locks held by syz.2.1195/8953:
[  314.260565][   T30]  #0: ffff8880255cc4c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x17e/0x700
[  314.291950][   T30]  #1: ffff8880255c4198 (&nbd->config_lock){+.+.}-{4:4}, at: refcount_dec_and_mutex_lock+0x30/0x100
[  314.319377][   T30] 1 lock held by syz-executor/9698:
[  314.332192][   T30]  #0: ffff8880588ea0e0 (&type->s_umount_key#31){++++}-{4:4}, at: deactivate_super+0xb5/0xf0
[  314.365953][   T30] 2 locks held by syz.6.1683/10232:
[  314.371272][   T30]  #0: ffff888025cf84c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_release+0x17e/0x700
[  314.398763][   T30]  #1: ffff888025cf1998 (&nbd->config_lock){+.+.}-{4:4}, at: refcount_dec_and_mutex_lock+0x30/0x100
[  314.417361][   T30] 7 locks held by syz-executor/10361:
[  314.435400][   T30]  #0: ffff888030922420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x225/0xd30
[  314.458618][   T30]  #1: ffff88804b72b888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  314.488025][   T30]  #2: ffff8881413834b8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  314.511920][   T30]  #3: ffffffff8f55d4e8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfc/0x480
[  314.539995][   T30]  #4: ffff88805813f0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xce/0x7c0
[  314.569035][   T30]  #5: ffff88807c4b8250 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
[  314.591911][   T30]  #6: ffffffff8fcb1388 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0x71/0x5c0
[  314.600885][   T30] 2 locks held by syz-executor/10425:
[  314.623048][   T30]  #0: ffffffff9019a060 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[  314.648111][   T30]  #1: ffffffff8fcb1388 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xbb0/0x20e0
[  314.739680][   T30] 
[  314.763458][   T30] =============================================
[  314.763458][   T30] 
[  314.822036][   T30] NMI backtrace for cpu 1
[  314.826420][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[  314.836949][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  314.847022][   T30] Call Trace:
[  314.850313][   T30]  <TASK>
[  314.853261][   T30]  dump_stack_lvl+0x241/0x360
[  314.857978][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.863214][   T30]  ? __pfx__printk+0x10/0x10
[  314.867847][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  314.872999][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  314.878491][   T30]  ? _printk+0xd5/0x120
[  314.882679][   T30]  ? __pfx__printk+0x10/0x10
[  314.887307][   T30]  ? __wake_up_klogd+0xcc/0x110
[  314.892180][   T30]  ? __pfx__printk+0x10/0x10
[  314.896803][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.902459][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  314.907513][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  314.913518][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  314.919530][   T30]  watchdog+0xff6/0x1040
[  314.923802][   T30]  ? watchdog+0x1ea/0x1040
[  314.928252][   T30]  ? __pfx_watchdog+0x10/0x10
[  314.932959][   T30]  kthread+0x2f2/0x390
[  314.937059][   T30]  ? __pfx_watchdog+0x10/0x10
[  314.941765][   T30]  ? __pfx_kthread+0x10/0x10
[  314.946392][   T30]  ret_from_fork+0x4d/0x80
[  314.950835][   T30]  ? __pfx_kthread+0x10/0x10
[  314.955458][   T30]  ret_from_fork_asm+0x1a/0x30
[  314.960356][   T30]  </TASK>
[  314.965111][   T30] Sending NMI from CPU 1 to CPUs 0:
[  314.970345][    C0] NMI backtrace for cpu 0
[  314.970359][    C0] CPU: 0 UID: 0 PID: 5830 Comm: kworker/0:3 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[  314.970385][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  314.970400][    C0] Workqueue: wg-crypt-wg1 wg_packet_tx_worker
[  314.970436][    C0] RIP: 0010:__usb_hcd_giveback_urb+0x462/0x6e0
[  314.970470][    C0] Code: e6 00 01 00 00 31 ff e8 ac b5 5e fa 81 e3 00 01 00 00 75 0a e8 5f b1 5e fa e9 a0 00 00 00 4c 8d 64 24 40 e8 90 c3 5e fa 31 ff <4c> 89 fe e8 26 b6 5e fa 4d 85 ff 74 0c e8 3c b1 5e fa e8 17 7b 66
[  314.970489][    C0] RSP: 0018:ffffc90000007880 EFLAGS: 00000046
[  314.970507][    C0] RAX: 5f85aa1246803200 RBX: 0000000000000100 RCX: ffffc90000007703
[  314.970524][    C0] RDX: 0000000000000002 RSI: ffffffff8c0aa960 RDI: 0000000000000000
[  314.970540][    C0] RBP: ffffc90000007950 R08: ffffffff90196577 R09: 1ffffffff2032cae
[  314.970557][    C0] R10: dffffc0000000000 R11: fffffbfff2032caf R12: ffffc900000078c0
[  314.970574][    C0] R13: ffff88814c9a4400 R14: dffffc0000000000 R15: 0000000000000000
[  314.970593][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  314.970612][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  314.970628][    C0] CR2: 0000001b30012ff8 CR3: 000000000e736000 CR4: 0000000000350ef0
[  314.970645][    C0] Call Trace:
[  314.970653][    C0]  <NMI>
[  314.970662][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  314.970688][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  314.970718][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  314.970743][    C0]  ? nmi_handle+0x2a/0x5a0
[  314.970780][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  314.970802][    C0]  ? nmi_handle+0x151/0x5a0
[  314.970829][    C0]  ? nmi_handle+0x2a/0x5a0
[  314.970857][    C0]  ? __usb_hcd_giveback_urb+0x462/0x6e0
[  314.970886][    C0]  ? default_do_nmi+0x63/0x160
[  314.970910][    C0]  ? exc_nmi+0x123/0x1f0
[  314.970933][    C0]  ? end_repeat_nmi+0xf/0x53
[  314.970973][    C0]  ? __usb_hcd_giveback_urb+0x462/0x6e0
[  314.971003][    C0]  ? __usb_hcd_giveback_urb+0x462/0x6e0
[  314.971035][    C0]  ? __usb_hcd_giveback_urb+0x462/0x6e0
[  314.971064][    C0]  </NMI>
[  314.971072][    C0]  <IRQ>
