last executing test programs:

4m31.665304818s ago: executing program 1 (id=9611):
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd00000010000100090808004149004001040800", 0x58}], 0x1)

4m31.323534782s ago: executing program 1 (id=9615):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, 0x4, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x8080)

4m31.001709226s ago: executing program 1 (id=9618):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001517ee40f00a057a00f6000203010902120001000000000904000000ff"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000006c0)={0x1c, &(0x7f0000000440)={0x20, 0x5, 0x11, "07eccb39332f8c578658960139d1f4901f"}, 0x0, 0x0, 0x0, 0x0, 0x0})

4m29.170469971s ago: executing program 1 (id=9643):
syz_mount_image$jfs(&(0x7f0000000240), &(0x7f0000000040)='./file1\x00', 0x3010846, &(0x7f00000002c0)=ANY=[@ANYBLOB='iocharset=koi8-u,discard=0x0000000000000004,iocharset=iso8859-9,discard,iocharset=koi8-ru,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6e6f646973636172642c696f636861727365743d69736f383835392d332c005d245603bb5b494e31b3e32f7a4536f7389f889613f9bebfad670d9c5b69025afa2ed8a0983033c21a066b886aded885e0be89c3a88225b41e870229bff872d594d5a79ca2a73ae38725a8a4251c102dd8a175ce9f42f974c650e3f4d216c776b32d707119113d826189e7cc3f2b74b5191cce0209a7c007d15932d18b9ea2f49c0c2b7395277707"], 0x24, 0x62d7, &(0x7f0000021240)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyCSgwTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6IneZ4PiKGSxHV9jv/PBvxekR8/EzE9v0769Xi84fsx/f//I8//OSpH/39T8Mz//3Lrf4bk9a7ffu3//nr3YffXwAAAOiisizLIn3MPxkRg/TZHgB48uXX/zLJy9VzV2/OWX/UarVavYB1XTne3XoREZv1bar3DE7HA8CC2YxP2u4CLZJ/pw0i4qm2OwHMtaLtDnAstu/fWS9SvkX99WBttz1fC7Iv/81i7/6OSdNpmteYzOr5tRX9eG5Cf1Zm1Id5kvPvNfO/sts+Susdd/6zMin/0e6tT52T8+838294cvLvjc2/q3L+gyPl35c/AAAAAADMsfz7/xMtn/9devRdOZSDzv+uzagPAAAAAAAAAPC4HXX8v0Fj/L89xv8DAACAuVV9Vq/87pkHyyb9LbZq+eUi4unG+kDHpJtlVtvuBwAAAAAAAAAAAAB0yWD3Gt7LRcQwIp5eXS3Lsvqqa9ZH9ajbL7qu7z90Wds/5AEAYNfHzzTu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyu1D7X5mm1bGl0iDfEg1FZfbPl2nZ10z4vT2tvfr/qsUZl/xAdm40WAweAiNh9Ndqe9Ir0P69Xi6ksn42W3+SwIA44/llQjn8Oo+3nKQAAAHD8yrIsi/TnvE+mc/69tjsFAMxEfv1vnhdQq9VqtVr95NV15Xh360VEbNa3qd4zGI4fABbMZnzSdhdokfw7bRARL7TdCWCuFW13gGOxff/OepHyLeqvB2l893wtyL78N4ud7fL246bTNK8xmdXzayv68dyE/jw/oz7Mk5x/r5n/ld32UVrv0fMv9/2asK1rjCblX+3niRb607acf7+Zf8NxH/+zshW9sfl3Vc5/cKT8+/IHAAAAAIA5ln//f2Kuzv+OHnZ3pjro/O/a2C2Ory8AAAAAAAAA8Lhs37+znu97zef/vzBmPfd/Pply/oX8Oynn32vk/9XGev3a/L23H+T/7/t31v9461+fz9PD5r+UZ4r0zCrSM6JIj1QM0vRR9u6ztob9UfVIw6LXH6Rrfsrhu3EtrsdGnN23bi/9fzxoP7evverpcKe97O+2n9/XPthrz9tf2Nc+TFcXlSu5/XSsx8/jeryz0161LU3Z/+Up7eWU9px/3/HfSdtpOnjw9WxVr6blRWNaufdR7zPHfX067nHeuvbF35w91j05nK3o7+1bXbV/L7XQn53/k6dG8cubGzdO375669aNc5Em+5aejzR5zPLxP0xfez//X95tzz/368frvY9GR85/XmzFYGL+L9fmq/19ZcZ9a0POf5S+cv7vpPbxx/8i5z/5+H+1hf4AAAAAAAAAAAAAAADAQcqy3LlF9K2IuJju/2nr3kwAYLby63+Z5OWzqvszfjy1esHrYs76M9P603K++qNWL2JdV473Zr2IiL/Vt6neM/x63DcDAObZpxHxz7Y7QWvk32H57/1V01NtdwaYqZsffPjTq9evb9y42XZPAAAAAAAAAICHlcf/XKuN/3yqLMu7jfX2jf/6dqw96vifgzyzN8DohIGq+0ffp4Ns9Ub9Xm248Rdj0vjfw725g8b/Hkx5vOGU9tGU9qUp7ctT2sfe6FGT83+xNt75qYg42Rh+vQvjvzbHvO+CnP9Ltedzlf9XGuvV8y9/v8j59/blf+bW+784c/ODD1+79v7V9zbe2/jZhXPnzl64ePHSpUtn3r12fePs7r8t9vh45fzz2NeuA+2WnH/OXP7dkvP/Uqrl3y05/y+nWv7dkvPP7/fk3y05//zZR/7dkvN/JdXy75ac/9dSLf9uyfm/murp+U/7jSaLJOf/9VQ7/rsl5/9aquXfLTn/06mWf7fk/M+k+pD5rxx3v5iNnH8+w+X475acf76yQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1se/P1/M2bMmMkzbf9kAgAAAAAAAAAAAACaZnE5cdv7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf/fTaIYmBkDqpgY1jQkg22bWd+IM2xYTPhq8SCIV+YLvetVlwbOO1S6CRbBookTAqqmgbLtoCQm1uKnLBBa0A5QK1QmoF7QXtBQKhchFVAQWkSrQCtppz3vfdmdnZmV3vePfMOb+fZD+eM2fmvHPmnTPz7Po/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZre8Zu4TQ1mWNf7kf23Psuc1/r11cnu+7JWbPUIAAABgvX6R//3c9WnB4VXcqGmdf37Jt768uLi4mL175M/HPrO4mK6YzLKxLVmWXxc99YP3DDWvEzyWTQwNN10e7rH5kR7Xj/a4fqzH9eM9rt/S4/qJHtcv2wHLbC1+HpPf2e78n9uLXZrdkI3l1+3ucKvHhrYMD8ef5eSG8tssjp3I5rNT2Vw207J+se5Qvv5Xb2ls641Z3NZw07Z2NmbITx49HscwFPbx7pZtLd1n9KNXZ5M//cmjx//2/LM3dao9d0PL/RXjvH1XY5wfC0uKsQ5lW9I+ieMcbhrnzg7PyUjLOIfy2zX+3T7O51Y5zpGlYW6o9ud8IhvO//3tfD+NNv9YL+2nnWHZz27NsuzS0rDb11m2rWw429ayZHjp+ZkoZmTjPhpT6QXZ6Jrm6S2rmKeNOru7dZ62vybi839LuN3oCmNofpp+9NHxpuf954tXMk+jxqNe6bXSPgf7/VopyxyM8+Lb+YN+vOMc3B0e/6O3rTwHO86dDnMwPe6mObir1xwcHh/Jx5yehKH8NktzcE/L+iP5loby+sxt3efg9PmHz04vfPgjd80/fOzk3Mm50/v27JnZt3//wYMHp0/Mn5qbKf6+wr1dftuy4fQa2BX2XXwNvLxt3eapuvj58WXH3yt9HU50eR1ub1u336/D0fYHN7QxL8jlc7p4bbyzsdMnLg9nK7zG8ufnjvW/DtPjbnodjja9Dju+p3R4HY6u4nXYWOfsHav7zDLa9KfTGFZ+L1jfHNzeNAfbP4+0z8F+fx4pyxycCPPiu3es/F6wM4z38am1fh4ZWTYH08MNx57GkvR5f+JgXjrNy5sbV1wznl1YmDt39yPHzp8/tycLZUO8sGmutM/XbU2PKVs2X4fXPF8Pz7/k8Zs7LN8e9tXEXY2/JlZ8rhrr3HN39+cqf3frvD9blu7NQumzjd6fnd7NG/tzPMs++42PPvi1Rz/7mhX3Z6Pf/Nj0+j+Lp7606fg7tsLxN/b9vyy2l+7qsZGx0eL1O5L2zljL8bj1qRrNj11D+bafm17d8Xgs/Nno4/ENXY7HO9rW7ffxeKz9wcXj8VCvn3asT/vzORHmyamZ7sfjxjo79q51To52PR7fGupQ2P+vCJ1C6oua5s5K8zZta3R0LDyu0biF1nm6r2X9sdCbNbb15N7woTCNcnXz9PZbi/VHmm4XbdQ8nWxbt9/zNP3sa6V5OtTrp29Xpv35nAjz4oZ93edpY52n71n/sXNr/GfTsXO81xwcGxlvjHksTcL8eJ8tbo1z8O7seHYmO5XN5teO5/NpKN/W1L2rO1aOhz8bfazc0WUO3t62br/nYHofW2nuDY0uf/B90P58ToR58cS93edgY53XHujvZ9fbiyVLP4pu+uza/vO1lX7mdXPbbrpac6UxksZj+caB7j+bbaxz6uBa+8zu++nOsOSaDvup/fW70mtqNtuY/bQjjPPZgyvvp8Z4Gut85tAq59PhLMsufvD+/Oe94fcrFy9858stv3fp9Dudix+8/8fXnvintYwfgMH3y6JsK97rmn4ztZrf/wMAAAADIfb9w6Em+n8AAACojNj3x/8Vnuj/AQAAoDJi3z8aalKF/v+Pe6+y47XPzv/yYpaS+YtBvD7thgeK9WLGdSZcnlxc0lh+/xfn/ucfL65ueMNZlv38gT/quP6OB+K4CpNhnE+9rnX5Ml++a1XbPvrQxbTd5vz658L9x8ez2mnQKYI7k2XZV6//VL6dyfdczuvTDxzN64OXHn+ssc5zh4rL8fbPvLBY/69C+PfwiWMtt38m7Icfhjrzps77I97uS5dfsfPAu5a2F283tOu6/GE/8d7ifuP35Hz6sWL9uJ9XGv/XPvnklxrrP/KyzuO/ONx5/E+G+/1iqP/74mL95uegcTne7uNh/HF78XZ3f+HrHcf/1CeK9c++vljvaKhx+7eHy7tf/+x88/56ZOhYy+PK3lCsF7c/850/za+P9xfvv338E0cut+yP9vnx9L8X9zPdtn5cHrcT/UPb9hv30zw/4/af/JOjLfu51/afevCZFzfut337d7atd/aDd+TbX7q/1m9s+uuPf6rj9uJ4Dv/92ZbHc/jt4XUctv/Ee8N8DNf/31PF/bV/u8LRt7cef+L6n9t+seXxRG/8abH9p151Mq9bJrZuu+Z511536aWNfZdl395S3F+v7Z/8mzMt4//8jcX+iNfHjH779lcSt3/uQ1OnzyxcmJ9Ne/XR6/PvznlzMZ443uvDsbX98pEz5983d25yZnImyyar+xV6V+wLof64KJe6r7247Ah6x0Ph+bz5L7+67bZ/+2Rc/h/vLJZfflPxvvXysN6nw/Lt4flb2/aXe+KWG/PX99DTYYSLy78veD127v7vg72+3zcXHn/754I438++6H35fmhcl79vxNf1Osf/vdnifr4S9uti+GbmXTcuba95/fjdCJffUbze173/wmEuPq9/F57vt/ywuP84rvh4vxc+x3x9R+vxLs6Pr1wcbr///Fs8LoXjSXapuD6uFff35edu7Di8+D0k2aWb8st/lu7npjU9zJUsfHhh+tT86QuPTJ+fWzg/vfDhjxx5+MyF0+eP5N/leeT9vW6/dHzalh+fZuf235PlR6szRbnKNnv8Zx86Pntg5rbZuRPHLpw4/9DZuXMnjy8sHJ+bXbjt2IkTcx/qdfv52fv27D2078DeqZPzs/cdPHRo36Gp+dNnGsMoBtXD/pkPTJ0+dyS/ycJ99xzac++998xMPXxmdu6+AzMzUxd63T5/b5pq3PoPp87NnTp2fv7huamF+Y/M3bfn0P79e3t+G+DDZ08sTE6fu3B6+sLC3Lnp4rFMns8XN977et2ealr4fvF5tt1Q8UV82dvu3J++n7Xhix9d8a6KVdq+QPTZ8F0033z+2YOruRz7/rFQkyr0/wAAAEAu9v3joSb6fwAAAKiM2PdvCTXR/wMAAEBlxL5/ItT0XwJq0v9XLv+/4+Kqti//L//fvL/k/2uW/39H2fL/xfFC/r8/1pu/r0P+f1Uryv/L/8v/y//L/9MHZcv/x75/a5b5/T8AAABUVOz7t4Wa6P8BAACgMmLff02oif4fAAAAKiP2/c8LNalJ/y//L/8v/y//L//fefvy/4NJ/r+7kuX/J9oXyP9vfv4/q1f+/1I/x78J+f+tzRfk/ymjsuX/Y99/bahJTfp/AAAAqIPY918XaqL/BwAAgMqIff/1oSb6fwAAAKiM2PdvDzWpSf8v/7+u/H/KXA1u/r/Ysvy//L/8v/x/Vcj/d1ey/P8y8v+bn/93/v+Byv+3kP+njMqW/499//NDTWrS/wMAAEAdxL7/BaEm+n8AAAAon9Eru1ns+18YarKs/7/CDQAAAACbLvb9N2RtQfCa/P5f/t/5/0t7/v8x+X/5/0L58/8jmfx/ecj/dyf/30M/8v+X5P/l/+X/5f+Jypb/z/v+bCJ7UahJTfp/AAAAqIPY998YaqL/BwAAgMqIff+vhJro/wEAAKAyYt+/I9SkJv2//H9l8v8/a37qKpH/d/5/+f+g/Pl/5/8vE/n/7uT/e3D+f/l/+X/5f/pqoWOntHn5/9j33xRqUpP+HwAAAOog9v03h5ro/wEAAKAyYt//q6Em+n8AAACojNj37ww1qUn/L/9f8vx/TI7W8fz/8v/y/0GZ8/8T8v+lI//fnfx/D/L/8v/y//L/9NXC94vPs+02K/8f+/4Xh5rUpP8HAACAOoh9/0tCTfT/AAAAUBmx739pqIn+HwAAACoj9v2ToSY16f/Xkv8fuiT/v5KrfP7/8VWc/7+F/P+m5P9H5f8Ldcr/Z/L/pSP/3538fw/y//L/8v/y//RV2fL/se+/JdSkJv0/AAAA1EHs+3eFmuj/AQAAoDJi339rqIn+HwAAACoj9v27Q01q0v87//9A5P8z+f+ByP87/38g/9+Z/P/GkP/vTv6/B/l/+X/5f/l/+qps+f/Y978s1KQm/T8AAADUQez7bws10f8DAABAZcS+/+WhJvp/AAAAqIzY998ealKT/l/+X/5f/l/+X/6/8/Y3PP9/Sf6/H+T/u5P/70H+X/5f/l/+n74qW/4/9v2vCDWpSf8PAAAAdRD7/jtCTfT/AAAAUBmx778z1ET/DwAAAJUR+/6pUJOa9P/y//L/1cz//6f8f5fty/+XNP/v/P99If/fnfx/D/L/8v/9yP+PhQXy//L/bHr+P35ei5dj339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f+rmf93/v9u219X/v+lS/cr/1+Q/y8X+f/u5P976Gf+f4v8f23z/+s6//+Y/D+Vstn5//bLse/fE2pSk/4fAAAA6iD2/XtDTfT/AAAAUBmx798XaqL/BwAAgMqIff89oSY16f/l/+X/5f/l/53/v/P25f8Hk/x/d/3P/8eHKP/v/P/y//3J/zv/P9VStvx/7PvvDTWpSf8PAAAAdRD7/v2hJvp/AAAAqIzY9x8INdH/AwAAQGXEvv9gqElN+n/5f/l/+X/5f/n/ztuX/x9M8v/dOf9/D/L/8v8DnP9vzC35f8qmbPn/2PcfCjWpSf8PAAAAdRD7/leGmuj/AQAAoDJi3/9roSb6fwAAACih8Su6Vez7fz3UpCb9v/y//L/8v/z/Juf/x3rl/8fl/+X/10D+vzv5/x7k/+X/Bzj/v8L5/68NV8v/synKlv+Pff99oSY16f8BAACgDmLf/xuhJvp/AAAAqIzY978q1ET/DwAAAJUR+/7DoSY16f/l/zco/x8Xljb/H5PM8v/5Avl/5/+X/x9Y8v/dyf/3IP8v/1+9/H+/z//f/jadyP/TSdny/7Hvf3WoSU36fwAAAKiD2PffH2qi/wcAAIDKiH3/a0JN9P8AAABQGbHvf22oSU36f/l/5//f/PP/j7WMXf5/6Xby/wX5f/n/tZD/707+vwf5f/l/+X/n/6evypb/j33/60JNatL/AwAAQB3Evv/1oSb6fwAAAKiM2Pe/IdRE/w8AAACVEfv+N4aa1KT/l/+X/9/8/L/z/8v/F+T/5f/7Qf6/O/n/HuT/5f/l/+X/6auy5f9j3/+boSY16f8BAACgDmLf/0Coif4fAAAAKiP2/W8KNdH/AwAAQGXEvv/NoSY16f/l/+X/5f/l/+X/O29f/n8wyf93N2D5/19cF5bL/xfk/8s9/rXm/0fbLl+V/P8PVsr/L25pv738P1dD2fL/se9/S6hJTfp/AAAAqIPY97811ET/DwAAAJUR+/63hZro/wEAAKAyYt//W6EmNen/5f8b41hKL8v/y//nC+T/5f/l/weW/H93Kf//XKd3riblyP87/38b+f9yj9/5/+X/Wa5s+f/Y97891KQm/T8AAADUQez7Hww10f8DAABAZcS+/x2hJvp/AAAAqIzY978z1KQm/b/8v/P/y//L/8v/d96+/P9gkv/vbsDO/y//30b+v9zjvyr5//+S/2ewlS3/H/v+h0JNatL/AwAAQB3Evv9doSb6fwAAAKiM2Pf/dqiJ/h8AAAAqI/b97w41qUn/L/8/KPn/Sfn/Neb/x8My+X/5f/n/epH/707+vwf5f/n/suX/nf+fAVe2/H/s+98TarL6/n9i1WsCAAAAV1P7r5OS2Pf/TqhJTX7/DwAAAHUQ+/7fDTXR/wMAAEBlxL7/90JNatL/y/8PSv7f+f8z5/+X/297PPL/8v+dbFz+Px551pT/39Jr+/L/8v/y/4M7fvl/+X+WK1v+P/b9vx9qUpP+HwAAAOog9v3vDTXR/wMAAMBA6PR/stvFvv9IqIn+HwAAACoj9v1HQ01q0v/L/8v/y/+XNP//F7v+5bvfeuvRPfL/8v/y/2uyoef/b7z4nf9f/l/+P5H/l/+X/6dd2fL/se8/Fmqy1Pi92Qn+AQAAYLDFvv8PQk1q8vt/AAAAqIPY9x8PNdH/AwAAQGXEvn821KQm/b/8/ybm/0ezLJP/l/+v4Pn/4/4YpPz/1JYByv/Hg678f0cbmv9/11JOXP5/rfn/8Y5L2/P/Q/L/LeT/1zz+b2ZZtmHjv/iv8v/y/7QrW/4/9v1zoSY16f8BAACgDkLfP3yiqEtX6P8BAACgMmLffzLURP8PAAAAlRH7/veFmtSk/5f/d/5/+X/5f+f/77z90ub/nf+/K/n/7sqT/+/M+f/l/wd5/M7/L//PcmXL/8e+fz7UpCb9PwAAANRB7PvfH2qi/wcAAIDKiH3/B0JN9P/w/+zdyZNlZZnH8ZuQRFUF0RG960Uvuve96k1vWDSrXnT/Ab1gw6YjulvFAeeJwnnEeR7QUBEHHEARUVGcBScUcUTFGcQJJ0SlDCqf56kcTp6bWXUz77nv+/ksfIqE5F4IrOJXybcOAABAM3L3Pzhu6WT/6//1/032/0f0/2Ovr//X/7dM/z9O/z+H/l//r//X/7NQU+v/c/c/JG7pZP8DAABAD3L3XxS32P8AAADQjNz9D41b7H8AAABoRu7+h8Utnex//b/+v8n+/z/u/r/7/13/v9vr6//1/y3T/4/T/8+h/9f/6//1/yzU1Pr/3P0Pj1s62f8AAADQg9z9j4hb7H8AAABoRu7+i+MW+x8AAACakbv/kXFLJ/t/W/+/Nuuz/8+MV//fUv/v+f+7vr7+X//fssPt/y994Hs+/b/+X/8f9P/6f/0/202t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7n9M3GL/AwAAQDNy9z82bulk/3v+v+f/6//1//r/4dfX/68mz/8f11P/f/Gt5150z7X/eN1+Xl//r//X/+v/Wayp9f+5+x8Xt3Sy/wEAAKAHufsfH7fY/wAAANCM3P1PiFvsfwAAAFhBxwY/mrv/iXFLJ/tf/6//1/9H/39U/6//1/+3QP8/btn9/9CPl5t5/n/7/f+DFvJOl/f+x+j/9f/sNLX+P3f/k+KWTvY/AAAA9CB3/5PjFvsfAAAApmvef1i2Te7+S+IW+x8AAACakbv/eNzSyf7X/x98//9X/f9q9P+e/6//1/83Qf8/btn9/zz6//b7/4O07Pev/9f/s9PU+v/c/ZfGLZ3sfwAAAOhB7v6nxC32PwAAADQjd/9T4xb7HwAAAJqRu/9pcUsn+1//7/n/+n/9/+H3/xvf2er/T/1d1f8vjv5/nP5/Dv3/mfbz5+j/9f/6fzbbZ/9/38h32wvp/3P3Pz1u6WT/AwAAQA9y9z8jbrH/AQAAoBm5+58Zt9j/AAAA0Izc/c+KWzrZ//p//b/+X/9/2v3/zn/0TvL8/2H6/8Oh/x83mf5/bX3ww/r/le//Pf9f/6//Z4upPf8/d/+z45ZO9j8AAAD0IHf/c+KWkf2/75/MBwAAAJYqd/9z4xZf/wcAAICVl9VZ7v7nxS2d7H/9v/5f/6//P/zn/69+/3/dpven/58W/f+4yfT/u9D/6/9X+f3r//X/7DS1/j93//Pjlk72PwAAAPQgd/9lcYv9DwAAAM3I3f+CuMX+BwAAgGbk7n9h3NLJ/h/u/0/9/kn3/9sj4Zn+P+n/2+7/88+o/x/t/8/3/P8+6f/H6f/n0P/r//X/u/X/x+Z9vv6fIVPr/3P3vyhu6WT/AwAAQA9y9784brH/AQAAoBm5+18St9j/AAAA0Izc/S+NWzrZ/57/r//X/69e/+/5/xuW+fz/2aH3/+v6/z1abv+/dn/+CKr/P733r//X/6/y+2+y/z9ntvX5/yO/CoD+nyFT6/9z978sbulk/wMAAEAPcve/PG6x/wEAAGA1bP5vB4aeFTeb1e5/Rdxi/wMAAEAzcve/Mm5pZ/+PPqtT/6//1/+f/HT9v/5/oP9fn02n//f8/73y/P9x+v859P8H0c+vN9b/X77b50+h/7/k4J7//6/zPl//z5At/f8Npz6+rP4/d/+r4pZ29j8AAAB0L3f/q+MW+x8AAACakbv/NXGL/Q8AAADNyN3/2rilk/1/4P3/yK8+oP/X/0+k//f8f/3/4OtP6/n/+v+90v+P0//Pof/3/H/P/9f/c+Y2/Svjlv5/k2X1/7n7Xxe3dLL/AQAAoAe5+18ft9j/AAAA0Izc/ZfHLfY/AAAANCN3/xvilk72v+f/6//1//p//f/w6+v/V9MZ9fdn6f+L/l//r//X/+v/WYCp9f9bd39/+x8AAAB68MaT/3s0fr7e/gcAAIAW5e5/U9xi/wMAAEAzcve/OW7pZP/r/w+2/8+P6//1/zP9v/5f/38oun3+/9rQj0Q77dL/3/y/x/9r60f0//p//b/+X//PHv39yO+bRP9/4tS/Xebuf0vc0sn+BwAAgB7k7r8ibrH/AQAAoBm5+98at9j/AAAA0Izc/VfGLfvc/2PNw5Tp/z3/X/+v/9f/D7++/n81ddv/75Hn/8+h/9f/6//1/yzUJPr/Tb+du/9tcYuv/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8ffn39/2rS/4/T/8+xSv3/lWfQ/68Pf3jZ/fyZWvb71//r/9lpav1/7v6r4pZO9j8AAAD0IHf/u+IW+x8AAACakbv/3XGL/Q8AAADNyN3/nrilk/2v/9f/6//1//r/4dfX/68m/f84/f9sNrt65A0M9f8njkyz//f8/8m9f/2//p+dptb/5+5/b9zSyf4HAACAHuTuvzpusf8BAACgGbn7r4lb7H8AAABoRu7+98Utnex//b/+X/+v/9f/D7++/n816f/H6f/nWKXn/+v/J/f+9f/6f3aaWv+fu//9cUsn+x8AAAB6kLv/2rjF/gcAAIBm5O7/QNxi/wMAAEAzcvdfF7d0sv/1//p//b/+f6D/P/l/df2//n8VHVz/P9P/6//1/3Po//X/+n+2m1r/n7v/g3FLJ/sfAAAAepC7//q4xf4HAACAZuTu/1DcYv8DAABAM3L3fzhu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9/xz6f/2//l//z0IN9/+XLK3/z93/kbilk/0PAAAAPcjdf0PcYv8DAABAM3L3fzRusf8BAACgGbn7Pxa3dLL/9f/6/639/2ym/9f/6/83DPT/t917xd/Vby+g/z860/8vnP5/nP5/Dv1/m/3/WbOG+v9ju36+/p8pmtrz/3P33xi3dLL/AQAAoAe5+z8et9j/AAAA0Izc/Z+IW+x/AAAAaEbu/k/GLZ3sf/2//n/Bz/+/68KB96H/36D/X/n+3/P/V4D+f5z+fw79f5v9v+f/6/9Zmqn1/7n7PxW3dLL/AQAAoAe5+z8dt9j/AAAA0Izc/Z+JW+x/AAAAaEbu/s/GLZ3sf/2//n/B/b/n/+v/9f+70P8fDv3/OP3/HPr/5vr//Ld7/b/+n+WYWv+fu/9zcUsn+x8AAAB6kLv/prjF/gcAAIBm5O6/OW6x/wEAAKAZufs/H7d0sv/1//p//f9q9v9Ht/T/Z8/0/6f+eP1/36bS/5933n/eov/X/+v/l9//e/6//p/lmlr/n7v/C3FLJ/sfAAAAepC7/4txi/0PAAAAzcjd/6W4xf4HAACAZuTu/3Lc0sn+39n/nzPbKFQ3DPX/0ajp/zfR/299//r/4X8+PP9f/6//P3hT6f89///03r/+X/+/yu9/X/3/P+/8fP0/LZpa/5+7/5a4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy998at3Sy/z3/X/+v/9f/L7z/v/7OjW/o/7fQ/x+O0+zv/+3G+Ib+P+j/9f/6/36f/3+2/p/FmVr/n7v/a3FLJ/sfAAAAepC7/7a4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9f9n+l7ahn/7/6NAHl93Pn6llv/9m+n/P/2eBptb/5+7/ZtzSyf4HAACAHuTu/1bcYv8DAABAM3L3fztusf8BAACgGbn7vxO3dLL/9f/6//b7/wv1/9teX/+v/2+Z/j9/RB+m/5+jn/5/0LL7+VV///p//T87Ta3/z91/e9zSyf4HAACAHuTu/27cYv8DAABAM3L3fy9usf8BAACgGbn7vx+3dLL/9f999f9rsx77f8//1//r/3ui/x+n/59D/6//1//r/1moqfX/ufvvWFvvcv8DAADAqvrvf/n/2/f6x95x8n+Pzn4Qt5w/O7HHL2MDAAAAE/fA7l9bn81+ePK3fP0fAAAAWpS7/0dxSyf7X//fV//f5/P/9f/6f/1/T4b6+6Hvo3ej/w/6f/2//l//r/9nAabW/+fu/3Hcsmn4re/7rxIAAACYktz9P4lbOvn6PwAAAPQgd/9P45Yd+98vBwgAAACrKnf/z+KWTr7+r/+feP8/O6D+P/44/f8G/b/+f+j19f+ryfP/x51h/39iTf+v/x+h/9f/6//Zbmr9f+7+O+OWTvY/AAAANGrLzyjk7r8rbrH/AQAAoBm5+38et9j/AAAA0Izc/XfHLZ3sf/3/off/maof4PP/j9W3PP+/8/7/sqODr6//1/+3TP8/zvP/59D/t9L/H9H/6/+Zhqn1/7n7fxG3dLL/AQAAoAe5+38Zt9j/AAAA0Izc/b+KW+x/AAAAaEbu/l/HLZ3sf/3/xJ//f1r9/x6e/6//76P/3+X12+n//+Hc4zdd8D/XXKX/55TD7P/zn4VD7v+P7PfPuZn+fw79fyv9v+f/6/+ZiMX3/+tbPrjf/j93/2/ilk72PwAAAPQgd/89cYv9DwAAAM3I3f/buMX+BwAAgGbk7v9d3NLJ/tf/6/+n0v/n3+sl9P/HT7v/PzabzZbS/2dT3Hv/7/n/+v+dPP9/nP5/Dv2//l//r/9noRbf/2/94H77/9z9v49bOtn/AAAA0IPc/X+IW3L/r+37p+4BAACAicnd/8e4xdf/AQAAoBm5+++NWzrZ//p//f9U+v/k+f+nPq+t5/9fUHFqn/3/P9W39P8HS/8/Tv8/h/5f/6//1/+zUFPr/3P3/ylu6WT/AwAAQA9y998Xt9j/AAAA0Izc/X+OW+x/AAAAaEbu/r/ELZ3sf/1/q/1/FvH6f/3/VPp/z//3/P/Dof8fp/+fQ/+v/9f/6/9ZqKn1/7n7/xYAAP//2HxcCQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

