last executing test programs:

2m56.469557032s ago: executing program 5 (id=399):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000009d00)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000009e00)={0x0, 0x0, &(0x7f0000009dc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf256800000008000300", @ANYRES32=r2, @ANYBLOB="1800c7"], 0x34}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)

2m51.401988432s ago: executing program 5 (id=430):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x190)

2m51.122115626s ago: executing program 5 (id=433):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000))

2m50.873100366s ago: executing program 5 (id=435):
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB='usrquota,iocharset=cp862,quota,integrity,usrquota,discard=0x0000000000000008,usrquota\x00integrity,resize=0x0000000000000000,umask=0x0000000000000bfe,grpquota,discard,umask=0x0000000000000005,uid=', @ANYRESHEX=0x0, @ANYBLOB=',audit,fowner>', @ANYRESDEC=0x0, @ANYBLOB="2c66736d616769813d3078303030303030303030303030303030394bbffdfb2d2acf39276dffbfb52c00"], 0xfe, 0x6163, &(0x7f0000006680)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30/8DN7sdcOIQZCcPI3sHaMMc6SXV/iC/+6mHBtgFIgodALtutdmwXf8NolUCSbBkokjIoqqqYv2gJCbaSqwkK8oBWleVH18qppX9A3FVUlpEZViAIqUlvRbDVznufxzOzszK53vJ49z+cjJT/vzpk5Z848M7vftb87AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLOtb575fK0oivp/jf9tKooX1f+8YXxT43NvuNVHCAAAAKzU/zb+//wd6RNHlnClpm3+9lX/8K35+fn54oPDvzv65fn5dMF4UYyuL4rGZdG1f/tQrXmb4LFirDbU9PFQj90P97h8pMfloz0uX9fj8vU9Lh/rcfmCE7DAhvLnMY0b297446bylBZ3FqONy7Z3uNZjtfVDQ/FnOQ21xnXmR08Ws8XpYqaYatm+3LbW2P47W+v7ekcR9zXUtK8t9RXyo0+fiMdQC+d4e8u+rt9m9MM3FeM//tGnT/zxxWfv7jR7noaW2yuPc+e2+nF+NnymPNZasT6dk3icQ03HuaXDYzLccpy1xvXqf24/zueXeJzD1w9zVbU/5mPFUOPPTzfO00jzj/XSedoSPvdf9xZFceX6Ybdvs2BfxVCxseUzQ9cfn7FyRdZvo76UXlqMLGudbl3COq3P6e2t67T9OREf/63heiOLHEPzw/TDz6xb8Lgvd51G9Xu92HOlfQ32+7kyKGswrounG3f68Y5rcHu4/5/esfga7Lh2OqzBdL+b1uC2XmtwaN1w45jTg1BrXOf6Gtzdsv1wY0+1xnxmR/c1OHnxzPnJuU9+6vWzZ46fmjk1c3bv7t1Te/fvP3jw4OTJ2dMzU+X/b/BsD76NxVB6DmwL5y4+B17btm3zUp3/av+eh2Ndnoeb2rbt9/NwpP3O1VbnCblwTZfPjYfrJ33s6lCxyHOs8fjsWvnzMN3vpufhSNPzsOPXlA7Pw5ElPA/r25zftbTvWUaa/ut0DDfra8GmpjXY/v1I+xrs9/cjg7IGx8K6+Jddi38t2BKO9/GJ5X4/MrxgDaa7G1576p9J3++PHWyMTuvynvoFt60rLs3NXLj/0eMXL17YXYSxKl7WtFba1+vGpvtULFivQ8ter0dmX/X4PR0+vymcq7HX1/83tuhjVd9m3/3dH6vGV7fO57Pls3uKMPpstc9np6/m9fOZsmSX81nf5rOTK/9ePOXSptff0UVef2Puf6HcX7qpx4ZHR8rn73A6O6Mtr8etD9VI47Wr1tj385NLez0eDf+t9uvxnV1ejze3bdvv1+PR9jsXX49rvX7asTLtj+dYWCenp7q/Hte32bxnuWtypOvr8b1h1sL5f11ICikXNa2dxdZt2tfIyGi4XyNxD63rdG/L9qMhm9X39eSeG1unO+8tb2s43bvrVmudjrdt2+91ml6vFqzTsIJrvX76dmPaH8+xsC7u3Nt9nda3eWrfyl87N8Q/Nr12ruu1BkeH19WPeTQtwvL1fn5DXIP3FyeKc8XpYrpx6brGeqo19jXxwNLW4Lrw32q/Vm7usgZ3tm3b7zWYvo61v0bGtVcbWXjn+6D98RwL6+KJB7qvwfo2bznQ3+9dd4bPpG2avndt//naYj/zuqftNN3Mn3nVj/OvD3T/2Wx9m9MHl5szu5+n+8Jnbutwntqfv4s9p6aL1TlPm8NxPntw8fNUP576Nl8+tMT1dKQoissff7Dx897w9yvfvPS9b7X8vcvCv9P59vz8/IPP3X7yb5Zz/ACsfS+UY2P5ta7pb6aW8vf/AAAAwJoQc/9QmIn8DwAAAJURc3/8V+GJ/A8AAACVEXP/SJhJJvl/81uenX3hcpGa+fNBvDydhofK7WLHdSp8PD5/Xf3zD3595id/cXlp+x4qiuKnD/1Gx+03PxSPqzQejvPaW1s/v/CKl5e0/2OPXN+uub/+lXD78f4sdRl0quBOFUXxnTu+2NjP+IeuNuZTDx1rzPddefyx+jbPHyo/jtd/5mXl9n8Qyr9HTh5vuf4z4Tz8IMypd3Y+H/F637j6ui0HPnB9f/F6tW0vbtztJz5c3m78PTlfeqzcPp7nxY7/L7/w5Dfq2z/6ms7Hf3mo8/E/GW7362H+9yvL7Zsfg/rH8XqfC8cf9xevd//Xvtvx+K99vtz+/NvK7Y6FGfe/M3y8/W3Pzjafr0drx1vuV/H2cru4/6nv/Xbj8nh78fbbj3/s6NWW89G+Pp76p/J2Jtu2j5+P+4n+vG3/9dtpXp9x/0/+1rGW89xr/9fe98wr67fbvv/72rYbbrt++29s+sPPfbHj/uLxHPmz8y3358h7w/M47P+JD4f1GC7/n2tfbNlvdOy9ra8/cfuvbLrccn+id/y43P+1N55qzH8f/8nv3/ai21985dX1c1cUT7+/vL1e+z/1R+dajv+rd+1qPB7x8tjRb9//YuL+L3xi4uy5uUuz001ntfG7c95VHs/6sQ0b68d7R3htbf/46LmLH5m5MD41PlUU49X9FXo37GthPleOK8u9/q5HwuN5z+99Z+OOf/xC/Pw/P1x+/uo7y69brw3bfSl8flP5+M3XVrj/J7be1Xh+154qP27psffBlu3/cXBJG4b73/59QVzv51/+kcZ5qF/W+LoRn9crPP7vT5e38+1wXufDb2bedtf1/TVvH383wtX3l8/3FZ+/8DIXH9c/CY/3u39Q3n48rnh/vx++j/nu5tbXu7g+vn15qP32G7/F40p4PSmulJfHreL5vvr8XR0PL/4ekuLK3Y2Pfyfdzt3LupuLmfvk3OTp2bOXHp28ODN3cXLuk586eubcpbMXjzZ+l+fRj/a6/vXXp42N16fpmf37iqkNRVGcK6ZW4QXr5hx//U9LO/7zj5yYPjC1Y3rm5PFLJy8+cn7mwqkTc3MnZqbndhw/eXLmE72uPzt9ePeeQ3sP7Jk4NTt9+OChQ3sPTcyePVc/jPKgetg/9bGJsxeONq4yd3jfod0PPLBvauLMuemZwwempiYu9bp+42vTRP3avz5xYeb08YuzZ2Ym5mY/NXN496H9+/f0/G2AZ86fnBufvHDp7OSluZkLk+V9Gb/Y+HT9a1+v61NNc/9afj/brlb+Ir7iPfftT7+fte7rn1n0pspN2n6B6LPhd9H8/UvOH1zKxzH3j4aZZJL/AQAAIAcx968LM5H/AQAAoDJi7l8fZiL/AwAAQGXE3D8WZpJJ/tf/1/9fWv+/vFz/P6/+//mPl73Std7/j/15/f883OL+/4r3r/+v/1+9/v/S+/Nr/fj1//X/WWjQ+v8x928oiizzPwAAAOQg5v6NYSbyPwAAAFRGzP23hZnI/wAAAFAZMfe/KMwkk/yv/7+k/v+eXoWr6vf/vf+//n+xNvv/8cHR/8/Gsvv3H3i45UP9/0D/X/9f/1//X/+fFRtd9JJb1f+Puf/2MJNM8j8AAADkIOb+F4eZyP8AAABQGTH33xFmIv8DAABAZcTcvynMJJP8r//v/f/1//X/K93/X+n7/zcdjP7/2uD9/7vT/+/hhvv/Y/r/a7H/P9rf4x/s/n/Pw9f/56YYtPf/j7n/JWEmmeR/AAAAyEHM/S8NM5H/AQAAoDJi7n9ZmIn8DwAAAJURc/+dYSaZ5H/9f/1//X/9f/3/zvvv/f7/5Z/0/weL/n93+v89eP//vPr/fT7+we7/9/v9/0ff2n59/X86GbT+f8z9Lw8zyST/AwAAQA5i7r8rzET+BwAAgMqIuf8VYSbyPwAAAFRGzP2bw0wyyf/6//r/+v/6//r/nfffu/9f0v8fLPr/3en/96D/r/+v/7+0/n+Hb371/+lk0Pr/MfffHWaSSf4HAACAHMTcf0+YifwPAAAAlRFz//8LM5H/AQAAoDJi7t8SZpJJ/tf/1//X/8+r/3/fOv1//f9q0//vTv+/B/1//X/9/yW+//9Cy+n/r+91Y1TGoPX/Y+5/ZZhJJvkfAAAAchBz/6vCTOR/AAAAqIyY+18dZiL/AwAAQGXE3D8eZpJJ/tf/r1b//0//6olXF/r/+v899l/R/n9cBvr/mdP/707/vwf9f/1//f9V6f+Tj0Hr/8fcvzXMJJP8DwAAADmIuX9bmIn8DwAAAJURc/+9YSbyPwAAAFRGzP3bw0wyyf/6/9Xq/0f6//r/3fZf0f5/ov+fN/3/DpqepPr/Pej/6/9n3/+P3/3q/9Mfg9b/j7n/NWEmmeR/AAAAyEHM/TvCTOR/AAAAqIyY+18bZiL/AwAAQGXE3L8zzCST/K//r/+v/6//r//fef/6/2uT/n93y+3/r9P/1//X/8+s/+/9/+mvQev/x9z/ujCTTPI/AAAA5CDm/l1hJvI/AAAAVEb895vlv3uV/wEAAKCKYu6fCDPJJP/r/+v/59T/r+n/6//r/1ee/n933v+/B/1//f++9//XF/r/+v85G7T+f8z9rw8zyST/AwAAQA5i7r8/zET+BwAAgMqIuX8yzET+BwAAgMqIuX8qzCST/K//r/+fU//f+//r/+v/V5/+f3f6/z3o/+v/V+39/4tC/59batD6/zH37w4zyST/AwAAQA5i7t8TZiL/AwAAQGXE3L83zET+BwAAgMqIuX9fmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/69a/9/7/3OLDVr/P+b+B8JMMsn/AAAAkIOY+/eHmcj/AAAAUBkx9x8IMwn5v9O/6wYAAADWlpj7D4aZZPL3//r/Fen//+bftexb/1//v9v++9P/36D/H6b+/2CpaP+//Wlxw/T/e9D/1//X/9f/p68Grf8fc/+hMJNM8j8AAADkIOb+N4SZyP8AAABQGTH3//8wE/kfAAAAKiPm/p8JM8kk/+v/V6T/3+YW9/+/qf/feX1Uq//v/f/1/wdTRfv/fVOp/v+Q/r/+/2Adv/6//j8L3fz+f/zT0vr/MfcfDjPJJP8DAABADmLu/9kwE/kfAAAAKiPm/jeGmcj/AAAAUBkx9x8JM8kk/+v/6/97/3/9/5vT/39j0W4Q+//1xaP/Xy36/91Vqv/v/f/1/wfs+PX/9f9ZaNDe/z/m/jeFmWSS/wEAACAHMfc/GGYi/wMAAEBlxNz/5jAT+R8AAAAqI+b+t4SZZJL/9f/1//X/9f+9/3/n/ev/r036/93p//eg/6//r/+v/09fDVr/P+b+t4aZZJL/AQAAIAcx978tzET+BwAAgMqIuf/tYSbyPwAAAFRGzP3vCDPJJP/r/+v/6//r/+v/d96//v/apP/fnf5/D/r/+v/6//r/9NWg9f9j7v+5MJNM8j8AAADkIOb+h8JM5H8AAACojJj73xlmIv8DAABAZcTc/64wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//r/+v/09fDVr/P+b+d4eZZJL/AQAAIAcx9/98mIn8DwAAAJURc/97wkzkfwAAAKiMmPt/Icwkk/yv/6//P1j9//nLzdfT/9f/L/rV/69fSf8/C/r/3en/99Ch/79e/1//X/9f/58bNmj9/5j73xtmkkn+BwAAgBzE3P++MBP5HwAAACoj5v73h5nI/wAAAFAZMfc/HGaSSf7X/8+y/5/u8uD1/73/v/6/9//X/18Z/f/u9P978P7/+v/6//r/9NWg9f9j7n8kzCST/A8AAAA5iLn/A2Em8j8AAABURsz9vxhmIv8DAABAZcTc/8Ewk0zyv/5/lv3/AX7//6r1/0da1kdO/f+xpsczrUv9f/3/VaD/353+fw/6//r/g9z/D6t5wyLX1/9nEA1a/z/m/g+FmWSS/wEAACAHMff/UpiJ/A8AAACVEXP/L4eZyP8AAABQGTH3/0qYSSb5X/9f/1//3/v/e///zvvX/1+b9P+70//vQf9f/3+Q+/896P8ziAat/x9z/6+GmSwa/J77zyXcTQAAAGCAxNz/4TCTTP7+HwAAAHIQc//RMBP5HwAAACoj5v5jYSaZ5H/9//b+f3xHVf1//X/9f/1//f+1qH/9/1fcXhT6//r/+v/6//r/+v+sxKD1/2PuPx5mkkn+BwAAgBzE3P9rYSbyPwAAAFRGzP0nwkzkfwAAAKiMmPunw0wyyf+3sP8/Opj9f+//f6P9/5/q/+v/B/r/nen/rw7v/9+d/n8P+v/6//r/+v/01aD1/2PunwkzyST/AwAAQIWlHwfH3H8yzET+BwAAgMqIuf9UmIn8DwAAAJURc/9Hwkwyyf/e/1//3/v/34r+/0jL9vr/Jf1//f9+0P/vTv+/B/1//X/9f/1/+mrQ+v8x98+GmWSS/wEAACAHMfd/NMxE/gcAAIDKiLn/Y2Em8j8AAABURsz9p8NMMsn/+v/6/7n3/2tFccX7/+v/d9q//v/apP/fnf5/D/r/+v/6//r/9NWg9f9j7j8TZpJJ/gcAAIAcxNx/NsxE/gcAAIDKiLn/XJj/x9599Mp5X3ccnygSyyp5CVlnEWSZrJSXkG12Abw24CL3Ism9yEXuvci9997k3nvvcu9VrrIBGro855CXM3yGZXjnef7n89mckBBzh9aVhZ+JL/7F/gcAAIBh5O6/W9zSZP/r//X/3fv/1V7e/z/81+v/T9P/6/93Ya2/v3rzX3e+KPy8/f9//td1/6//X3j/v+nf1ufQ/+v/9f/6f3Zqbv1/7v67xy1N9j8AAAB0kLv/HnGL/Q8AAADDyN1/z7jF/gcAAIBh5O6/Lm5psv/1//p//b/+/1D/f6v+X/+/bN7/n9a7/78A+n/9v/5f/89Oza3/z91/r7ilyf4HAACADnL33ztusf8BAABgGLn77xO32P8AAAAwjNz9941bmux//b/+X/+/lP7/mPf/z/n96P/1/5vo/6fp/7fQ/+v/9f/6f3Zqbv1/7v77xS1N9j8AAAB0kLv//nGL/Q8AAADDyN3/gLjF/gcAAIBh5O5/YNzSZP/r//X/+v+l9P9H9P6//l//v3C3rM78d4L+f53+f4st/f9qpf+fcsH9/Obf3nI+/3no//X/rJtb/5+7/0Fxy/+sVscu9TcJAAAAzEru/gfHLU3+/B8AAAA6yN1/fdxi/wMAAMAwcvffELc02f/6f/2//l//r//f/PX1/8vk/f9pl9////u/3vUufft/7/9P8/7/rvv/O78z9P8s29z6/9z9N8YtTfY/AAAAdJC7/yFxi/0PAAAAw8jd/9C4xf4HAACAYeTuf1jc0mT/6/9H6///+dCvO6v/P6hd9P/6f/2//n90+v9p3v/f4uC/5k7WD/X/+n/v/+v/uTxz6/9z9z88bmmy/wEAAKCD3P2PiFvsfwAAABhG7v5Hxi32PwAAAAwjd/+j4pYm+1//P1r/f/jXef9f/7/p6+v/9f8j0/9P0/9vMcr7/5f4XbPvfv5y7fvz6//1/6ybW/+fu//RcUuT/Q8AAAAd5O5/TNxi/wMAAMAwcvc/Nm6x/wEAAGAYuftvilua7H/9v/5/Gf1/fgX9v/7/yvf/Sf+/TPr/afr/LUbp/y/Rvvv5pX9+/b/+n3Vz6/9z9z8ubmmy/wEAAKCD3P2Pj1vsfwAAABhG7v4nxC32PwAAAAwjd/8T45Ym+1//r/9fRv/v/X/9v/f/9f8XRv8/Tf+/hf5f/6//1/+zU3Pr/3P33xy3NNn/AAAA0EHu/ifFLfY/AAAADCN3/5PjFvsfAAAAhpG7/ylxS5P9r//X/+v/9f/6/81fX/+/TPr/aXPq/09s+Dn9v/5/yZ9f/6//Z92M+v+zftWJ1VPjlib7HwAAADrI3f+0uMX+BwAAgGHk7n963GL/AwAAwDBy9z8jbmmy//X/s+n/D3K+sfr/k6vVSv+/atr/nzzr72d9X+r/9f9HQP8/bU79/yb6f/3/kj+//l//z7oZ9f8HP87d/8y4pcn+BwAAgA5y9z8rbrH/AQAAYBi5+58dt9j/AAAAMIzc/c+JW5rsf/3/bPr/A2P1/97/P/f7o1P/7/3/dfr/o6H/n6b/30L/r//X/+v/2am59f+5+58bNx275pJ/iwAAAMDM5O5/XtzS5M//AQAAoIPc/c+PW+x/AAAAWKib134md/8L4pYm+1//v9v+/9hZP6f/1/+f+/2h/9f/6/+vPP3/NP3/Fvp//b/+X//PTs2t/8/d/8K4pcn+BwAAgA5y998St9j/AAAAMIzc/S+KW+x/AAAAGEbu/hfHLU32v/7f+//6f/2//n/z19f/L5P+f5r+fwv9v/5/v/3/8TP/p/6fMVxE/3/q1Knrr3j/n7v/JXFLk/0PAAAAHeTuf2ncYv8DAADAMHL3vyxusf8BAABgGLn7Xx63NNn/+v+m/X9+qy+r/79htdL/6//1//r/afr/afr/LfT/+n/v/+v/2am5vf+fu/8VcUuT/Q8AAAAd5O5/Zdxi/wMAAMAwcve/Km6x/wEAAGAYuftfHbc02f/6/6b9v/f/9f/6/6Pu/+9Y6f+PxCL6/5Pn//pz7/9v1P/r/ye06///978P/VD/r/9n3dz6/9z9r4lbmux/AAAA6CB3/2vjFvsfAAAAhpG7/3Vxi/0PAAAAw8jd//q46eom+1//r//X/+v/9f+bv/4Rv/9/bLVa6f93YBH9/4S59/+7ef//3H/Kz9D/6/+X/Pn1//p/1s2t/8/d/4a4pcn+BwAAgA5y978xbrH/AQAAYBi5+98Ut9j/AAAAMIzc/W+OW5rsf/2//l//r/8fvv+/cRH9v/f/d0T/P20e/f/56f/1/0v+/Pp//T8Xbl/9f+7+t8QtTfY/AAAAdJC7/61xi/0PAAAAw8jd/7a4xf4HAACAYeTuf3vc0mT/6//1/xfT/+fn1P+P1f8fn13/f+LQ/78m7//r/3dE/z9N/7+F/l//r/+/Wf/PLs3t/f/c/e+IW5rsfwAAAOggd/8749b/dGv/AwAAwDBy978rbrH/AQAAYBi5+98dtzTZ//p//b/3//X/w7//r/9vRf8/Tf+/hf5f/9+p/7/p8A+9/8+VMLf+P3f/e+KWJvsfAAAAOsjd/964xf4HAACAYeTuf1/cYv8DAADAMHL33xq3NNn/+n/9v/5f/6//P/33UP8/Bv3/tKPp/0/q//X/1c//U/xToP+fYf9/Dv0/V8Lc+v/c/e+PW5rsfwAAAOggd/8H4hb7HwAAAIaRu/+DcYv9DwAAAIt09Yafy93/obilyf7X/+v/9f/6f/3/5q+v/1+mvfT/+U2h//f+f+jT///boR8t7f3/c//9pf/X/7N7c+v/c/d/OG5psv8BAACgg9z9H4lb7H8AAAAYRu7+j8Yt9j8AAAAMI3f/x+KWJvtf/6//1//r//X/m7++/n+ZvP8/Tf+/hf5/r+/nL/3z6//1/6ybW/+fu//jcUuT/Q8AAAAd5O7/RNxi/wMAAMAwcvd/Mm6x/wEAAGAYB7s/47KG+1//37T/j2Be/3+a/l//v+nr6/+XSf8/Tf+/hf5f/6//1/+zU3Pr/z918KtOrD4dtzTZ/wAAANBB7v7PxC32PwAAAAwjd/9n4xb7HwAAAIaRu/9zcUuT/a//b9r/L+79/1OnTl2v/9f/H/79nOn/b9P/U/T/0/T/W+j/9f/6f/0/OzW3/j93/+fjlib7HwAAADrI3f+FuMX+BwAAgGHk7v9i3GL/AwAAwDBy938pbmmy//X/M+j/T+j/vf+v/195/1//vyP6/2n6/y1G7P9PXPhvf9/9/OXa9+fX/+v/WTe3/j93/5fjlib7HwAAADrI3f+VuMX+BwAAgGHk7v9q3GL/AwAAwDBy938tbmmy//X/R9f/3/mfXZf3/0+uNn9+/b/+X/+v/7/S9P/T9P9bjNj/X4R99/NL//z6f/0/6+bW/+fu/3rccnj4XXNxv0sAAABgTnL3fyNuafLn/wAAANBB7v5vxi32PwAAAAwjd/+34pYm+1//P4P3/wfs/73/v/n7Q/8/6/7/Kv3/GPT/0/T/W+j/9f/6/x31//ndrP/vbm79f+7+b8ctTfY/AAAAdJC7/ztxi/0PAAAAw8jd/924xf4HAACAYeTuvy1uOWv/b2q7R6H/1//r//X/+v/NX1//v0z6/2kX2v8fX11e/5/0//p//X/X/t/7/5w2t/4/d//34hZ//g8AAACLc815fj53//fjFvsfAAAAhpG7/wdxi/0PAAAAw8jd/8O45far9vWRjpT+X/+v/9f/6/83f339/zLp/6d5/38L/f8u+vlr9f9j9P+rlf6fyze3/j93/4/iFn/+DwAAAMPI3f/juMX+BwAAgGHk7v9J3GL/AwAAwDBy9/80bmmy//X/+v/L7P8P0kz9/2n6/9P0/5vp/4+G/n+a/n8L/b/3//X/3v9np+bW/+fu/1nc0mT/AwAAQAe5+38et9j/AAAAMIzc/b+IW+x/AAAAGEbu/l/GLU32/976//iPWv+/+P7f+//6f/2//n9W9P/T9P9b6P/1//p//T87Nbf+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAYeTu/03cYv8DAADAMHL3/zZuabL/vf+v/9f/L7j//4/4J1L/r/+n6P+n6f83q79R+n/9v/5f/89Oza3/z93/u7ilyf4HAACADnL3/z5usf8BAABgGLn7b49b7H8AAAAYRu7+P8QtTfa//l//r/9fcP/v/X/9v/5/jf5/2j77///7l+1f1vv/e+//8yPo//X/+n92Ym79f+7+P8YtTfY/AAAAdJC7/09xi/0PAAAAw8jd/+e4xf4HAACAYeTu/0vc0mT/b+n/j9dfqP+fpP8//Pn1/5u/P/T/+n/9/5Wn/5/m/f8t9P/e/9f/6//Zqbn1/7n7/xq3NNn/AAAA0EHu/jviFvsfAAAAhpG7/29xi/0PAAAAw8jd//e4pcn+9/7/kvr/a/X/+n/9v/5f/7+F/n+a/n8L/b/+X/+v/2en5tb/5+7/RwAAAP//Y7xVgQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x100, 0x0)
getdents64(r0, 0x0, 0x0)