[  314.971082][    C0]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  314.971114][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  314.971142][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971168][    C0]  dummy_timer+0x856/0x4620
[  314.971191][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971217][    C0]  ? debug_object_deactivate+0x2d5/0x390
[  314.971266][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971303][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  314.971329][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  314.971351][    C0]  __hrtimer_run_queues+0x59d/0xd30
[  314.971384][    C0]  ? ktime_get_update_offsets_now+0x2d/0x3b0
[  314.971421][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  314.971453][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971474][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971495][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[  314.971526][    C0]  hrtimer_run_softirq+0x19a/0x2c0
[  314.971562][    C0]  handle_softirqs+0x2d6/0x9b0
[  314.971597][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971623][    C0]  ? __irq_exit_rcu+0xf7/0x220
[  314.971659][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  314.971695][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971716][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  314.971746][    C0]  __irq_exit_rcu+0xf7/0x220
[  314.971780][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  314.971823][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.971850][    C0]  irq_exit_rcu+0x9/0x30
[  314.971884][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  314.971914][    C0]  </IRQ>
[  314.971922][    C0]  <TASK>
[  314.971932][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  314.971968][    C0] RIP: 0010:wg_packet_send_queued_handshake_initiation+0x48/0x350
[  314.972010][    C0] Code: fe 22 28 fb 85 db 74 07 e8 f5 22 28 fb eb 27 e8 ee 22 28 fb 49 8d 9c 24 f8 06 00 00 48 89 d8 48 c1 e8 03 42 0f b6 04 28 84 c0 <0f> 85 c6 02 00 00 c7 03 00 00 00 00 4c 8d 35 00 00 00 00 4c 89 f7
[  314.972030][    C0] RSP: 0018:ffffc9000432fb18 EFLAGS: 00000246
[  314.972052][    C0] RAX: 0000000000000000 RBX: ffff8880587cdc78 RCX: ffff888064739e00
[  314.972070][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880587cd580
[  314.972086][    C0] RBP: 000000414e169466 R08: ffffffff942a1987 R09: 1ffffffff2854330
[  314.972105][    C0] R10: dffffc0000000000 R11: fffffbfff2854331 R12: ffff8880587cd580
[  314.972125][    C0] R13: dffffc0000000000 R14: ffff8880587cd598 R15: ffff8880587cd580
[  314.972162][    C0]  ? wg_packet_send_queued_handshake_initiation+0x32/0x350
[  314.972205][    C0]  wg_packet_tx_worker+0x705/0x810
[  314.972241][    C0]  ? wg_packet_tx_worker+0x25f/0x810
[  314.972280][    C0]  ? process_scheduled_works+0x976/0x1840
[  314.972305][    C0]  process_scheduled_works+0xa68/0x1840
[  314.972348][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  314.972379][    C0]  ? assign_work+0x364/0x3d0
[  314.972406][    C0]  worker_thread+0x870/0xd30
[  314.972437][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.972464][    C0]  ? __kthread_parkme+0x169/0x1d0
[  314.972494][    C0]  ? __pfx_worker_thread+0x10/0x10
[  314.972520][    C0]  kthread+0x2f2/0x390
[  314.972549][    C0]  ? __pfx_worker_thread+0x10/0x10
[  314.972574][    C0]  ? __pfx_kthread+0x10/0x10
[  314.972604][    C0]  ret_from_fork+0x4d/0x80
[  314.972629][    C0]  ? __pfx_kthread+0x10/0x10
[  314.972658][    C0]  ret_from_fork_asm+0x1a/0x30
[  314.972689][    C0]  </TASK>
[  315.921952][ T5846] Bluetooth: hci10: command tx timeout
[  315.991935][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  315.998846][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[  316.009407][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  316.019512][   T30] Call Trace:
[  316.022809][   T30]  <TASK>
[  316.025765][   T30]  dump_stack_lvl+0x241/0x360
[  316.030490][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.035726][   T30]  ? __pfx__printk+0x10/0x10
[  316.040353][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  316.046370][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  316.052029][   T30]  ? vscnprintf+0x5d/0x90
[  316.056395][   T30]  panic+0x349/0x880
[  316.060326][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  316.065984][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  316.072175][   T30]  ? __pfx_panic+0x10/0x10
[  316.076707][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  316.082121][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  316.087781][   T30]  ? __irq_work_queue_local+0x137/0x410
[  316.093360][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  316.099012][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  316.104499][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  316.110684][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  316.116886][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  316.122555][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  316.128742][   T30]  watchdog+0x1035/0x1040
[  316.133100][   T30]  ? watchdog+0x1ea/0x1040
[  316.137551][   T30]  ? __pfx_watchdog+0x10/0x10
[  316.142254][   T30]  kthread+0x2f2/0x390
[  316.146350][   T30]  ? __pfx_watchdog+0x10/0x10
[  316.151051][   T30]  ? __pfx_kthread+0x10/0x10
[  316.155669][   T30]  ret_from_fork+0x4d/0x80
[  316.160110][   T30]  ? __pfx_kthread+0x10/0x10
[  316.164730][   T30]  ret_from_fork_asm+0x1a/0x30
[  316.169530][   T30]  </TASK>
[  316.174278][   T30] Kernel Offset: disabled
[  316.178603][   T30] Rebooting in 86400 seconds..