4m27.782909514s ago: executing program 1 (id=9659):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x120, 0x5802, 0x294, 0x0, 0x294, 0x258, 0x378, 0x378, 0x258, 0x378, 0x3, 0x0, {[{{@uncond, 0xf202, 0x100, 0x120, 0x52020000, {0x0, 0x600}, [@inet=@rpfilter={{0x28}, {0x4}}, @common=@srh={{0x30}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@empty, @private0, [0x0, 0x0, 0x0, 0xffffff00], [], 'gre0\x00', 'erspan0\x00', {}, {}, 0x87}, 0x0, 0xf8, 0x138, 0x0, {}, [@common=@mh={{0x28}, {"123a"}}, @common=@mh={{0x28}, {"0500", 0x8}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x9, 0x9, 0x6, 0x6, 0x200, 0x7fff, 0xffffffff, 0x4800000]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)

4m26.525016596s ago: executing program 1 (id=9670):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000080))

4m25.944553976s ago: executing program 32 (id=9670):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000080))

4m19.258403208s ago: executing program 3 (id=9702):
r0 = socket$inet6(0xa, 0x3, 0x5)
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, 0x0)

4m19.016667025s ago: executing program 3 (id=9691):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002000010000000000fbdbdf25030117800c00160006ac0f00000000001400010002"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

4m18.552538093s ago: executing program 3 (id=9697):
r0 = add_key$keyring(&(0x7f0000000500), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0x3c0a, r0)

4m18.145889726s ago: executing program 3 (id=9699):
syz_mount_image$jfs(&(0x7f0000000240), &(0x7f0000000040)='./file1\x00', 0x3010846, &(0x7f00000002c0)=ANY=[@ANYBLOB='iocharset=koi8-u,discard=0x0000000000000004,iocharset=iso8859-9,discard,iocharset=koi8-ru,errors=remount-ro,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6e6f646973636172642c696f636861727365743d69736f383835392d332c005d245603bb5b494e31b3e32f7a4536f7389f889613f9bebfad670d9c5b69025afa2ed8a0983033c21a066b886aded885e0be89c3a88225b41e870229bff872d594d5a79ca2a73ae38725a8a4251c102dd8a175ce9f42f974c650e3f4d216c776b32d707119113d826189e7cc3f2b74b5191cce0209a7c007d15932d18b9ea2f49c0c2b7395277707"], 0x24, 0x62d7, &(0x7f0000021240)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyCSgwTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6IneZ4PiKGSxHV9jv/PBvxekR8/EzE9v0769Xi84fsx/f//I8//OSpH/39T8Mz//3Lrf4bk9a7ffu3//nr3YffXwAAAOiisizLIn3MPxkRg/TZHgB48uXX/zLJy9VzV2/OWX/UarVavYB1XTne3XoREZv1bar3DE7HA8CC2YxP2u4CLZJ/pw0i4qm2OwHMtaLtDnAstu/fWS9SvkX99WBttz1fC7Iv/81i7/6OSdNpmteYzOr5tRX9eG5Cf1Zm1Id5kvPvNfO/sts+Susdd/6zMin/0e6tT52T8+838294cvLvjc2/q3L+gyPl35c/AAAAAADMsfz7/xMtn/9devRdOZSDzv+uzagPAAAAAAAAAPC4HXX8v0Fj/L89xv8DAACAuVV9Vq/87pkHyyb9LbZq+eUi4unG+kDHpJtlVtvuBwAAAAAAAAAAAAB0yWD3Gt7LRcQwIp5eXS3Lsvqqa9ZH9ajbL7qu7z90Wds/5AEAYNfHzzTu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyu1D7X5mm1bGl0iDfEg1FZfbPl2nZ10z4vT2tvfr/qsUZl/xAdm40WAweAiNh9Ndqe9Ir0P69Xi6ksn42W3+SwIA44/llQjn8Oo+3nKQAAAHD8yrIsi/TnvE+mc/69tjsFAMxEfv1vnhdQq9VqtVr95NV15Xh360VEbNa3qd4zGI4fABbMZnzSdhdokfw7bRARL7TdCWCuFW13gGOxff/OepHyLeqvB2l893wtyL78N4ud7fL246bTNK8xmdXzayv68dyE/jw/oz7Mk5x/r5n/ld32UVrv0fMv9/2asK1rjCblX+3niRb607acf7+Zf8NxH/+zshW9sfl3Vc5/cKT8+/IHAAAAAIA5ln//f2Kuzv+OHnZ3pjro/O/a2C2Ory8AAAAAAAAA8Lhs37+znu97zef/vzBmPfd/Pply/oX8Oynn32vk/9XGev3a/L23H+T/7/t31v9461+fz9PD5r+UZ4r0zCrSM6JIj1QM0vRR9u6ztob9UfVIw6LXH6Rrfsrhu3EtrsdGnN23bi/9fzxoP7evverpcKe97O+2n9/XPthrz9tf2Nc+TFcXlSu5/XSsx8/jeryz0161LU3Z/+Up7eWU9px/3/HfSdtpOnjw9WxVr6blRWNaufdR7zPHfX067nHeuvbF35w91j05nK3o7+1bXbV/L7XQn53/k6dG8cubGzdO375669aNc5Em+5aejzR5zPLxP0xfez//X95tzz/368frvY9GR85/XmzFYGL+L9fmq/19ZcZ9a0POf5S+cv7vpPbxx/8i5z/5+H+1hf4AAAAAAAAAAAAAAADAQcqy3LlF9K2IuJju/2nr3kwAYLby63+Z5OWzqvszfjy1esHrYs76M9P603K++qNWL2JdV473Zr2IiL/Vt6neM/x63DcDAObZpxHxz7Y7QWvk32H57/1V01NtdwaYqZsffPjTq9evb9y42XZPAAAAAAAAAICHlcf/XKuN/3yqLMu7jfX2jf/6dqw96vifgzyzN8DohIGq+0ffp4Ns9Ub9Xm248Rdj0vjfw725g8b/Hkx5vOGU9tGU9qUp7ctT2sfe6FGT83+xNt75qYg42Rh+vQvjvzbHvO+CnP9Ltedzlf9XGuvV8y9/v8j59/blf+bW+784c/ODD1+79v7V9zbe2/jZhXPnzl64ePHSpUtn3r12fePs7r8t9vh45fzz2NeuA+2WnH/OXP7dkvP/Uqrl3y05/y+nWv7dkvPP7/fk3y05//zZR/7dkvN/JdXy75ac/9dSLf9uyfm/murp+U/7jSaLJOf/9VQ7/rsl5/9aquXfLTn/06mWf7fk/M+k+pD5rxx3v5iNnH8+w+X475acf76yQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1se/P1/M2bMmMkzbf9kAgAAAAAAAAAAAACaZnE5cdv7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf/fTaIYmBkDqpgY1jQkg22bWd+IM2xYTPhq8SCIV+YLvetVlwbOO1S6CRbBookTAqqmgbLtoCQm1uKnLBBa0A5QK1QmoF7QXtBQKhchFVAQWkSrQCtppz3vfdmdnZmV3vePfMOb+fZD+eM2fmvHPmnTPz7Po/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZre8Zu4TQ1mWNf7kf23Psuc1/r11cnu+7JWbPUIAAABgvX6R//3c9WnB4VXcqGmdf37Jt768uLi4mL175M/HPrO4mK6YzLKxLVmWXxc99YP3DDWvEzyWTQwNN10e7rH5kR7Xj/a4fqzH9eM9rt/S4/qJHtcv2wHLbC1+HpPf2e78n9uLXZrdkI3l1+3ucKvHhrYMD8ef5eSG8tssjp3I5rNT2Vw207J+se5Qvv5Xb2ls641Z3NZw07Z2NmbITx49HscwFPbx7pZtLd1n9KNXZ5M//cmjx//2/LM3dao9d0PL/RXjvH1XY5wfC0uKsQ5lW9I+ieMcbhrnzg7PyUjLOIfy2zX+3T7O51Y5zpGlYW6o9ud8IhvO//3tfD+NNv9YL+2nnWHZz27NsuzS0rDb11m2rWw429ayZHjp+ZkoZmTjPhpT6QXZ6Jrm6S2rmKeNOru7dZ62vybi839LuN3oCmNofpp+9NHxpuf954tXMk+jxqNe6bXSPgf7/VopyxyM8+Lb+YN+vOMc3B0e/6O3rTwHO86dDnMwPe6mObir1xwcHh/Jx5yehKH8NktzcE/L+iP5loby+sxt3efg9PmHz04vfPgjd80/fOzk3Mm50/v27JnZt3//wYMHp0/Mn5qbKf6+wr1dftuy4fQa2BX2XXwNvLxt3eapuvj58WXH3yt9HU50eR1ub1u336/D0fYHN7QxL8jlc7p4bbyzsdMnLg9nK7zG8ufnjvW/DtPjbnodjja9Dju+p3R4HY6u4nXYWOfsHav7zDLa9KfTGFZ+L1jfHNzeNAfbP4+0z8F+fx4pyxycCPPiu3es/F6wM4z38am1fh4ZWTYH08MNx57GkvR5f+JgXjrNy5sbV1wznl1YmDt39yPHzp8/tycLZUO8sGmutM/XbU2PKVs2X4fXPF8Pz7/k8Zs7LN8e9tXEXY2/JlZ8rhrr3HN39+cqf3frvD9blu7NQumzjd6fnd7NG/tzPMs++42PPvi1Rz/7mhX3Z6Pf/Nj0+j+Lp7606fg7tsLxN/b9vyy2l+7qsZGx0eL1O5L2zljL8bj1qRrNj11D+bafm17d8Xgs/Nno4/ENXY7HO9rW7ffxeKz9wcXj8VCvn3asT/vzORHmyamZ7sfjxjo79q51To52PR7fGupQ2P+vCJ1C6oua5s5K8zZta3R0LDyu0biF1nm6r2X9sdCbNbb15N7woTCNcnXz9PZbi/VHmm4XbdQ8nWxbt9/zNP3sa6V5OtTrp29Xpv35nAjz4oZ93edpY52n71n/sXNr/GfTsXO81xwcGxlvjHksTcL8eJ8tbo1z8O7seHYmO5XN5teO5/NpKN/W1L2rO1aOhz8bfazc0WUO3t62br/nYHofW2nuDY0uf/B90P58ToR58cS93edgY53XHujvZ9fbiyVLP4pu+uza/vO1lX7mdXPbbrpac6UxksZj+caB7j+bbaxz6uBa+8zu++nOsOSaDvup/fW70mtqNtuY/bQjjPPZgyvvp8Z4Gut85tAq59PhLMsufvD+/Oe94fcrFy9858stv3fp9Dudix+8/8fXnvintYwfgMH3y6JsK97rmn4ztZrf/wMAAAADIfb9w6Em+n8AAACojNj3x/8Vnuj/AQAAoDJi3z8aalKF/v+Pe6+y47XPzv/yYpaS+YtBvD7thgeK9WLGdSZcnlxc0lh+/xfn/ucfL65ueMNZlv38gT/quP6OB+K4CpNhnE+9rnX5Ml++a1XbPvrQxbTd5vz658L9x8ez2mnQKYI7k2XZV6//VL6dyfdczuvTDxzN64OXHn+ssc5zh4rL8fbPvLBY/69C+PfwiWMtt38m7Icfhjrzps77I97uS5dfsfPAu5a2F283tOu6/GE/8d7ifuP35Hz6sWL9uJ9XGv/XPvnklxrrP/KyzuO/ONx5/E+G+/1iqP/74mL95uegcTne7uNh/HF78XZ3f+HrHcf/1CeK9c++vljvaKhx+7eHy7tf/+x88/56ZOhYy+PK3lCsF7c/850/za+P9xfvv338E0cut+yP9vnx9L8X9zPdtn5cHrcT/UPb9hv30zw/4/af/JOjLfu51/afevCZFzfut337d7atd/aDd+TbX7q/1m9s+uuPf6rj9uJ4Dv/92ZbHc/jt4XUctv/Ee8N8DNf/31PF/bV/u8LRt7cef+L6n9t+seXxRG/8abH9p151Mq9bJrZuu+Z511536aWNfZdl395S3F+v7Z/8mzMt4//8jcX+iNfHjH779lcSt3/uQ1OnzyxcmJ9Ne/XR6/PvznlzMZ443uvDsbX98pEz5983d25yZnImyyar+xV6V+wLof64KJe6r7247Ah6x0Ph+bz5L7+67bZ/+2Rc/h/vLJZfflPxvvXysN6nw/Lt4flb2/aXe+KWG/PX99DTYYSLy78veD127v7vg72+3zcXHn/754I438++6H35fmhcl79vxNf1Osf/vdnifr4S9uti+GbmXTcuba95/fjdCJffUbze173/wmEuPq9/F57vt/ywuP84rvh4vxc+x3x9R+vxLs6Pr1wcbr///Fs8LoXjSXapuD6uFff35edu7Di8+D0k2aWb8st/lu7npjU9zJUsfHhh+tT86QuPTJ+fWzg/vfDhjxx5+MyF0+eP5N/leeT9vW6/dHzalh+fZuf235PlR6szRbnKNnv8Zx86Pntg5rbZuRPHLpw4/9DZuXMnjy8sHJ+bXbjt2IkTcx/qdfv52fv27D2078DeqZPzs/cdPHRo36Gp+dNnGsMoBtXD/pkPTJ0+dyS/ycJ99xzac++998xMPXxmdu6+AzMzUxd63T5/b5pq3PoPp87NnTp2fv7huamF+Y/M3bfn0P79e3t+G+DDZ08sTE6fu3B6+sLC3Lnp4rFMns8XN977et2ealr4fvF5tt1Q8UV82dvu3J++n7Xhix9d8a6KVdq+QPTZ8F0033z+2YOruRz7/rFQkyr0/wAAAEAu9v3joSb6fwAAAKiM2PdvCTXR/wMAAEBlxL5/ItT0XwJq0v9XLv+/4+Kqti//L//fvL/k/2uW/39H2fL/xfFC/r8/1pu/r0P+f1Uryv/L/8v/y//L/9MHZcv/x75/a5b5/T8AAABUVOz7t4Wa6P8BAACgMmLff02oif4fAAAAKiP2/c8LNalJ/y//L/8v/y//L//fefvy/4NJ/r+7kuX/J9oXyP9vfv4/q1f+/1I/x78J+f+tzRfk/ymjsuX/Y99/bahJTfp/AAAAqIPY918XaqL/BwAAgMqIff/1oSb6fwAAAKiM2PdvDzWpSf8v/7+u/H/KXA1u/r/Ysvy//L/8v/x/Vcj/d1ey/P8y8v+bn/93/v+Byv+3kP+njMqW/499//NDTWrS/wMAAEAdxL7/BaEm+n8AAAAon9Eru1ns+18YarKs/7/CDQAAAACbLvb9N2RtQfCa/P5f/t/5/0t7/v8x+X/5/0L58/8jmfx/ecj/dyf/30M/8v+X5P/l/+X/5f+Jypb/z/v+bCJ7UahJTfp/AAAAqIPY998YaqL/BwAAgMqIff+vhJro/wEAAKAyYt+/I9SkJv2//H9l8v8/a37qKpH/d/5/+f+g/Pl/5/8vE/n/7uT/e3D+f/l/+X/5f/pqoWOntHn5/9j33xRqUpP+HwAAAOog9v03h5ro/wEAAKAyYt//q6Em+n8AAACojNj37ww1qUn/L/9f8vx/TI7W8fz/8v/y/0GZ8/8T8v+lI//fnfx/D/L/8v/y//L/9NXC94vPs+02K/8f+/4Xh5rUpP8HAACAOoh9/0tCTfT/AAAAUBmx739pqIn+HwAAACoj9v2ToSY16f/Xkv8fuiT/v5KrfP7/8VWc/7+F/P+m5P9H5f8Ldcr/Z/L/pSP/3538fw/y//L/8v/y//RV2fL/se+/JdSkJv0/AAAA1EHs+3eFmuj/AQAAoDJi339rqIn+HwAAACoj9v27Q01q0v87//9A5P8z+f+ByP87/38g/9+Z/P/GkP/vTv6/B/l/+X/5f/l/+qps+f/Y978s1KQm/T8AAADUQez7bws10f8DAABAZcS+/+WhJvp/AAAAqIzY998ealKT/l/+X/5f/l/+X/6/8/Y3PP9/Sf6/H+T/u5P/70H+X/5f/l/+n74qW/4/9v2vCDWpSf8PAAAAdRD7/jtCTfT/AAAAUBmx778z1ET/DwAAAJUR+/6pUJOa9P/y//L/1cz//6f8f5fty/+XNP/v/P99If/fnfx/D/L/8v/9yP+PhQXy//L/bHr+P35ei5dj339XqElN+n8AAACog9j33x1qov8HAACAyoh9/3Soif4fAAAAKiP2/TOhJjXp/+X/5f+rmf93/v9u219X/v+lS/cr/1+Q/y8X+f/u5P976Gf+f4v8f23z/+s6//+Y/D+Vstn5//bLse/fE2pSk/4fAAAA6iD2/XtDTfT/AAAAUBmx798XaqL/BwAAgMqIff89oSY16f/l/+X/5f/l/53/v/P25f8Hk/x/d/3P/8eHKP/v/P/y//3J/zv/P9VStvx/7PvvDTWpSf8PAAAAdRD7/v2hJvp/AAAAqIzY9x8INdH/AwAAQGXEvv9gqElN+n/5f/l/+X/5f/n/ztuX/x9M8v/dOf9/D/L/8v8DnP9vzC35f8qmbPn/2PcfCjWpSf8PAAAAdRD7/leGmuj/AQAAoDJi3/9roSb6fwAAACih8Su6Vez7fz3UpCb9v/y//L/8v/z/Juf/x3rl/8fl/+X/10D+vzv5/x7k/+X/Bzj/v8L5/68NV8v/synKlv+Pff99oSY16f8BAACgDmLf/xuhJvp/AAAAqIzY978q1ET/DwAAAJUR+/7DoSY16f/l/zco/x8Xljb/H5PM8v/5Avl/5/+X/x9Y8v/dyf/3IP8v/1+9/H+/z//f/jadyP/TSdny/7Hvf3WoSU36fwAAAKiD2PffH2qi/wcAAIDKiH3/a0JN9P8AAABQGbHvf22oSU36f/l/5//f/PP/j7WMXf5/6Xby/wX5f/n/tZD/707+vwf5f/l/+X/n/6evypb/j33/60JNatL/AwAAQB3Evv/1oSb6fwAAAKiM2Pe/IdRE/w8AAACVEfv+N4aa1KT/l/+X/9/8/L/z/8v/F+T/5f/7Qf6/O/n/HuT/5f/l/+X/6auy5f9j3/+boSY16f8BAACgDmLf/0Coif4fAAAAKiP2/W8KNdH/AwAAQGXEvv/NoSY16f/l/+X/5f/l/+X/O29f/n8wyf93N2D5/19cF5bL/xfk/8s9/rXm/0fbLl+V/P8PVsr/L25pv738P1dD2fL/se9/S6hJTfp/AAAAqIPY97811ET/DwAAAJUR+/63hZro/wEAAKAyYt//W6EmNen/5f8b41hKL8v/y//nC+T/5f/l/weW/H93Kf//XKd3riblyP87/38b+f9yj9/5/+X/Wa5s+f/Y97891KQm/T8AAADUQez7Hww10f8DAABAZcS+/x2hJvp/AAAAqIzY978z1KQm/b/8v/P/y//L/8v/d96+/P9gkv/vbsDO/y//30b+v9zjvyr5//+S/2ewlS3/H/v+h0JNatL/AwAAQB3Evv9doSb6fwAAAKiM2Pf/dqiJ/h8AAAAqI/b97w41qUn/L/8/KPn/Sfn/Neb/x8My+X/5f/n/epH/707+vwf5f/n/suX/nf+fAVe2/H/s+98TarL6/n9i1WsCAAAAV1P7r5OS2Pf/TqhJTX7/DwAAAHUQ+/7fDTXR/wMAAEBlxL7/90JNatL/y/8PSv7f+f8z5/+X/297PPL/8v+dbFz+Px551pT/39Jr+/L/8v/y/4M7fvl/+X+WK1v+P/b9vx9qUpP+HwAAAOog9v3vDTXR/wMAAMBA6PR/stvFvv9IqIn+HwAAACoj9v1HQ01q0v/L/8v/y/+XNP//F7v+5bvfeuvRPfL/8v/y/2uyoef/b7z4nf9f/l/+P5H/l/+X/6dd2fL/se8/Fmqy1Pi92Qn+AQAAYLDFvv8PQk1q8vt/AAAAqIPY9x8PNdH/AwAAQGXEvn821KQm/b/8/ybm/0ezLJP/l/+v4Pn/4/4YpPz/1JYByv/Hg678f0cbmv9/11JOXP5/rfn/8Y5L2/P/Q/L/LeT/1zz+b2ZZtmHjv/iv8v/y/7QrW/4/9v1zoSY16f8BAACgDkLfP3yiqEtX6P8BAACgMmLffzLURP8PAAAAlRH7/veFmtSk/5f/d/5/+X/5f+f/77z90ub/nf+/K/n/7sqT/+/M+f/l/wd5/M7/L//PcmXL/8e+fz7UpCb9PwAAANRB7PvfH2qi/wcAAIDKiH3/B0JN9P/w/+zdyZNlZZnH8ZuQRFUF0RG960Uvuve96k1vWDSrXnT/Ab1gw6YjulvFAeeJwnnEeR7QUBEHHEARUVGcBScUcUTFGcQJJ0SlDCqf56kcTp6bWXUz77nv+/ksfIqE5F4IrOJXybcOAABAM3L3Pzhu6WT/6//1/032/0f0/2Ovr//X/7dM/z9O/z+H/l//r//X/7NQU+v/c/c/JG7pZP8DAABAD3L3XxS32P8AAADQjNz9D41b7H8AAABoRu7+h8Utnex//b/+v8n+/z/u/r/7/13/v9vr6//1/y3T/4/T/8+h/9f/6//1/yzU1Pr/3P0Pj1s62f8AAADQg9z9j4hb7H8AAABoRu7+i+MW+x8AAACakbv/kXFLJ/t/W/+/Nuuz/8+MV//fUv/v+f+7vr7+X//fssPt/y994Hs+/b/+X/8f9P/6f/0/202t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7n9M3GL/AwAAQDNy9z82bulk/3v+v+f/6//1//r/4dfX/68mz/8f11P/f/Gt5150z7X/eN1+Xl//r//X/+v/Wayp9f+5+x8Xt3Sy/wEAAKAHufsfH7fY/wAAANCM3P1PiFvsfwAAAFhBxwY/mrv/iXFLJ/tf/6//1/9H/39U/6//1/+3QP8/btn9/9CPl5t5/n/7/f+DFvJOl/f+x+j/9f/sNLX+P3f/k+KWTvY/AAAA9CB3/5PjFvsfAAAApmvef1i2Te7+S+IW+x8AAACakbv/eNzSyf7X/x98//9X/f9q9P+e/6//1/83Qf8/btn9/zz6//b7/4O07Pev/9f/s9PU+v/c/ZfGLZ3sfwAAAOhB7v6nxC32PwAAADQjd/9T4xb7HwAAAJqRu/9pcUsn+1//7/n/+n/9/+H3/xvf2er/T/1d1f8vjv5/nP5/Dv3/mfbz5+j/9f/6fzbbZ/9/38h32wvp/3P3Pz1u6WT/AwAAQA9y9z8jbrH/AQAAoBm5+58Zt9j/AAAA0Izc/c+KWzrZ//p//b/+X/9/2v3/zn/0TvL8/2H6/8Oh/x83mf5/bX3ww/r/le//Pf9f/6//Z4upPf8/d/+z45ZO9j8AAAD0IHf/c+KWkf2/75/MBwAAAJYqd/9z4xZf/wcAAICVl9VZ7v7nxS2d7H/9v/5f/6//P/zn/69+/3/dpven/58W/f+4yfT/u9D/6/9X+f3r//X/7DS1/j93//Pjlk72PwAAAPQgd/9lcYv9DwAAAM3I3f+CuMX+BwAAgGbk7n9h3NLJ/h/u/0/9/kn3/9sj4Zn+P+n/2+7/88+o/x/t/8/3/P8+6f/H6f/n0P/r//X/u/X/x+Z9vv6fIVPr/3P3vyhu6WT/AwAAQA9y9784brH/AQAAoBm5+18St9j/AAAA0Izc/S+NWzrZ/57/r//X/69e/+/5/xuW+fz/2aH3/+v6/z1abv+/dn/+CKr/P733r//X/6/y+2+y/z9ntvX5/yO/CoD+nyFT6/9z978sbulk/wMAAEAPcve/PG6x/wEAAGA1bP5vB4aeFTeb1e5/Rdxi/wMAAEAzcve/Mm5pZ/+PPqtT/6//1/+f/HT9v/5/oP9fn02n//f8/73y/P9x+v859P8H0c+vN9b/X77b50+h/7/k4J7//6/zPl//z5At/f8Npz6+rP4/d/+r4pZ29j8AAAB0L3f/q+MW+x8AAACakbv/NXGL/Q8AAADNyN3/2rilk/1/4P3/yK8+oP/X/0+k//f8f/3/4OtP6/n/+v+90v+P0//Pof/3/H/P/9f/c+Y2/Svjlv5/k2X1/7n7Xxe3dLL/AQAAoAe5+18ft9j/AAAA0Izc/ZfHLfY/AAAANCN3/xvilk72v+f/6//1//p//f/w6+v/V9MZ9fdn6f+L/l//r//X/+v/WYCp9f9bd39/+x8AAAB68MaT/3s0fr7e/gcAAIAW5e5/U9xi/wMAAEAzcve/OW7pZP/r/w+2/8+P6//1/zP9v/5f/38oun3+/9rQj0Q77dL/3/y/x/9r60f0//p//b/+X//PHv39yO+bRP9/4tS/Xebuf0vc0sn+BwAAgB7k7r8ibrH/AQAAoBm5+98at9j/AAAA0Izc/VfGLfvc/2PNw5Tp/z3/X/+v/9f/D7++/n81ddv/75Hn/8+h/9f/6//1/yzUJPr/Tb+du/9tcYuv/wMAAEAzcve/PW6x/wEAAKAZufvfEbfY/wAAANCM3P3vjFs62f/6f/2//l//r/8ffn39/2rS/4/T/8+xSv3/lWfQ/68Pf3jZ/fyZWvb71//r/9lpav1/7v6r4pZO9j8AAAD0IHf/u+IW+x8AAACakbv/3XGL/Q8AAADNyN3/nrilk/2v/9f/6//1//r/4dfX/68m/f84/f9sNrt65A0M9f8njkyz//f8/8m9f/2//p+dptb/5+5/b9zSyf4HAACAHuTuvzpusf8BAACgGbn7r4lb7H8AAABoRu7+98Utnex//b/+X/+v/9f/D7++/n816f/H6f/nWKXn/+v/J/f+9f/6f3aaWv+fu//9cUsn+x8AAAB6kLv/2rjF/gcAAIBm5O7/QNxi/wMAAEAzcvdfF7d0sv/1//p//b/+f6D/P/l/df2//n8VHVz/P9P/6//1/3Po//X/+n+2m1r/n7v/g3FLJ/sfAAAAepC7//q4xf4HAACAZuTu/1DcYv8DAABAM3L3fzhu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9/xz6f/2//l//z0IN9/+XLK3/z93/kbilk/0PAAAAPcjdf0PcYv8DAABAM3L3fzRusf8BAACgGbn7Pxa3dLL/9f/6/639/2ym/9f/6/83DPT/t917xd/Vby+g/z860/8vnP5/nP5/Dv1/m/3/WbOG+v9ju36+/p8pmtrz/3P33xi3dLL/AQAAoAe5+z8et9j/AAAA0Izc/Z+IW+x/AAAAaEbu/k/GLZ3sf/2//n/Bz/+/68KB96H/36D/X/n+3/P/V4D+f5z+fw79f5v9v+f/6/9Zmqn1/7n7PxW3dLL/AQAAoAe5+z8dt9j/AAAA0Izc/Z+JW+x/AAAAaEbu/s/GLZ3sf/2//n/B/b/n/+v/9f+70P8fDv3/OP3/HPr/5vr//Ld7/b/+n+WYWv+fu/9zcUsn+x8AAAB6kLv/prjF/gcAAIBm5O6/OW6x/wEAAKAZufs/H7d0sv/1//p//f9q9v9Ht/T/Z8/0/6f+eP1/36bS/5933n/eov/X/+v/l9//e/6//p/lmlr/n7v/C3FLJ/sfAAAAepC7/4txi/0PAAAAzcjd/6W4xf4HAACAZuTu/3Lc0sn+39n/nzPbKFQ3DPX/0ajp/zfR/299//r/4X8+PP9f/6//P3hT6f89///03r/+X/+/yu9/X/3/P+/8fP0/LZpa/5+7/5a4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy998at3Sy/z3/X/+v/9f/L7z/v/7OjW/o/7fQ/x+O0+zv/+3G+Ib+P+j/9f/6/36f/3+2/p/FmVr/n7v/a3FLJ/sfAAAAepC7/7a4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/6//1//p//b/n/w+/vv5/NXn+/zj9f9n+l7ahn/7/6NAHl93Pn6llv/9m+n/P/2eBptb/5+7/ZtzSyf4HAACAHuTu/1bcYv8DAABAM3L3fztusf8BAACgGbn7vxO3dLL/9f/6//b7/wv1/9teX/+v/2+Z/j9/RB+m/5+jn/5/0LL7+VV///p//T87Ta3/z91/e9zSyf4HAACAHuTu/27cYv8DAABAM3L3fy9usf8BAACgGbn7vx+3dLL/9f999f9rsx77f8//1//r/3ui/x+n/59D/6//1//r/1moqfX/ufvvWFvvcv8DAADAqvrvf/n/2/f6x95x8n+Pzn4Qt5w/O7HHL2MDAAAAE/fA7l9bn81+ePK3fP0fAAAAWpS7/0dxSyf7X//fV//f5/P/9f/6f/1/T4b6+6Hvo3ej/w/6f/2//l//r/9nAabW/+fu/3Hcsmn4re/7rxIAAACYktz9P4lbOvn6PwAAAPQgd/9P45Yd+98vBwgAAACrKnf/z+KWTr7+r/+feP8/O6D+P/44/f8G/b/+f+j19f+ryfP/x51h/39iTf+v/x+h/9f/6//Zbmr9f+7+O+OWTvY/AAAANGrLzyjk7r8rbrH/AQAAoBm5+38et9j/AAAA0Izc/XfHLZ3sf/3/off/maof4PP/j9W3PP+/8/7/sqODr6//1/+3TP8/zvP/59D/t9L/H9H/6/+Zhqn1/7n7fxG3dLL/AQAAoAe5+38Zt9j/AAAA0Izc/b+KW+x/AAAAaEbu/l/HLZ3sf/3/xJ//f1r9/x6e/6//76P/3+X12+n//+Hc4zdd8D/XXKX/55TD7P/zn4VD7v+P7PfPuZn+fw79fyv9v+f/6/+ZiMX3/+tbPrjf/j93/2/ilk72PwAAAPQgd/89cYv9DwAAAM3I3f/buMX+BwAAgGbk7v9d3NLJ/tf/6/+n0v/n3+sl9P/HT7v/PzabzZbS/2dT3Hv/7/n/+v+dPP9/nP5/Dv2//l//r/9noRbf/2/94H77/9z9v49bOtn/AAAA0IPc/X+IW3L/r+37p+4BAACAicnd/8e4xdf/AQAAoBm5+++NWzrZ//p//f9U+v/k+f+nPq+t5/9fUHFqn/3/P9W39P8HS/8/Tv8/h/5f/6//1/+zUFPr/3P3/ylu6WT/AwAAQA9y998Xt9j/AAAA0Izc/X+OW+x/AAAAaEbu/r/ELZ3sf/1/q/1/FvH6f/3/VPp/z//3/P/Dof8fp/+fQ/+v/9f/6/9ZqKn1/7n7/xYAAP//2HxcCQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