2m49.197516816s ago: executing program 5 (id=444):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11}})

2m47.953427821s ago: executing program 5 (id=453):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x6, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x4}, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f000013e000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x1)

2m47.610901171s ago: executing program 32 (id=453):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x6, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x4}, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f000013e000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x1)

2m40.072908709s ago: executing program 0 (id=490):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000200)={[{@resgid}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy")
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0xffffffffffffffff, 0xee01)

2m39.316980209s ago: executing program 0 (id=494):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='freezer.state\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r1, 0x28, 0x6, 0x0, 0x0)

2m38.848990953s ago: executing program 0 (id=496):
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x2, 0x0, 0x1}, 0x20)

2m38.575463598s ago: executing program 0 (id=498):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m37.240163636s ago: executing program 0 (id=503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x9c, 0xb, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})

2m36.438140474s ago: executing program 0 (id=509):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={r2, 0xfff, 0x0, 0x0, 0xfff}, 0x14)

2m35.895361865s ago: executing program 33 (id=509):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={r2, 0xfff, 0x0, 0x0, 0xfff}, 0x14)

2m11.501621754s ago: executing program 1 (id=578):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x70bd2c, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x5, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x2c}}, 0x0)

2m11.137042557s ago: executing program 1 (id=580):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1d, r1}, 0x10, &(0x7f0000000000)={&(0x7f0000000040)={0x1, 0xc91b751d487fcdb3, 0x0, {}, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x1}, 0x1, @canfd={{0x1, 0x1, 0x0, 0x1}, 0x2b, 0x3, 0x0, 0x0, "bfff34db6dd87789ae38e4a0387785703db02c31ba37c41047bd680a63ed059c314db7d778e9476ec1a94691c2ed6b37c24121ef53abe8d2ccb419c0a03289b7"}}, 0x80}, 0x1, 0x0, 0x0, 0x2004c004}, 0x0)

2m10.793736326s ago: executing program 2 (id=585):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000cc0)={0x2c, r0, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4, 0xa}, @NL80211_KEY_IDX={0x5, 0x2, 0x6}]}]}, 0x2c}}, 0x0)

2m9.613196558s ago: executing program 1 (id=587):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000280)='./bus\x00', 0x2000088, &(0x7f00000002c0)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@compress_algo={'compress', 0x3d, 'no'}}, {@noflushoncommit}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x37, 0x37, 0x6b, 0x37]}}, {@thread_pool={'thread_pool', 0x3d, 0x6}}, {@ssd_spread}]}, 0x1, 0x55ae, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
unlink(&(0x7f0000000100)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x10)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000000)="ff", 0x64}], 0x1, 0xe7b, 0xe, 0x0)

2m8.880439047s ago: executing program 2 (id=589):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x414, 0x30, 0x300, 0x70bd2d, 0x25dfdbff, {}, [{0x400, 0x1, [@m_skbedit={0x25c, 0x19, 0x0, 0x0, {{0xc}, {0x4c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xa}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x7}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1, 0x1, 0xffffffffeffffffb, 0x7, 0x101}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x7, 0xfff7}}]}, {0x1e5, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9007c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a16535a666c86a6321ae76cba859e771aa7d0ff9fa033e50e56e0f68419fd47894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69875f61ef4f46591d0547ce0f025b0a5f6dc470fd9635a05e318fa41b23e07582b3128621edbf17703923cea8b079f042f9924f50ce06116fc38e34430e0a4b60e7144cccb31d0a0457e528dd782264fec2417bd1b18aa82a223185cee31b2989e534df535b22243ec2971118b283cebb23130d1622a675cabf8788d71473f98949841ab1c34d28257f4b10e6eec198365490620753627951432cf82875ec0fccc70181d74035e141d4bbdd59571d5c3fa68b6a9365539b7e734e38e7083fe43b3104f03a618c99dc38b7b166c71dcda72645a7ddd09b867d20ef1d0f2154c6c2af7bfc13509c92a055f4ba6134cf5124359fccca93ea9ef30597c542c2e259bbd96051f001127d7e760711d895b0ae2dabbb4385da14ffe779acd84bec05fb4fc35fefad1a62e114c5f2ca5c6e884ddd618acecb553d05d8ec7fb455e2684ed4d3c3df3c35bee6918122fcdc30177477c1e68e6e370b607"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_gact={0x100, 0xc, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xbf1, 0x8001, 0x4, 0xae5a, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x80000000, 0x5, 0xe, 0x466e, 0x80000001}}]}, {0xa1, 0x6, "0f617356f0a663079ab7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224484cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51cc59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc1619"}, {0xc}, {0xc}}}, @m_sample={0x70, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x41, 0x6, "4d11ef01da7337625695ddc3d5012aa6f3638794346943b9ee757a1a4ac5f8ce5f6016d63b9db431952a32c8ea295bd8bea222698ce859490fd8784037"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0x30, 0x33, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x414}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2m8.522303382s ago: executing program 3 (id=592):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x28, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x3f}]}, 0x28}}, 0x0)

2m7.869664442s ago: executing program 4 (id=595):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_FLAGS={0x6}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_TYPE={0x6}]}}}]}, 0x48}}, 0x0)