4m16.370872125s ago: executing program 3 (id=9731):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0x74}}, 0x0)

4m15.450016115s ago: executing program 3 (id=9745):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000780)={{0x8, 0x5, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x4, 0x4, 0x40000000000, 0xffffffffffffffff, 0x8, 0x0, 0x4, 0x0, 0x7, 0x2000000000000004, 0x0, 0x0, 0xfffffeffbfffffff, 0x0, 0x0, 0x0, 0x3, 0x80000000, 0x3, 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x6, 0x1, 0x40, 0x0, 0xfffffffffffffffd, 0x100200000, 0xb, 0x6, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000, 0x1000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffdfffffffff, 0xfffffffffffffffc, 0x3, 0x0, 0x7, 0x10000, 0x7385, 0x0, 0x4, 0x4, 0x8, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x80000002000, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x7ff, 0x0, 0xfffffffffffffffe, 0x9, 0x1000000000, 0x0, 0x80000000000002, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffff7fffd, 0x0, 0x2c5, 0x0, 0x100, 0x81, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x9, 0x100000000000, 0x4000000000, 0x3, 0x2, 0x0, 0x7, 0xc0c0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x48a, 0x4, 0xffffffffffeffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x80]})

4m14.725995154s ago: executing program 33 (id=9745):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000780)={{0x8, 0x5, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x4, 0x4, 0x40000000000, 0xffffffffffffffff, 0x8, 0x0, 0x4, 0x0, 0x7, 0x2000000000000004, 0x0, 0x0, 0xfffffeffbfffffff, 0x0, 0x0, 0x0, 0x3, 0x80000000, 0x3, 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x6, 0x1, 0x40, 0x0, 0xfffffffffffffffd, 0x100200000, 0xb, 0x6, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000, 0x1000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffdfffffffff, 0xfffffffffffffffc, 0x3, 0x0, 0x7, 0x10000, 0x7385, 0x0, 0x4, 0x4, 0x8, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x80000002000, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x7ff, 0x0, 0xfffffffffffffffe, 0x9, 0x1000000000, 0x0, 0x80000000000002, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffff7fffd, 0x0, 0x2c5, 0x0, 0x100, 0x81, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x9, 0x100000000000, 0x4000000000, 0x3, 0x2, 0x0, 0x7, 0xc0c0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x48a, 0x4, 0xffffffffffeffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x80]})

2m47.57880071s ago: executing program 2 (id=10693):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000002c0), 0x4)

2m46.980813331s ago: executing program 2 (id=10702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000dc0)=@newtaction={0x280, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfd, {}, [{0x26c, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x204, 0x7, 0x10000000, 0x200000, 0x6}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_NO_CSUM={0x1, 0xa, 0x1}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbedit={0x94, 0xc, 0x0, 0x0, {{0xc}, {0x5c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0xe4e, 0x3, 0x4, 0x3}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xff}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1, 0xc}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x100}]}, {0xf, 0x6, "1abf842170b99b2d385cd0"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x168, 0x2, 0x0, 0x0, {{0x8}, {0xb0, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x7b84, 0xffffffffffffffff, 0x0, 0x4000}, 0x1}}, @TCA_IFE_METALST={0x2c, 0x6, [@IFE_META_PRIO={0x8, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x696}, @IFE_META_PRIO={0x8, 0x3, @val=0x6}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xa}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_DMAC={0xa, 0x3, @remote}, @TCA_IFE_TYPE={0x6, 0x5, 0xc9}, @TCA_IFE_DMAC={0xa, 0x3, @random="8e626b6bfbf7"}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xe, 0x100000, 0x4, 0x6, 0x3}}}, @TCA_IFE_SMAC={0xa}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xd, 0x2, 0x1, 0x4}, 0x1}}]}, {0x92, 0x6, "0745eda98a44af97ae46a19127d038c5123f3cb17331ff9148552ed3e66c1ec3da02b7f8bf5c416577450e40e13f05636db4c6ad1b3b41745844ead184f6931b6094c2079d7cfc0e3261b4596fbfbc0d19da37719c7dae4fc8e453fa633c7fd941086e3a72eaace8b91ccace63675f74944e81a9c807e2e4fbfbfd06a5fa8083ba3da79908908e58145dc1ca9b47"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x7}}}}]}]}, 0x280}, 0x1, 0x0, 0x0, 0x20048840}, 0x1004)

2m46.156805177s ago: executing program 2 (id=10714):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd4}}, 0x0)

2m45.4583238s ago: executing program 2 (id=10725):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=")
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m44.374078704s ago: executing program 2 (id=10738):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=@acquire={0x134, 0x17, 0x1, 0x70bd27, 0x25dfdbfc, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4d4, 0xff}, @in=@remote, {@in=@multicast2, @in=@broadcast, 0x4e21, 0x100, 0x4e20, 0x3, 0x2, 0xe0, 0x20, 0x3b, 0x0, 0xffffffffffffffff}, {{@in6=@mcast2, @in=@broadcast, 0x4e21, 0x9, 0x4e22, 0x83, 0x2, 0x0, 0x0, 0xc}, {0x7f, 0xec2b, 0x5, 0xa, 0xd5, 0x6, 0x6, 0x1}, {0x7, 0xa0, 0x200000000009, 0x200000000000000}, 0xba, 0x0, 0x2, 0x1, 0x0, 0x3}, 0x3, 0x1, 0x200, 0x70bd29}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0xce}}]}, 0x134}, 0x1, 0x0, 0x0, 0x40040c0}, 0x0)

2m42.143403365s ago: executing program 2 (id=10761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x401, 0x0, 0xf, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IKEY={0x8}]}}}]}, 0x40}}, 0x0)

2m41.602151264s ago: executing program 34 (id=10761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x401, 0x0, 0xf, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IKEY={0x8}]}}}]}, 0x40}}, 0x0)

2.84730721s ago: executing program 8 (id=12561):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000980), 0x0)
cachestat(r0, &(0x7f00000009c0)={0xfb, 0x3}, &(0x7f0000000a00), 0x0)

2.546224687s ago: executing program 8 (id=12567):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8c}, @NFTA_SET_DESC={0x8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x4}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0x7c}, 0x1, 0x0, 0x0, 0x4404c810}, 0x0)

2.239891505s ago: executing program 8 (id=12573):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
setsockopt$X25_QBITINCL(r0, 0x106, 0x1, 0x0, 0x0)

2.09466264s ago: executing program 0 (id=12575):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a00f00000088080ffb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

1.897346496s ago: executing program 5 (id=12577):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000200), &(0x7f0000000280)=0xc)

1.895603923s ago: executing program 8 (id=12578):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f00000002c0)={0x3, &(0x7f0000000440)=[{0x12, '\x00', @data=0x7fff, 0x4}, {0x2, '\x00', @st={0x4, [{0x2, @svalue=0x4}, {0x1, @uvalue=0x40}, {0x2, @svalue=0x800}, {0x1, @svalue=0x7}]}, 0x20000009}, {0xd, '\x00', @st={0x4, [{0x1, @uvalue=0x31c}, {0x0, @uvalue=0xffffffffffffffff}, {0x0, @uvalue=0x4}, {0x1, @svalue=0x4f}]}, 0x80000e6}]})

1.702082894s ago: executing program 4 (id=12580):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x318, 0x168, 0x6c, 0x0, 0x168, 0x0, 0x248, 0x258, 0x258, 0x248, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private0, [], [], 'wlan1\x00', 'ip6gre0\x00', {}, {}, 0x11, 0x0, 0x0, 0x48}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0xfffffffd, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ipv6={@dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'netdevsim0\x00', 'lo\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x2001}}, {0x28}}}}, 0x378)

1.663538684s ago: executing program 7 (id=12581):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001840)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a216798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271fefc583eec8912c37562d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de7368ca69f6f8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b2059ba4b923a1188dd61dc7de058a4dfa7e85a8bdf1d41a2d8bd044d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4ae52066bb5d4045c958549b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9530243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a000000002a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd103c1962f4759286db3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e1dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd040000000000000034137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a175979d54000004408996ec5db6a4d15b71ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87492332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b24000000000000000070000000072716bc8e139c49b91c76bea3858f7ca208d31330d89069f96f66e2e7748a2ff93060ff073b3a113e47edf0672fda649e8ca5095f2a161bf60b876f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee62714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff42961f8f3b555d9e8aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e8173d3d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e00400000022f3e34b7524642c248aa813edaa626f000000000000000000000000000000005519fe545110a9c01d6f0da7b04d6eb1a47675aea60371f629ed3446beb20bf2bab80e451b4139dc6c87e6b395edc142e24b596f636f8c248beeb268dbbf120b26693f73a6362e7c6bff6b08514763f6fbe6c914baf7e25ac7e8d36babeb6c58d012cf7b1ffbe996204af87412b9b21da1dfb01aa5a4ff142deb3bd70d11cf71752bdb33f1dfb6ef107ef3cb0016b2b6dcffb0be5a95d56172098ebf6075cc048f94350e2adb108eabccfae942bbca66ea83139ab4062963be6d549907b17d95b248201322cd8cc6540b6e369c7ebd9b98ec3dab43e84ecf9e66be246847b40feadfebcbb566d4e243bd8f279db0c7f5320ca6bf5cea49671ca89eedbb79028af6d459d6fe81071e700136fdb9234ce00d6ce181421dc659fc73ad25cdf97e5a6f4e5e05394e70fdf1ef4b41c376ba0222a87d8d5609f535a6a6fbbd60fc633064a94c252ac127b7467ec036ed883e252cb8727208712e4296f106c6527ff939552e23c2140c0000000000000000000000000000000000000000000000707d178c32bafb18352f2840a48309d5fd326a0f3a352321543173b4bb9e92b431aa4b9bb916945ce250b8b1120930fd1784810b696a77fd0500257c3952a2f399557c8323b1b0ad995a9c02bf21f00d5b56c2a62e31e7ebfade7c5f091b373db013878526bb7f9179c2ff52dae8557ec08905963527edb6cdf98493a48a191182f29f358801a33d5e4b7e05912f0323c6c9536a0495d014e5d42832ac32a216c437baa696287b84356ab4bbc4c35e2b786ee0856426d1a67ca168850f858d20e8bb7d8fbf1ca251646c35373aefdf180d8dd9511beb88084ba4287faa0f45f3bcba27c79a"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe, 0x0, &(0x7f00000004c0)="ad5ce39667bde4014c9745573838", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.661946168s ago: executing program 0 (id=12582):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000885000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000200)="8ba7c579baa8abcb37d667c71d66", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1.631156383s ago: executing program 8 (id=12583):
capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000180)={0x401, 0x7ff, 0x9, 0x58, 0x1, 0x9})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000fefdff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00007b030000000000009f440000000000006b0a00fe000000007b13000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

1.602348958s ago: executing program 6 (id=12584):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="780000000206010100000000000000000a00000005000400020000000900020073797a32000000002c00078008000640000000da08001340000007ff0800134000001000050015000c00000008001240000000050500050002000000050001000600000011000300686173683a6e65742c6e6574"], 0x78}, 0x1, 0x0, 0x0, 0x80820}, 0x80)

1.526113714s ago: executing program 5 (id=12585):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1400000013000104000000000000000003"], 0x14}], 0x1}, 0x0)

1.378630651s ago: executing program 0 (id=12586):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x50, &(0x7f0000000040)={'ipvs\x00'}, &(0x7f0000000100)=0x1e)

1.3591203s ago: executing program 4 (id=12587):
r0 = socket(0x10, 0x80003, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f4e6ff0804000a020000fe0000000000aa0008000f00fd000000", 0x24)

1.352122157s ago: executing program 7 (id=12588):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001900)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000a0012000a002800000019002d4400009b84136ef75afb83de066a5b00e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)

1.350849946s ago: executing program 6 (id=12589):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x2, 0x2a802)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x3, 0x0, 0xfc, 0x4}})

1.257823576s ago: executing program 8 (id=12590):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

1.22920569s ago: executing program 5 (id=12591):
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280)=[@ioring_restriction_register_op], 0x1)
io_uring_register$IORING_REGISTER_RESIZE_RINGS(0xffffffffffffffff, 0x25, 0x0, 0x1)

1.090408666s ago: executing program 7 (id=12592):
r0 = socket$inet(0x2, 0x3, 0x80)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, 0x0, 0x0)

1.087369314s ago: executing program 4 (id=12593):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, &(0x7f0000000200))

1.026224831s ago: executing program 6 (id=12594):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0x0)

1.025591828s ago: executing program 0 (id=12595):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000440)=ANY=[@ANYBLOB="380000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="80420000000000001000128008000100687372000400028008003a00", @ANYRESHEX=r0], 0x38}}, 0x0)

951.319335ms ago: executing program 5 (id=12596):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={0x34, 0x3e, 0x107, 0x70bd2b, 0x0, {0x1, 0x7c}, [@nested={0xc, 0xfc, 0x0, 0x1, [@typed={0x8, 0x5, 0x0, 0x0, @ipv4=@empty=0x5000000}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}, @nested={0x8, 0x2, 0x0, 0x1, [@generic="7235ab62"]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

730.352329ms ago: executing program 6 (id=12597):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, 0x0)

730.283401ms ago: executing program 7 (id=12598):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$SOUND_PCM_READ_CHANNELS(r0, 0x80045006, &(0x7f00000000c0))

730.190601ms ago: executing program 4 (id=12599):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x101000)
ioctl$BLKDISCARDZEROES(r0, 0x127c, &(0x7f0000000040))

693.531436ms ago: executing program 0 (id=12600):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x28, 0x6, 0x74, 0xfffff039}]}, 0x10)

520.418958ms ago: executing program 4 (id=12601):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0, 0x0, 0x56074975}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

454.372094ms ago: executing program 7 (id=12602):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x6, 0x0, 0x0)

452.791194ms ago: executing program 5 (id=12603):
syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)

444.06891ms ago: executing program 6 (id=12604):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47d, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f027, 0x1})

365.156455ms ago: executing program 0 (id=12605):
r0 = socket(0x10, 0x80003, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f4e6ff0804000a020000fe0000000000aa0008000f00fd000000", 0x24)

141.607519ms ago: executing program 7 (id=12606):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000000000000000a00100000000000ea41ffe39fe081909bf57242cf"], 0xb8}}, 0x0)

121.336813ms ago: executing program 4 (id=12607):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, 0x0, 0x0)

113.783787ms ago: executing program 6 (id=12608):
syz_mount_image$vfat(&(0x7f0000001080), &(0x7f0000001040)='./file1\x00', 0x2818c54, &(0x7f00000010c0)={[{@rodir}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@shortname_mixed}, {@rodir}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@utf8no}, {@shortname_mixed}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@rodir}, {@shortname_lower}, {@shortname_win95}]}, 0x7f, 0x2c9, &(0x7f00000011c0)="$eJzs3c2KI1UUAOBT6aQ7GYVk4UoEC3ThKszME3SQFgazUmqhGx2cHpAkDHQg4A/GWbkXXLnyBdzNA/gAbnwDFy4Vd85CLEkqlf90G0nPDM33beqk7j1V996+6W4CdfLxa4Peg0fDh4+//DXq9SQqp3EaT5NoRSVKX8cu9Z0tAMCL62mex5954aq+xyuvqpXrHBcAcH1W//43dnc8epajAgCu0/sffPhup9s9ey9N6xGDb0ZZEsWxaO88jE+jH+dxO5rxd0Q+V8Qv3+ueRTNNyw8DRo3IIgYf/Tx73fk9Ypp/J5rRWs8vP1FIp+LNwXiUTe48OdbiVhLRyZOiy91oxisReS1mFykO79zrnt1NN/MjO4633vh+Nv5/zqMdzfjlk3gU/XgwvcQi/6s7afp2/t1fXxQzyCKS8Sg7mfZbyP0HBAAAAAAAAAAAAAAAAAAAAADAwbTTudZy/ZyyGnC7vd5ezSL+GJT5i/pApzGtDzSr8DNeqq9zO03TsozPKKtFUd+nGq9Wo/q85g0AAAAAAAAAAAAAAAAAAAAvkuFnn/fu9/vnFyvBT/kkaFzaZz2oLp0pH+u/Omt70PsxYn7mh9g3/ZIgjmZD6ydLtyiCpGza44JPdjSd7DOwxrabRmXXGlb7UQz+2/0X4fV9J/jfg9ZiqOXu6t1PouzzpFzd1az69k2ytOvKbXgxTPbYkPmWpTsqglubWccHWoTjl/5veiO2NU1mXJsv5mpWfW0xawf5UU7eH8U7ZU1y0N87AAAAAAAAAAAAAAAAAADApsXTv/HbRuPjK5I9EgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADbH4/v95EK31M+vBeJY8PVO5vPPJxXDLbVvPeJoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADccP8GAAD//y05Tjw=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)

0s ago: executing program 5 (id=12609):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, &(0x7f0000000100))

kernel console output (not intermixed with test programs):

] netlink: 76 bytes leftover after parsing attributes in process `syz.7.11606'.
[ 1408.974244][ T1371] loop5: detected capacity change from 0 to 2048
[ 1409.023912][ T1371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1409.084101][T29406] usb 7-1: Using ep0 maxpacket: 32
[ 1409.105281][ T1374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1409.148082][T29406] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1409.185378][T29406] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1409.205097][T29406] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1409.237208][T29406] usb 7-1: Product: syz
[ 1409.261322][T29406] usb 7-1: Manufacturer: syz
[ 1409.295090][T29406] usb 7-1: SerialNumber: syz
[ 1409.339764][T29406] usb 7-1: config 0 descriptor??
[ 1409.389013][ T1364] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1409.443620][T29406] hub 7-1:0.0: bad descriptor, ignoring hub
[ 1409.473017][T29406] hub 7-1:0.0: probe with driver hub failed with error -5
[ 1409.740125][ T1386] loop4: detected capacity change from 0 to 4096
[ 1409.771170][ T1386] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1409.812018][T29406] usb 7-1: USB disconnect, device number 8
[ 1409.919902][ T1399] netlink: 'syz.8.11615': attribute type 71 has an invalid length.
[ 1409.934608][  T529] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 1409.990375][ T1386] ntfs3(loop4): ino=3, ntfs_set_state failed, -22.
[ 1410.023421][ T1386] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[ 1410.149396][  T529] usb 1-1: Using ep0 maxpacket: 8
[ 1410.182236][  T529] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1410.200643][  T529] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 1410.212874][  T529] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 1410.238295][  T529] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1410.272825][T31742] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22.
[ 1410.310367][  T529] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1410.341974][ T5690] ntfs3(loop4): ino=3, ntfs_set_state failed, -22.
[ 1410.368913][  T529] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1410.371889][ T5690] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[ 1410.391465][  T529] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1410.425012][  T529] usb 1-1: Product: syz
[ 1410.434447][ T5690] ntfs3(loop4): ino=3, ntfs_set_state failed, -22.
[ 1410.443520][  T529] usb 1-1: Manufacturer: syz
[ 1410.464132][  T529] usb 1-1: SerialNumber: syz
[ 1410.489061][  T529] usb 1-1: config 0 descriptor??
[ 1410.501289][T31744] ntfs3(loop4): ino=3, ntfs3_write_inode failed, -22.
[ 1410.710598][ T1412] netlink: 88 bytes leftover after parsing attributes in process `syz.8.11621'.
[ 1410.746016][ T1414] syz_tun: left allmulticast mode
[ 1410.766346][  T529] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 1410.786542][ T1414] syz_tun: left promiscuous mode
[ 1410.801659][  T529] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[ 1410.821777][ T1414] bridge0: port 3(syz_tun) entered disabled state
[ 1410.890701][ T1416] misc userio: The device must be registered before sending interrupts
[ 1410.963591][ T1414] bond0: (slave bridge0): Releasing backup interface
[ 1410.973993][ T1382] syz.7.11609 (1382): drop_caches: 2
[ 1410.979149][  T529] radio-si470x 1-1:0.0: si470x_get_report: usb_control_msg returned -71
[ 1411.025408][  T529] radio-si470x 1-1:0.0: si470x_get_scratch: si470x_get_report returned -71
[ 1411.050093][ T1414] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.062932][ T1414] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.073891][  T529] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -5
[ 1411.143660][  T529] usb 1-1: USB disconnect, device number 53
[ 1411.207738][ T1414] bridge_slave_0: left allmulticast mode
[ 1411.241464][ T1414] bridge_slave_0: left promiscuous mode
[ 1411.271963][ T1414] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.311575][ T1414] bridge_slave_1: left allmulticast mode
[ 1411.333101][ T1414] bridge_slave_1: left promiscuous mode
[ 1411.358665][ T1414] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.450006][ T1414] bond0: (slave bond_slave_0): Releasing backup interface
[ 1411.481051][ T1414] bond0: (slave bond_slave_1): Releasing backup interface
[ 1411.488764][ T5810] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1411.525150][ T1414] team0: Port device team_slave_0 removed
[ 1411.556115][ T1414] team0: Port device team_slave_1 removed
[ 1411.588445][ T1414] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[ 1411.669311][ T5810] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1411.702606][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.742936][ T5810] usb 5-1: config 0 descriptor??
[ 1411.999970][ T5810] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1412.224359][ T5810] [drm:udl_init] *ERROR* Selecting channel failed
[ 1412.326765][ T5810] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[ 1412.366704][ T5810] [drm] Initialized udl on minor 2
[ 1412.398488][ T5810] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1412.453392][ T1458] loop8: detected capacity change from 0 to 16
[ 1412.454431][ T5810] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1412.475997][T15171] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1412.528932][ T1458] MTD: Attempt to mount non-MTD device "/dev/loop8"
[ 1412.587153][ T5796] udevd[5796]: incorrect cramfs checksum on /dev/loop8
[ 1412.588447][T15171] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1412.626952][ T5810] usb 5-1: USB disconnect, device number 59
[ 1412.676400][T15171] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 1412.933282][ T1468] loop7: detected capacity change from 0 to 4096
[ 1412.997779][ T1468] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1413.022777][ T1468] NILFS (loop7): mounting unchecked fs
[ 1413.047125][ T1468] NILFS (loop7): recovery required for readonly filesystem
[ 1413.110996][ T1468] NILFS (loop7): write access will be enabled during recovery
[ 1413.271534][ T1468] NILFS (loop7): norecovery option specified, skipping roll-forward recovery
[ 1413.320995][ T6102] udevd[6102]: incorrect nilfs2 checksum on /dev/loop7
[ 1413.482437][ T1468] NILFS (loop7): couldn't remount because the filesystem is in an incomplete recovery state
[ 1413.607662][ T6102] udevd[6102]: incorrect nilfs2 checksum on /dev/loop7
[ 1414.207489][ T1511] netlink: 'syz.5.11664': attribute type 16 has an invalid length.
[ 1414.232150][   T10] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1414.272071][ T1511] netlink: 'syz.5.11664': attribute type 17 has an invalid length.
[ 1414.427075][   T10] usb 8-1: config 2 has an invalid interface number: 19 but max is 0
[ 1414.465957][   T10] usb 8-1: config 2 has no interface number 0
[ 1414.493224][   T10] usb 8-1: config 2 interface 19 has no altsetting 0
[ 1414.542327][   T10] usb 8-1: New USB device found, idVendor=05ac, idProduct=fdc3, bcdDevice=2f.a6
[ 1414.576067][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1414.609982][   T10] usb 8-1: Product: syz
[ 1414.623910][   T10] usb 8-1: Manufacturer: syz
[ 1414.639230][   T10] usb 8-1: SerialNumber: syz
[ 1414.932415][   T10] ipheth 8-1:2.19: Unable to find alternate settings interface
[ 1414.983298][ T1533] loop8: detected capacity change from 0 to 512
[ 1415.012207][   T10] usb 8-1: USB disconnect, device number 6
[ 1415.023733][ T1533] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 not in group (block 0)!
[ 1415.073093][ T1533] EXT4-fs (loop8): group descriptors corrupted!
[ 1415.139379][ T1539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11675'.
[ 1415.691814][ T1555] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1416.107357][ T1572] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11692'.
[ 1416.117179][ T1573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11691'.
[ 1416.146743][ T1573] openvswitch: netlink: Missing key (keys=c0, expected=200000)
[ 1416.513222][ T1588] netlink: 188 bytes leftover after parsing attributes in process `syz.0.11699'.
[ 1416.559748][ T1578] loop5: detected capacity change from 0 to 4096
[ 1416.576791][ T1578] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1416.643617][ T1578] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103]
[ 1416.671940][ T1578] System zones: 0-5
[ 1416.698230][ T1578] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1416.698662][ T1585] loop4: detected capacity change from 0 to 4096
[ 1416.858893][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1416.861337][ T1597] loop6: detected capacity change from 0 to 1024
[ 1417.013372][ T1581] Process accounting resumed
[ 1417.155947][ T1602] loop5: detected capacity change from 0 to 128
[ 1417.214709][ T1597] hfsplus: can't free extent: start 0, count 3
[ 1418.022126][ T1624] usb usb8: usbfs: process 1624 (syz.5.11717) did not claim interface 0 before use
[ 1418.400910][ T1634] loop8: detected capacity change from 0 to 2048
[ 1418.442450][ T1634] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1418.499531][   T31] audit: type=1800 audit(1609.324:292): pid=1634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.11720" name="file1" dev="loop8" ino=1367 res=0 errno=0
[ 1418.591379][ T1638] vti0: entered promiscuous mode
[ 1419.076732][ T1654] loop7: detected capacity change from 0 to 2048
[ 1419.139173][ T1654] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1419.429860][ T1667] loop0: detected capacity change from 0 to 512
[ 1419.640468][ T1667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1419.682625][ T1675] sysfs: cannot create duplicate filename '/class/ieee80211/4Ï€!F�õïVl‘uc'f`å”Þ†’;�œ1µx%ñ†‹M¹Fœ-ôÁõîI'
[ 1419.751806][ T1675] CPU: 1 UID: 0 PID: 1675 Comm: syz.7.11740 Not tainted syzkaller #0 PREEMPT(full) 
[ 1419.751859][ T1675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1419.751883][ T1675] Call Trace:
[ 1419.751896][ T1675]  <TASK>
[ 1419.751911][ T1675]  dump_stack_lvl+0x100/0x190
[ 1419.751960][ T1675]  sysfs_warn_dup.cold+0x1c/0x28
[ 1419.752022][ T1675]  sysfs_do_create_link_sd+0x113/0x140
[ 1419.752096][ T1675]  sysfs_create_link+0x61/0xc0
[ 1419.752136][ T1675]  device_add+0x675/0x1950
[ 1419.752185][ T1675]  ? __pfx_device_add+0x10/0x10
[ 1419.752225][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.752274][ T1675]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1419.752319][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.752368][ T1675]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[ 1419.752447][ T1675]  wiphy_register+0x1edd/0x2d90
[ 1419.752495][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.752541][ T1675]  ? __rtnl_unlock+0xb9/0xf0
[ 1419.752610][ T1675]  ? __pfx_wiphy_register+0x10/0x10
[ 1419.752661][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.752709][ T1675]  ? __asan_memset+0x23/0x50
[ 1419.752758][ T1675]  ? minstrel_ht_alloc+0x5e6/0x7f0
[ 1419.752844][ T1675]  ieee80211_register_hw+0x3055/0x4570
[ 1419.752932][ T1675]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1419.752995][ T1675]  ? __pfx___debug_object_init+0x10/0x10
[ 1419.753055][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753101][ T1675]  ? find_held_lock+0x2b/0x80
[ 1419.753160][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753208][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753253][ T1675]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1419.753298][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753345][ T1675]  ? __hrtimer_setup+0x208/0x330
[ 1419.753403][ T1675]  mac80211_hwsim_new_radio+0x2a01/0x5aa0
[ 1419.753488][ T1675]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1419.753544][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753600][ T1675]  ? __asan_memcpy+0x3c/0x60
[ 1419.753654][ T1675]  hwsim_new_radio_nl+0xc5f/0x1370
[ 1419.753704][ T1675]  ? rcu_is_watching+0x12/0xc0
[ 1419.753763][ T1675]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1419.753827][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753875][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.753923][ T1675]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[ 1419.754001][ T1675]  genl_family_rcv_msg_doit+0x214/0x300
[ 1419.754068][ T1675]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1419.754129][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.754177][ T1675]  ? genl_get_cmd+0x3e7/0x760
[ 1419.754247][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.754295][ T1675]  ? security_capable+0x80/0x260
[ 1419.754363][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.754411][ T1675]  ? ns_capable+0xd2/0xf0
[ 1419.754466][ T1675]  genl_rcv_msg+0x560/0x800
[ 1419.754535][ T1675]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1419.754659][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.754709][ T1675]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1419.754763][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.754811][ T1675]  ? __lock_acquire+0x4a5/0x2630
[ 1419.754866][ T1675]  netlink_rcv_skb+0x159/0x420
[ 1419.754922][ T1675]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1419.754987][ T1675]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1419.755062][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.755110][ T1675]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1419.755170][ T1675]  genl_rcv+0x28/0x40
[ 1419.755225][ T1675]  netlink_unicast+0x585/0x850
[ 1419.755287][ T1675]  ? __pfx_netlink_unicast+0x10/0x10
[ 1419.755358][ T1675]  netlink_sendmsg+0x8b0/0xda0
[ 1419.755422][ T1675]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1419.755474][ T1675]  ? __pfx___might_fault+0x10/0x10
[ 1419.755529][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.755586][ T1675]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1419.755662][ T1675]  ____sys_sendmsg+0x9e1/0xb70
[ 1419.755711][ T1675]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1419.755769][ T1675]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1419.755833][ T1675]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1419.755905][ T1675]  ___sys_sendmsg+0x190/0x1e0
[ 1419.755965][ T1675]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1419.756020][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.756091][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.756175][ T1675]  __sys_sendmsg+0x170/0x220
[ 1419.756218][ T1675]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1419.756259][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.756307][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.756375][ T1675]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1419.756423][ T1675]  ? rcu_is_watching+0x12/0xc0
[ 1419.756486][ T1675]  do_syscall_64+0x115/0x870
[ 1419.756560][ T1675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1419.756602][ T1675] RIP: 0033:0x7fa64559ce59
[ 1419.756633][ T1675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1419.756671][ T1675] RSP: 002b:00007fa64646a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1419.756709][ T1675] RAX: ffffffffffffffda RBX: 00007fa645815fa0 RCX: 00007fa64559ce59
[ 1419.756736][ T1675] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[ 1419.756762][ T1675] RBP: 00007fa645632d6f R08: 0000000000000000 R09: 0000000000000000
[ 1419.756787][ T1675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1419.756812][ T1675] R13: 00007fa645816038 R14: 00007fa645815fa0 R15: 00007ffcde62de98
[ 1419.756866][ T1675]  </TASK>
[ 1420.568795][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1420.828024][ T1695] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1420.856481][ T1695] netlink: 'syz.6.11749': attribute type 1 has an invalid length.
[ 1421.268534][ T1705] loop0: detected capacity change from 0 to 4096
[ 1421.337398][ T1714] loop6: detected capacity change from 0 to 256
[ 1421.378203][ T1714] exfat: Deprecated parameter 'namecase'
[ 1421.403304][ T1716] ip6t_srh: unknown srh invflags 7F00
[ 1421.408949][ T1714] exfat: Deprecated parameter 'namecase'
[ 1421.431366][ T1714] exfat: Deprecated parameter 'utf8'
[ 1421.495139][ T1714] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1421.652369][ T1704] Process accounting resumed
[ 1421.914532][ T1728] sysfs: cannot create duplicate filename '/class/ieee80211/4Ï€!F�õïVl‘uc'f`å”Þ†’;�œ1µx%ñ†‹M¹Fœ-ôÁõîI'
[ 1421.953169][ T1728] CPU: 0 UID: 0 PID: 1728 Comm: syz.5.11765 Not tainted syzkaller #0 PREEMPT(full) 
[ 1421.953221][ T1728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1421.953246][ T1728] Call Trace:
[ 1421.953259][ T1728]  <TASK>
[ 1421.953274][ T1728]  dump_stack_lvl+0x100/0x190
[ 1421.953324][ T1728]  sysfs_warn_dup.cold+0x1c/0x28
[ 1421.953384][ T1728]  sysfs_do_create_link_sd+0x113/0x140
[ 1421.953459][ T1728]  sysfs_create_link+0x61/0xc0
[ 1421.953499][ T1728]  device_add+0x675/0x1950
[ 1421.953548][ T1728]  ? __pfx_device_add+0x10/0x10
[ 1421.953590][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.953639][ T1728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1421.953685][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.953733][ T1728]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[ 1421.953815][ T1728]  wiphy_register+0x1edd/0x2d90
[ 1421.953864][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.953920][ T1728]  ? __rtnl_unlock+0xb9/0xf0
[ 1421.953983][ T1728]  ? __pfx_wiphy_register+0x10/0x10
[ 1421.954035][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954084][ T1728]  ? __asan_memset+0x23/0x50
[ 1421.954138][ T1728]  ? minstrel_ht_alloc+0x5e6/0x7f0
[ 1421.954225][ T1728]  ieee80211_register_hw+0x3055/0x4570
[ 1421.954315][ T1728]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1421.954380][ T1728]  ? __pfx___debug_object_init+0x10/0x10
[ 1421.954441][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954489][ T1728]  ? find_held_lock+0x2b/0x80
[ 1421.954551][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954600][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954647][ T1728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1421.954693][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954743][ T1728]  ? __hrtimer_setup+0x208/0x330
[ 1421.954801][ T1728]  mac80211_hwsim_new_radio+0x2a01/0x5aa0
[ 1421.954893][ T1728]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1421.954950][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.954999][ T1728]  ? __asan_memcpy+0x3c/0x60
[ 1421.955052][ T1728]  hwsim_new_radio_nl+0xc5f/0x1370
[ 1421.955102][ T1728]  ? rcu_is_watching+0x12/0xc0
[ 1421.955160][ T1728]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1421.955225][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.955273][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.955320][ T1728]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[ 1421.955399][ T1728]  genl_family_rcv_msg_doit+0x214/0x300
[ 1421.955469][ T1728]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1421.955530][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.955578][ T1728]  ? genl_get_cmd+0x3e7/0x760
[ 1421.955647][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.955694][ T1728]  ? security_capable+0x80/0x260
[ 1421.955764][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.955814][ T1728]  ? ns_capable+0xd2/0xf0
[ 1421.955869][ T1728]  genl_rcv_msg+0x560/0x800
[ 1421.955946][ T1728]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1421.956007][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.956058][ T1728]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1421.956113][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.956161][ T1728]  ? __lock_acquire+0x4a5/0x2630
[ 1421.956215][ T1728]  netlink_rcv_skb+0x159/0x420
[ 1421.956272][ T1728]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1421.956369][ T1728]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1421.956446][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.956495][ T1728]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1421.956554][ T1728]  genl_rcv+0x28/0x40
[ 1421.956610][ T1728]  netlink_unicast+0x585/0x850
[ 1421.956673][ T1728]  ? __pfx_netlink_unicast+0x10/0x10
[ 1421.956743][ T1728]  netlink_sendmsg+0x8b0/0xda0
[ 1421.956807][ T1728]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1421.956860][ T1728]  ? __pfx___might_fault+0x10/0x10
[ 1421.956923][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.956971][ T1728]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1421.957050][ T1728]  ____sys_sendmsg+0x9e1/0xb70
[ 1421.957103][ T1728]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1421.957163][ T1728]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1421.957227][ T1728]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1421.957299][ T1728]  ___sys_sendmsg+0x190/0x1e0
[ 1421.957359][ T1728]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1421.957415][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.957489][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.957572][ T1728]  __sys_sendmsg+0x170/0x220
[ 1421.957615][ T1728]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1421.957656][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.957704][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.957771][ T1728]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1421.957821][ T1728]  ? rcu_is_watching+0x12/0xc0
[ 1421.957898][ T1728]  do_syscall_64+0x115/0x870
[ 1421.957966][ T1728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1421.958008][ T1728] RIP: 0033:0x7fea8bd9ce59
[ 1421.958040][ T1728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1421.958078][ T1728] RSP: 002b:00007fea8cb8f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1421.958116][ T1728] RAX: ffffffffffffffda RBX: 00007fea8c015fa0 RCX: 00007fea8bd9ce59
[ 1421.958144][ T1728] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[ 1421.958170][ T1728] RBP: 00007fea8be32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1421.958196][ T1728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1421.958221][ T1728] R13: 00007fea8c016038 R14: 00007fea8c015fa0 R15: 00007ffc570690f8
[ 1421.958275][ T1728]  </TASK>
[ 1422.502471][ T1736] kAFS: unable to lookup cell ''
[ 1422.790582][ T1741] loop7: detected capacity change from 0 to 1024
[ 1422.861895][ T1741] EXT4-fs: Ignoring removed orlov option
[ 1422.871188][ T1741] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[ 1422.942642][ T1741] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1423.043372][ T1741] EXT4-fs (loop7): revision level too high, forcing read-only mode
[ 1423.092188][ T1741] EXT4-fs (loop7): Can't support bigalloc feature without extents feature
[ 1423.092188][ T1741] 
[ 1423.202353][ T1741] EXT4-fs (loop7): Skipping orphan cleanup due to unknown ROCOMPAT features
[ 1423.283553][ T1741] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1423.462910][ T1772] netlink: 'syz.6.11786': attribute type 16 has an invalid length.
[ 1423.497741][ T1772] netlink: 'syz.6.11786': attribute type 17 has an invalid length.
[ 1423.548008][T29238] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1423.735179][ T1772] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1423.786577][ T1772] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1424.128816][ T1786] sysfs: cannot create duplicate filename '/class/ieee80211/4Ï€!F�õïVl‘uc'f`å”Þ†’;�œ1µx%ñ†‹M¹Fœ-ôÁõîI'
[ 1424.151457][ T1788] loop4: detected capacity change from 0 to 128
[ 1424.188379][ T1786] CPU: 0 UID: 0 PID: 1786 Comm: syz.8.11792 Not tainted syzkaller #0 PREEMPT(full) 
[ 1424.188430][ T1786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1424.188454][ T1786] Call Trace:
[ 1424.188467][ T1786]  <TASK>
[ 1424.188483][ T1786]  dump_stack_lvl+0x100/0x190
[ 1424.188542][ T1786]  sysfs_warn_dup.cold+0x1c/0x28
[ 1424.188607][ T1786]  sysfs_do_create_link_sd+0x113/0x140
[ 1424.188680][ T1786]  sysfs_create_link+0x61/0xc0
[ 1424.188718][ T1786]  device_add+0x675/0x1950
[ 1424.188765][ T1786]  ? __pfx_device_add+0x10/0x10
[ 1424.188805][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.188853][ T1786]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1424.188898][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.188945][ T1786]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[ 1424.189025][ T1786]  wiphy_register+0x1edd/0x2d90
[ 1424.189074][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189122][ T1786]  ? __rtnl_unlock+0xb9/0xf0
[ 1424.189185][ T1786]  ? __pfx_wiphy_register+0x10/0x10
[ 1424.189238][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189285][ T1786]  ? __asan_memset+0x23/0x50
[ 1424.189334][ T1786]  ? minstrel_ht_alloc+0x5e6/0x7f0
[ 1424.189418][ T1786]  ieee80211_register_hw+0x3055/0x4570
[ 1424.189514][ T1786]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1424.189588][ T1786]  ? __pfx___debug_object_init+0x10/0x10
[ 1424.189648][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189697][ T1786]  ? find_held_lock+0x2b/0x80
[ 1424.189758][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189806][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189854][ T1786]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1424.189898][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.189946][ T1786]  ? __hrtimer_setup+0x208/0x330
[ 1424.190004][ T1786]  mac80211_hwsim_new_radio+0x2a01/0x5aa0
[ 1424.190089][ T1786]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1424.190146][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.190194][ T1786]  ? __asan_memcpy+0x3c/0x60
[ 1424.190248][ T1786]  hwsim_new_radio_nl+0xc5f/0x1370
[ 1424.190298][ T1786]  ? rcu_is_watching+0x12/0xc0
[ 1424.190358][ T1786]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1424.190420][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.190469][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.190516][ T1786]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[ 1424.190601][ T1786]  genl_family_rcv_msg_doit+0x214/0x300
[ 1424.190673][ T1786]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1424.190734][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.190782][ T1786]  ? genl_get_cmd+0x3e7/0x760
[ 1424.190852][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.190900][ T1786]  ? security_capable+0x80/0x260
[ 1424.190967][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.191015][ T1786]  ? ns_capable+0xd2/0xf0
[ 1424.191070][ T1786]  genl_rcv_msg+0x560/0x800
[ 1424.191140][ T1786]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1424.191202][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.191253][ T1786]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1424.191308][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.191356][ T1786]  ? __lock_acquire+0x4a5/0x2630
[ 1424.191410][ T1786]  netlink_rcv_skb+0x159/0x420
[ 1424.191466][ T1786]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1424.191541][ T1786]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1424.191618][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.191667][ T1786]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1424.191728][ T1786]  genl_rcv+0x28/0x40
[ 1424.191785][ T1786]  netlink_unicast+0x585/0x850
[ 1424.191850][ T1786]  ? __pfx_netlink_unicast+0x10/0x10
[ 1424.191920][ T1786]  netlink_sendmsg+0x8b0/0xda0
[ 1424.191985][ T1786]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1424.192038][ T1786]  ? __pfx___might_fault+0x10/0x10
[ 1424.192094][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.192144][ T1786]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1424.192223][ T1786]  ____sys_sendmsg+0x9e1/0xb70