2m6.732529537s ago: executing program 4 (id=596):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000340)="18", 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e20, 0x0, @private0, 0x80000001}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000180)="ed", 0x1}], 0x1}}], 0x2, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x5, 0x1, 0xd, 0x1c80, 0xfffa, 0xff4e, 0xced, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010100}}, 0x2, 0x7, 0x9, 0xffffffff, 0x5}}, &(0x7f0000000040)=0xb0)

2m6.674809841s ago: executing program 2 (id=597):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000300)="99", 0x1}], 0x1}}], 0x2, 0x48000)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={<r1=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0xa, 0x3, 0x80000001, 0x4, r1}, 0x10)

2m6.610025681s ago: executing program 3 (id=598):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @empty}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty=0xb00, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x1000000}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x80000000}}}}}, 0x0)

2m6.463772113s ago: executing program 1 (id=599):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYBLOB="16"], 0x3c}}, 0x0)

2m6.328119883s ago: executing program 4 (id=600):
syz_open_procfs(0x0, &(0x7f0000000580)='net/ip_vs_stats_percpu\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x1008000, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r0, &(0x7f00000004c0)=[{&(0x7f0000000540)=""/247, 0xf7}], 0x1, &(0x7f0000000d40)=[{&(0x7f00000006c0)=""/32, 0x20}], 0x1, 0x0)

2m6.309019686s ago: executing program 2 (id=601):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0xff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f00000005c0)="78f954", 0x3}], 0x1)

2m5.873127869s ago: executing program 4 (id=602):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x29c, 0x30, 0x800, 0x70b52d, 0x25dfdbff, {}, [{0x288, 0x1, [@m_skbedit={0x140, 0x11, 0x0, 0x0, {{0xc}, {0x4}, {0x111, 0x6, "2d3226d2e3c57ead557080202f648bcdfe78417bc2116e51a2e0cec3ecc283dc8d7821b2facbf465d9f7be2aa1e8f71e4d6e3358561c91cc59b3e412fff5eebfc75d3f6b2f7b38f6c6ae34cb709f2cc9bcc18fdc130c26ecec8584ee187dd61ac669e1360f3594d45ae4e3bad23daf0d6783c18c59c8c9e2fcbd90d335bc50b9fe7f8bc3d0041c343f964816c387c2b856c8dc4b06bf7a3fe6e0fb860738eb6bfbd18b07588e329e421012b28551f9c1267b24f31285115c4986075bc929c62ad791236fd2c769aa297fe40da014506d861bfbd51a5e408d3a670759313c72590c4d78459ca7243d0539e14a26d7f08a6523777b2ca84a894c6e3c4b19b58ef47cd81b19f89a33061b89739b59"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_nat={0xd4, 0x1, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x80, 0x20000000, 0x3, 0x7}, @local, @rand_addr=0x64010100, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0xffffffff, 0xffffffffffffffff, 0x9, 0xf}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x7, 0x3, 0xa2d5, 0x1}, @rand_addr=0x64010100, @private=0xa010102, 0xff000000, 0x1}}]}, {0x31, 0x6, "507e1baf70350ba63c9fdba3ace3ff69773db861d8a2e332d6b16db257bc0277a998c2a2037a7e3928486948fe"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_sample={0x70, 0xf, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x7}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x1}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x5}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x8, 0x5, 0x1, 0x40}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x29c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2m5.52137079s ago: executing program 2 (id=603):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m5.233797409s ago: executing program 2 (id=604):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3}, @TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x48}}, 0x0)

2m5.001620021s ago: executing program 3 (id=605):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @broadcast}}}, 0x24)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
sendmmsg$inet(r1, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x80)

2m4.993882252s ago: executing program 1 (id=606):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

2m4.635500959s ago: executing program 1 (id=607):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
connect$packet(r0, &(0x7f0000000180)={0x11, 0xf5, 0x0, 0x1, 0xf7}, 0x14)

2m3.625958336s ago: executing program 4 (id=608):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x529, &(0x7f00000008c0)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVoUc8QcgIQSVOHHigsSNCxLqn4CQKtE7AgRCkMKBAzBoZmdTZ5n1h7ofwf79pHf3nXd253nejXf2nY/MBHBuPRcRr0fEXES8EBGLZXtaljjol/x1H95/Zz0vefObf00iKdsiiuoDl8q3zfefKnX39m+ttdutnXK62du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXx9LPvF+vfu2PP/zeT7/+6q+++Pbvbvz56nfypL9azh/0a3yKTy8+KB7r+WfxQC0idsYbbGbmyv7UZ50IAAAnko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/baQvwricgAAACAM+u1iFiIJG2U5wIsRJo2Gv1zeD8Tj6XtTrf3hZud3dsb+byIpainN7farevlObVLUU/y6eWi/tH0i0PTKxHxRET8YPFiMd1Y77Q3Zr3zAwAAAM6JS0Pb//9Y7G//AwAAAGfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAADOtG+88UZessH9rzfe2tu91Xnr2kare6uxvbveWO/s3GlsdjqbxTX7to9aVj0i2p3OnS9F7N5t9lrdXrO7t39ju7N7u3djy/0DAQAAYFaeePa9D5KIOPjyxaLkLuQPcyPe4FwBODPS07z4D5PLA5i+UT/zJ3BhnHkA01ebdQLA7BzMOgFg1h661EfFoODwyTsP7TP49eRyAgAAxuvKZ6uP/9fK8/mBs+tUx/+BM+VjHP8H/s85/g/nV/1UI4B7E8wEmJXjbvUx8uIdVcf/K88MzrJjlwUAAEzUQlGeTRvlscCFSNNGI+Lx4r/615ObW+3W9Yj4ZET8drH+iXx6uXhn4vaAAAAAAAAAAAAAAAAAAAAAAAAAAHBCWZZEBgAAAJxpEemfkvL+X1cWLy8M7x+4kPxzMcpber394zd/dHet19tZztv/9qC9927Z/uIs9mAAAADAeVQ7cu5gO32wHQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4/Th/XfWB2Wacf/ylYhYqopfi/nieT7qEfHY35OoHXpfEhFzY4h/cC8inqyKn+RpxVKZxXD8NCIuTif+01mWVca/NIb4cJ69l69/Xq/6/qXxXPFc/f2vleXjemj9d+EXh+akD9Z/cyPWf4+fMMZT7/+8OTL+vYinatXrn0H8ZET856sWWPGhfPtb+/v/09hfeGQ/ibhS+fuTPBSr2du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXmze32q3ysbKP33/6l/8Zavp31lf0P0bEXzqm/5fzSv1QYzYcpgz2/t37n+5X60OLKOJffb767+/JI+LnfxOfL38H8vlXBvWDfv2wZ372m2cqEyvjb4zo/3H//ldHLXTIC9/87u9P+FIAYAq6e/u31trt1s7EK+9mWTatWCevRHrSFxfDxal+YtOtDEZ3Ewsx/6j0dMqVy49GGqepjGPPFgAA8Kj5aNA/60wAAAAAAAAAAAAAAAAAAADg/OruRTrpy4kNxzyYTVcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI703wAAAP//4wvZIQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000001c0)={0x3920e, r0, 0x9, 0x0, 0x2})

2m3.514753648s ago: executing program 3 (id=609):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f00000002c0), 0x4, 0x76b, &(0x7f0000001400)="$eJzs3M1rXOUaAPDnnGaSfuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFtzUkJyHkJBMyk9qJhbauhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzmSS0piZpEnaadPfD07P856v531mDm/nQN4TwCvrzeKfJGIwIq5ERLm9PY2I/lZ0NOL2+nFrj25OFksSzebVX5PitFhrljevlbTXJ6J1Svw/Ih6UIs5+8M+8tcbK3ESeZ0vt9nB9fnG41lg5Nzs/MZPNZAujYxdHLoyNXRgZ27GG/+2y1lPvXDx277u3V1e//7p+942+c0mMt+qOdm27vMxTWf9MSjG+ZfvCs0jWQ0mXfUefYz8AAOiu+J1/JCL6Wr9Sy3GkFQEAAACHSXOguaN041gAAADgJZV4rgcAAIBDbuPvADbm9j6rebCd/PJWRAxtl7+vNYc44miUIuL4WvLEzIRk/TTYl9t3IuL++Nb778viDru9z2uPbGk/OUe6f59X5yDcL8af8e3Gn3Rz/Iltxp++jXcn7FPn8e9x/iMdxr8ru8zxzWevlTrmvxPxet92+ZPN/EmH/O+2op0/hburH97rtK/5RcTpbf//SZ7I1eX9EOPTs3m31w/Eg7/OPOxW//FO+ZPu9S/uWPm699d+n+s0lhT5z5zs8P3f6py/uCc+avcjjYh77XXRXt2S4+T8D992q38qormX7//zXdb/01cDN3Z5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVrZjNO0Uok4ERH/jeNpXq3Vz05Xlxemin0RQ1FKp2fzbCQiyuvtpGiPtuLH7fNb2mMR8Z8fj60nnc2zymQ1n+p18QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGw6ERGDkaSViEgj4o9ymlYqEX27OHfgOfQPAAAAOCBDve4AAAAA8Mx5/gcAAIDDb6/P/8kB9wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41K5cvlwszbVHNyeL9tT1xvJc9fq5qaw2V5lfnqxMVpcWKzPV6kyeVSar8ztdL69WF0cvxvKN4XpWqw/XGivX5qvLC/Vrs/MTM9m1rPRcqgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBpDbaWJK1ERNqK07RSifhXRAxFKZmezbORiPh3RDwslwaK9mivOw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCBqzVW5ibyPFsSCF6KoL99574o/dlbcCsiXoBudAl6PDABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANATtcbK3ESeZ0u1XvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3kp/TiKiWE6XTw1u3duf/FlurSPivU+vfnxjol5fGi22/7a5vf5Je/v5XvQfAAAAXgmXnubgjef0jed4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3ao1VuYm8jxb2l9wKRorzaTDMb2uEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Ju/AwAA///+/bx6")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000140)={0x1, 0x1, 0x1000, 0x1, &(0x7f0000000100)="f2", 0x0, 0x0, 0x0})

2m1.572717008s ago: executing program 3 (id=610):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@delalloc}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x4, 0x511, &(0x7f0000000540)="$eJzs3cFvVE8dAPDv23Zp6a/8CspBjQoiioawbRdoCBfhojGExEg8eYDaLk3TXbbpLpFWDuXonUQST/onePNgwsmDN29684IHE1SioSYe1ry327K023b9dduF7ueTvL43M8t+Z7rMzL6B3QlgYJ2PiPWIOBERDyJiopWftI641TzSx71983Ru483TuSQajXv/SLLyNC/a/kzqk9ZzjkbED78X8ZNkZ9za6trSbLlcWmmlJ+uV5cna6tqVxVwrpzgzPTN14+r1Ys/aeq7ym9ffXbzzo9/99iuv/rj+7Z+l1Rr/+amsrL0dvdRsej7G2/KGI+LOYQTrk+HW3x8+Pmlv+1xEXMj6/0QMZa8mAHCcNRoT0ZhoTwMAx116/z8eSa7QWgsYj1yuUGiu4Z2NsVy5Wqtfnqg+fjQf2RrW6cjnHi6WS1OttcLTkU/S9HR2/S5dfC/9vHQ1Is5ExPORk1l5Ya5anu/nGx8AGGCfbJv//z3SnP8BgGNutN8VAACOnPkfAAaP+R8ABs//Mf/7dCAAHBPu/wFg8Jj/AWDw7Dv/PzuaegAAR+IHd++mR2Oj+f3Xm9/UfWW+VFsqVB7PFeaqK8uFhWp1oVwqzDUa+z1fuVpdnr62laytrt2vVB8/qt9frMwulO6X8ofZGACgK2fOvfxzOumv3zyZHdG2l4O5Go63XL8rAPTNUL8rAPSNz/PA4OriHt8yABxzHbbofc+u/0Xohc1f4WN16YvW/2FQHWT939oBfNw+2/r/d3peD+DomcNhcDUaiT3/AWDAWOMHDvTv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgxrMjyRWyvcDX05+5QiHiVEScjnzycLFcmoqITyPiTyP5kTQ93e9KAwAHlPtb0tr/69LExfHtpSeS/4xk54j46S/v/eLJbL2+Mp3m/3Mrv/4izT9ZXyme6EcDAIB2t3ZmZfN3sXVuu5F/++bp3OZxlFV8fbu5uWgad6N1NEuGYzg7j0Y+Isb+lbTSTen7laEexF9/FhFf2Gz/aDxpizCerYE0dz7dHj+Nfarn8dt//9vj595rby4rS8/57Hfx+R7UBQbNy9vNcbLV99Iu3up/uTifnTv3/9FshDq4dPxL+/XGjvEvtzX+De2In2R9/vxWeu+avL72++/vyGxMNMueRXxpuFP8ZCt+0nn8zV/sso1/+fJXL+xW1vhVxKWO7d/ckbqSDbOT9cryZG117cpiZXahtFB6VCzOTM9M3bh6vTiZrVE3f/6hU4y/37z86W7x0/aP7RJ/dO/2xze6bP+v//vgx1/bI/63vt759T+7R/x0Tvxml/Fnx27tun13Gn9+l/bv8/rH5S7jv/rr2nyXDwUAjkBtdW1ptlwurexzkb7X3O8xLrq/SO/tP4BqZBexHtGrJ8wWJSKi42PSd9QfRpMP6yL5MKrRi4t+j0zAYXvX6ftdEwAAAAAAAAAAAAAAYDe11bWlkc6f1urZRb/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1vwAAAP//tBrD+w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus\x00', 0x4)

2m0.770123119s ago: executing program 4 (id=611):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
set_mempolicy(0x1, 0x0, 0x86)

1m51.407445917s ago: executing program 3 (id=612):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x3c, r0, 0x9, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_IDX={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

1m47.124848528s ago: executing program 34 (id=604):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3}, @TCA_CAKE_NAT={0x8, 0xb, 0x1}]}}]}, 0x48}}, 0x0)

49.698860766s ago: executing program 35 (id=607):
r0 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r0, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
connect$packet(r0, &(0x7f0000000180)={0x11, 0xf5, 0x0, 0x1, 0xf7}, 0x14)

12.148505508s ago: executing program 36 (id=612):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x3c, r0, 0x9, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_IDX={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

8.209305213s ago: executing program 37 (id=611):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
set_mempolicy(0x1, 0x0, 0x86)

0s ago: executing program 6 (id=455):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000c00)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0xffff0001, 0x5, 0xfffffffe, 0x5, 0x6462, 0x6}, [@TCA_NETEM_RATE={0x14, 0x6, {0x500, 0x9, 0x0, 0x7f}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xf32, 0x1}}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x5}, 0x0)

kernel console output (not intermixed with test programs):

v0: Interface activated: batadv_slave_1
[   77.497244][ T5844] veth0_macvtap: entered promiscuous mode
[   77.520055][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.533590][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.544565][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.555438][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.565355][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.580789][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.592566][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.609463][ T5836] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.619076][ T5836] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.628206][ T5836] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.641199][ T5836] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.660796][ T3527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.661590][ T5844] veth1_macvtap: entered promiscuous mode
[   77.684988][ T3527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.695366][ T5841] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.704080][ T5841] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.712975][ T5841] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.721852][ T5841] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.803542][ T5835] veth0_macvtap: entered promiscuous mode
[   77.822538][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   77.844112][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.866812][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.867431][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.878048][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.895392][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.906750][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.917267][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.927752][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.937668][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.948347][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.959700][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.016776][ T5835] veth1_macvtap: entered promiscuous mode
[   78.056219][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.072517][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.079889][ T5945] loop0: detected capacity change from 0 to 64
[   78.083842][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.101231][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.111406][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.138915][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.150787][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.161723][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.179157][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.286265][ T5844] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.324523][ T5844] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.333312][ T5844] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.363205][ T5844] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.389060][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.408620][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.424779][ T5949] Driver unsupported XDP return value 0 on prog  (id 2) dev N/A, expect packet loss!
[   78.427886][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.473943][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.484844][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.498442][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.508770][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.528661][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.543206][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.555806][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.566104][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.577348][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.588958][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.627629][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.646829][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.709500][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.732722][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.755012][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.772538][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.791816][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.814544][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.834693][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.854397][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.864852][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.900479][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.930398][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.945084][ T5845] Bluetooth: hci0: command tx timeout
[   78.945228][ T5858] Bluetooth: hci4: command tx timeout
[   78.983675][ T3504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.006859][ T5835] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.019433][ T3504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.026948][ T5858] Bluetooth: hci1: command tx timeout
[   79.026991][ T5858] Bluetooth: hci2: command tx timeout
[   79.051810][ T5835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.077798][ T5835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.093017][ T5835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.105140][ T5845] Bluetooth: hci3: command tx timeout
[   79.124525][ T5845] Bluetooth: hci5: command tx timeout
[   79.167214][ T3504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.180515][ T3504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.292745][ T3519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.318299][ T3519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.480438][ T3527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.525842][ T3527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.753954][ T3519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.776519][ T3519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.871880][ T5973] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14'.
[   79.952594][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.992347][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.953942][ T6009] loop5: detected capacity change from 0 to 1024
[   81.025775][ T6009] =======================================================
[   81.025775][ T6009] WARNING: The mand mount option has been deprecated and
[   81.025775][ T6009]          and is ignored by this kernel. Remove the mand
[   81.025775][ T6009]          option from the mount to silence this warning.
[   81.025775][ T6009] =======================================================
[   81.060715][    C1] vkms_vblank_simulate: vblank timer overrun
[   81.152965][ T6009] EXT4-fs: Ignoring removed nobh option
[   81.200020][ T6009] EXT4-fs: Ignoring removed bh option
[   81.263207][ T6009] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.267295][ T6011] loop2: detected capacity change from 0 to 4096
[   81.331600][ T6011] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   81.434368][ T6009] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4115: comm syz.5.26: Allocating blocks 481-513 which overlap fs metadata
[   81.516979][ T6027] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   81.561319][ T6009] EXT4-fs (loop5): Remounting filesystem read-only
[   81.599492][ T6011] ntfs3(loop2): ino=1a, mi_enum_attr
[   81.615082][ T6011] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   81.661391][ T6027] ip6tnl1: entered promiscuous mode
[   81.673647][ T6011] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[   81.694828][ T6027] ip6tnl1: entered allmulticast mode
[   81.803021][ T5841] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.175728][ T6027] syz.3.34 (6027) used greatest stack depth: 18744 bytes left
[   82.529574][ T6041] netlink: 84 bytes leftover after parsing attributes in process `syz.2.38'.
[   83.096764][ T2146] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   83.265194][ T5899] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   83.285985][ T2146] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   83.335200][ T2146] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[   83.388675][ T2146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[   83.424569][ T2146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 99, setting to 64
[   83.465458][ T2146] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   83.489241][ T6056] xt_hashlimit: size too large, truncated to 1048576
[   83.497892][ T5899] usb 4-1: Using ep0 maxpacket: 16
[   83.508902][ T6033] loop4: detected capacity change from 0 to 40427
[   83.515789][ T5899] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   83.535572][ T2146] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[   83.554771][ T5899] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[   83.574522][ T2146] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.576491][ T6033] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[   83.608918][ T5899] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   83.614876][ T6054] loop2: detected capacity change from 0 to 4096
[   83.624614][ T2146] usb 1-1: Product: syz
[   83.648553][ T6033] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   83.649899][ T2146] usb 1-1: Manufacturer: syz
[   83.672143][ T5899] usb 4-1: config 0 interface 0 has no altsetting 0
[   83.715492][ T2146] usb 1-1: SerialNumber: syz
[   83.716373][ T6058] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   83.722360][ T5899] usb 4-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[   83.754680][ T6033] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x1fffff
[   83.763581][ T6033] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8
[   83.826555][ T6033] F2FS-fs (loop4): invalid crc value
[   83.860670][ T2146] usb 1-1: config 0 descriptor??
[   83.884808][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.903388][ T6033] F2FS-fs (loop4): Found nat_bits in checkpoint
[   83.916444][ T6046] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   83.929552][ T2146] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5
[   83.950564][ T5899] usb 4-1: config 0 descriptor??
[   83.999948][    C1] kbtab 1-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[   84.339936][ T6033] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   84.347254][ T6033] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   84.355593][ T2146] usb 1-1: USB disconnect, device number 2
[   84.431979][ T5899] hid-generic 0003:045E:05DA.0001: unbalanced collection at end of report description
[   84.469124][ T5899] hid-generic 0003:045E:05DA.0001: probe with driver hid-generic failed with error -22
[   84.514722][ T6033] syz.4.36: attempt to access beyond end of device
[   84.514722][ T6033] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   84.575998][ T6033] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   84.612457][ T6069] loop2: detected capacity change from 0 to 256
[   84.681794][ T5899] usb 4-1: USB disconnect, device number 2
[   84.768859][ T6069] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[   84.877187][ T6073] netlink: 8 bytes leftover after parsing attributes in process `syz.5.53'.
[   84.892410][ T6073] vlan2: entered allmulticast mode
[   84.934841][ T6073] dummy0: entered allmulticast mode
[   85.263210][ T6075] loop0: detected capacity change from 0 to 4096
[   85.526364][   T30] audit: type=1800 audit(1741586001.055:2): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.54" name="file1" dev="loop0" ino=33 res=0 errno=0
[   85.755008][ T6084] loop2: detected capacity change from 0 to 4096
[   85.801966][ T6068] loop1: detected capacity change from 0 to 32768
[   85.866219][ T6092] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.956275][ T6084] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0
[   86.073593][ T6084] Remounting filesystem read-only
[   86.133902][ T6084] NILFS error (device loop2): nilfs_readdir: bad page in #2
[   86.146112][ T5916] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   86.200540][ T6068] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[   86.275928][ T6068] bcachefs (loop1): initializing new filesystem
[   86.325231][    T9] cfg80211: failed to load regulatory.db
[   86.331499][ T6068] bcachefs (loop1): going read-write
[   86.336934][ T5916] usb 1-1: Using ep0 maxpacket: 32
[   86.380007][ T5916] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.391824][ T6068] bcachefs (loop1): marking superblocks
[   86.396975][ T5916] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.439368][ T5916] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   86.504514][ T5916] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[   86.519841][ T6068] bcachefs (loop1): initializing freespace
[   86.538137][ T6068] bcachefs (loop1): done initializing freespace
[   86.553364][ T6068] bcachefs (loop1): reading snapshots table
[   86.556499][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.573908][ T6068] bcachefs (loop1): reading snapshots done
[   86.619540][ T5916] usb 1-1: config 0 descriptor??
[   86.648631][ T6068] bcachefs (loop1): done starting filesystem
[   86.928801][ T6068] bcachefs (loop1): going read-only
[   86.983027][ T6068] bcachefs (loop1): finished waiting for writes to stop
[   87.015930][ T6068] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[   87.083309][ T5916] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0002/input/input6
[   87.110321][ T6068] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 2
[   87.131209][ T6090] loop3: detected capacity change from 0 to 40427
[   87.138489][ T5852] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   87.141433][ T5916] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0002/input/input7
[   87.165154][ T6068] bcachefs (loop1): clean shutdown complete, journal seq 3
[   87.187615][ T5916] kye 0003:0458:5011.0002: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0
[   87.194633][ T6068] bcachefs (loop1): marking filesystem clean
[   87.222272][ T6090] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff
[   87.251305][ T6119] bcachefs (loop1): going read-write
[   87.271953][ T6090] F2FS-fs (loop3): Image doesn't support compression
[   87.312001][ T6090] F2FS-fs (loop3): heap/no_heap options were deprecated
[   87.332900][ T5852] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   87.374885][ T6090] F2FS-fs (loop3): Image doesn't support compression
[   87.384646][ T5852] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.437091][ T6090] F2FS-fs (loop3): invalid crc value
[   87.450933][ T5852] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   87.454349][ T6090] F2FS-fs (loop3): Found nat_bits in checkpoint
[   87.531929][ T5852] usb 3-1: New USB device found, idVendor=11c0, idProduct=5506, bcdDevice= 0.00
[   87.562453][ T6068] syz.1.50 (6068) used greatest stack depth: 13968 bytes left
[   87.564845][ T5852] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.579205][    T9] usb 1-1: USB disconnect, device number 3
[   87.636312][ T5852] usb 3-1: config 0 descriptor??
[   87.680091][ T6090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   87.721107][ T5844] bcachefs (loop1): shutting down
[   87.738907][ T5844] bcachefs (loop1): going read-only
[   87.745040][ T5844] bcachefs (loop1): finished waiting for writes to stop
[   87.783255][ T6090] F2FS-fs (loop3): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xf7/0x1e0
[   87.812463][ T5844] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[   87.842762][ T5844] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   87.877150][ T5844] bcachefs (loop1): clean shutdown complete, journal seq 4
[   87.884379][ T6109] loop5: detected capacity change from 0 to 32768
[   87.915351][ T5844] bcachefs (loop1): marking filesystem clean
[   87.927476][ T5835] syz-executor: attempt to access beyond end of device
[   87.927476][ T5835] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   87.958769][ T6109] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   87.986645][ T5844] bcachefs (loop1): shutdown complete
[   87.988499][ T5835] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   87.999360][ T5835] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   88.080727][ T5852] betop 0003:11C0:5506.0003: report_id 3178169224 is invalid
[   88.097516][ T5852] betop 0003:11C0:5506.0003: item 0 4 1 8 parsing failed
[   88.130260][ T5852] betop 0003:11C0:5506.0003: parse failed
[   88.151425][ T5852] betop 0003:11C0:5506.0003: probe with driver betop failed with error -22
[   88.322482][ T5971] usb 3-1: USB disconnect, device number 2
[   88.325013][ T6109] XFS (loop5): Ending clean mount
[   88.366144][ T6109] XFS (loop5): Quotacheck needed: Please wait.
[   88.447991][ T6109] XFS (loop5): Quotacheck: Done.
[   88.721532][ T6145] process 'syz.4.74' launched './file0' with NULL argv: empty string added
[   88.732368][ T5841] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.004380][ T6149] netlink: 36 bytes leftover after parsing attributes in process `syz.3.70'.
[   89.159233][ T6151] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   89.212308][ T6140] loop0: detected capacity change from 0 to 32768
[   89.224826][ T6151] netlink: 16 bytes leftover after parsing attributes in process `syz.2.77'.
[   89.290916][ T6153] loop7: detected capacity change from 0 to 8
[   89.326262][ T6157] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.365142][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.374594][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.444647][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.453832][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.494620][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.503808][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.513462][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.522642][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.533492][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.542682][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.556618][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.565792][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.574314][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.583693][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.592744][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.601916][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.610092][ T6160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.81'.
[   89.614521][ T6153] ldm_validate_partition_table(): Disk read failed.
[   89.653174][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   89.662450][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.671986][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   89.689792][ T6153] Dev loop7: unable to read RDB block 0
[   89.703616][ T6153]  loop7: unable to read partition table
[   89.732023][ T6153] loop7: partition table beyond EOD, truncated
[   89.755802][ T6153] loop_reread_partitions: partition scan of loop7 (3Ÿ¾‚³˜) failed (rc=-5)
[   89.879528][ T6166] loop2: detected capacity change from 0 to 1024
[   90.798480][ T6193] loop2: detected capacity change from 0 to 1024
[   90.845233][ T6193] EXT4-fs: Ignoring removed nobh option
[   90.879175][ T6193] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   90.880402][ T6200] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.922751][ T6193] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   90.932933][ T6195] mkiss: ax0: crc mode is auto.
[   90.973262][ T6193] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.94: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   91.048969][ T6193] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.94: couldn't read orphan inode 11 (err -117)