[ 1424.192276][ T1786]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1424.192337][ T1786]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1424.192402][ T1786]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1424.192473][ T1786]  ___sys_sendmsg+0x190/0x1e0
[ 1424.192540][ T1786]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1424.192595][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.192668][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.192753][ T1786]  __sys_sendmsg+0x170/0x220
[ 1424.192795][ T1786]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1424.192835][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.192883][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.192952][ T1786]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1424.193002][ T1786]  ? rcu_is_watching+0x12/0xc0
[ 1424.193065][ T1786]  do_syscall_64+0x115/0x870
[ 1424.193132][ T1786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1424.193172][ T1786] RIP: 0033:0x7f2b65d9ce59
[ 1424.193204][ T1786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1424.193243][ T1786] RSP: 002b:00007f2b66b82028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1424.193282][ T1786] RAX: ffffffffffffffda RBX: 00007f2b66015fa0 RCX: 00007f2b65d9ce59
[ 1424.193310][ T1786] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[ 1424.193336][ T1786] RBP: 00007f2b65e32d6f R08: 0000000000000000 R09: 0000000000000000
[ 1424.193362][ T1786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1424.193386][ T1786] R13: 00007f2b66016038 R14: 00007f2b66015fa0 R15: 00007fffbec2bd58
[ 1424.193440][ T1786]  </TASK>
[ 1424.926168][ T1776] loop0: detected capacity change from 0 to 32768
[ 1425.301424][ T1800] loop5: detected capacity change from 0 to 128
[ 1425.314484][ T1797] loop8: detected capacity change from 0 to 512
[ 1425.337489][ T1800] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1425.451606][ T1797] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0002]
[ 1425.495214][ T1797] System zones: 1-12
[ 1425.500315][ T5705] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1425.588343][ T1797] EXT4-fs error (device loop8): ext4_xattr_inode_iget:444: comm syz.8.11801: error while reading EA inode 32 err=-116
[ 1425.625683][ T1797] loop8: lost filesystem error report for type 5 error -117
[ 1425.636234][    C0] EXT4-fs (loop8): error count since last fsck: 1
[ 1425.650151][    C0] EXT4-fs (loop8): initial error at time 1616: ext4_xattr_inode_iget:444
[ 1425.658640][    C0] EXT4-fs (loop8): last error at time 1616: ext4_xattr_inode_iget:444
[ 1425.699748][ T1797] EXT4-fs (loop8): Remounting filesystem read-only
[ 1425.719229][ T1797] EXT4-fs warning (device loop8): ext4_evict_inode:269: couldn't mark inode dirty (err -30)
[ 1425.768018][ T1797] EXT4-fs (loop8): 1 orphan inode deleted
[ 1425.806984][ T1797] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1425.817892][ T1809] loop4: detected capacity change from 0 to 4096
[ 1425.837069][ T1817] PM: Enabling pm_trace changes system date and time during resume.
[ 1425.837069][ T1817] PM: Correct system time has to be restored manually after resume.
[ 1425.868601][ T1797] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1425.900628][ T1814] loop5: detected capacity change from 0 to 256
[ 1425.947800][ T1814] exfat: Deprecated parameter 'namecase'
[ 1425.970184][ T1814] exfat: Deprecated parameter 'utf8'
[ 1426.050356][ T1814] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[ 1426.082287][ T1809] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[ 1426.217913][ T1809] ntfs3(loop4): Failed to load $Extend (-22).
[ 1426.256762][ T1809] ntfs3(loop4): Failed to initialize $Extend.
[ 1426.292051][ T1819] loop0: detected capacity change from 0 to 1024
[ 1426.381586][ T1819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1426.665271][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 1427.000743][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.288405][ T1845] netlink: 'syz.4.11814': attribute type 16 has an invalid length.
[ 1427.328295][ T1845] netlink: 'syz.4.11814': attribute type 17 has an invalid length.
[ 1427.471319][ T1845] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1427.503630][ T1845] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1427.630536][ T1859] PKCS8: Unsupported PKCS#8 version
[ 1427.672346][ T1858] loop0: detected capacity change from 0 to 1024
[ 1427.844629][ T1858] hfsplus: keylen 65060 too large
[ 1427.875657][ T1858] hfsplus: keylen 65060 too large
[ 1428.123690][ T1870] loop5: detected capacity change from 0 to 512
[ 1428.190306][ T1870] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[ 1428.332066][ T1870] EXT4-fs (loop5): 1 truncate cleaned up
[ 1428.380231][ T1867] loop6: detected capacity change from 0 to 4096
[ 1428.410211][ T1870] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1428.580316][ T1867] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1428.607851][ T1870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.686349][ T1867] ntfs3(loop6): Failed to load $Extend (-22).
[ 1428.727472][ T1867] ntfs3(loop6): Failed to initialize $Extend.
[ 1428.909927][ T1894] netlink: 'syz.8.11838': attribute type 2 has an invalid length.
[ 1429.236858][ T1899] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1429.738258][ T1922] QAT: failed to copy from user cfg_data.
[ 1430.444741][ T1947] sctp: [Deprecated]: syz.7.11860 (pid 1947) Use of int in max_burst socket option deprecated.
[ 1430.444741][ T1947] Use struct sctp_assoc_value instead
[ 1430.643571][ T1949] set_capacity_and_notify: 1 callbacks suppressed
[ 1430.643600][ T1949] loop8: detected capacity change from 0 to 1024
[ 1430.780602][ T1949] hfsplus: keylen 65060 too large
[ 1430.801653][ T1949] hfsplus: keylen 65060 too large
[ 1431.127038][ T1967] mac80211_hwsim hwsim23 wlan0: left allmulticast mode
[ 1431.257281][ T1969] netlink: 'syz.8.11870': attribute type 16 has an invalid length.
[ 1431.300467][ T1969] netlink: 'syz.8.11870': attribute type 17 has an invalid length.
[ 1431.426130][ T1969] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1431.462654][ T1975] loop7: detected capacity change from 0 to 256
[ 1431.471613][ T1969] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1431.875256][ T1955] loop4: detected capacity change from 0 to 32768
[ 1432.037941][ T1983] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11879'.
[ 1432.138846][ T1987] loop8: detected capacity change from 0 to 16
[ 1432.201837][ T1987] erofs (device loop8): mounted with root inode @ nid 36.
[ 1432.290009][ T1987] syz.8.11880: attempt to access beyond end of device
[ 1432.290009][ T1987] loop8: rw=524288, sector=8, nr_sectors = 24 limit=16
[ 1432.371423][ T1987] erofs (device loop8): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 4096
[ 1432.426220][ T1987] erofs (device loop8): read error -117 @ 0 of nid 89
[ 1432.447984][ T1989] loop7: detected capacity change from 0 to 4096
[ 1432.472266][   T31] audit: type=1800 audit(1622.423:293): pid=1987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.11880" name="file2" dev="loop8" ino=89 res=0 errno=0
[ 1432.511520][ T1965] loop6: detected capacity change from 0 to 32768
[ 1432.546657][ T1965] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.11869 (1965)
[ 1432.616263][ T1989] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1432.678438][ T1965] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1432.731593][ T1965] BTRFS info (device loop6): using sha256 checksum algorithm
[ 1432.854292][ T2019] netlink: 'syz.5.11890': attribute type 9 has an invalid length.
[ 1432.900324][T29238] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1432.976389][ T1965] BTRFS info (device loop6): enabling ssd optimizations
[ 1432.993964][  T529] usb 5-1: new full-speed USB device number 60 using dummy_hcd
[ 1433.026773][ T1965] BTRFS info (device loop6): turning on async discard
[ 1433.069918][ T1965] BTRFS info (device loop6): enabling free space tree
[ 1433.166575][ T2027] netlink: 'syz.0.11893': attribute type 16 has an invalid length.
[ 1433.197721][ T2027] netlink: 'syz.0.11893': attribute type 17 has an invalid length.
[ 1433.212421][  T529] usb 5-1: config 0 has an invalid interface number: 96 but max is 0
[ 1433.240530][  T529] usb 5-1: config 0 has no interface number 0
[ 1433.260493][ T2027] bridge0: port 3(syz_tun) entered disabled state
[ 1433.266431][  T529] usb 5-1: config 0 interface 96 altsetting 3 endpoint 0x88 has an invalid bInterval 0, changing to 10
[ 1433.287847][ T2029] Unknown options in mask b7f2
[ 1433.305208][T28986] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1433.317313][  T529] usb 5-1: config 0 interface 96 altsetting 3 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1433.360777][  T529] usb 5-1: config 0 interface 96 has no altsetting 0
[ 1433.393388][  T529] usb 5-1: New USB device found, idVendor=0b57, idProduct=6a8d, bcdDevice=33.74
[ 1433.399203][ T2027] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1433.448628][  T529] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1433.465573][ T2027] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1433.509100][  T529] usb 5-1: Product: syz
[ 1433.536006][  T529] usb 5-1: Manufacturer: syz
[ 1433.584257][  T529] usb 5-1: SerialNumber: syz
[ 1433.638216][  T529] usb 5-1: config 0 descriptor??
[ 1433.868541][ T2038] netlink: 12 bytes leftover after parsing attributes in process `syz.6.11896'.
[ 1434.277189][  T529] usb 5-1: USB disconnect, device number 60
[ 1434.375937][ T2049] syz_tun: left allmulticast mode
[ 1434.429217][ T2049] syz_tun: left promiscuous mode
[ 1434.470758][ T2049] bridge0: port 3(syz_tun) entered disabled state
[ 1434.611669][ T2049] bond0: (slave bridge0): Releasing backup interface
[ 1434.752792][ T2059] loop7: detected capacity change from 0 to 64
[ 1434.784602][ T2049] bridge_slave_0: left allmulticast mode
[ 1434.820412][ T2049] bridge_slave_0: left promiscuous mode
[ 1434.848571][ T2049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1434.958854][ T2049] bridge_slave_1: left allmulticast mode
[ 1434.981821][ T2049] bridge_slave_1: left promiscuous mode
[ 1435.003994][ T2049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1435.096157][ T2049] bond0: (slave bond_slave_0): Releasing backup interface
[ 1435.191379][ T2049] bond0: (slave bond_slave_1): Releasing backup interface
[ 1435.354962][ T2049] team0: Port device team_slave_0 removed
[ 1435.459983][ T2049] team0: Port device team_slave_1 removed
[ 1435.512232][ T2071] loop5: detected capacity change from 0 to 4096
[ 1435.518991][ T2049] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1435.605659][ T2071] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1435.701059][ T2071] ntfs3(loop5): Failed to load $Extend (-22).
[ 1435.728837][ T2071] ntfs3(loop5): Failed to initialize $Extend.
[ 1436.131754][ T2091] loop7: detected capacity change from 0 to 2048
[ 1436.171079][ T2098] loop4: detected capacity change from 0 to 128
[ 1436.210826][ T2091] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1436.265988][ T2098] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1436.545919][ T5690] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1436.885789][ T2117] bridge_slave_0: left allmulticast mode
[ 1436.907839][ T2117] bridge_slave_0: left promiscuous mode
[ 1436.931598][ T2117] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1436.979110][ T2117] bridge_slave_1: left allmulticast mode
[ 1436.990856][ T2117] bridge_slave_1: left promiscuous mode
[ 1436.998774][ T2117] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1437.058013][ T2117] bond0: (slave bond_slave_0): Releasing backup interface
[ 1437.164075][ T2117] bond0: (slave bond_slave_1): Releasing backup interface
[ 1437.212636][ T2128] loop4: detected capacity change from 0 to 736
[ 1437.243323][ T2117] team0: Port device team_slave_0 removed
[ 1437.309094][ T2133] loop7: detected capacity change from 0 to 1024
[ 1437.317907][ T2117] team0: Port device team_slave_1 removed
[ 1437.334789][ T2117] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1437.369920][ T2117] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1437.399169][ T2117] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1437.417758][ T2117] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1437.458008][ T2117] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1437.476447][ T2133] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1437.586084][ T2115] sysfs: cannot create duplicate filename '/class/ieee80211/4Ï€!F�õïVl‘uc'f`å”Þ†’;�œ1µx%ñ†‹M¹Fœ-ôÁõîI'
[ 1437.610112][ T2137] loop5: detected capacity change from 0 to 256
[ 1437.648649][ T2115] CPU: 0 UID: 0 PID: 2115 Comm: syz.6.11933 Not tainted syzkaller #0 PREEMPT(full) 
[ 1437.648701][ T2115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1437.648725][ T2115] Call Trace:
[ 1437.648738][ T2115]  <TASK>
[ 1437.648751][ T2115]  dump_stack_lvl+0x100/0x190
[ 1437.648799][ T2115]  sysfs_warn_dup.cold+0x1c/0x28
[ 1437.648856][ T2115]  sysfs_do_create_link_sd+0x113/0x140
[ 1437.648928][ T2115]  sysfs_create_link+0x61/0xc0
[ 1437.648965][ T2115]  device_add+0x675/0x1950
[ 1437.649014][ T2115]  ? __pfx_device_add+0x10/0x10
[ 1437.649061][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.649108][ T2115]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1437.649150][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.649195][ T2115]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[ 1437.649271][ T2115]  wiphy_register+0x1edd/0x2d90
[ 1437.649316][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.649368][ T2115]  ? __rtnl_unlock+0xb9/0xf0
[ 1437.649428][ T2115]  ? __pfx_wiphy_register+0x10/0x10
[ 1437.649479][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.649524][ T2115]  ? __asan_memset+0x23/0x50
[ 1437.649570][ T2115]  ? minstrel_ht_alloc+0x5e6/0x7f0
[ 1437.649651][ T2115]  ieee80211_register_hw+0x3055/0x4570
[ 1437.649736][ T2115]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1437.649802][ T2115]  ? __pfx___debug_object_init+0x10/0x10
[ 1437.649868][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.649916][ T2115]  ? find_held_lock+0x2b/0x80
[ 1437.649976][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650022][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650083][ T2115]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1437.650127][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650172][ T2115]  ? __hrtimer_setup+0x208/0x330
[ 1437.650230][ T2115]  mac80211_hwsim_new_radio+0x2a01/0x5aa0
[ 1437.650316][ T2115]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1437.650372][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650421][ T2115]  ? __asan_memcpy+0x3c/0x60
[ 1437.650475][ T2115]  hwsim_new_radio_nl+0xc5f/0x1370
[ 1437.650525][ T2115]  ? rcu_is_watching+0x12/0xc0
[ 1437.650585][ T2115]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1437.650649][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650697][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.650746][ T2115]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[ 1437.650826][ T2115]  genl_family_rcv_msg_doit+0x214/0x300
[ 1437.650895][ T2115]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1437.650957][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651007][ T2115]  ? genl_get_cmd+0x3e7/0x760
[ 1437.651085][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651134][ T2115]  ? security_capable+0x80/0x260
[ 1437.651203][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651252][ T2115]  ? ns_capable+0xd2/0xf0
[ 1437.651308][ T2115]  genl_rcv_msg+0x560/0x800
[ 1437.651377][ T2115]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1437.651440][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651489][ T2115]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1437.651545][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651594][ T2115]  ? __lock_acquire+0x4a5/0x2630
[ 1437.651649][ T2115]  netlink_rcv_skb+0x159/0x420
[ 1437.651729][ T2115]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1437.651795][ T2115]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1437.651872][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.651921][ T2115]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1437.651982][ T2115]  genl_rcv+0x28/0x40
[ 1437.652037][ T2115]  netlink_unicast+0x585/0x850
[ 1437.652106][ T2115]  ? __pfx_netlink_unicast+0x10/0x10
[ 1437.652177][ T2115]  netlink_sendmsg+0x8b0/0xda0
[ 1437.652242][ T2115]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1437.652296][ T2115]  ? __pfx___might_fault+0x10/0x10
[ 1437.652350][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.652399][ T2115]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1437.652478][ T2115]  ____sys_sendmsg+0x9e1/0xb70
[ 1437.652530][ T2115]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1437.652590][ T2115]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1437.652655][ T2115]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1437.652728][ T2115]  ___sys_sendmsg+0x190/0x1e0
[ 1437.652788][ T2115]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1437.652843][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.652917][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.653002][ T2115]  __sys_sendmsg+0x170/0x220
[ 1437.653044][ T2115]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1437.653089][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.653138][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.653208][ T2115]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1437.653257][ T2115]  ? rcu_is_watching+0x12/0xc0
[ 1437.653320][ T2115]  do_syscall_64+0x115/0x870
[ 1437.653387][ T2115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1437.653429][ T2115] RIP: 0033:0x7f4a46f9ce59
[ 1437.653461][ T2115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1437.653502][ T2115] RSP: 002b:00007f4a47e49028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1437.653540][ T2115] RAX: ffffffffffffffda RBX: 00007f4a47215fa0 RCX: 00007f4a46f9ce59
[ 1437.653566][ T2115] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000004
[ 1437.653591][ T2115] RBP: 00007f4a47032d6f R08: 0000000000000000 R09: 0000000000000000
[ 1437.653616][ T2115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1437.653640][ T2115] R13: 00007f4a47216038 R14: 00007f4a47215fa0 R15: 00007ffdc2532b58
[ 1437.653693][ T2115]  </TASK>
[ 1438.429124][ T2137] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1438.469101][T29238] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1438.691773][ T2141] loop8: detected capacity change from 0 to 764
[ 1438.754390][ T2147] loop7: detected capacity change from 0 to 128
[ 1438.768458][ T2141] Symlink component flag not implemented
[ 1438.783370][ T2147] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1438.785566][ T2141] Symlink component flag not implemented (122)
[ 1438.824548][ T2145] loop4: detected capacity change from 0 to 16
[ 1438.834663][ T2147] hpfs: filesystem error: improperly stopped
[ 1438.859795][ T2147] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1438.874230][ T2145] erofs (device loop4): mounted with root inode @ nid 36.
[ 1438.892840][ T2147] hpfs: You really don't want any checks? You are crazy...
[ 1438.927784][ T2147] hpfs: hpfs_map_sector(): read error
[ 1438.966017][ T2147] hpfs: code page support is disabled
[ 1438.999694][ T2147] hpfs: hpfs_map_4sectors(): unaligned read
[ 1439.033208][ T2147] hpfs: hpfs_map_4sectors(): unaligned read
[ 1439.064994][ T2147] hpfs: filesystem error: unable to find root dir
[ 1439.184211][ T2153] netlink: 68 bytes leftover after parsing attributes in process `syz.8.11953'.
[ 1439.261226][ T2153] netlink: 16 bytes leftover after parsing attributes in process `syz.8.11953'.
[ 1439.587030][ T2161] netlink: 'syz.6.11956': attribute type 16 has an invalid length.
[ 1439.636419][ T2161] netlink: 'syz.6.11956': attribute type 17 has an invalid length.
[ 1439.677371][ T2139] loop0: detected capacity change from 0 to 40427
[ 1439.812397][ T2139] F2FS-fs (loop0): Image doesn't support compression
[ 1439.835212][ T2139] F2FS-fs (loop0): invalid crc value
[ 1439.937054][ T2168] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11960'.
[ 1439.979186][ T2168] netlink: 224 bytes leftover after parsing attributes in process `syz.4.11960'.
[ 1440.032653][ T2170] bridge_slave_0: left allmulticast mode
[ 1440.039201][ T2172] loop5: detected capacity change from 0 to 1024
[ 1440.052608][ T2170] bridge_slave_0: left promiscuous mode
[ 1440.070990][ T2170] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1440.131682][ T2172] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1440.134726][ T2170] bridge_slave_1: left allmulticast mode
[ 1440.155194][ T2170] bridge_slave_1: left promiscuous mode
[ 1440.161295][ T2170] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1440.198324][ T2139] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1440.253667][ T2170] bond0: (slave bond_slave_0): Releasing backup interface
[ 1440.315048][ T2170] bond0: (slave bond_slave_1): Releasing backup interface
[ 1440.401919][ T2170] team0: Port device team_slave_0 removed
[ 1440.404871][ T2139] F2FS-fs (loop0): Start checkpoint disabled!
[ 1440.463940][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1440.496490][ T2139] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[ 1440.499008][ T2170] team0: Port device team_slave_1 removed
[ 1440.511690][ T2139] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1440.543796][ T2170] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1440.561185][ T2170] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1440.588892][ T2170] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1440.597118][ T2170] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1440.622998][ T2170] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1440.801313][ T2178] libceph: resolve '.‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ 
£~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð' (ret=-3): failed
[ 1441.026672][ T2165] Bad next:5 of the last slot in dtroot
[ 1441.026672][ T2165] 
[ 1441.071158][ T2165] ERROR: (device loop8): copy_from_dinode: Corrupt dtroot
[ 1441.071158][ T2165] 
[ 1441.137320][ T2165] ERROR: (device loop8): remounting filesystem as read-only
[ 1441.176692][ T2165] jfs_lookup: iget failed on inum 32
[ 1441.482678][ T2195] Attempt to read inode for relocated directory
[ 1441.645760][ T2201] openvswitch: netlink: Missing valid actions attribute.
[ 1441.685957][ T2201] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1441.946668][ T2207] set_capacity_and_notify: 2 callbacks suppressed
[ 1441.946697][ T2207] loop8: detected capacity change from 0 to 1024
[ 1442.061424][ T2207] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1442.125660][ T2206] loop7: detected capacity change from 0 to 4096
[ 1442.193105][ T2207] EXT4-fs warning (device loop8): ext4_rmdir:3189: inode #11: comm syz.8.11979: empty directory 'file1' has too many links (111)
[ 1442.331935][ T2206] ntfs3(loop7): Failed to initialize $Extend/$Reparse.
[ 1442.503967][T31691] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1442.542245][ T2220] loop0: detected capacity change from 0 to 164
[ 1442.630288][ T2220] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1442.698177][ T2220] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1442.769646][ T2220] Symlink component flag not implemented
[ 1442.819576][ T2220] Symlink component flag not implemented
[ 1442.846903][ T2225] netlink: 76 bytes leftover after parsing attributes in process `syz.8.11984'.
[ 1442.866305][ T2220] Symlink component flag not implemented (7)
[ 1442.904210][ T2220] Symlink component flag not implemented (116)
[ 1442.941233][ T2193] loop5: detected capacity change from 0 to 32768
[ 1443.011881][ T2193] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.11972 (2193)
[ 1443.119230][ T2193] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1443.167722][ T2193] BTRFS info (device loop5): using sha256 checksum algorithm
[ 1443.257190][   T31] audit: type=1326 audit(1632.507:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.340851][   T31] audit: type=1326 audit(1632.535:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.366443][   T31] audit: type=1326 audit(1632.573:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.416313][   T31] audit: type=1326 audit(1632.573:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.480520][ T2193] BTRFS info (device loop5): enabling ssd optimizations
[ 1443.502272][   T31] audit: type=1326 audit(1632.573:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.527123][ T2193] BTRFS info (device loop5): turning on async discard
[ 1443.550499][ T2193] BTRFS info (device loop5): enabling free space tree
[ 1443.617625][   T31] audit: type=1326 audit(1632.573:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.714294][ T2255] netlink: 'syz.6.11993': attribute type 10 has an invalid length.
[ 1443.728079][   T31] audit: type=1326 audit(1632.601:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.775853][ T2255] netlink: 152 bytes leftover after parsing attributes in process `syz.6.11993'.
[ 1443.844400][ T5705] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1443.870996][   T31] audit: type=1326 audit(1632.601:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.966110][   T31] audit: type=1326 audit(1632.601:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2233 comm="syz.6.11988" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a46f9ce59 code=0x7ffc0000
[ 1443.998954][ T2262] netlink: 'syz.7.11996': attribute type 49 has an invalid length.
[ 1444.135494][  T529] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[ 1444.167272][ T2262] bond_slave_0: entered promiscuous mode
[ 1444.196276][ T2262] bond_slave_0: entered allmulticast mode
[ 1444.268330][ T2222] syz.4.11985 (2222): drop_caches: 2
[ 1444.349370][  T529] usb 1-1: Using ep0 maxpacket: 32
[ 1444.368245][  T529] usb 1-1: config 0 has an invalid interface number: 16 but max is 0
[ 1444.398494][  T529] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1444.457850][  T529] usb 1-1: config 0 has no interface number 0
[ 1444.494513][  T529] usb 1-1: config 0 interface 16 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1444.546074][  T529] usb 1-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[ 1444.576987][T15171] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 1444.595085][  T529] usb 1-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1444.630218][ T2271] loop6: detected capacity change from 0 to 1024
[ 1444.668005][  T529] usb 1-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[ 1444.694800][  T529] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1444.709038][  T529] usb 1-1: Product: syz
[ 1444.714208][  T529] usb 1-1: Manufacturer: syz
[ 1444.718898][  T529] usb 1-1: SerialNumber: syz
[ 1444.735194][  T529] usb 1-1: config 0 descriptor??
[ 1444.745928][  T529] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1444.778599][ T2271] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1444.800457][T15171] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1444.812784][ T2277] loop8: detected capacity change from 0 to 16
[ 1444.841308][T15171] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.854110][ T2277] erofs (device loop8): mounted with root inode @ nid 36.
[ 1444.901221][T15171] usb 6-1: config 0 descriptor??
[ 1445.066738][  T529] snd-usb-audio 1-1:0.16: probe with driver snd-usb-audio failed with error -12
[ 1445.103962][  T529] usb 1-1: USB disconnect, device number 54