[   91.116063][ T6193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.227640][ T6193] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.94: Invalid block bitmap block 0 in block_group 0
[   91.318590][ T6193] Quota error (device loop2): write_blk: dquota write failed
[   91.355267][ T6193] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   91.416770][ T6193] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.94: Failed to acquire dquot type 0
[   91.480163][ T6215] EXT4-fs error (device loop2): __ext4_get_inode_loc:4435: comm syz.2.94: Invalid inode table block 8589934593 in block_group 0
[   91.688243][   T12] EXT4-fs error (device loop2): __ext4_get_inode_loc:4435: comm kworker/u8:0: Invalid inode table block 8589934593 in block_group 0
[   91.798698][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.210777][ T6238] loop2: detected capacity change from 0 to 2048
[   92.212782][ T6243] input input8: cannot allocate more than FF_MAX_EFFECTS effects
[   92.270657][ T6238] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[   92.336400][ T6249] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.740620][ T6254] loop1: detected capacity change from 0 to 4096
[   93.030466][ T6254] ntfs3(loop1): ino=1e, "file1" attr_set_size
[   93.089644][ T6231] loop3: detected capacity change from 0 to 64
[   93.632951][ T6239] loop0: detected capacity change from 0 to 40427
[   93.714620][ T6239] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   93.722419][ T6239] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   93.843140][ T6239] F2FS-fs (loop0): Found nat_bits in checkpoint
[   94.130907][ T6239] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   94.141573][ T6289] loop4: detected capacity change from 0 to 1024
[   94.164677][ T6239] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   94.422620][ T6239] syz.0.112: attempt to access beyond end of device
[   94.422620][ T6239] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[   94.549788][ T6297] syz.0.112: attempt to access beyond end of device
[   94.549788][ T6297] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   94.602606][ T6297] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   94.831451][ T6309] warning: `syz.3.143' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   94.893363][ T6270] loop1: detected capacity change from 0 to 32768
[   95.035502][ T5899] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   95.138194][ T6270] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[   95.204636][ T6270] bcachefs (loop1): initializing new filesystem
[   95.227287][ T6270] bcachefs (loop1): going read-write
[   95.253190][ T5899] usb 5-1: Using ep0 maxpacket: 32
[   95.266016][ T5899] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   95.284683][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.292931][ T6270] bcachefs (loop1): marking superblocks
[   95.323863][ T5899] usb 5-1: config 0 descriptor??
[   95.348883][ T6270] bcachefs (loop1): initializing freespace
[   95.367031][ T6270] bcachefs (loop1): done initializing freespace
[   95.436553][ T6270] bcachefs (loop1): reading snapshots table
[   95.442608][ T6270] bcachefs (loop1): reading snapshots done
[   95.504394][ T6270] bcachefs (loop1): done starting filesystem
[   95.519530][ T6302] loop5: detected capacity change from 0 to 32768
[   95.569048][ T5899] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[   95.585914][ T6302] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.139 (6302)
[   95.628614][ T6302] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   95.639821][ T6302] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[   95.646172][ T5899] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   95.677405][ T6302] BTRFS info (device loop5): using free-space-tree
[   95.711172][ T5899] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[   95.730470][ T5899] usb 5-1: media controller created
[   95.803899][ T5899] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   95.814064][   T30] audit: type=1800 audit(1741586011.335:3): pid=6270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.126" name="bus" dev="loop1" ino=4098 res=0 errno=0
[   95.889324][ T6311] loop2: detected capacity change from 0 to 32768
[   96.013647][ T5844] bcachefs (loop1): shutting down
[   96.033241][ T6311] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open
[   96.052365][ T5844] bcachefs (loop1): going read-only
[   96.084523][ T5844] bcachefs (loop1): finished waiting for writes to stop
[   96.122073][ T6311] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[   96.130283][ T5844] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[   96.267819][ T5844] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   96.299519][ T5844] bcachefs (loop1): clean shutdown complete, journal seq 4
[   96.309159][ T5844] bcachefs (loop1): marking filesystem clean
[   96.335406][ T5899] az6027: usb out operation failed. (-71)
[   96.341417][ T5899] stb0899_attach: Driver disabled by Kconfig
[   96.351533][ T5899] az6027: no front-end attached
[   96.351533][ T5899] 
[   96.361936][ T5899] az6027: usb out operation failed. (-71)
[   96.371769][ T5899] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[   96.403499][ T5899] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10
[   96.443857][ T6302] BTRFS info (device loop5): balance: start -d -m
[   96.469753][ T6302] BTRFS info (device loop5): balance: canceled
[   96.474279][ T5899] dvb-usb: schedule remote query interval to 400 msecs.
[   96.486764][ T6354] loop0: detected capacity change from 0 to 128
[   96.513003][ T5844] bcachefs (loop1): shutdown complete
[   96.519519][ T5899] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[   96.558133][ T6354] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   96.574954][ T5899] usb 5-1: USB disconnect, device number 2
[   96.621154][ T5841] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   96.644166][ T6322] loop3: detected capacity change from 0 to 32768
[   96.666264][ T5899] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[   96.729481][ T6322] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   96.888256][ T6322] XFS (loop3): Ending clean mount
[   96.915485][ T6322] XFS (loop3): Quotacheck needed: Please wait.
[   96.953186][ T6311] bcachefs: bch2_fs_get_tree() error: EINVAL
[   96.995039][ T6322] XFS (loop3): Quotacheck: Done.
[   97.347201][ T5835] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   98.194564][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   98.343606][ T6370] loop5: detected capacity change from 0 to 32768
[   98.364115][ T6370] XFS: noikeep mount option is deprecated.
[   98.400969][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.449639][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.461937][ T5899] IPVS: starting estimator thread 0...
[   98.469003][    T9] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[   98.478769][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.486978][ T6393] IPVS: ovf: FWM 4 0x00000004 - no destination available
[   98.496199][    T9] usb 4-1: config 0 descriptor??
[   98.504068][ T6370] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.604878][ T6394] IPVS: using max 19 ests per chain, 45600 per kthread
[   98.692105][ T6370] XFS (loop5): Ending clean mount
[   98.729865][ T6370] XFS (loop5): Quotacheck needed: Please wait.
[   98.817095][ T6370] XFS (loop5): Quotacheck: Done.
[   99.073816][ T6409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.168'.
[   99.082859][ T6409] netlink: 4 bytes leftover after parsing attributes in process `syz.2.168'.
[   99.103272][ T5841] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.119884][    T9] hid-led 0003:0FC5:B080.0004: probe with driver hid-led failed with error -71
[   99.187650][    T9] usb 4-1: USB disconnect, device number 3
[   99.442165][ T6417] netlink: 4 bytes leftover after parsing attributes in process `syz.2.173'.
[   99.543717][ T6419] loop1: detected capacity change from 0 to 2048
[   99.645950][ T6419] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   99.925097][ T6427] netlink: 277 bytes leftover after parsing attributes in process `syz.0.176'.
[  100.088339][ T6434] loop1: detected capacity change from 0 to 64
[  100.379896][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  100.564547][    T9] usb 6-1: Using ep0 maxpacket: 16
[  100.577677][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  100.584369][    T9] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  100.662461][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.705565][    T9] usb 6-1: config 0 descriptor??
[  101.154219][    T9] hid (null): report_id 11016 is invalid
[  101.261784][    T9] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0005/input/input11
[  101.371156][    T9] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0005/input/input12
[  101.398339][ T6466] tipc: Started in network mode
[  101.404274][ T6443] loop0: detected capacity change from 0 to 32768
[  101.423689][ T6466] tipc: Node identity ac14140f, cluster identity 4711
[  101.432350][    T9] kye 0003:0458:5013.0005: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0
[  101.454130][ T6466] tipc: New replicast peer: 255.255.255.255
[  101.462571][ T6443] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.184 (6443)
[  101.492989][ T6466] tipc: Enabled bearer <udp:syz2>, priority 10
[  101.500203][    T9] usb 6-1: USB disconnect, device number 2
[  101.593115][ T6443] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.654593][ T6443] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  101.683449][ T6443] BTRFS info (device loop0): using free-space-tree
[  102.055679][ T5833] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  102.575475][ T6512] loop5: detected capacity change from 0 to 16
[  102.606271][ T5899] tipc: Node number set to 2886997007
[  102.637804][ T6512] erofs (device loop5): mounted with root inode @ nid 36.
[  102.728079][ T6512] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  102.798612][ T6512] erofs (device loop5): read error -117 @ 43 of nid 36
[  102.905371][ T6512] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  102.913989][ T6512] erofs (device loop5): read error -117 @ 43 of nid 36
[  103.059526][ T6526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.211'.
[  103.137872][ T6529] Bluetooth: MGMT ver 1.23
[  103.195958][ T6531] loop1: detected capacity change from 0 to 512
[  103.235948][ T6531] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  103.358000][ T6531] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  103.437589][ T6531] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  103.497434][ T6531] EXT4-fs (loop1): 1 truncate cleaned up
[  103.518796][ T6531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.640079][ T6547] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  103.649323][ T6547] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  103.658187][ T6547] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  103.667026][ T6547] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.676263][   T30] audit: type=1326 audit(1741586019.205:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6549 comm="syz.5.222" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8d3258d169 code=0x0
[  103.772980][ T6547] vxlan0: entered promiscuous mode
[  103.832300][ T6547] vxlan0: entered allmulticast mode
[  103.926851][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.948575][ T6554] loop4: detected capacity change from 0 to 2048
[  103.978390][ T6554] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  104.086642][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'.
[  104.130401][ T6560] loop1: detected capacity change from 0 to 256
[  104.132284][ T6559] vivid-004: =================  START STATUS  =================
[  104.158840][ T6560] vfat: Bad value for 'dmask'
[  104.165684][ T6559] vivid-004: Radio HW Seek Mode: Bounded
[  104.197173][ T6559] vivid-004: Radio Programmable HW Seek: false
[  104.234260][ T6559] vivid-004: RDS Rx I/O Mode: Block I/O
[  104.245277][ T6559] vivid-004: Generate RBDS Instead of RDS: false
[  104.263036][ T6559] vivid-004: RDS Reception: true
[  104.289810][ T6559] vivid-004: RDS Program Type: 0 inactive
[  104.353004][ T6559] vivid-004: RDS PS Name:  inactive
[  104.363134][ T6559] vivid-004: RDS Radio Text:  inactive
[  104.373256][ T6559] vivid-004: RDS Traffic Announcement: false inactive
[  104.404534][ T6559] vivid-004: RDS Traffic Program: false inactive
[  104.439507][ T6559] vivid-004: RDS Music: false inactive
[  104.494609][ T6559] vivid-004: ==================  END STATUS  ==================
[  104.765022][ T6568] loop5: detected capacity change from 0 to 1764
[  104.799434][ T6575] loop4: detected capacity change from 0 to 512
[  104.833957][ T6541] loop0: detected capacity change from 0 to 40427
[  104.843383][ T6568] iso9660: Corrupted directory entry in block 2 of inode 1920
[  104.903005][ T6541] F2FS-fs (loop0): invalid crc value
[  104.930482][ T6541] F2FS-fs (loop0): Found nat_bits in checkpoint
[  105.190737][ T5916] kernel write not supported for file /snd/seq (pid: 5916 comm: kworker/0:5)
[  105.213758][ T6541] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  105.359488][ T6593] netlink: 32 bytes leftover after parsing attributes in process `syz.1.238'.
[  105.411326][   T30] audit: type=1804 audit(1741586020.935:5): pid=6541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.219" name="/newroot/40/file1/file0" dev="loop0" ino=10 res=1 errno=0
[  105.604305][ T5833] syz-executor: attempt to access beyond end of device
[  105.604305][ T5833] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.696637][ T5833] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  105.817394][ T6575] FAT-fs (loop4): error, fat_get_cluster: detected the cluster chain loop (i_pos 84)
[  105.893395][ T6575] FAT-fs (loop4): Filesystem has been set read-only
[  106.041669][ T6605] loop5: detected capacity change from 0 to 256
[  106.183692][ T6607] vivid-006: disconnect
[  106.191734][ T6606] vivid-006: reconnect
[  106.770496][ T6617] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  107.000439][ T5902] hid-generic 0005:15C2:0001.0006: item fetching failed at offset 0/1
[  107.085628][ T5902] hid-generic 0005:15C2:0001.0006: probe with driver hid-generic failed with error -22
[  107.235812][ T6603] mmap: syz.2.245 (6603) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  107.257174][ T6599] loop1: detected capacity change from 0 to 32768
[  107.321846][ T6599] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.242 (6599)
[  107.390253][ T6631] netlink: 24 bytes leftover after parsing attributes in process `syz.5.255'.
[  107.497750][ T6599] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  107.614817][ T6599] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  107.664249][ T6599] BTRFS info (device loop1): using free-space-tree
[  108.094700][ T6656] Failed to get privilege flags for destination (handle=0x2:0x2)
[  108.245587][ T5844] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.461293][ T6662] loop0: detected capacity change from 0 to 256
[  108.589226][ T6662] FAT-fs (loop0): Directory bread(block 64) failed
[  108.604561][ T6662] FAT-fs (loop0): Directory bread(block 65) failed
[  108.605841][ T6666] loop2: detected capacity change from 0 to 8
[  108.615149][ T6662] FAT-fs (loop0): Directory bread(block 66) failed
[  108.667400][ T6662] FAT-fs (loop0): Directory bread(block 67) failed
[  108.674166][ T6662] FAT-fs (loop0): Directory bread(block 68) failed
[  108.716245][ T6666] SQUASHFS error: lzo decompression failed, data probably corrupt
[  108.763304][ T6666] SQUASHFS error: Failed to read block 0x91: -5
[  108.772269][ T6662] FAT-fs (loop0): Directory bread(block 69) failed
[  108.786998][ T6666] SQUASHFS error: Unable to read metadata cache entry [8f]
[  108.814932][ T6662] FAT-fs (loop0): Directory bread(block 70) failed
[  108.834362][ T6666] SQUASHFS error: Unable to read inode 0x11f
[  108.841473][ T6662] FAT-fs (loop0): Directory bread(block 71) failed
[  108.874988][ T6662] FAT-fs (loop0): Directory bread(block 72) failed
[  108.912611][ T6666] nfs: Unknown parameter 'ÞöP©×¹WŠ––Ï'
[  108.918539][ T6662] FAT-fs (loop0): Directory bread(block 73) failed
[  109.147546][ T6662] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  109.246248][ T6637] loop5: detected capacity change from 0 to 32768
[  109.606081][ T6637] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  109.656225][ T6688] xt_CT: You must specify a L4 protocol and not use inversions on it
[  109.671577][ T6637] bcachefs (loop5): initializing new filesystem
[  109.698493][ T6637] bcachefs (loop5): going read-write
[  109.814743][ T6637] bcachefs (loop5): marking superblocks
[  109.848453][ T6637] bcachefs (loop5): initializing freespace
[  109.908140][ T6637] bcachefs (loop5): done initializing freespace
[  109.964956][ T6637] bcachefs (loop5): reading snapshots table
[  109.971151][ T6637] bcachefs (loop5): reading snapshots done
[  110.060748][ T6637] bcachefs (loop5): done starting filesystem
[  110.376276][ T6702] Falling back ldisc for ttyS3.
[  110.422347][ T5841] bcachefs (loop5): shutting down
[  110.464932][ T5841] bcachefs (loop5): going read-only
[  110.504870][ T5841] bcachefs (loop5): finished waiting for writes to stop
[  110.629967][ T5841] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  110.717392][ T6713] loop0: detected capacity change from 0 to 512
[  110.739654][ T6713] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  110.750035][ T5841] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  110.771945][ T5841] bcachefs (loop5): clean shutdown complete, journal seq 4
[  110.791902][ T6682] loop1: detected capacity change from 0 to 40427
[  110.797248][ T5841] bcachefs (loop5): marking filesystem clean
[  110.826830][ T6682] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1fffff
[  110.857726][ T6682] F2FS-fs (loop1): invalid crc value
[  110.898338][ T6682] F2FS-fs (loop1): Found nat_bits in checkpoint
[  110.934964][ T6719] loop2: detected capacity change from 0 to 128
[  110.955772][ T5841] bcachefs (loop5): shutdown complete
[  110.976625][ T6719] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  111.020664][ T6719] ext4 filesystem being mounted at /61/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.188960][ T6682] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  111.290044][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.405077][ T5844] syz-executor: attempt to access beyond end of device
[  111.405077][ T5844] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.456206][ T5844] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  111.644697][ T6732] loop2: detected capacity change from 0 to 2048
[  111.685638][ T6732] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  111.788703][ T6734] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  111.872014][ T6732] NILFS (loop2): failed to count free inodes: err=-34
[  111.940200][ T6723] loop4: detected capacity change from 0 to 32768
[  112.266944][ T6723] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  112.299597][ T3504] (kworker/u8:8,3504,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  112.386518][ T6723] (syz.4.281,6723,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  112.425461][ T6723] (syz.4.281,6723,1):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2
[  112.457297][ T6723] (syz.4.281,6723,1):__ocfs2_prepare_orphan_dir:2180 ERROR: status = -2
[  112.487719][ T6746] loop2: detected capacity change from 0 to 4096
[  112.494246][ T6723] (syz.4.281,6723,1):ocfs2_prepare_orphan_dir:2224 ERROR: status = -2
[  112.524617][ T6723] (syz.4.281,6723,1):ocfs2_prepare_orphan_dir:2240 ERROR: status = -2
[  112.550581][ T6746] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  112.564723][ T6723] (syz.4.281,6723,1):ocfs2_rename:1464 ERROR: status = -2
[  112.582419][ T6723] (syz.4.281,6723,1):ocfs2_rename:1699 ERROR: status = -2
[  112.618137][ T6749] loop1: detected capacity change from 0 to 128
[  112.740108][ T6749] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.814828][ T6749] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.862963][ T5836] ocfs2: Unmounting device (7,4) on (node local)