[ 1445.236062][ T5971] udevd[5971]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1445.307213][ T2285] openvswitch: netlink: Unknown VXLAN extension attribute 0
[ 1445.355675][T28986] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1445.447983][T15171] ath6kl: Failed to submit usb control message: -71
[ 1445.460634][T15171] ath6kl: unable to send the bmi data to the device: -71
[ 1445.494705][T15171] ath6kl: Unable to send get target info: -71
[ 1445.562688][T15171] ath6kl: Failed to init ath6kl core: -71
[ 1445.589033][T15171] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1445.676845][T15171] usb 6-1: USB disconnect, device number 54
[ 1445.804537][ T2293] loop4: detected capacity change from 0 to 2048
[ 1445.853903][ T2293] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1445.932894][ T2293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1446.256357][ T5690] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1446.774489][T29406] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1446.966413][T29406] usb 8-1: Using ep0 maxpacket: 32
[ 1447.002075][T29406] usb 8-1: config 4 has an invalid interface number: 202 but max is 2
[ 1447.038852][T29406] usb 8-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1447.099148][T29406] usb 8-1: config 4 has 1 interface, different from the descriptor's value: 3
[ 1447.133601][T29406] usb 8-1: config 4 has no interface number 0
[ 1447.168059][T29406] usb 8-1: too many endpoints for config 4 interface 202 altsetting 31: 115, using maximum allowed: 30
[ 1447.194928][ T2340] loop5: detected capacity change from 0 to 256
[ 1447.225967][T29406] usb 8-1: config 4 interface 202 altsetting 31 has 0 endpoint descriptors, different from the interface descriptor's value: 115
[ 1447.301336][T29406] usb 8-1: config 4 interface 202 has no altsetting 0
[ 1447.344832][ T2340] FAT-fs (loop5): Directory bread(block 64) failed
[ 1447.369628][T29406] usb 8-1: New USB device found, idVendor=0abf, idProduct=3370, bcdDevice=9a.c8
[ 1447.381726][ T2340] FAT-fs (loop5): Directory bread(block 65) failed
[ 1447.417473][T29406] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1447.423361][ T2340] FAT-fs (loop5): Directory bread(block 66) failed
[ 1447.463663][T29406] usb 8-1: Product: syz
[ 1447.479632][ T2340] FAT-fs (loop5): Directory bread(block 67) failed
[ 1447.491199][T29406] usb 8-1: Manufacturer: syz
[ 1447.523351][T29406] usb 8-1: SerialNumber: syz
[ 1447.529567][ T2340] FAT-fs (loop5): Directory bread(block 68) failed
[ 1447.538250][ T2343] netlink: 'syz.4.12027': attribute type 15 has an invalid length.
[ 1447.551966][ T2340] FAT-fs (loop5): Directory bread(block 69) failed
[ 1447.573772][ T2343] netlink: 24 bytes leftover after parsing attributes in process `syz.4.12027'.
[ 1447.588561][ T2340] FAT-fs (loop5): Directory bread(block 70) failed
[ 1447.632537][ T2340] FAT-fs (loop5): Directory bread(block 71) failed
[ 1447.655533][ T2340] FAT-fs (loop5): Directory bread(block 72) failed
[ 1447.662012][ T2348] loop6: detected capacity change from 0 to 256
[ 1447.685090][ T2340] FAT-fs (loop5): Directory bread(block 73) failed
[ 1447.844888][T29406] usb 8-1: USB disconnect, device number 7
[ 1448.195336][ T2311] syz.0.12013 (2311): drop_caches: 2
[ 1448.862651][ T2385] loop5: detected capacity change from 0 to 128
[ 1448.921395][ T2385] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1448.946129][ T2388] openvswitch: netlink: Unknown nsh attribute 0
[ 1449.020385][ T5705] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1449.257503][ T2369] loop6: detected capacity change from 0 to 32768
[ 1449.686963][T21187] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.736053][T21187] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.772992][T21187] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.841731][T21187] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1450.049512][ T2405] xt_recent: hitcount (4294967293) is larger than allowed maximum (65535)
[ 1450.146415][ T2408] loop4: detected capacity change from 0 to 512
[ 1450.200079][ T2408] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1450.293084][ T2408] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4221: comm syz.4.12045: Allocating blocks 41-42 which overlap fs metadata
[ 1450.355212][ T2419] netlink: 'syz.6.12048': attribute type 49 has an invalid length.
[ 1450.418838][ T2408] loop4: lost filesystem error report for type 5 error -117
[ 1450.424918][ T2408] EXT4-fs (loop4): Remounting filesystem read-only
[ 1450.432717][    C1] EXT4-fs (loop4): error count since last fsck: 1
[ 1450.432750][    C1] EXT4-fs (loop4): initial error at time 1639: ext4_mb_mark_diskspace_used:4221
[ 1450.432794][    C1] EXT4-fs (loop4): last error at time 1639: ext4_mb_mark_diskspace_used:4221
[ 1450.464087][ T2424] netlink: 'syz.8.12051': attribute type 1 has an invalid length.
[ 1450.482091][ T2424] netlink: 1008 bytes leftover after parsing attributes in process `syz.8.12051'.
[ 1450.586439][ T2408] Quota error (device loop4): write_blk: dquota write failed
[ 1450.629249][ T2408] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[ 1450.693711][ T2408] Quota error (device loop4): write_blk: dquota write failed
[ 1450.739476][ T2408] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1450.792964][ T2408] EXT4-fs (loop4): 1 truncate cleaned up
[ 1450.835089][ T2408] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1451.122801][ T2444] netlink: 10 bytes leftover after parsing attributes in process `syz.8.12060'.
[ 1451.224602][ T5690] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1451.238068][ T2453] netlink: 20 bytes leftover after parsing attributes in process `syz.7.12059'.
[ 1451.555670][ T2465] loop8: detected capacity change from 0 to 1024
[ 1451.729215][ T2465] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1452.026936][ T2491] openvswitch: netlink: push_nsh: missing base or metadata attributes
[ 1452.089066][ T2491] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1452.185773][T31691] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1452.397556][ T2503] netlink: 'syz.7.12077': attribute type 2 has an invalid length.
[ 1452.561908][ T5842] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1452.748253][ T5842] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[ 1452.793886][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[ 1452.819925][   T10] usb 6-1: new full-speed USB device number 55 using dummy_hcd
[ 1452.870613][ T5842] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[ 1452.872076][ T2522] loop0: detected capacity change from 0 to 128
[ 1452.890857][ T5842] usb 5-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[ 1452.901079][ T5842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1452.926142][ T5842] usb 5-1: Product: syz
[ 1452.936190][ T5842] usb 5-1: Manufacturer: syz
[ 1452.962369][ T5842] usb 5-1: SerialNumber: syz
[ 1452.975741][ T2518] loop8: detected capacity change from 0 to 4096
[ 1452.986719][ T5842] usb 5-1: config 0 descriptor??
[ 1453.027562][ T2518] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[ 1453.035405][   T10] usb 6-1: config 0 has an invalid interface number: 70 but max is 0
[ 1453.067423][   T10] usb 6-1: config 0 has no interface number 0
[ 1453.099118][   T10] usb 6-1: config 0 interface 70 altsetting 5 has a duplicate endpoint with address 0x6, skipping
[ 1453.154712][   T10] usb 6-1: config 0 interface 70 altsetting 5 has an endpoint descriptor with address 0xE3, changing to 0x83
[ 1453.191718][ T2365] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[ 1453.200980][   T10] usb 6-1: config 0 interface 70 altsetting 5 endpoint 0x83 has invalid maxpacket 42809, setting to 64
[ 1453.212685][ T2530] loop7: detected capacity change from 0 to 512
[ 1453.227846][ T2518] ntfs3: Couldn't remount rw because journal is not replayed. Please umount/remount instead
[ 1453.227846][ T2518] 
[ 1453.252646][ T2530] EXT4-fs: Ignoring removed nobh option
[ 1453.306785][   T10] usb 6-1: config 0 interface 70 altsetting 5 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1453.360740][ T2530] EXT4-fs error (device loop7): ext4_do_update_inode:5690: inode #3: comm syz.7.12085: corrupted inode contents
[ 1453.396524][ T2530] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 1453.405094][    C1] EXT4-fs (loop7): error count since last fsck: 1
[ 1453.420741][    C1] EXT4-fs (loop7): initial error at time 1642: ext4_do_update_inode:5690: inode 3
[ 1453.430026][    C1] EXT4-fs (loop7): last error at time 1642: ext4_do_update_inode:5690: inode 3
[ 1453.441090][ T2365] usb 7-1: not running at top speed; connect to a high speed hub
[ 1453.455542][ T2530] EXT4-fs (loop7): Remounting filesystem read-only
[ 1453.464055][ T2365] usb 7-1: config 2 has an invalid interface number: 195 but max is 0
[ 1453.481426][ T2365] usb 7-1: config 2 has no interface number 0
[ 1453.483995][   T10] usb 6-1: config 0 interface 70 has no altsetting 0
[ 1453.487572][ T2365] usb 7-1: config 2 interface 195 has no altsetting 0
[ 1453.488089][ T2530] Quota error (device loop7): write_blk: dquota write failed
[ 1453.521135][ T2365] usb 7-1: string descriptor 0 read error: -22
[ 1453.529310][ T2365] usb 7-1: New USB device found, idVendor=041e, idProduct=401d, bcdDevice=c8.6b
[ 1453.538852][ T2530] Quota error (device loop7): qtree_write_dquot: Error -30 occurred while creating quota
[ 1453.549818][ T2365] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1453.562318][   T10] usb 6-1: New USB device found, idVendor=110a, idProduct=1150, bcdDevice=55.9e
[ 1453.565603][ T2530] EXT4-fs (loop7): 1 truncate cleaned up
[ 1453.596303][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1453.606915][ T2365] gspca_main: spca505-2.14.0 probing 041e:401d
[ 1453.626183][ T2530] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1453.632055][   T10] usb 6-1: Product: syz
[ 1453.653923][ T2370] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 1453.664605][   T10] usb 6-1: Manufacturer: syz
[ 1453.680538][   T10] usb 6-1: SerialNumber: syz
[ 1453.705621][   T10] usb 6-1: config 0 descriptor??
[ 1453.727636][ T2514] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1453.852447][T29238] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1453.858407][ T2370] usb 1-1: config 2 has an invalid interface number: 97 but max is 0
[ 1453.886207][ T2370] usb 1-1: config 2 has no interface number 0
[ 1453.894408][ T2370] usb 1-1: config 2 interface 97 altsetting 13 bulk endpoint 0x1 has invalid maxpacket 64
[ 1453.935313][ T2370] usb 1-1: config 2 interface 97 altsetting 13 bulk endpoint 0x82 has invalid maxpacket 64
[ 1453.969193][ T2370] usb 1-1: config 2 interface 97 has no altsetting 0
[ 1454.022876][ T2370] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[ 1454.038426][   T10] ti_usb_3410_5052 6-1:0.70: TI USB 3410 1 port adapter converter detected
[ 1454.052543][ T2365] gspca_spca505: reg write: error -71
[ 1454.069926][ T2365] spca505 7-1:2.195: probe with driver spca505 failed with error -5
[ 1454.080448][ T2370] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1454.093230][   T10] usb 6-1: TI USB 3410 1 port adapter converter now attached to ttyUSB0
[ 1454.127423][ T2370] usb 1-1: Product: syz
[ 1454.139613][ T2365] usb 7-1: USB disconnect, device number 9
[ 1454.160224][ T2370] usb 1-1: Manufacturer: syz
[ 1454.188929][ T2370] usb 1-1: SerialNumber: syz
[ 1454.246348][ T2535] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1454.263452][   T10] usb 6-1: USB disconnect, device number 55
[ 1454.271288][ T2535] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1454.396677][   T10] ti_usb_3410_5052_1 ttyUSB0: TI USB 3410 1 port adapter converter now disconnected from ttyUSB0
[ 1454.442967][   T10] ti_usb_3410_5052 6-1:0.70: device disconnected
[ 1454.567806][ T2370] usb-storage 1-1:2.97: USB Mass Storage device detected
[ 1454.606216][ T2370] usb-storage 1-1:2.97: Quirks match for vid 04e6 pid 000b: 4
[ 1454.618005][ T5810] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1454.632456][ T2370] scsi host1: usb-storage 1-1:2.97
[ 1454.674415][ T2370] usb 1-1: USB disconnect, device number 55
[ 1454.804771][ T5810] usb 9-1: Using ep0 maxpacket: 8
[ 1454.848432][ T5810] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1454.893039][ T5810] usb 9-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1454.923449][ T5810] usb 9-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1454.966705][ T5810] usb 9-1: Product: syz
[ 1454.985400][ T5810] usb 9-1: Manufacturer: syz
[ 1455.014576][ T5810] usb 9-1: SerialNumber: syz
[ 1455.193417][ T2568] loop4: detected capacity change from 0 to 1024
[ 1455.290661][ T5810] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1455.332582][ T5810] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1455.378679][ T5810] usb 9-1: Handspring Visor / Palm OS: Number of ports: 2
[ 1455.516530][ T5810] usb 9-1: palm_os_3_probe - error -71 getting bytes available request
[ 1455.560054][ T5810] visor 9-1:1.0: Handspring Visor / Palm OS converter detected
[ 1455.604222][ T5810] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 1455.655829][ T5810] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 1455.736148][ T5810] usb 9-1: USB disconnect, device number 4
[ 1455.803579][ T5810] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 1455.895233][ T5810] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 1455.943605][ T5810] visor 9-1:1.0: device disconnected
[ 1456.566697][   T10] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1456.762752][   T10] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1456.794967][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1456.840731][   T10] usb 8-1: config 0 descriptor??
[ 1457.362669][   T10] ath6kl: Failed to submit usb control message: -71
[ 1457.397542][   T10] ath6kl: unable to send the bmi data to the device: -71
[ 1457.432546][   T10] ath6kl: Unable to send get target info: -71
[ 1457.466480][   T10] ath6kl: Failed to init ath6kl core: -71
[ 1457.509312][   T10] ath6kl_usb 8-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1457.567745][   T10] usb 8-1: USB disconnect, device number 8
[ 1457.777229][ T2637] loop5: detected capacity change from 0 to 512
[ 1457.793110][ T2637] EXT4-fs: Ignoring removed orlov option
[ 1457.832285][ T2595] loop4: detected capacity change from 0 to 32768
[ 1457.897865][ T2637] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1457.903214][ T2595] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1457.951282][ T2637] EXT4-fs error (device loop5): ext4_get_verity_descriptor_location:337: inode #15: comm syz.5.12123: verity file corrupted; can't find descriptor
[ 1458.017186][ T2637] EXT4-fs (loop5): Remounting filesystem read-only
[ 1458.038239][ T2637] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size
[ 1458.145595][ T2595] XFS (loop4): Ending clean mount
[ 1458.319282][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1458.488213][ T2665] netlink: 16 bytes leftover after parsing attributes in process `syz.7.12128'.
[ 1458.527256][ T2663] bridge_slave_0: left allmulticast mode
[ 1458.540417][ T2665] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12128'.
[ 1458.571948][ T2663] bridge_slave_0: left promiscuous mode
[ 1458.599647][ T2663] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1458.736503][ T2663] bridge_slave_1: left allmulticast mode
[ 1458.775023][ T2663] bridge_slave_1: left promiscuous mode
[ 1458.788885][ T2663] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1458.911884][ T2663] bond0: (slave 
3
0
): Releasing backup interface
[ 1458.939058][ T5690] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1458.995699][ T2663] bond0: (slave bond_slave_1): Releasing backup interface
[ 1459.087253][ T2663] team0: Port device team_slave_0 removed
[ 1459.166212][ T2663] team0: Port device team_slave_1 removed
[ 1459.251263][ T2681] netlink: 16 bytes leftover after parsing attributes in process `syz.8.12134'.
[ 1459.252753][ T2663] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1459.278635][ T2681] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12134'.
[ 1459.472208][ T2675] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[ 1459.696693][ T2689] netlink: 'syz.7.12138': attribute type 2 has an invalid length.
[ 1459.731391][ T2691] comedi comedi2: aio_aio12_8: I/O base address or length out of range
[ 1459.743418][T22246] Bluetooth: hci1: unexpected event for opcode 0x0c38
[ 1459.765304][ T2681] bond1: Removing last arp target with arp_interval on
[ 1459.809931][ T2681] bond1: entered allmulticast mode
[ 1459.826323][ T2681] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1460.186091][ T2706] loop6: detected capacity change from 0 to 8
[ 1460.400106][   T31] audit: type=1326 audit(1648.555:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1460.548380][   T31] audit: type=1326 audit(1648.555:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1460.658822][T22246] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1460.671985][T22246] CPU: 0 UID: 0 PID: 22246 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[ 1460.672034][T22246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1460.672061][T22246] Workqueue: hci4 hci_rx_work
[ 1460.672118][T22246] Call Trace:
[ 1460.672130][T22246]  <TASK>
[ 1460.672144][T22246]  dump_stack_lvl+0x100/0x190
[ 1460.672188][T22246]  sysfs_warn_dup.cold+0x1c/0x28
[ 1460.672247][T22246]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1460.672313][T22246]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1460.672377][T22246]  ? find_held_lock+0x2b/0x80
[ 1460.672437][T22246]  ? kobject_add_internal+0x25f/0x930
[ 1460.672477][T22246]  ? kobject_add_internal+0x25f/0x930
[ 1460.672521][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.672575][T22246]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1460.672635][T22246]  kobject_add_internal+0x2c8/0x930
[ 1460.672684][T22246]  kobject_add+0x16a/0x1e0
[ 1460.672724][T22246]  ? __pfx_kobject_add+0x10/0x10
[ 1460.672762][T22246]  ? class_to_subsys+0x10f/0x150
[ 1460.672812][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.672863][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.672910][T22246]  ? kobject_put+0xb9/0x640
[ 1460.672944][T22246]  ? _raw_spin_unlock+0x28/0x50
[ 1460.673009][T22246]  device_add+0x294/0x1950
[ 1460.673051][T22246]  ? __pfx_dev_set_name+0x10/0x10
[ 1460.673102][T22246]  ? __pfx_device_add+0x10/0x10
[ 1460.673145][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.673193][T22246]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1460.673261][T22246]  hci_conn_add_sysfs+0x1a3/0x260
[ 1460.673325][T22246]  le_conn_complete_evt+0x11eb/0x1f60
[ 1460.673392][T22246]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1460.673460][T22246]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[ 1460.673518][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.673573][T22246]  ? skb_pull_data+0x15f/0x1e0
[ 1460.673632][T22246]  hci_le_meta_evt+0x34a/0x5f0
[ 1460.673690][T22246]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1460.673753][T22246]  hci_event_packet+0x51c/0xcd0
[ 1460.673806][T22246]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1460.673866][T22246]  ? __pfx_hci_event_packet+0x10/0x10
[ 1460.673921][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.673973][T22246]  ? kcov_remote_start+0x374/0x660
[ 1460.674014][T22246]  ? lockdep_hardirqs_on+0x78/0x100
[ 1460.674072][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.674131][T22246]  hci_rx_work+0x451/0xfc0
[ 1460.674192][T22246]  process_one_work+0xa0e/0x1980
[ 1460.674262][T22246]  ? __pfx_process_one_work+0x10/0x10
[ 1460.674307][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.674371][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.674428][T22246]  worker_thread+0x5ef/0xe50
[ 1460.674488][T22246]  ? __pfx_worker_thread+0x10/0x10
[ 1460.674537][T22246]  ? kthread+0x13a/0x450
[ 1460.674589][T22246]  ? __pfx_worker_thread+0x10/0x10
[ 1460.674633][T22246]  kthread+0x370/0x450
[ 1460.674672][T22246]  ? __pfx_kthread+0x10/0x10
[ 1460.674718][T22246]  ret_from_fork+0x72b/0xd50
[ 1460.674766][T22246]  ? __pfx_ret_from_fork+0x10/0x10
[ 1460.674811][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.674860][T22246]  ? rcu_is_watching+0x12/0xc0
[ 1460.674914][T22246]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1460.674963][T22246]  ? __switch_to+0x800/0x1100
[ 1460.675017][T22246]  ? __switch_to_asm+0x39/0x70
[ 1460.675069][T22246]  ? __pfx_kthread+0x10/0x10
[ 1460.675115][T22246]  ret_from_fork_asm+0x1a/0x30
[ 1460.675192][T22246]  </TASK>
[ 1460.675324][T22246] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1460.712247][ T2717] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[ 1460.712310][ T2717] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1460.714477][ T2717] vhci_hcd vhci_hcd.0: Device attached
[ 1460.720076][T22246] Bluetooth: hci4: failed to register connection device
[ 1460.747790][   T31] audit: type=1326 audit(1648.602:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1460.849641][ T2724] vhci_hcd: connection closed
[ 1460.967859][ T2370] vhci_hcd vhci_hcd.7: vhci_device speed not set
[ 1460.974342][   T31] audit: type=1326 audit(1648.602:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1460.992969][T19988] vhci_hcd vhci_hcd.7: stop threads
[ 1460.994380][   T31] audit: type=1326 audit(1648.602:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1461.081740][T19988] vhci_hcd vhci_hcd.7: release socket
[ 1461.082749][   T31] audit: type=1326 audit(1648.602:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1461.127907][ T2370] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[ 1461.194776][T19988] vhci_hcd vhci_hcd.7: disconnect device
[ 1461.280842][   T31] audit: type=1326 audit(1648.602:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1461.347380][ T2740] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.12154'.
[ 1461.372347][ T2742] netlink: 'syz.0.12156': attribute type 1 has an invalid length.
[ 1461.423505][   T31] audit: type=1326 audit(1648.602:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2713 comm="syz.0.12146" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1aee19ce59 code=0x7ffc0000
[ 1461.491451][ T2370] usb 47-1: enqueue for inactive port 0
[ 1461.656276][ T2370] vhci_hcd vhci_hcd.7: vhci_device speed not set
[ 1461.727857][   T31] audit: type=1400 audit(1649.791:311): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=2743 comm="syz.8.12158"
[ 1461.922450][ T2755] loop0: detected capacity change from 0 to 512
[ 1461.961319][ T2755] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1462.006942][ T2755] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4221: comm syz.0.12160: Allocating blocks 41-42 which overlap fs metadata
[ 1462.036294][ T2755] loop0: lost filesystem error report for type 5 error -117
[ 1462.042394][ T2755] EXT4-fs (loop0): Remounting filesystem read-only
[ 1462.049824][    C1] EXT4-fs (loop0): error count since last fsck: 1
[ 1462.049857][    C1] EXT4-fs (loop0): initial error at time 1650: ext4_mb_mark_diskspace_used:4221
[ 1462.049902][    C1] EXT4-fs (loop0): last error at time 1650: ext4_mb_mark_diskspace_used:4221
[ 1462.128715][ T2755] Quota error (device loop0): write_blk: dquota write failed
[ 1462.140332][ T2755] EXT4-fs (loop0): 1 truncate cleaned up
[ 1462.152770][ T2755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1462.277020][ T2769] loop6: detected capacity change from 0 to 64
[ 1462.349847][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.558605][ T2806] loop5: detected capacity change from 0 to 512
[ 1463.601832][ T2806] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1463.664526][ T2813] [U] 
[ 1463.667316][ T2813] [U] 
[ 1463.670070][ T2813] [U] 
[ 1463.672799][ T2813] [U] 
[ 1463.673739][ T2806] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4221: comm syz.5.12181: Allocating blocks 41-42 which overlap fs metadata
[ 1463.691559][ T2813] [U] 
[ 1463.694387][ T2813] [U] 
[ 1463.697128][ T2813] [U] 
[ 1463.699857][ T2813] [U] 
[ 1463.763167][ T2813] [U] 
[ 1463.765951][ T2813] [U] 
[ 1463.768685][ T2813] [U] 
[ 1463.770908][ T2806] loop5: lost filesystem error report for type 5 error -117
[ 1463.775771][    C0] EXT4-fs (loop5): error count since last fsck: 1
[ 1463.789639][    C0] EXT4-fs (loop5): initial error at time 1651: ext4_mb_mark_diskspace_used:4221
[ 1463.797334][ T2806] EXT4-fs (loop5): Remounting filesystem read-only
[ 1463.798748][    C0] EXT4-fs (loop5): last error at time 1651: ext4_mb_mark_diskspace_used:4221
[ 1463.828792][ T2810] [U] 
[ 1463.844920][ T2806] EXT4-fs (loop5): 1 truncate cleaned up
[ 1463.908613][ T2806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1464.062201][ T2822] netlink: 2120 bytes leftover after parsing attributes in process `syz.8.12187'.
[ 1464.257044][ T5842] iguanair 5-1:0.0: failed to get version
[ 1464.282022][ T5842] iguanair 5-1:0.0: probe with driver iguanair failed with error -110
[ 1464.328145][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1464.340266][ T2832] loop0: detected capacity change from 0 to 1024
[ 1464.372213][ T5842] usb 5-1: USB disconnect, device number 61
[ 1464.687661][ T2844] netlink: 'syz.5.12191': attribute type 7 has an invalid length.
[ 1464.780740][ T5842] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1464.975933][ T5842] usb 5-1: Using ep0 maxpacket: 8
[ 1465.038272][ T5842] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[ 1465.098705][ T5842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[ 1465.145546][ T5842] usb 5-1: Product: syz
[ 1465.165251][ T5842] usb 5-1: Manufacturer: syz
[ 1465.185221][ T5842] usb 5-1: SerialNumber: syz
[ 1465.228500][ T5842] usb 5-1: config 0 descriptor??
[ 1465.265303][ T5842] gspca_main: sq905-2.14.0 probing 2770:9120
[ 1465.444628][ T2873] netlink: 65051 bytes leftover after parsing attributes in process `syz.5.12198'.
[ 1465.636257][ T2875] loop0: detected capacity change from 0 to 1024
[ 1465.674699][ T2870] loop8: detected capacity change from 0 to 4096
[ 1465.703366][ T2870] EXT4-fs: Ignoring removed bh option
[ 1465.781875][ T2870] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1465.837771][ T5842] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[ 1465.863261][ T5842] sq905 5-1:0.0: probe with driver sq905 failed with error -110
[ 1465.946483][ T2886] netlink: 'syz.7.12204': attribute type 1 has an invalid length.
[ 1466.007506][ T2886] netlink: 224 bytes leftover after parsing attributes in process `syz.7.12204'.
[ 1466.175856][ T2819] syz.6.12185 (2819): drop_caches: 2
[ 1466.316406][T31691] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1466.798309][ T5842] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 1466.990619][ T5842] usb 6-1: Using ep0 maxpacket: 8
[ 1467.025782][ T5842] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1467.064768][ T5842] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1467.100941][T18129] usb 5-1: USB disconnect, device number 62
[ 1467.141176][ T5842] usb 6-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.01
[ 1467.163320][ T4944] Bluetooth: hci3: command 0x0406 tx timeout
[ 1467.184783][ T5842] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1467.202688][ T5842] usb 6-1: Product: syz
[ 1467.217984][ T5842] usb 6-1: Manufacturer: syz
[ 1467.222659][ T5842] usb 6-1: SerialNumber: syz
[ 1467.245189][ T5842] usb 6-1: config 0 descriptor??
[ 1467.297251][ T5842] radioshark 6-1:0.0: Invalid radioSHARK device
[ 1467.319007][ T5842] radioshark 6-1:0.0: probe with driver radioshark failed with error -22
[ 1467.337722][ T5842] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1467.518052][ T2370] usb 6-1: USB disconnect, device number 56