[  112.998298][ T6736] loop0: detected capacity change from 0 to 32768
[  113.039121][ T5844] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.052490][ T6736] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.287 (6736)
[  113.117822][ T6736] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  113.172290][ T6736] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  113.192045][ T6755] loop2: detected capacity change from 0 to 256
[  113.224964][ T6736] BTRFS info (device loop0): using free-space-tree
[  113.235632][ T6755] exfat: Deprecated parameter 'namecase'
[  113.241339][ T6755] exfat: Deprecated parameter 'utf8'
[  113.285310][ T6755] exfat: Deprecated parameter 'namecase'
[  113.377043][ T6755] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdf1ac56c, utbl_chksum : 0xe619d30d)
[  113.763991][ T6777] loop3: detected capacity change from 0 to 4096
[  113.798694][ T5833] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  113.812734][ T6777] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  114.516251][ T6777] ntfs3(loop3): Failed to load $Extend (-22).
[  114.581696][ T6777] ntfs3(loop3): Failed to initialize $Extend.
[  114.590073][ T6789] netlink: 36 bytes leftover after parsing attributes in process `syz.0.300'.
[  114.658450][ T6791] loop5: detected capacity change from 0 to 256
[  114.727465][ T6791] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  114.799281][ T6791] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  114.909695][ T6791] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  114.972535][   T30] audit: type=1800 audit(1741586030.505:6): pid=6791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.276" name="file1" dev="loop5" ino=7 res=0 errno=0
[  115.015848][ T6765] loop1: detected capacity change from 0 to 32768
[  115.060260][ T6782] loop2: detected capacity change from 0 to 32768
[  115.072059][ T6765] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.127055][ T6805] loop4: detected capacity change from 0 to 512
[  115.153209][ T6805] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  115.165289][   T30] audit: type=1800 audit(1741586030.685:7): pid=6782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.297" name="file1" dev="loop2" ino=4 res=0 errno=0
[  115.216723][ T6805] EXT4-fs error (device loop4): ext4_orphan_get:1415: comm syz.4.304: bad orphan inode 131083
[  115.317109][ T6805] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.317698][ T6791] exFAT-fs (loop5): error, invalid access to FAT (entry 0xffffffff)
[  115.366763][ T6765] XFS (loop1): Ending clean mount
[  115.370037][ T6791] exFAT-fs (loop5): Filesystem has been set read-only
[  115.390741][ T6765] XFS (loop1): Quotacheck needed: Please wait.
[  115.421134][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.505216][ T6765] XFS (loop1): Quotacheck: Done.
[  115.735812][ T6815] af_packet: tpacket_rcv: packet too big, clamped from 106 to 4294967286. macoff=82
[  115.903596][ T5844] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  116.064397][ T6822] loop2: detected capacity change from 0 to 256
[  116.184670][ T5916] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  116.366710][ T5916] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.403433][ T5916] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  116.433174][ T5916] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  116.474611][ T5916] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.559194][ T5916] usb 6-1: config 0 descriptor??
[  116.589047][ T5916] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  116.623372][ T5916] dvb-usb: bulk message failed: -22 (3/0)
[  116.650125][ T5916] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  116.680020][ T5916] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  116.727356][ T5916] usb 6-1: media controller created
[  116.751739][ T5916] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  116.829957][ T5916] dvb-usb: bulk message failed: -22 (6/0)
[  116.855053][ T6820] loop5: detected capacity change from 0 to 2048
[  116.875263][ T5916] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  116.908398][ T6820] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  116.920921][ T5916] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input13
[  116.979599][ T5916] dvb-usb: schedule remote query interval to 150 msecs.
[  116.995893][ T6820] syz.5.310: attempt to access beyond end of device
[  116.995893][ T6820] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  117.011479][ T6847] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  117.013649][ T5916] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  117.093715][ T5916] usb 6-1: USB disconnect, device number 3
[  117.144508][ T5852] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  117.239049][ T5916] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  117.294002][ T6850] input: syz1 as /devices/virtual/input/input14
[  117.341337][ T5852] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  117.352678][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.371485][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.386260][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.407510][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.416593][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.491384][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.527570][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.562917][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.583907][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.586175][ T6857] loop3: detected capacity change from 0 to 64
[  117.601328][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.634606][ T5902] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  117.642330][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.655401][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.663178][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.691851][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.734541][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.739249][   T30] audit: type=1800 audit(1741586033.255:8): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.325" name="file1" dev="loop3" ino=5 res=0 errno=0
[  117.772237][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.807438][ T5902] usb 1-1: Using ep0 maxpacket: 32
[  117.817608][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  117.886389][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  117.896400][ T5902] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  117.942553][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  117.959902][ T5902] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  117.990782][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  118.009409][ T5902] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.032578][ T5902] usb 1-1: Product: syz
[  118.039602][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  118.052228][ T5902] usb 1-1: Manufacturer: syz
[  118.057934][ T6868] netlink: 'syz.5.328': attribute type 1 has an invalid length.
[  118.069638][ T5902] usb 1-1: SerialNumber: syz
[  118.076851][ T5852] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  118.089689][ T6868] netlink: 224 bytes leftover after parsing attributes in process `syz.5.328'.
[  118.106294][ T5902] usb 1-1: config 0 descriptor??
[  118.111558][ T5852] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  118.136809][ T6852] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  118.155719][ T5852] usb 5-1: config 0 interface 0 has no altsetting 0
[  118.173822][ T5902] hub 1-1:0.0: bad descriptor, ignoring hub
[  118.199827][ T5902] hub 1-1:0.0: probe with driver hub failed with error -5
[  118.214659][ T5852] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  118.270160][ T5852] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  118.281766][ T5902] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input15
[  118.322143][ T5852] usb 5-1: Product: syz
[  118.335381][ T5852] usb 5-1: Manufacturer: syz
[  118.340014][ T5852] usb 5-1: SerialNumber: syz
[  118.409964][ T5845] Bluetooth: Unexpected continuation frame (len 18)
[  118.410144][ T5852] usb 5-1: config 0 descriptor??
[  118.432348][ T5899] usb 1-1: USB disconnect, device number 4
[  118.438237][    C1] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  118.525573][ T5852] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  118.608736][ T6885] netlink: 'syz.1.337': attribute type 1 has an invalid length.
[  118.685190][ T6885] netlink: 'syz.1.337': attribute type 4 has an invalid length.
[  118.705418][ T6884] loop5: detected capacity change from 0 to 4096
[  118.772501][ T6885] netlink: 192 bytes leftover after parsing attributes in process `syz.1.337'.
[  118.784216][ T6890] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.891640][    T9] usb 5-1: USB disconnect, device number 3
[  118.920856][    T9] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  118.984970][ T5916] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  119.145109][ T6898] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  119.154613][ T5916] usb 3-1: Using ep0 maxpacket: 8
[  119.168919][ T5916] usb 3-1: config 150 has an invalid interface number: 204 but max is 1
[  119.194340][ T5916] usb 3-1: config 150 has no interface number 0
[  119.204243][ T5916] usb 3-1: config 150 interface 204 has no altsetting 0
[  119.223041][ T5916] usb 3-1: config 150 interface 1 has no altsetting 0
[  119.242275][ T5916] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  119.262464][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.291436][ T5916] usb 3-1: Product: syz
[  119.313515][ T5916] usb 3-1: Manufacturer: syz
[  119.323195][ T5916] usb 3-1: SerialNumber: syz
[  119.597151][ T5916] xr_serial 3-1:150.204: xr_serial converter detected
[  119.852762][ T6921] loop4: detected capacity change from 0 to 64
[  119.973326][ T6927] loop3: detected capacity change from 0 to 128
[  119.982446][   T30] audit: type=1800 audit(1741586035.515:9): pid=6921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.353" name="bus" dev="loop4" ino=21 res=0 errno=0
[  120.004266][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.355'.
[  120.024094][ T6926] netlink: 12 bytes leftover after parsing attributes in process `syz.0.355'.
[  120.106404][ T6927] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  120.151888][ T6931] loop1: detected capacity change from 0 to 2048
[  120.210286][ T6931] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.226326][ T5916] xr_serial ttyUSB0: Failed to set reg 0x0d: -71
[  120.232737][ T5916] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  120.251855][ T6927] ext4 filesystem being mounted at /50/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  120.296518][ T5916] usb 3-1: USB disconnect, device number 3
[  120.319857][ T5916] xr_serial 3-1:150.204: device disconnected
[  120.335922][ T6927] fscrypt (loop3, inode 12): Unsupported encryption flags (0x3b)
[  120.473958][ T5835] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.482818][ T6938] syzkaller0: tun_chr_ioctl cmd 2147767506
[  120.515801][ T5899] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  120.689123][ T5899] usb 5-1: Using ep0 maxpacket: 16
[  120.717517][ T5899] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  120.734149][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  120.761478][ T6944] loop5: detected capacity change from 0 to 512
[  120.761543][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  120.805159][ T5899] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  120.838882][ T5899] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  120.851724][ T6944] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  120.854022][ T6944] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.363: invalid indirect mapped block 2683928664 (level 1)
[  120.886212][ T5899] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  120.895764][ T5899] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  120.903775][ T5899] usb 5-1: Manufacturer: syz
[  120.936619][ T5899] usb 5-1: config 0 descriptor??
[  120.993420][ T6951] loop3: detected capacity change from 0 to 2048
[  120.999635][ T6944] EXT4-fs (loop5): 1 truncate cleaned up
[  121.025848][ T6944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.079773][ T6951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.096114][ T6955] loop2: detected capacity change from 0 to 2048
[  121.105531][ T6955] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.154259][ T6944] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.363: Invalid block bitmap block 3 in block_group 0
[  121.165510][ T6959] input: syz0 as /devices/virtual/input/input17
[  121.208328][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.227950][ T6955] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.304524][ T5899] rc_core: IR keymap rc-hauppauge not found
[  121.310494][ T5899] Registered IR keymap rc-empty
[  121.325661][ T6955] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.368: corrupted in-inode xattr: invalid ea_ino
[  121.346043][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.360009][ T6964] capability: warning: `syz.3.370' uses deprecated v2 capabilities in a way that may be insecure
[  121.374121][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.401829][ T5841] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.426840][ T5899] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  121.466458][ T5899] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input16
[  121.540034][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.549894][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.585813][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.625944][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.674227][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.737516][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.784684][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.789952][ T6975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.375'.
[  121.805341][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.822623][ T6978] loop1: detected capacity change from 0 to 16
[  121.829897][ T6978] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  121.836851][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.858840][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.884716][ T5899] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.951684][ T5899] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  121.975020][ T5899] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  121.990418][ T5916] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  122.006978][ T5899] usb 5-1: USB disconnect, device number 4
[  122.113266][ T6982] netlink: 16 bytes leftover after parsing attributes in process `syz.1.378'.
[  122.164679][ T5916] usb 4-1: Using ep0 maxpacket: 32
[  122.199903][ T5916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.230900][ T5916] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  122.286934][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.333827][ T6980] loop0: detected capacity change from 0 to 32768
[  122.377843][ T6980] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.415697][ T5916] usb 4-1: config 0 descriptor??
[  122.433452][ T6980] XFS (loop0): Ending clean mount
[  122.495397][ T5916] hub 4-1:0.0: bad descriptor, ignoring hub
[  122.511730][ T5916] hub 4-1:0.0: probe with driver hub failed with error -5
[  122.527539][ T6980] XFS (loop0): Quotacheck needed: Please wait.
[  122.609330][ T6980] XFS (loop0): Quotacheck: Done.
[  122.791780][ T6996] loop1: detected capacity change from 0 to 1024
[  122.798517][ T5833] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.833485][ T6996] EXT4-fs: Ignoring removed orlov option
[  122.844708][ T6996] EXT4-fs: Ignoring removed nomblk_io_submit option
[  122.856211][    T9] usb 4-1: USB disconnect, device number 4
[  122.911638][ T6996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.052516][ T6977] loop2: detected capacity change from 0 to 32768
[  123.077217][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.764751][ T2146] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  123.786830][ T6998] loop5: detected capacity change from 0 to 32768
[  123.874590][ T7023] loop4: detected capacity change from 0 to 512
[  123.977046][ T6998] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  123.982626][ T2146] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  123.994176][ T6998] bcachefs (loop5): initializing new filesystem
[  124.018779][ T6998] bcachefs (loop5): going read-write
[  124.042590][ T2146] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  124.061015][ T6998] bcachefs (loop5): marking superblocks
[  124.078633][ T7023] EXT4-fs (loop4): Test dummy encryption mode enabled
[  124.121646][ T2146] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  124.160689][ T7023] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #12: comm syz.4.391: corrupted in-inode xattr: invalid ea_ino
[  124.208700][ T2146] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  124.243542][ T7023] EXT4-fs (loop4): Remounting filesystem read-only
[  124.269733][ T6998] bcachefs (loop5): initializing freespace
[  124.276404][ T2146] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  124.299358][ T7023] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.310344][ T6998] bcachefs (loop5): done initializing freespace
[  124.323051][ T2146] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  124.339431][ T2146] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  124.351428][ T2146] usb 4-1: Product: syz
[  124.365527][ T2146] usb 4-1: Manufacturer: syz
[  124.377117][ T6998] bcachefs (loop5): reading snapshots table
[  124.391834][ T2146] cdc_wdm 4-1:1.0: skipping garbage
[  124.430603][ T6998] bcachefs (loop5): reading snapshots done
[  124.438102][ T2146] cdc_wdm 4-1:1.0: skipping garbage
[  124.448950][ T2146] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  124.466529][ T2146] cdc_wdm 4-1:1.0: Unknown control protocol
[  124.489989][ T5836] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  124.522827][ T6998] bcachefs (loop5): done starting filesystem
[  124.737725][ T2146] usb 4-1: USB disconnect, device number 5
[  124.786544][ T6998] bcachefs (loop5): shutdown by ioctl type 0
[  124.851350][    T9] bcachefs (loop5): going read-only
[  124.865877][    T9] bcachefs (loop5): finished waiting for writes to stop
[  124.930560][ T7044] program syz.2.396 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.959157][    T9] bcachefs (loop5): flushing journal and stopping allocators, journal seq 2
[  124.976186][ T7008] loop1: detected capacity change from 0 to 65536
[  124.993714][    T9] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 2
[  125.010290][ T7008] XFS: noikeep mount option is deprecated.
[  125.028771][    T9] bcachefs (loop5): unclean shutdown complete, journal seq 2
[  125.046888][ T6998] syz.5.381 (6998) used greatest stack depth: 12048 bytes left
[  125.055733][    T9] bcachefs (loop5): done going read-only, filesystem not clean
[  125.091839][ T5841] bcachefs (loop5): shutting down
[  125.185644][ T7008] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  125.215699][ T5841] bcachefs (loop5): shutdown complete
[  125.262953][ T7055] loop4: detected capacity change from 0 to 2048
[  125.283239][ T7008] XFS (loop1): Ending clean mount
[  125.302413][ T7055] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.339724][ T7064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.403'.
[  125.341852][ T7062] loop0: detected capacity change from 0 to 1024
[  125.433907][ T7008] XFS (loop1): EXPERIMENTAL online shrink feature enabled.  Use at your own risk!
[  125.447815][ T7055] UDF-fs: error (device loop4): udf_rename: failed to find renamed entry again in directory (ino 1376)
[  125.478221][ T7062] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.555794][ T7062] EXT4-fs (loop0): resizing filesystem from 512 to 0 blocks
[  125.581436][ T7062] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  125.652066][ T5844] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  125.798925][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.821306][ T2146] kernel write not supported for file /snd/seq (pid: 2146 comm: kworker/1:2)