[ 1467.529080][ T2933] loop6: detected capacity change from 0 to 1024
[ 1467.797069][ T2938] loop4: detected capacity change from 0 to 4096
[ 1467.829667][ T2938] EXT4-fs: Ignoring removed bh option
[ 1467.945925][ T2938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1468.095543][ T2951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12222'.
[ 1468.145788][ T2951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12222'.
[ 1468.205739][ T2951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.12222'.
[ 1468.329426][ T5810] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1468.363088][ T2956] cgroup: Unexpected value for 'nofavordynmods'
[ 1468.460950][ T5690] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1468.511728][ T5810] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1468.511783][ T5810] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1468.511833][ T5810] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1468.519728][ T5810] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1468.519779][ T5810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1468.519817][ T5810] usb 1-1: Product: syz
[ 1468.519847][ T5810] usb 1-1: Manufacturer: syz
[ 1468.519877][ T5810] usb 1-1: SerialNumber: syz
[ 1468.557206][ T2913] loop7: detected capacity change from 0 to 32768
[ 1468.582989][ T5810] usb 1-1: config 0 descriptor??
[ 1468.585096][ T2950] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1468.585276][ T2950] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1468.589685][ T5810] usb 1-1: ucan: probing device on interface #0
[ 1468.845511][ T5810] usb 1-1: ucan: device protocol version 0 is not supported
[ 1468.845554][ T5810] usb 1-1: ucan: probe failed; try to update the device firmware
[ 1469.006590][ T2969] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1469.055321][ T5810] usb 1-1: USB disconnect, device number 56
[ 1469.211412][ T2974] No control pipe specified
[ 1469.476005][   T31] kauditd_printk_skb: 7 callbacks suppressed
[ 1469.476032][   T31] audit: type=1400 audit(1657.057:312): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=2979 comm="syz.8.12237"
[ 1469.481481][ T2980] xt_l2tp: v2 doesn't support IP mode
[ 1470.665141][ T5810] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1470.890968][ T5810] usb 8-1: config 0 has an invalid interface number: 117 but max is 0
[ 1470.900712][ T5810] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1470.928728][ T5810] usb 8-1: config 0 has no interface number 0
[ 1470.965754][ T5810] usb 8-1: config 0 interface 117 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[ 1471.009883][ T5810] usb 8-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1471.031820][ T5810] usb 8-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1471.052400][ T5810] usb 8-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 1471.064435][ T3035] openvswitch: netlink: IP tunnel dst address not specified
[ 1471.072173][ T5810] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1471.082669][ T5810] usb 8-1: Product: syz
[ 1471.097040][ T5810] usb 8-1: Manufacturer: syz
[ 1471.115590][ T5810] usb 8-1: SerialNumber: syz
[ 1471.122897][ T3009] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[ 1471.160000][ T5810] usb 8-1: config 0 descriptor??
[ 1471.479924][ T3046] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12269'.
[ 1471.629086][ T5810] usbtouchscreen 8-1:0.117: probe with driver usbtouchscreen failed with error -71
[ 1471.685940][ T5810] usb 8-1: USB disconnect, device number 9
[ 1471.725459][ T3055] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[ 1471.858911][ T3064] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1471.865487][ T3064] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1471.918264][ T3064] vhci_hcd vhci_hcd.0: Device attached
[ 1472.031329][ T3065] vhci_hcd: connection closed
[ 1472.034128][T31746] vhci_hcd vhci_hcd.5: stop threads
[ 1472.069743][T31746] vhci_hcd vhci_hcd.5: release socket
[ 1472.095496][T31746] vhci_hcd vhci_hcd.5: disconnect device
[ 1472.117270][T18129] vhci_hcd vhci_hcd.5: vhci_device speed not set
[ 1472.352497][ T3083] loop0: detected capacity change from 0 to 512
[ 1472.363937][ T5842] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1472.376202][ T3083] EXT4-fs: Ignoring removed nobh option
[ 1472.427092][ T3083] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1472.510994][ T3091] loop6: detected capacity change from 0 to 256
[ 1472.527166][ T3091] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1472.558650][ T5842] usb 9-1: Using ep0 maxpacket: 8
[ 1472.590425][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1472.593950][ T5842] usb 9-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[ 1472.637008][   T31] audit: type=1800 audit(1660.006:313): pid=3091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.12287" name="bus" dev="loop6" ino=1048780 res=0 errno=0
[ 1472.706435][ T5842] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1472.753515][ T5842] usb 9-1: Product: syz
[ 1472.774343][ T5842] usb 9-1: Manufacturer: syz
[ 1472.796580][ T5842] usb 9-1: SerialNumber: syz
[ 1472.978784][ T3095] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12291'.
[ 1473.026005][ T3098] netlink: 'syz.7.12290': attribute type 2 has an invalid length.
[ 1473.309973][ T5842] mxuport 9-1:254.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[ 1473.354448][ T5842] mxuport 9-1:254.0: probe with driver mxuport failed with error -5
[ 1473.395108][ T3111] tmpfs: Bad value for 'mpol'
[ 1473.408556][ T5842] usb 9-1: USB disconnect, device number 5
[ 1473.606459][ T5810] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[ 1473.635184][ T3117] xt_bpf: check failed: parse error
[ 1473.713301][ T3119] loop0: detected capacity change from 0 to 1024
[ 1473.807420][ T5810] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1473.822046][ T3116] loop5: detected capacity change from 0 to 4096
[ 1473.838817][ T5810] usb 8-1: not running at top speed; connect to a high speed hub
[ 1473.856391][ T3116] EXT4-fs: Ignoring removed bh option
[ 1473.871514][ T5810] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1473.915135][ T5810] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1473.952885][ T3116] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1473.992915][ T5810] usb 8-1: New USB device found, idVendor=200c, idProduct=1018, bcdDevice= 0.40
[ 1474.055284][ T5810] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1474.101466][ T5810] usb 8-1: Product: syz
[ 1474.126740][ T5810] usb 8-1: Manufacturer: syz
[ 1474.147411][ T5810] usb 8-1: SerialNumber: syz
[ 1474.355797][ T3135] loop4: detected capacity change from 0 to 16
[ 1474.379728][ T3135] erofs (device loop4): mounted with root inode @ nid 36.
[ 1474.424721][ T5810] usb 8-1: 3:0: cannot get min/max values for control 4 (id 3)
[ 1474.475247][ T5810] usb 8-1: 3:0: cannot get min/max values for control 8 (id 3)
[ 1474.475928][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1474.495857][ T3135] syz.4.12308: attempt to access beyond end of device
[ 1474.495857][ T3135] loop4: rw=524288, sector=671088648, nr_sectors = 8 limit=16
[ 1474.504325][ T5810] usb 8-1: 3:0: failed to get current value for ch 0 (-71)
[ 1474.543378][ T3135] syz.4.12308: attempt to access beyond end of device
[ 1474.543378][ T3135] loop4: rw=0, sector=671088648, nr_sectors = 8 limit=16
[ 1474.583924][ T3136] loop8: detected capacity change from 0 to 4096
[ 1474.609014][ T5810] usb 8-1: 3:0: failed to get current value for ch 0 (-71)
[ 1474.663029][ T5810] usb 8-1: 3:0: cannot get min/max values for control 11 (id 3)
[ 1474.674989][ T3135] erofs (device loop4): read error -5 @ 0 of nid 89
[ 1474.688065][ T5810] usb 8-1: 3:0: cannot get min/max values for control 12 (id 3)
[ 1474.753757][   T31] audit: type=1800 audit(1662.001:314): pid=3135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.12308" name="file3" dev="loop4" ino=89 res=0 errno=0
[ 1474.988071][ T5810] usb 8-1: USB disconnect, device number 10
[ 1475.032435][ T3146] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1475.072676][ T3144] loop6: detected capacity change from 0 to 1024
[ 1475.134947][ T6102] udevd[6102]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1475.419256][ T5842] usb 5-1: new full-speed USB device number 63 using dummy_hcd
[ 1475.508660][ T3160] loop0: detected capacity change from 0 to 1764
[ 1475.596085][ T3160] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 1475.636631][ T5842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.698871][ T5842] usb 5-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[ 1475.736481][ T5842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.776520][ T5842] usb 5-1: Product: syz
[ 1475.807753][ T5842] usb 5-1: Manufacturer: syz
[ 1475.831231][ T5842] usb 5-1: SerialNumber: syz
[ 1475.884674][ T5842] usb 5-1: config 0 descriptor??
[ 1475.936230][ T5842] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[ 1476.080537][ T3174] netlink: 'syz.6.12325': attribute type 1 has an invalid length.
[ 1476.191960][ T3172] loop0: detected capacity change from 0 to 4096
[ 1476.223723][ T3172] EXT4-fs: Ignoring removed bh option
[ 1476.275826][ T3172] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1476.405542][ T5842] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71
[ 1476.418853][ T3181] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[ 1476.425407][ T3181] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1476.427255][ T5842] gspca_pac7302 5-1:0.0: probe with driver gspca_pac7302 failed with error -71
[ 1476.465173][ T3181] vhci_hcd vhci_hcd.0: Device attached
[ 1476.501740][ T5842] usb 5-1: USB disconnect, device number 63
[ 1476.529221][ T4944] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1476.533578][ T3182] vhci_hcd: connection closed
[ 1476.539555][ T4944] CPU: 0 UID: 0 PID: 4944 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1476.539613][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1476.539640][ T4944] Workqueue: hci1 hci_rx_work
[ 1476.539692][ T4944] Call Trace:
[ 1476.539705][ T4944]  <TASK>
[ 1476.539720][ T4944]  dump_stack_lvl+0x100/0x190
[ 1476.539764][ T4944]  sysfs_warn_dup.cold+0x1c/0x28
[ 1476.539826][ T4944]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1476.539894][ T4944]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1476.539959][ T4944]  ? find_held_lock+0x2b/0x80
[ 1476.540018][ T4944]  ? kobject_add_internal+0x25f/0x930
[ 1476.540058][ T4944]  ? kobject_add_internal+0x25f/0x930
[ 1476.540102][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.540150][ T4944]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1476.540209][ T4944]  kobject_add_internal+0x2c8/0x930
[ 1476.540258][ T4944]  kobject_add+0x16a/0x1e0
[ 1476.540298][ T4944]  ? __pfx_kobject_add+0x10/0x10
[ 1476.540336][ T4944]  ? class_to_subsys+0x10f/0x150
[ 1476.540385][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.540436][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.540485][ T4944]  ? kobject_put+0xb9/0x640
[ 1476.540518][ T4944]  ? _raw_spin_unlock+0x28/0x50
[ 1476.540583][ T4944]  device_add+0x294/0x1950
[ 1476.540635][ T4944]  ? __pfx_dev_set_name+0x10/0x10
[ 1476.540687][ T4944]  ? __pfx_device_add+0x10/0x10
[ 1476.540729][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.540777][ T4944]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1476.540845][ T4944]  hci_conn_add_sysfs+0x1a3/0x260
[ 1476.540913][ T4944]  le_conn_complete_evt+0x11eb/0x1f60
[ 1476.540980][ T4944]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1476.541048][ T4944]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[ 1476.541106][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.541155][ T4944]  ? skb_pull_data+0x15f/0x1e0
[ 1476.541213][ T4944]  hci_le_meta_evt+0x34a/0x5f0
[ 1476.541271][ T4944]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1476.541333][ T4944]  hci_event_packet+0x51c/0xcd0
[ 1476.541388][ T4944]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1476.541447][ T4944]  ? __pfx_hci_event_packet+0x10/0x10
[ 1476.541502][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.541553][ T4944]  ? kcov_remote_start+0x374/0x660
[ 1476.541594][ T4944]  ? lockdep_hardirqs_on+0x78/0x100
[ 1476.541662][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.541723][ T4944]  hci_rx_work+0x451/0xfc0
[ 1476.541785][ T4944]  process_one_work+0xa0e/0x1980
[ 1476.541854][ T4944]  ? __pfx_process_one_work+0x10/0x10
[ 1476.541900][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.541964][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.542020][ T4944]  worker_thread+0x5ef/0xe50
[ 1476.542086][ T4944]  ? kthread+0x13a/0x450
[ 1476.542126][ T4944]  ? __pfx_worker_thread+0x10/0x10
[ 1476.542170][ T4944]  kthread+0x370/0x450
[ 1476.542210][ T4944]  ? __pfx_kthread+0x10/0x10
[ 1476.542255][ T4944]  ret_from_fork+0x72b/0xd50
[ 1476.542303][ T4944]  ? __pfx_ret_from_fork+0x10/0x10
[ 1476.542352][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1476.542400][ T4944]  ? __switch_to+0x800/0x1100
[ 1476.542456][ T4944]  ? __switch_to_asm+0x39/0x70
[ 1476.542508][ T4944]  ? __pfx_kthread+0x10/0x10
[ 1476.542554][ T4944]  ret_from_fork_asm+0x1a/0x30
[ 1476.542640][ T4944]  </TASK>
[ 1476.542702][ T4944] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1476.552193][T31751] vhci_hcd vhci_hcd.6: stop threads
[ 1476.561897][ T4944] Bluetooth: hci1: failed to register connection device
[ 1476.714473][T31751] vhci_hcd vhci_hcd.6: release socket
[ 1476.795157][T18129] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1477.016159][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1477.077740][T31751] vhci_hcd vhci_hcd.6: disconnect device
[ 1477.147872][T18129] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[ 1477.212524][T18129] usb 45-1: enqueue for inactive port 0
[ 1477.320650][T18129] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1477.494824][ T3214] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12342'.
[ 1477.541685][ T3214] netlink: 224 bytes leftover after parsing attributes in process `syz.5.12342'.
[ 1477.587516][ T3214] netlink: 8 bytes leftover after parsing attributes in process `syz.5.12342'.
[ 1477.891210][ T3239] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12350'.
[ 1477.891280][ T3239] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[ 1478.436153][ T3252] libceph: resolve '400' (ret=-3): failed
[ 1478.630612][ T3262] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(3)
[ 1478.637194][ T3262] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1478.677200][ T4944] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1478.687480][ T4944] CPU: 1 UID: 0 PID: 4944 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1478.687529][ T4944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1478.687555][ T4944] Workqueue: hci3 hci_rx_work
[ 1478.687619][ T4944] Call Trace:
[ 1478.687632][ T4944]  <TASK>
[ 1478.687647][ T4944]  dump_stack_lvl+0x100/0x190
[ 1478.687692][ T4944]  sysfs_warn_dup.cold+0x1c/0x28
[ 1478.687752][ T4944]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1478.687822][ T4944]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1478.687886][ T4944]  ? find_held_lock+0x2b/0x80
[ 1478.687946][ T4944]  ? kobject_add_internal+0x25f/0x930
[ 1478.687986][ T4944]  ? kobject_add_internal+0x25f/0x930
[ 1478.688031][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.688079][ T4944]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1478.688138][ T4944]  kobject_add_internal+0x2c8/0x930
[ 1478.688188][ T4944]  kobject_add+0x16a/0x1e0
[ 1478.688228][ T4944]  ? __pfx_kobject_add+0x10/0x10
[ 1478.688267][ T4944]  ? class_to_subsys+0x10f/0x150
[ 1478.688317][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.688368][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.688416][ T4944]  ? kobject_put+0xb9/0x640
[ 1478.688450][ T4944]  ? _raw_spin_unlock+0x28/0x50
[ 1478.688514][ T4944]  device_add+0x294/0x1950
[ 1478.688558][ T4944]  ? __pfx_dev_set_name+0x10/0x10
[ 1478.688619][ T4944]  ? __pfx_device_add+0x10/0x10
[ 1478.688661][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.688710][ T4944]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1478.688782][ T4944]  hci_conn_add_sysfs+0x1a3/0x260
[ 1478.688847][ T4944]  le_conn_complete_evt+0x11eb/0x1f60
[ 1478.688915][ T4944]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1478.688983][ T4944]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[ 1478.689040][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.689088][ T4944]  ? skb_pull_data+0x15f/0x1e0
[ 1478.689146][ T4944]  hci_le_meta_evt+0x34a/0x5f0
[ 1478.689204][ T4944]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1478.689266][ T4944]  hci_event_packet+0x51c/0xcd0
[ 1478.689320][ T4944]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1478.689379][ T4944]  ? __pfx_hci_event_packet+0x10/0x10
[ 1478.689434][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.689486][ T4944]  ? kcov_remote_start+0x374/0x660
[ 1478.689526][ T4944]  ? lockdep_hardirqs_on+0x78/0x100
[ 1478.689590][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.689650][ T4944]  hci_rx_work+0x451/0xfc0
[ 1478.689716][ T4944]  process_one_work+0xa0e/0x1980
[ 1478.689786][ T4944]  ? __pfx_process_one_work+0x10/0x10
[ 1478.689831][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.689895][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.689951][ T4944]  worker_thread+0x5ef/0xe50
[ 1478.690015][ T4944]  ? kthread+0x13a/0x450
[ 1478.690053][ T4944]  ? __pfx_worker_thread+0x10/0x10
[ 1478.690097][ T4944]  kthread+0x370/0x450
[ 1478.690137][ T4944]  ? __pfx_kthread+0x10/0x10
[ 1478.690182][ T4944]  ret_from_fork+0x72b/0xd50
[ 1478.690231][ T4944]  ? __pfx_ret_from_fork+0x10/0x10
[ 1478.690280][ T4944]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1478.690328][ T4944]  ? __switch_to+0x800/0x1100
[ 1478.690384][ T4944]  ? __switch_to_asm+0x39/0x70
[ 1478.690435][ T4944]  ? __pfx_kthread+0x10/0x10
[ 1478.690481][ T4944]  ret_from_fork_asm+0x1a/0x30
[ 1478.690558][ T4944]  </TASK>
[ 1478.691152][ T4944] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1478.752329][ T3262] vhci_hcd vhci_hcd.0: Device attached
[ 1478.753791][ T4944] Bluetooth: hci3: failed to register connection device
[ 1478.847474][ T3269] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1478.935811][ T3264] vhci_hcd: connection closed
[ 1479.069245][T31746] vhci_hcd vhci_hcd.8: stop threads
[ 1479.091336][T31746] vhci_hcd vhci_hcd.8: release socket
[ 1479.102294][T31746] vhci_hcd vhci_hcd.8: disconnect device
[ 1479.123851][ T5842] vhci_hcd vhci_hcd.8: vhci_device speed not set
[ 1479.443914][ T3285] loop4: detected capacity change from 0 to 256
[ 1479.795887][ T3301] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[ 1480.029942][ T3306] loop8: detected capacity change from 0 to 128
[ 1480.065638][ T3309] openvswitch: netlink: ct_state flags 010000e0 unsupported
[ 1480.098391][ T3306] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1480.153580][ T3306] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1480.368490][ T3320] loop7: detected capacity change from 0 to 512
[ 1480.395211][ T3320] EXT4-fs: Ignoring removed nobh option
[ 1480.541421][ T3320] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1480.771860][ T3324] loop5: detected capacity change from 0 to 4096
[ 1480.859807][ T3324] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1480.878335][T29238] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1481.106052][ T3346] loop0: detected capacity change from 0 to 8
[ 1481.281588][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1481.880846][ T2370] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[ 1482.096532][ T2370] usb 9-1: config 0 has an invalid interface number: 52 but max is 0
[ 1482.135855][ T2370] usb 9-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config
[ 1482.178444][ T2370] usb 9-1: config 0 has no interface number 0
[ 1482.205204][ T2370] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 14385, setting to 64
[ 1482.255250][ T2370] usb 9-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1482.290236][ T2370] usb 9-1: config 0 interface 52 has no altsetting 0
[ 1482.315623][ T2370] usb 9-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1482.339838][ T2370] usb 9-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1482.344599][ T3386] tmpfs: Bad value for 'grpquota_block_hardlimit'
[ 1482.375751][ T2370] usb 9-1: Manufacturer: syz
[ 1482.402143][ T2370] usb 9-1: config 0 descriptor??
[ 1482.427892][ T2370] hub 9-1:0.52: bad descriptor, ignoring hub
[ 1482.446830][ T2370] hub 9-1:0.52: probe with driver hub failed with error -5
[ 1482.597932][ T3371] netdevsim netdevsim6 netdevsim0: left allmulticast mode
[ 1482.686411][ T2370] input: syz as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.52/input/input82
[ 1482.696292][ T3371] vxcan3: left allmulticast mode
[ 1482.758351][ T3392] xt_hashlimit: size too large, truncated to 1048576
[ 1482.866723][T31746] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.913902][T31746] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.943206][T31746] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.990124][T31746] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.013350][ T2365] usb 9-1: USB disconnect, device number 6
[ 1483.062990][ T5796] udevd[5796]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[ 1483.512352][ T3415] netlink: 784 bytes leftover after parsing attributes in process `syz.0.12432'.
[ 1483.721909][ T3417] loop5: detected capacity change from 0 to 128
[ 1483.803318][ T3417] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1483.826596][ T3427] tc_dump_action: action bad kind
[ 1484.037617][ T5705] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1484.123115][ T3436] SET target dimension over the limit!
[ 1484.314324][ T5810] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1484.351156][ T3444] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12445'.
[ 1484.412369][   T31] audit: type=1326 audit(1671.036:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1484.419702][ T3445] loop0: detected capacity change from 0 to 1024
[ 1484.538553][ T5810] usb 7-1: Using ep0 maxpacket: 8
[ 1484.545575][   T31] audit: type=1326 audit(1671.036:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1484.556466][ T5810] usb 7-1: config 0 has an invalid interface number: 52 but max is 0
[ 1484.595938][ T3451] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12449'.
[ 1484.601766][   T31] audit: type=1326 audit(1671.045:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1484.646136][ T5810] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1484.675407][ T3445] overlay: filesystem on ./file0 not supported
[ 1484.704229][ T5810] usb 7-1: config 0 has no interface number 0
[ 1484.732347][ T5810] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1484.792766][   T31] audit: type=1326 audit(1671.083:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1484.800103][ T5810] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1484.858206][ T3454] loop4: detected capacity change from 0 to 128
[ 1484.892894][ T3454] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[ 1484.917916][   T31] audit: type=1326 audit(1671.092:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1484.948971][ T5810] usb 7-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1484.953996][ T3454] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1485.040311][ T5810] usb 7-1: config 0 interface 52 has no altsetting 0
[ 1485.040920][   T31] audit: type=1326 audit(1671.101:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1485.091783][ T5810] usb 7-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00
[ 1485.144329][ T5810] usb 7-1: New USB device strings: Mfr=0, Product=234, SerialNumber=34
[ 1485.182702][ T5810] usb 7-1: Product: syz
[ 1485.204530][ T5810] usb 7-1: SerialNumber: syz
[ 1485.220326][   T31] audit: type=1326 audit(1671.101:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1485.269631][ T5810] usb 7-1: config 0 descriptor??
[ 1485.337092][   T31] audit: type=1326 audit(1671.101:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1485.455762][   T31] audit: type=1326 audit(1671.101:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1485.528605][ T5810] synaptics_usb 7-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[ 1485.575721][   T31] audit: type=1326 audit(1671.101:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3446 comm="syz.7.12447" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1485.579481][ T5810] synaptics_usb 7-1:0.52: probe with driver synaptics_usb failed with error -5
[ 1485.787478][ T5810] usb 7-1: USB disconnect, device number 10
[ 1485.819999][ T5842] usb 6-1: new low-speed USB device number 57 using dummy_hcd
[ 1485.993431][ T5842] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1486.016205][ T5842] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[ 1486.052484][ T5842] usb 6-1: config 0 has no interface number 0
[ 1486.072609][ T5842] usb 6-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1486.111106][ T5842] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1486.161184][ T5842] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1486.212212][ T5842] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1486.251634][ T5842] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1486.252588][ T3495] loop7: detected capacity change from 0 to 8
[ 1486.284939][ T5842] usb 6-1: config 0 descriptor??
[ 1486.305214][ T3473] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1486.477264][ T3495] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1486.518719][ T3495] SQUASHFS error: Failed to read block 0x60: -5
[ 1486.556089][ T3495] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1486.584521][ T3505] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12474'.
[ 1486.597529][ T3495] SQUASHFS error: Failed to read block 0x60: -5
[ 1486.666397][ T3507] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1486.801130][ T5842] usb 6-1: USB disconnect, device number 57
[ 1487.091365][ T5810] usb 5-1: new low-speed USB device number 64 using dummy_hcd
[ 1487.219404][ T3523] loop8: detected capacity change from 0 to 2048
[ 1487.274361][ T3526] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1487.275557][ T5810] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1487.350009][ T5810] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1487.365482][ T5810] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[ 1487.376894][ T5810] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1487.387506][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1487.397499][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.400069][ T3511] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1487.439111][ T5810] hub 5-1:1.0: bad descriptor, ignoring hub
[ 1487.466919][ T5810] hub 5-1:1.0: probe with driver hub failed with error -5
[ 1487.503854][ T5810] cdc_wdm 5-1:1.0: skipping garbage
[ 1487.545676][ T5810] cdc_wdm 5-1:1.0: skipping garbage
[ 1487.568110][ T3523] Remounting filesystem read-only
[ 1487.600825][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.627558][ T5810] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1487.662707][ T5810] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1487.736917][ T3535] netlink: 16 bytes leftover after parsing attributes in process `syz.6.12488'.
[ 1487.752296][ T5810] usb 5-1: USB disconnect, device number 64
[ 1487.762801][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.780826][ T3535] netlink: 12 bytes leftover after parsing attributes in process `syz.6.12488'.
[ 1487.810211][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.862184][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.897969][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1487.949688][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1488.017646][ T3523] NILFS error (device loop8): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[ 1488.609542][ T5810] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1488.757735][ T3566] netlink: 'syz.8.12504': attribute type 21 has an invalid length.
[ 1488.788337][ T3566] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1488.812565][ T5810] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1488.839944][ T5810] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1488.848635][ T5810] usb 7-1: Product: syz
[ 1488.852872][ T5810] usb 7-1: Manufacturer: syz
[ 1488.858019][ T5810] usb 7-1: SerialNumber: syz
[ 1488.920347][ T5810] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1489.010406][T15171] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1489.279863][    C1] usb 7-1: ath9k_htc: invalid pkt_len (ffef)
[ 1489.426017][T21187] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.435988][ T2370] xfrm0 speed is unknown, defaulting to 1000
[ 1489.483558][ T2370] syz0: Port: 1 Link DOWN
[ 1489.494134][T21187] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.544563][T21187] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.589899][T21187] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1490.150035][ T2370] xfrm0 speed is unknown, defaulting to 1000
[ 1490.284571][ T2364] usb 7-1: USB disconnect, device number 11
[ 1490.303329][T15171] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[ 1490.310825][T15171] ath9k_htc: Failed to initialize the device
[ 1490.325467][ T2364] usb 7-1: ath9k_htc: USB layer deinitialized
[ 1491.781045][ T3648] loop0: detected capacity change from 0 to 1024
[ 1491.818057][ T3648] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1491.830469][   T31] kauditd_printk_skb: 2 callbacks suppressed
[ 1491.830492][   T31] audit: type=1326 audit(1677.993:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3651 comm="syz.7.12546" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1491.910290][ T3648] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1491.922776][   T31] audit: type=1326 audit(1678.030:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3651 comm="syz.7.12546" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1491.922857][   T31] audit: type=1326 audit(1678.039:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3651 comm="syz.7.12546" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1491.922933][   T31] audit: type=1326 audit(1678.039:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3651 comm="syz.7.12546" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1491.923006][   T31] audit: type=1326 audit(1678.039:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3651 comm="syz.7.12546" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa64559ce59 code=0x7ffc0000
[ 1492.138437][ T3661] loop4: detected capacity change from 0 to 1024
[ 1492.215413][ T3661] overlay: filesystem on ./file0 not supported
[ 1492.243982][ T5686] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1492.284615][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 1493.048460][ T3694] loop6: detected capacity change from 0 to 64
[ 1493.204608][ T3701] loop4: detected capacity change from 0 to 64
[ 1493.277221][ T3703] netlink: 'syz.7.12569': attribute type 4 has an invalid length.
[ 1493.313679][ T3703] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.12569'.
[ 1493.675814][ T3715] netlink: 830 bytes leftover after parsing attributes in process `syz.0.12575'.
[ 1494.007246][ T3726] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1494.329946][ T3741] netlink: 45 bytes leftover after parsing attributes in process `syz.7.12588'.
[ 1494.891330][ T3761] : entered promiscuous mode
[ 1495.265558][ T3778] loop5: detected capacity change from 0 to 64
[ 1495.296540][ T3778] hfs: unable to locate alternate MDB
[ 1495.315225][ T3778] hfs: continuing without an alternate MDB
[ 1495.317114][ T3746] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1495.372099][ T3746] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1495.378711][   T31] audit: type=1800 audit(1681.307:332): pid=3778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.12603" name="file1" dev="loop5" ino=22 res=0 errno=0
[ 1495.525521][ T3746] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1495.538046][T19988] 
[ 1495.540395][T19988] ======================================================
[ 1495.546240][ T3746] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1495.547415][T19988] WARNING: possible circular locking dependency detected
[ 1495.562123][T19988] syzkaller #0 Not tainted
[ 1495.566543][T19988] ------------------------------------------------------
[ 1495.573562][T19988] kworker/u8:4/19988 is trying to acquire lock:
[ 1495.579803][T19988] ffff88808ad6b930 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0
[ 1495.590589][T19988] 
[ 1495.590589][T19988] but task is already holding lock:
[ 1495.597996][T19988] ffff8880312f00a8 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330
[ 1495.605542][ T3788] netlink: 104 bytes leftover after parsing attributes in process `syz.7.12606'.
[ 1495.607613][T19988] 
[ 1495.607613][T19988] which lock already depends on the new lock.
[ 1495.607613][T19988] 
[ 1495.607631][T19988] 
[ 1495.607631][T19988] the existing dependency chain (in reverse order) is:
[ 1495.607646][T19988] 
[ 1495.607646][T19988] -> #1 (&tree->tree_lock#2/1){+.+.}-{4:4}:
[ 1495.644299][T19988]        __mutex_lock+0x1a4/0x1b10
[ 1495.649460][T19988]        hfs_find_init+0x273/0x330
[ 1495.654604][T19988]        hfs_ext_read_extent+0x19d/0x9d0
[ 1495.660291][T19988]        hfs_get_block+0x576/0x830
[ 1495.665446][T19988]        block_read_full_folio+0x36c/0x8e0
[ 1495.671298][T19988]        filemap_read_folio+0xfc/0x3b0
[ 1495.676804][T19988]        do_read_cache_folio+0x2d7/0x6b0
[ 1495.682568][T19988]        read_cache_page+0x5b/0x1b0
[ 1495.687810][T19988]        __hfs_bnode_create+0x718/0x9a0
[ 1495.693388][T19988]        hfs_bnode_find+0x2d5/0xd30
[ 1495.698621][T19988]        hfs_brec_find+0x39d/0x620
[ 1495.703757][T19988]        hfs_brec_read+0x26/0x120
[ 1495.708811][T19988]        hfs_cat_find_brec+0xdc/0x2a0
[ 1495.714221][T19988]        hfs_fill_super+0x58d/0x7e0
[ 1495.719442][T19988]        get_tree_bdev_flags+0x38c/0x620
[ 1495.725160][T19988]        vfs_get_tree+0x92/0x320
[ 1495.730130][T19988]        path_mount+0x7d0/0x23d0
[ 1495.735086][T19988]        __x64_sys_mount+0x293/0x310
[ 1495.740385][T19988]        do_syscall_64+0x115/0x870
[ 1495.745521][T19988]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1495.751946][T19988] 
[ 1495.751946][T19988] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}:
[ 1495.761183][T19988]        __lock_acquire+0x14b8/0x2630
[ 1495.766570][T19988]        lock_acquire+0x1b1/0x370
[ 1495.771618][T19988]        __mutex_lock+0x1a4/0x1b10
[ 1495.776757][T19988]        hfs_extend_file+0xa6/0xcf0
[ 1495.781982][T19988]        hfs_bmap_reserve+0x2ab/0x3a0
[ 1495.787401][T19988]        __hfs_ext_write_extent+0x3c4/0x510
[ 1495.793326][T19988]        hfs_ext_write_extent+0x1b7/0x200
[ 1495.799076][T19988]        hfs_write_inode+0xce/0xab0
[ 1495.804281][T19988]        __writeback_single_inode+0xcd4/0x1350
[ 1495.810468][T19988]        writeback_sb_inodes+0x766/0x1c60
[ 1495.816234][T19988]        wb_writeback+0x1bf/0xb90
[ 1495.821369][T19988]        wb_workfn+0x14f/0xc00
[ 1495.826351][T19988]        process_one_work+0xa0e/0x1980
[ 1495.831821][T19988]        worker_thread+0x5ef/0xe50
[ 1495.836946][T19988]        kthread+0x370/0x450
[ 1495.841544][T19988]        ret_from_fork+0x72b/0xd50
[ 1495.846669][T19988]        ret_from_fork_asm+0x1a/0x30
[ 1495.852076][T19988] 
[ 1495.852076][T19988] other info that might help us debug this:
[ 1495.852076][T19988] 
[ 1495.862300][T19988]  Possible unsafe locking scenario:
[ 1495.862300][T19988] 
[ 1495.869768][T19988]        CPU0                    CPU1
[ 1495.875124][T19988]        ----                    ----
[ 1495.880480][T19988]   lock(&tree->tree_lock#2/1);
[ 1495.885363][T19988]                                lock(&HFS_I(tree->inode)->extents_lock);
[ 1495.893977][T19988]                                lock(&tree->tree_lock#2/1);
[ 1495.901377][T19988]   lock(&HFS_I(tree->inode)->extents_lock);
[ 1495.907368][T19988] 
[ 1495.907368][T19988]  *** DEADLOCK ***
[ 1495.907368][T19988] 
[ 1495.915517][T19988] 3 locks held by kworker/u8:4/19988:
[ 1495.920888][T19988]  #0: ffff8880206f8940 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980
[ 1495.931652][T19988]  #1: ffffc900104f7d08 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980
[ 1495.943539][T19988]  #2: ffff8880312f00a8 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330
[ 1495.953632][T19988] 
[ 1495.953632][T19988] stack backtrace:
[ 1495.959554][T19988] CPU: 0 UID: 0 PID: 19988 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[ 1495.959596][T19988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1495.959626][T19988] Workqueue: writeback wb_workfn (flush-7:5)
[ 1495.959691][T19988] Call Trace:
[ 1495.959705][T19988]  <TASK>
[ 1495.959720][T19988]  dump_stack_lvl+0x100/0x190
[ 1495.959756][T19988]  print_circular_bug.cold+0x178/0x1c7
[ 1495.959818][T19988]  check_noncircular+0x146/0x160
[ 1495.959852][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.959904][T19988]  __lock_acquire+0x14b8/0x2630
[ 1495.959948][T19988]  ? __pfx_stack_trace_save+0x10/0x10
[ 1495.960009][T19988]  lock_acquire+0x1b1/0x370
[ 1495.960047][T19988]  ? hfs_extend_file+0xa6/0xcf0
[ 1495.960105][T19988]  ? __pfx___might_resched+0x10/0x10
[ 1495.960151][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.960194][T19988]  ? add_lock_to_list+0x99/0x110
[ 1495.960252][T19988]  __mutex_lock+0x1a4/0x1b10
[ 1495.960307][T19988]  ? hfs_extend_file+0xa6/0xcf0
[ 1495.960361][T19988]  ? hfs_extend_file+0xa6/0xcf0
[ 1495.960417][T19988]  ? hfs_write_inode+0xce/0xab0
[ 1495.960449][T19988]  ? __writeback_single_inode+0xcd4/0x1350
[ 1495.960506][T19988]  ? __pfx___mutex_lock+0x10/0x10
[ 1495.960560][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.960609][T19988]  ? lock_acquire+0x1b1/0x370
[ 1495.960652][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.960695][T19988]  ? trace_contention_end+0x122/0x170
[ 1495.960739][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.960787][T19988]  ? hfs_extend_file+0xa6/0xcf0
[ 1495.960840][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.960883][T19988]  hfs_extend_file+0xa6/0xcf0
[ 1495.960940][T19988]  ? __pfx_hfs_extend_file+0x10/0x10
[ 1495.960995][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.961046][T19988]  hfs_bmap_reserve+0x2ab/0x3a0
[ 1495.961102][T19988]  __hfs_ext_write_extent+0x3c4/0x510
[ 1495.961156][T19988]  ? hfs_find_init+0x273/0x330
[ 1495.961196][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.961242][T19988]  hfs_ext_write_extent+0x1b7/0x200
[ 1495.961298][T19988]  ? __pfx_hfs_ext_write_extent+0x10/0x10
[ 1495.961359][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.961402][T19988]  ? __mpage_writepages+0x1a8/0x210
[ 1495.961437][T19988]  ? __pfx___mpage_writepages+0x10/0x10
[ 1495.961473][T19988]  hfs_write_inode+0xce/0xab0
[ 1495.961507][T19988]  ? __pfx_hfs_write_inode+0x10/0x10
[ 1495.961540][T19988]  ? __lock_acquire+0x4a5/0x2630
[ 1495.961592][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1495.961653][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1495.961709][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.961758][T19988]  __writeback_single_inode+0xcd4/0x1350
[ 1495.961818][T19988]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1495.961875][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.961917][T19988]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1495.961966][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962013][T19988]  writeback_sb_inodes+0x766/0x1c60
[ 1495.962079][T19988]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1495.962166][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962209][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1495.962258][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962301][T19988]  ? queue_io+0x287/0x540
[ 1495.962348][T19988]  wb_writeback+0x1bf/0xb90
[ 1495.962409][T19988]  ? __pfx_wb_writeback+0x10/0x10
[ 1495.962470][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962512][T19988]  ? mark_held_locks+0x40/0x70
[ 1495.962550][T19988]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1495.962603][T19988]  wb_workfn+0x14f/0xc00
[ 1495.962660][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962703][T19988]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1495.962753][T19988]  ? __pfx_wb_workfn+0x10/0x10
[ 1495.962810][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962856][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962900][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.962943][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1495.962992][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.963039][T19988]  process_one_work+0xa0e/0x1980
[ 1495.963092][T19988]  ? __pfx_process_one_work+0x10/0x10
[ 1495.963132][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.963182][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.963229][T19988]  worker_thread+0x5ef/0xe50
[ 1495.963278][T19988]  ? kthread+0x13a/0x450
[ 1495.963312][T19988]  ? __pfx_worker_thread+0x10/0x10
[ 1495.963352][T19988]  kthread+0x370/0x450
[ 1495.963386][T19988]  ? __pfx_kthread+0x10/0x10
[ 1495.963424][T19988]  ret_from_fork+0x72b/0xd50
[ 1495.963465][T19988]  ? __pfx_ret_from_fork+0x10/0x10
[ 1495.963506][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1495.963549][T19988]  ? __switch_to+0x800/0x1100
[ 1495.963601][T19988]  ? __switch_to_asm+0x39/0x70
[ 1495.963647][T19988]  ? __pfx_kthread+0x10/0x10
[ 1495.963685][T19988]  ret_from_fork_asm+0x1a/0x30
[ 1495.963743][T19988]  </TASK>
[ 1496.474914][ T3791] loop6: detected capacity change from 0 to 256
[ 1496.514118][T19988] hfs: new node 0 already hashed?
[ 1496.522163][T19988] ------------[ cut here ]------------
[ 1496.527630][T19988] 1
[ 1496.527645][T19988] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create.cold+0x41/0x49, CPU#0: kworker/u8:4/19988
[ 1496.540450][T19988] Modules linked in:
[ 1496.544393][T19988] CPU: 0 UID: 0 PID: 19988 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[ 1496.554304][T19988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1496.564537][T19988] Workqueue: writeback wb_workfn (flush-7:5)
[ 1496.570595][T19988] RIP: 0010:hfs_bnode_create.cold+0x41/0x49
[ 1496.576611][T19988] Code: 75 a4 63 0a e9 07 57 d1 01 e8 5b 22 e1 00 4c 89 f7 e8 63 a4 63 0a e8 4e 22 e1 00 89 ee 48 c7 c7 40 e9 d1 8b e8 20 e1 fa ff 90 <0f> 0b 90 e9 09 5a d1 01 e8 32 22 e1 00 e8 8d 4c 4d 00 e9 65 5c d1
[ 1496.596507][T19988] RSP: 0018:ffffc900104f7020 EFLAGS: 00010282
[ 1496.602612][T19988] RAX: 000000000000001f RBX: ffff888063aa9d00 RCX: 0000000000000000
[ 1496.610670][T19988] RDX: 000000000000001f RSI: ffffffff81e72a69 RDI: fffff5200209edf5
[ 1496.618711][T19988] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1496.626703][T19988] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000
[ 1496.634772][T19988] R13: ffff8880312f0000 R14: ffff8880312f00d8 R15: 0000000000000000
[ 1496.642860][T19988] FS:  0000000000000000(0000) GS:ffff888124384000(0000) knlGS:0000000000000000
[ 1496.651953][T19988] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1496.658571][T19988] CR2: 0000001b2f811ff8 CR3: 000000002b723000 CR4: 0000000000350ef0
[ 1496.666667][T19988] Call Trace:
[ 1496.669965][T19988]  <TASK>
[ 1496.673072][T19988]  ? _raw_spin_unlock+0x28/0x50
[ 1496.678032][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.683765][T19988]  ? hfs_bnode_put+0x208/0x480
[ 1496.688573][T19988]  hfs_bmap_alloc+0x5a7/0x6b0
[ 1496.693366][T19988]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[ 1496.698618][T19988]  ? __asan_memcpy+0x3c/0x60
[ 1496.703277][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.708946][T19988]  ? hfs_bnode_read.part.0+0x298/0x330
[ 1496.714513][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.720182][T19988]  ? folio_mark_accessed+0xf3/0x1040
[ 1496.725618][T19988]  hfs_btree_inc_height.isra.0+0xff/0x820
[ 1496.731377][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1496.736236][T19988]  ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10
[ 1496.742639][T19988]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1496.747974][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.753659][T19988]  ? _raw_spin_unlock+0x28/0x50
[ 1496.758634][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.764304][T19988]  ? hfs_bnode_put+0x208/0x480
[ 1496.769156][T19988]  hfs_brec_insert+0x8ba/0xc20
[ 1496.773979][T19988]  ? __pfx_hfs_brec_insert+0x10/0x10
[ 1496.779346][T19988]  ? hfs_bmap_reserve+0x2c5/0x3a0
[ 1496.784553][T19988]  __hfs_ext_write_extent+0x3ef/0x510
[ 1496.790052][T19988]  ? hfs_find_init+0x273/0x330
[ 1496.794849][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.800572][T19988]  hfs_ext_write_extent+0x1b7/0x200
[ 1496.805901][T19988]  ? __pfx_hfs_ext_write_extent+0x10/0x10
[ 1496.811718][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.817481][T19988]  ? __mpage_writepages+0x1a8/0x210
[ 1496.822768][T19988]  ? __pfx___mpage_writepages+0x10/0x10
[ 1496.828351][T19988]  hfs_write_inode+0xce/0xab0
[ 1496.833103][T19988]  ? __pfx_hfs_write_inode+0x10/0x10
[ 1496.838421][T19988]  ? __lock_acquire+0x4a5/0x2630
[ 1496.843461][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1496.849316][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1496.855227][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.860945][T19988]  __writeback_single_inode+0xcd4/0x1350
[ 1496.866692][T19988]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1496.872830][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.878596][T19988]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1496.883836][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.889557][T19988]  writeback_sb_inodes+0x766/0x1c60
[ 1496.895035][T19988]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1496.900798][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.906525][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1496.911324][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.917020][T19988]  ? queue_io+0x287/0x540
[ 1496.921412][T19988]  wb_writeback+0x1bf/0xb90
[ 1496.925959][T19988]  ? __pfx_wb_writeback+0x10/0x10
[ 1496.931094][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.936763][T19988]  ? mark_held_locks+0x40/0x70
[ 1496.941587][T19988]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1496.946830][T19988]  wb_workfn+0x14f/0xc00
[ 1496.951184][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.956869][T19988]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1496.962744][T19988]  ? __pfx_wb_workfn+0x10/0x10
[ 1496.967610][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.973346][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.979031][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.984768][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1496.989721][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1496.995518][T19988]  process_one_work+0xa0e/0x1980
[ 1497.000627][T19988]  ? __pfx_process_one_work+0x10/0x10
[ 1497.006071][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.011770][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.017583][T19988]  worker_thread+0x5ef/0xe50
[ 1497.022251][T19988]  ? kthread+0x13a/0x450
[ 1497.026572][T19988]  ? __pfx_worker_thread+0x10/0x10
[ 1497.031731][T19988]  kthread+0x370/0x450
[ 1497.035846][T19988]  ? __pfx_kthread+0x10/0x10
[ 1497.040474][T19988]  ret_from_fork+0x72b/0xd50
[ 1497.045145][T19988]  ? __pfx_ret_from_fork+0x10/0x10
[ 1497.050298][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.055989][T19988]  ? __switch_to+0x800/0x1100
[ 1497.060711][T19988]  ? __switch_to_asm+0x39/0x70
[ 1497.065491][T19988]  ? __pfx_kthread+0x10/0x10
[ 1497.070319][T19988]  ret_from_fork_asm+0x1a/0x30
[ 1497.075131][T19988]  </TASK>
[ 1497.078183][T19988] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1497.085479][T19988] CPU: 0 UID: 0 PID: 19988 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[ 1497.095227][T19988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1497.105375][T19988] Workqueue: writeback wb_workfn (flush-7:5)
[ 1497.111410][T19988] Call Trace:
[ 1497.114703][T19988]  <TASK>
[ 1497.117629][T19988]  dump_stack_lvl+0x100/0x190
[ 1497.122316][T19988]  vpanic+0x552/0x970
[ 1497.126308][T19988]  ? __pfx_vpanic+0x10/0x10
[ 1497.130901][T19988]  ? lock_release+0x245/0x310
[ 1497.135618][T19988]  panic+0xd1/0xe0
[ 1497.139349][T19988]  ? __pfx_panic+0x10/0x10
[ 1497.143783][T19988]  ? check_panic_on_warn+0x1f/0x90
[ 1497.148952][T19988]  check_panic_on_warn.cold+0x19/0x34
[ 1497.154364][T19988]  ? hfs_bnode_create.cold+0x41/0x49
[ 1497.159671][T19988]  __warn.cold+0x191/0x328
[ 1497.164104][T19988]  __report_bug+0x296/0x3d0
[ 1497.168635][T19988]  ? hfs_bnode_create.cold+0x41/0x49
[ 1497.173945][T19988]  ? __pfx___report_bug+0x10/0x10
[ 1497.178993][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.184644][T19988]  ? preempt_schedule_thunk+0x16/0x30
[ 1497.190045][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.195697][T19988]  ? preempt_count_add+0x76/0x150
[ 1497.200748][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.206399][T19988]  ? __wake_up_klogd+0xe2/0x140
[ 1497.211268][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.216916][T19988]  ? vprintk_emit+0x1c9/0x6b0
[ 1497.221708][T19988]  ? __pfx_vprintk_emit+0x10/0x10
[ 1497.226762][T19988]  ? hfs_bnode_create.cold+0x41/0x49
[ 1497.232059][T19988]  report_bug+0xb2/0x220
[ 1497.236324][T19988]  ? hfs_bnode_create.cold+0x41/0x49
[ 1497.241631][T19988]  handle_bug+0x16a/0x2a0
[ 1497.245969][T19988]  exc_invalid_op+0x17/0x50
[ 1497.250482][T19988]  asm_exc_invalid_op+0x1a/0x20
[ 1497.255342][T19988] RIP: 0010:hfs_bnode_create.cold+0x41/0x49
[ 1497.261257][T19988] Code: 75 a4 63 0a e9 07 57 d1 01 e8 5b 22 e1 00 4c 89 f7 e8 63 a4 63 0a e8 4e 22 e1 00 89 ee 48 c7 c7 40 e9 d1 8b e8 20 e1 fa ff 90 <0f> 0b 90 e9 09 5a d1 01 e8 32 22 e1 00 e8 8d 4c 4d 00 e9 65 5c d1
[ 1497.280872][T19988] RSP: 0018:ffffc900104f7020 EFLAGS: 00010282
[ 1497.286949][T19988] RAX: 000000000000001f RBX: ffff888063aa9d00 RCX: 0000000000000000
[ 1497.294919][T19988] RDX: 000000000000001f RSI: ffffffff81e72a69 RDI: fffff5200209edf5
[ 1497.302895][T19988] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1497.310961][T19988] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000
[ 1497.318933][T19988] R13: ffff8880312f0000 R14: ffff8880312f00d8 R15: 0000000000000000
[ 1497.326915][T19988]  ? vprintk_emit+0x1c9/0x6b0
[ 1497.331637][T19988]  ? _raw_spin_unlock+0x28/0x50
[ 1497.336506][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.342183][T19988]  ? hfs_bnode_put+0x208/0x480
[ 1497.346971][T19988]  hfs_bmap_alloc+0x5a7/0x6b0
[ 1497.351679][T19988]  ? __pfx_hfs_bmap_alloc+0x10/0x10
[ 1497.356899][T19988]  ? __asan_memcpy+0x3c/0x60
[ 1497.361504][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.367152][T19988]  ? hfs_bnode_read.part.0+0x298/0x330
[ 1497.372661][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.378308][T19988]  ? folio_mark_accessed+0xf3/0x1040
[ 1497.383622][T19988]  hfs_btree_inc_height.isra.0+0xff/0x820
[ 1497.389370][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1497.394157][T19988]  ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10
[ 1497.400511][T19988]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1497.405732][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.411384][T19988]  ? _raw_spin_unlock+0x28/0x50
[ 1497.416253][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.421901][T19988]  ? hfs_bnode_put+0x208/0x480
[ 1497.426696][T19988]  hfs_brec_insert+0x8ba/0xc20
[ 1497.431491][T19988]  ? __pfx_hfs_brec_insert+0x10/0x10
[ 1497.436799][T19988]  ? hfs_bmap_reserve+0x2c5/0x3a0
[ 1497.441849][T19988]  __hfs_ext_write_extent+0x3ef/0x510
[ 1497.447251][T19988]  ? hfs_find_init+0x273/0x330
[ 1497.452117][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.457768][T19988]  hfs_ext_write_extent+0x1b7/0x200
[ 1497.463000][T19988]  ? __pfx_hfs_ext_write_extent+0x10/0x10
[ 1497.468754][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.474402][T19988]  ? __mpage_writepages+0x1a8/0x210
[ 1497.479611][T19988]  ? __pfx___mpage_writepages+0x10/0x10
[ 1497.485170][T19988]  hfs_write_inode+0xce/0xab0
[ 1497.489944][T19988]  ? __pfx_hfs_write_inode+0x10/0x10
[ 1497.495320][T19988]  ? __lock_acquire+0x4a5/0x2630
[ 1497.500307][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1497.506144][T19988]  ? __writeback_single_inode+0x454/0x1350
[ 1497.511981][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.517639][T19988]  __writeback_single_inode+0xcd4/0x1350
[ 1497.523307][T19988]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1497.529582][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.535270][T19988]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1497.540499][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.546154][T19988]  writeback_sb_inodes+0x766/0x1c60
[ 1497.551397][T19988]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1497.557097][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.562750][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1497.567540][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.573324][T19988]  ? queue_io+0x287/0x540
[ 1497.577680][T19988]  wb_writeback+0x1bf/0xb90
[ 1497.582220][T19988]  ? __pfx_wb_writeback+0x10/0x10
[ 1497.587279][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.592931][T19988]  ? mark_held_locks+0x40/0x70
[ 1497.597708][T19988]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1497.602930][T19988]  wb_workfn+0x14f/0xc00
[ 1497.607204][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.612850][T19988]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1497.618680][T19988]  ? __pfx_wb_workfn+0x10/0x10
[ 1497.623488][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.629141][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.634801][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.640446][T19988]  ? rcu_is_watching+0x12/0xc0
[ 1497.645228][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.650967][T19988]  process_one_work+0xa0e/0x1980
[ 1497.655930][T19988]  ? __pfx_process_one_work+0x10/0x10
[ 1497.661499][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.667169][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.672824][T19988]  worker_thread+0x5ef/0xe50
[ 1497.677460][T19988]  ? kthread+0x13a/0x450
[ 1497.681716][T19988]  ? __pfx_worker_thread+0x10/0x10
[ 1497.686842][T19988]  kthread+0x370/0x450
[ 1497.690919][T19988]  ? __pfx_kthread+0x10/0x10
[ 1497.695519][T19988]  ret_from_fork+0x72b/0xd50
[ 1497.700124][T19988]  ? __pfx_ret_from_fork+0x10/0x10
[ 1497.705250][T19988]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1497.710898][T19988]  ? __switch_to+0x800/0x1100
[ 1497.715598][T19988]  ? __switch_to_asm+0x39/0x70
[ 1497.720381][T19988]  ? __pfx_kthread+0x10/0x10
[ 1497.724983][T19988]  ret_from_fork_asm+0x1a/0x30
[ 1497.729897][T19988]  </TASK>
[ 1497.733121][T19988] Kernel Offset: disabled
[ 1497.737432][T19988] Rebooting in 86400 seconds..