[  126.475329][ T7082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.412'.
[  126.614689][ T5974] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  126.801520][ T5974] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.859691][ T5974] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  126.876108][ T5974] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.929740][ T5974] usb 4-1: Product: syz
[  126.933968][ T5974] usb 4-1: Manufacturer: syz
[  126.984744][ T5974] usb 4-1: SerialNumber: syz
[  127.823973][ T5974] cdc_ncm 4-1:1.0: SET_CRC_MODE failed
[  127.870474][ T5974] cdc_ncm 4-1:1.0: SET_NTB_FORMAT failed
[  127.917331][ T5974] cdc_ncm 4-1:1.0: bind() failure
[  128.010324][ T5974] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  128.056761][ T5974] cdc_ncm 4-1:1.1: bind() failure
[  128.122579][ T5974] usb 4-1: USB disconnect, device number 6
[  128.366094][ T7077] loop4: detected capacity change from 0 to 262144
[  128.375255][ T7077] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.410 (7077)
[  128.454819][ T7077] BTRFS info (device loop4): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  128.465742][ T7077] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  128.475032][ T7077] BTRFS info (device loop4): using free-space-tree
[  129.084186][ T5836] BTRFS info (device loop4): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  129.280101][ T7126] loop1: detected capacity change from 0 to 128
[  129.312902][ T7126] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  129.375778][ T7126] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  130.246241][ T7108] loop3: detected capacity change from 0 to 32768
[  130.253422][ T7108] XFS: noikeep mount option is deprecated.
[  130.388114][ T7108] XFS (loop3): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  130.444558][ T2146] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  130.508568][ T7108] XFS (loop3): Ending clean mount
[  130.644831][ T2146] usb 3-1: Using ep0 maxpacket: 16
[  130.671693][ T2146] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.718367][ T2146] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.744760][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  130.748691][ T2146] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  130.802123][ T5835] XFS (loop3): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  130.804652][ T2146] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  130.871863][ T2146] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.907999][    T9] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  130.929849][ T2146] usb 3-1: config 0 descriptor??
[  130.945740][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.985308][    T9] usb 5-1: Product: syz
[  130.989520][    T9] usb 5-1: Manufacturer: syz
[  131.006423][ T7161] loop0: detected capacity change from 0 to 4096
[  131.014510][    T9] usb 5-1: SerialNumber: syz
[  131.043991][    T9] usb 5-1: config 0 descriptor??
[  131.117104][ T7161] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  131.251201][ T7161] ntfs3(loop0): Failed to load $Extend (-22).
[  131.284761][ T7161] ntfs3(loop0): Failed to initialize $Extend.
[  131.391805][ T2146] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0
[  131.424906][ T2146] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0
[  131.448044][ T2146] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0
[  131.494724][ T2146] kovaplus 0003:1E7D:2D50.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.2-1/input0
[  131.521500][    T9] mos7840 5-1:0.0: required endpoints missing
[  131.555108][    T9] usb 5-1: USB disconnect, device number 5
[  131.827088][ T2146] kovaplus 0003:1E7D:2D50.0007: couldn't init struct kovaplus_device
[  131.850993][ T2146] kovaplus 0003:1E7D:2D50.0007: couldn't install mouse
[  131.886239][ T2146] kovaplus 0003:1E7D:2D50.0007: probe with driver kovaplus failed with error -71
[  131.955970][ T2146] usb 3-1: USB disconnect, device number 4
[  132.093059][ T7163] loop5: detected capacity change from 0 to 32768
[  132.390470][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  132.397489][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  132.683403][ T7186] loop2: detected capacity change from 0 to 128
[  133.148374][ T7198] loop4: detected capacity change from 0 to 512
[  133.233014][ T7198] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #17: comm syz.4.450: iget: bogus i_mode (0)
[  133.265082][ T7198] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.450: couldn't read orphan inode 17 (err -117)
[  133.270431][ T3519] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.302174][ T7175] loop3: detected capacity change from 0 to 32768
[  133.304114][ T7198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.335515][ T7175] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.440 (7175)
[  133.393961][ T7175] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  133.439454][ T7175] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  133.458519][ T7198] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.450: bg 0: block 7: invalid block bitmap
[  133.461089][ T3519] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.502816][ T7175] BTRFS info (device loop3): using free-space-tree
[  133.635570][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.735863][ T3519] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.934999][ T5835] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  134.032915][ T3519] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.235862][ T7223] loop4: detected capacity change from 0 to 4096
[  134.386138][ T7229] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.765297][ T3519] bridge_slave_1: left allmulticast mode
[  134.771523][ T3519] bridge_slave_1: left promiscuous mode
[  134.817113][ T3519] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.828259][ T7201] loop0: detected capacity change from 0 to 32768
[  134.917323][ T3519] bridge_slave_0: left allmulticast mode
[  134.943920][ T3519] bridge_slave_0: left promiscuous mode
[  134.973553][ T3519] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.983025][ T7201] read_mapping_page failed!
[  135.008904][ T7201] ERROR: (device loop0): txCommit: 
[  135.008904][ T7201] 
[  135.264405][ T3497] read_mapping_page failed!
[  135.304861][ T5852] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  135.318735][ T3497] ERROR: (device loop0): txCommit: 
[  135.318735][ T3497] 
[  135.342601][ T3497] jfs_write_inode: jfs_commit_inode failed!
[  135.350442][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  135.360814][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  135.370893][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  135.379359][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  135.389729][ T5845] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  135.398592][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  135.508779][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.560469][ T7261] loop4: detected capacity change from 0 to 256
[  135.578659][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.630940][ T5852] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  135.658765][ T7261] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097162)
[  135.674557][   T30] audit: type=1800 audit(1741586051.195:10): pid=7261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.468" name="file1" dev="loop4" ino=8 res=0 errno=0
[  135.711315][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.720322][ T7261] FAT-fs (loop4): Filesystem has been set read-only
[  135.753736][ T5852] usb 4-1: config 0 descriptor??
[  136.176584][ T5852] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0
[  136.204726][ T5852] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0
[  136.212962][ T5852] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0
[  136.264563][ T5852] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0
[  136.294556][ T5852] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0
[  136.320109][ T5852] hid-thrustmaster 0003:044F:B65D.0008: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.3-1/input0
[  136.341040][ T7253] loop1: detected capacity change from 0 to 32768
[  136.347831][ T5852] hid-thrustmaster 0003:044F:B65D.0008: Wrong number of endpoints?
[  136.374981][    C1] hid-thrustmaster 0003:044F:B65D.0008: Unknown packet type 0x0, unable to proceed further with wheel init
[  136.541116][ T7253] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  136.582088][ T7253] bcachefs (loop1): initializing new filesystem
[  136.611224][ T5852] usb 4-1: USB disconnect, device number 7
[  136.614931][ T7253] bcachefs (loop1): going read-write
[  136.667918][ T7253] bcachefs (loop1): marking superblocks
[  136.699703][ T7253] bcachefs (loop1): initializing freespace
[  136.707777][ T7253] bcachefs (loop1): done initializing freespace
[  136.717604][ T7253] bcachefs (loop1): reading snapshots table
[  136.723575][ T7253] bcachefs (loop1): reading snapshots done
[  136.760092][ T7253] bcachefs (loop1): done starting filesystem
[  136.764267][ T3519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.824325][ T7270] loop0: detected capacity change from 0 to 32768
[  136.845208][ T3519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.869383][ T3519] bond0 (unregistering): Released all slaves
[  136.898207][ T7270] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  136.933163][ T7241] bridge_slave_0: left allmulticast mode
[  136.951126][ T7241] bridge_slave_0: left promiscuous mode
[  136.975880][ T7241] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.023215][ T7241] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  137.244177][ T5844] bcachefs (loop1): shutting down
[  137.278208][ T5844] bcachefs (loop1): going read-only
[  137.290131][ T5833] (syz-executor,5833,1):ocfs2_inode_is_valid_to_delete:886 ERROR: Skipping delete of system file 72
[  137.304574][ T5844] bcachefs (loop1): finished waiting for writes to stop
[  137.328567][ T5844] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  137.354321][ T5833] ocfs2: Unmounting device (7,0) on (node local)
[  137.435819][ T7290] loop3: detected capacity change from 0 to 2048
[  137.460062][ T7274] loop4: detected capacity change from 0 to 40427
[  137.493282][ T5844] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  137.506664][ T5858] Bluetooth: hci4: command tx timeout
[  137.547712][ T7274] F2FS-fs (loop4): invalid crc value
[  137.576698][ T5844] bcachefs (loop1): clean shutdown complete, journal seq 4
[  137.586893][ T7296] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  137.598575][ T7274] F2FS-fs (loop4): Found nat_bits in checkpoint
[  137.608704][ T5844] bcachefs (loop1): marking filesystem clean
[  137.843100][ T5844] bcachefs (loop1): shutdown complete
[  137.868555][ T7274] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  138.042103][ T7303] vlan2: entered allmulticast mode
[  138.065599][ T7303] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  138.129757][ T7303] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  138.267777][ T7292] loop2: detected capacity change from 0 to 32768
[  138.401122][ T7312] bond0: entered promiscuous mode
[  138.424751][ T7312] bond_slave_0: entered promiscuous mode
[  138.461491][ T7312] bond_slave_1: entered promiscuous mode
[  138.544553][ T7312] bond0: left promiscuous mode
[  138.549426][ T7312] bond_slave_0: left promiscuous mode
[  138.630947][ T7312] bond_slave_1: left promiscuous mode
[  138.661610][ T3519] hsr_slave_0: left promiscuous mode
[  138.675345][ T3519] hsr_slave_1: left promiscuous mode
[  138.682939][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.703400][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.718349][ T3519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.731172][ T3519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.771638][ T3519] dummy0: left allmulticast mode
[  138.778737][ T3519] veth1_macvtap: left promiscuous mode
[  138.825605][ T3519] veth0_macvtap: left promiscuous mode
[  138.839491][ T3519] veth1_vlan: left promiscuous mode
[  138.847928][ T3519] veth0_vlan: left promiscuous mode
[  138.909865][ T7292] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  138.961489][ T7292] bcachefs (loop2): initializing new filesystem
[  138.989162][ T7292] bcachefs (loop2): going read-write
[  139.040514][ T7292] bcachefs (loop2): marking superblocks
[  139.086300][ T7292] bcachefs (loop2): initializing freespace
[  139.095208][ T7292] bcachefs (loop2): done initializing freespace
[  139.107653][ T7292] bcachefs (loop2): reading snapshots table
[  139.138568][ T7292] bcachefs (loop2): reading snapshots done
[  139.253941][ T7292] bcachefs (loop2): done starting filesystem
[  139.463256][ T7292] syz.2.471 (7292) used greatest stack depth: 11760 bytes left
[  139.506563][ T5840] bcachefs (loop2): shutting down
[  139.511649][ T5840] bcachefs (loop2): going read-only
[  139.534173][ T5840] bcachefs (loop2): finished waiting for writes to stop
[  139.562734][ T5840] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  139.586523][ T5845] Bluetooth: hci4: command tx timeout
[  139.652650][ T5840] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  139.682691][ T5840] bcachefs (loop2): clean shutdown complete, journal seq 4
[  139.702035][ T5840] bcachefs (loop2): marking filesystem clean
[  139.757969][ T5840] bcachefs (loop2): shutdown complete
[  139.968118][ T3519] team0 (unregistering): Port device team_slave_1 removed
[  140.020729][ T7337] loop1: detected capacity change from 0 to 32768
[  140.032172][ T3519] team0 (unregistering): Port device team_slave_0 removed
[  140.076930][ T7337] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.173925][ T7337] XFS (loop1): Ending clean mount
[  140.247757][ T5844] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.712609][ T7328] netlink: 24 bytes leftover after parsing attributes in process `syz.4.477'.
[  140.750260][ T7328] netlink: 24 bytes leftover after parsing attributes in process `syz.4.477'.
[  140.764608][ T7328] netlink: 'syz.4.477': attribute type 4 has an invalid length.
[  140.988782][ T7258] chnl_net:caif_netlink_parms(): no params data found
[  141.041869][ T7356] loop1: detected capacity change from 0 to 128
[  141.078986][ T7356] vfat: Bad value for 'codepage'
[  141.101229][ T7358] netlink: 'syz.3.486': attribute type 19 has an invalid length.
[  141.217233][ T7358] Zero length message leads to an empty skb
[  141.492934][ T7258] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.515472][ T7258] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.555119][ T7258] bridge_slave_0: entered allmulticast mode
[  141.584007][ T7258] bridge_slave_0: entered promiscuous mode
[  141.622364][ T7258] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.651719][ T7258] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.670804][ T5845] Bluetooth: hci4: command tx timeout
[  141.702545][ T7258] bridge_slave_1: entered allmulticast mode
[  141.738243][ T7258] bridge_slave_1: entered promiscuous mode
[  141.761005][ T7377] loop0: detected capacity change from 0 to 4096
[  141.830937][ T7377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.116411][ T7258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.174084][ T7258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.281836][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.455416][ T7258] team0: Port device team_slave_0 added
[  142.529916][ T7258] team0: Port device team_slave_1 added
[  142.656600][ T7395] loop1: detected capacity change from 0 to 4096
[  142.800785][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.844519][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.934191][ T7258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.968723][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.988912][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.139545][ T7258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  143.221220][ T7384] loop3: detected capacity change from 0 to 32768
[  143.240901][ T7402] loop0: detected capacity change from 0 to 2048
[  143.309108][ T7392] loop4: detected capacity change from 0 to 32768
[  143.322734][ T7402] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.452862][ T7392] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.492 (7392)
[  143.526793][ T7392] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  143.547550][ T7402] overlayfs: upper fs needs to support d_type.
[  143.575683][ T7392] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  143.607476][ T7416] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  143.641035][ T7384] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  143.646118][ T7402] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  143.664632][ T7392] BTRFS info (device loop4): using free-space-tree
[  143.746212][ T5845] Bluetooth: hci4: command tx timeout
[  143.752858][ T7402] overlayfs: failed to set xattr on upper
[  143.774537][ T7384] bcachefs (loop3): initializing new filesystem
[  143.813629][ T7402] overlayfs: ...falling back to redirect_dir=nofollow.
[  143.832177][ T7384] bcachefs (loop3): going read-write
[  143.932259][ T7258] hsr_slave_0: entered promiscuous mode
[  143.944309][ T7402] overlayfs: ...falling back to index=off.
[  143.954190][ T7402] overlayfs: ...falling back to uuid=null.
[  143.963208][ T7384] bcachefs (loop3): marking superblocks
[  143.972175][ T7258] hsr_slave_1: entered promiscuous mode
[  144.113814][ T7384] bcachefs (loop3): initializing freespace
[  144.159442][ T7384] bcachefs (loop3): done initializing freespace
[  144.219258][ T7384] bcachefs (loop3): reading snapshots table
[  144.270817][ T7384] bcachefs (loop3): reading snapshots done
[  144.393305][ T7384] bcachefs (loop3): done starting filesystem
[  144.425717][ T5836] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  144.853976][ T5835] bcachefs (loop3): shutting down
[  144.894533][ T5835] bcachefs (loop3): going read-only
[  144.899820][ T5835] bcachefs (loop3): finished waiting for writes to stop
[  144.957785][ T5835] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  145.072329][ T5835] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  145.107373][ T5835] bcachefs (loop3): clean shutdown complete, journal seq 4
[  145.148171][ T5835] bcachefs (loop3): marking filesystem clean
[  145.320276][ T5835] bcachefs (loop3): shutdown complete
[  145.348087][ T3497] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.446414][ T7472] IPVS: sync thread started: state = BACKUP, mcast_ifn = vlan0, syncid = 1, id = 0
[  145.474132][ T7258] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  145.527932][ T7258] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  145.616545][ T3497] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.706701][ T7258] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  145.752275][ T7258] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  145.802673][ T7479] loop4: detected capacity change from 0 to 512
[  145.860248][ T7479] EXT4-fs (loop4): Test dummy encryption mode enabled
[  145.906684][ T3497] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.915373][ T7479] EXT4-fs error (device loop4): __ext4_iget:4984: inode #11: block 1: comm syz.4.516: invalid block
[  145.944829][ T7479] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.516: couldn't read orphan inode 11 (err -117)
[  146.026731][ T7479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.238701][ T3497] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.389749][ T7258] 8021q: adding VLAN 0 to HW filter on device bond0
[  146.416926][ T7496] loop1: detected capacity change from 0 to 1024
[  146.423478][ T7479] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  146.476696][ T7258] 8021q: adding VLAN 0 to HW filter on device team0
[  146.528759][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.535544][ T7496] EXT4-fs: Ignoring removed nobh option
[  146.536018][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.541474][ T7496] EXT4-fs: Ignoring removed bh option
[  146.581317][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.582861][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.588677][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.655845][ T7496] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.693654][ T5858] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  146.702791][ T5858] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  146.710895][ T5858] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  146.719612][ T5858] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  146.746708][ T5858] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  146.755848][ T5858] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  147.144093][ T7496] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4115: comm syz.1.519: Allocating blocks 497-513 which overlap fs metadata
[  147.214812][ T3497] bridge_slave_1: left allmulticast mode
[  147.220575][ T3497] bridge_slave_1: left promiscuous mode
[  147.226908][ T3497] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.276190][ T3497] bridge_slave_0: left allmulticast mode
[  147.281879][ T3497] bridge_slave_0: left promiscuous mode
[  147.292190][ T7496] EXT4-fs (loop1): pa ffff88807786dae0: logic 256, phys. 385, len 8
[  147.300661][ T7496] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1
[  147.317256][ T3497] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.690214][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.468437][ T7526] loop4: detected capacity change from 0 to 32768
[  148.847607][ T7526] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.038466][ T7526] XFS (loop4): Ending clean mount
[  149.059967][ T7526] XFS (loop4): Quotacheck needed: Please wait.
[  149.104689][ T5858] Bluetooth: hci0: command tx timeout
[  149.116595][ T7526] XFS (loop4): Quotacheck: Done.
[  151.680633][ T5858] Bluetooth: hci0: command tx timeout
[  151.708984][ T5836] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.744713][ T5858] Bluetooth: hci0: command tx timeout
[  154.670093][ T3497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.683618][ T3497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.695169][ T3497] bond0 (unregistering): Released all slaves
[  155.141665][ T7571] loop4: detected capacity change from 0 to 512
[  155.199849][ T7571] EXT4-fs: inline encryption not supported
[  155.828017][ T5858] Bluetooth: hci0: command tx timeout
[  156.314010][ T7586] netlink: 596 bytes leftover after parsing attributes in process `syz.3.540'.
[  157.249155][ T7571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.269834][ T7571] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.317277][ T7571] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.537: corrupted inode contents
[  157.341961][ T7571] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.537: mark_inode_dirty error
[  157.370385][ T7571] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.537: corrupted inode contents
[  157.391675][ T7604] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.537: corrupted inode contents
[  157.413014][ T7604] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.537: mark_inode_dirty error
[  157.442088][ T7604] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.537: corrupted inode contents
[  158.110380][ T5858] Bluetooth: hci0: command tx timeout
[  158.238677][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.519270][ T7258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.594044][ T7502] chnl_net:caif_netlink_parms(): no params data found
[  158.868110][ T7614] loop2: detected capacity change from 0 to 4096
[  159.347594][ T7632] loop3: detected capacity change from 0 to 256
[  159.389237][ T7632] exfat: Deprecated parameter 'namecase'
[  159.434239][ T7632] exfat: Bad value for 'gid'
[  159.460975][ T7632] exfat: Bad value for 'gid'
[  159.477853][ T7634] openvswitch: netlink: Duplicate or invalid key (type 0).
[  159.517532][ T7634] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  159.960369][ T7614] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  160.021450][ T7614] ntfs3(loop2): ino=b, mi_enum_attr
[  160.040535][ T7614] ntfs3(loop2): Failed to load $Extend (-22).
[  160.051837][ T7614] ntfs3(loop2): Failed to initialize $Extend.
[  160.097973][ T7643] 9pnet_fd: Insufficient options for proto=fd
[  160.594733][ T5971] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  160.672340][ T7651] Bluetooth: MGMT ver 1.23
[  160.860018][ T7654] loop1: detected capacity change from 0 to 64
[  160.878721][ T7654] hfs: unable to locate alternate MDB
[  160.884306][ T7654] hfs: continuing without an alternate MDB
[  160.894069][ T7655] loop3: detected capacity change from 0 to 164
[  160.933086][   T30] audit: type=1800 audit(1741586076.465:11): pid=7654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.563" name="file1" dev="loop1" ino=18 res=0 errno=0
[  160.935090][ T7655] Unable to read rock-ridge attributes
[  161.024193][ T5971] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  161.037006][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.058273][ T5971] usb 5-1: Product: syz
[  161.062462][ T5971] usb 5-1: Manufacturer: syz
[  161.084653][ T5971] usb 5-1: SerialNumber: syz
[  161.135232][ T5971] usb 5-1: config 0 descriptor??
[  161.151642][ T5971] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 006
[  161.569202][ T5971]  (null): failure reading functionality
[  161.582208][ T5971] i2c i2c-1: connected i2c-tiny-usb device
[  161.790261][ T5971] usb 5-1: USB disconnect, device number 6
[  162.415771][ T7667] netlink: 32 bytes leftover after parsing attributes in process `syz.4.566'.
[  163.415698][ T7667] netlink: 32 bytes leftover after parsing attributes in process `syz.4.566'.
[  163.625800][ T7502] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.632940][ T7502] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.184711][ T7502] bridge_slave_0: entered allmulticast mode
[  164.205800][ T7502] bridge_slave_0: entered promiscuous mode
[  164.294900][ T7675] netlink: 48 bytes leftover after parsing attributes in process `syz.1.567'.
[  164.347208][ T7258] veth0_vlan: entered promiscuous mode
[  164.358562][ T7258] veth1_vlan: entered promiscuous mode
[  164.472806][ T3497] hsr_slave_0: left promiscuous mode
[  164.508980][ T3497] hsr_slave_1: left promiscuous mode
[  164.517444][ T3497] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.544569][ T3497] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.566021][ T3497] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.588929][ T3497] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.615743][ T7686] loop4: detected capacity change from 0 to 4096
[  164.639235][ T7686] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  164.666093][ T3497] veth1_macvtap: left promiscuous mode
[  164.694575][ T3497] veth0_macvtap: left promiscuous mode
[  164.717139][ T3497] veth1_vlan: left promiscuous mode
[  164.736282][ T7686] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  164.749520][ T7686] ntfs3(loop4): Failed to load $Extend (-22).
[  164.762062][ T7686] ntfs3(loop4): Failed to initialize $Extend.
[  165.006553][ T3497] veth0_vlan: left promiscuous mode
[  165.573082][ T7704] loop3: detected capacity change from 0 to 64
[  165.959539][ T7704] Trying to free block not in datazone
[  168.812053][ T3497] team0 (unregistering): Port device team_slave_1 removed
[  168.851313][ T3497] team0 (unregistering): Port device team_slave_0 removed
[  169.911703][ T7502] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.918997][ T7502] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.926802][ T7502] bridge_slave_1: entered allmulticast mode
[  169.935920][ T7502] bridge_slave_1: entered promiscuous mode
[  169.987333][ T7502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.072234][ T7502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.653829][ T7739] netlink: 'syz.4.588': attribute type 29 has an invalid length.
[  172.673061][ T7741] netlink: 'syz.4.588': attribute type 29 has an invalid length.
[  172.723309][ T7502] team0: Port device team_slave_0 added
[  172.756910][ T7502] team0: Port device team_slave_1 added
[  172.797936][ T7740] loop1: detected capacity change from 0 to 32768
[  172.823855][ T7740] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.587 (7740)
[  172.884342][ T5899] kernel write not supported for file /207/attr/exec (pid: 5899 comm: kworker/1:4)
[  174.106602][ T7740] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  174.128080][ T7740] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  174.146449][ T7740] BTRFS info (device loop1): using free-space-tree
[  174.791327][ T7502] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.806045][ T7502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.914251][ T7502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.999254][ T7258] veth0_macvtap: entered promiscuous mode
[  175.023859][ T7502] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.039883][ T7502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.079910][ T5844] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  175.090987][ T7502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.402336][ T7785] ptrace attach of ""[7786] was attempted by "./syz-executor exec"[7785]
[  175.484219][ T7787] input: syz0 as /devices/virtual/input/input18
[  175.849688][ T7258] veth1_macvtap: entered promiscuous mode
[  176.047032][ T7502] hsr_slave_0: entered promiscuous mode
[  176.061190][ T7502] hsr_slave_1: entered promiscuous mode
[  176.110106][ T7502] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.138693][ T7502] Cannot create hsr debugfs directory
[  176.732878][ T7799] netlink: 16215 bytes leftover after parsing attributes in process `syz.1.606'.
[  176.846821][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.884695][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.939025][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  176.998608][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.044538][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.333470][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.364661][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.391012][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.432344][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.460374][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.500951][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.513270][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.534561][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.572397][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.594533][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.621891][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.653077][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.695529][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.171334][ T7811] loop4: detected capacity change from 0 to 512
[  178.183269][ T7809] loop3: detected capacity change from 0 to 2048
[  178.359142][ T7811] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  178.382361][ T7811] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  178.576467][ T7809] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.596479][ T7811] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  178.611108][ T7809] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.683669][ T7809] fs-verity: sha256 using implementation "sha256-ni"
[  178.717971][ T7811] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  178.731826][ T7809] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.609: bg 0: block 288: padding at end of block bitmap is not set
[  178.757958][ T7811] System zones: 0-2, 18-18, 34-34
[  178.772951][ T7809] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117
[  178.857042][ T7811] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  179.964922][ T7811] EXT4-fs (loop4): 1 truncate cleaned up
[  179.983635][ T7811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.223276][   T30] audit: type=1800 audit(1741586095.665:12): pid=7811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.608" name="file1" dev="loop4" ino=15 res=0 errno=0
[  180.370560][   T30] audit: type=1800 audit(1741586095.905:13): pid=7816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.608" name="file2" dev="loop4" ino=16 res=0 errno=0
[  180.711817][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.794442][    C0] sched: DL replenish lagged too much
[  194.349055][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  194.359054][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  195.007082][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.791670][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  197.806674][ T5145] Bluetooth: hci1: command 0x0406 tx timeout
[  197.812757][ T5145] Bluetooth: hci5: command 0x0406 tx timeout
[  239.497325][ T5145] Bluetooth: hci3: command 0x0406 tx timeout
[  250.416673][ T7258] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.444588][ T7258] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.453321][ T7258] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.485613][ T7258] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.568857][ T5839] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  259.591857][ T5145] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  261.466883][ T5145] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  263.021240][ T5145] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  263.049708][ T5145] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  263.059452][ T5145] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  268.146494][ T5858] Bluetooth: hci6: command tx timeout
[  271.767372][ T5850] Bluetooth: hci4: command 0x0406 tx timeout
[  271.773587][ T5850] Bluetooth: hci6: command tx timeout
[  277.050990][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  277.057424][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  277.084910][ T5843] Bluetooth: hci6: command tx timeout
[  281.769841][ T5845] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  283.155506][ T5145] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  283.776440][ T5145] Bluetooth: hci6: command tx timeout
[  283.781949][ T5145] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  286.019765][ T5845] Bluetooth: hci8: command 0x1003 tx timeout
[  286.027161][ T5845] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  286.189733][ T5850] Bluetooth: hci8: Opcode 0x1003 failed: -110
[  288.738144][ T5850] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  288.746384][ T5850] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  288.774698][ T5850] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  288.790040][ T5850] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  289.297267][ T5850] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  289.340365][ T5145] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  289.358589][ T5858] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  289.375462][ T5858] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  289.382816][ T5145] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  293.327622][ T7834] Bluetooth: hci8: Opcode 0x0c38 failed: -110
[  294.746893][ T5858] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  294.755105][ T5858] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  294.844145][ T5850] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  294.855060][ T5850] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  294.865064][ T5850] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  294.878046][ T5850] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  294.885826][ T5850] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  294.893172][ T5850] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  295.086070][ T5858] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  295.099638][ T5145] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  295.108388][ T5858] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  295.116385][ T5858] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  295.123439][ T5858] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  295.131150][ T5145] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  295.139961][ T5843] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  295.154467][ T5843] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  295.181464][ T5145] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  295.190815][ T5845] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  295.212097][ T5858] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  298.454534][ T5858] Bluetooth: hci10: command tx timeout
[  298.461522][ T5858] Bluetooth: hci9: command tx timeout
[  298.467685][ T5858] Bluetooth: hci7: command tx timeout
[  298.473683][ T5858] Bluetooth: hci11: command tx timeout
[  304.065528][ T5858] Bluetooth: hci11: command tx timeout
[  304.071095][ T5858] Bluetooth: hci7: command tx timeout
[  304.078407][ T5858] Bluetooth: hci9: command tx timeout
[  304.083873][ T5858] Bluetooth: hci10: command tx timeout
[  304.090453][ T5858] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  304.250343][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  304.311354][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  304.502226][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  305.818352][ T5850] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  305.910333][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  306.127298][ T5860] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  306.143552][ T5860] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  306.150934][ T5858] Bluetooth: hci10: command tx timeout
[  306.156697][ T5845] Bluetooth: hci9: command tx timeout
[  306.162112][ T5845] Bluetooth: hci7: command tx timeout
[  306.167857][ T5843] Bluetooth: hci11: command tx timeout
[  306.187306][ T5860] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  306.200079][ T5860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  306.210998][ T5860] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  306.221894][ T5860] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  308.565811][ T5850] Bluetooth: hci4: command tx timeout
[  308.571820][ T5850] Bluetooth: hci7: command tx timeout
[  308.577425][ T5850] Bluetooth: hci10: command tx timeout
[  308.584020][ T5850] Bluetooth: hci9: command tx timeout
[  308.590397][ T5850] Bluetooth: hci11: command tx timeout
[  308.596043][ T5850] Bluetooth: hci3: command tx timeout
[  310.696263][ T5860] Bluetooth: hci3: command tx timeout
[  310.701744][ T5860] Bluetooth: hci4: command tx timeout
[  313.424642][ T5850] Bluetooth: hci4: command tx timeout
[  313.430109][ T5850] Bluetooth: hci3: command tx timeout
[  315.877922][ T5860] Bluetooth: hci3: command tx timeout
[  315.883398][ T5860] Bluetooth: hci4: command tx timeout
[  327.614870][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  327.621216][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  328.990409][ T5860] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  329.051528][ T5860] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  329.072693][ T5860] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  329.093641][ T5860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  329.101257][ T5860] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  329.116148][ T5860] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  335.568103][ T5860] Bluetooth: hci1: command tx timeout
[  338.764448][ T5860] Bluetooth: hci1: command tx timeout
[  339.638668][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  339.663823][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  339.671725][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  339.693671][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  339.702596][ T5850] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  339.719127][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  340.811089][ T5850] Bluetooth: hci1: command tx timeout
[  342.024459][ T5850] Bluetooth: hci2: command tx timeout
[  343.264716][ T5850] Bluetooth: hci1: command tx timeout
[  344.434443][ T5860] Bluetooth: hci2: command tx timeout
[  346.864533][ T5860] Bluetooth: hci2: command tx timeout
[  349.349020][ T5860] Bluetooth: hci2: command tx timeout
[  349.415601][ T5845] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  349.569035][ T5850] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  350.665024][ T5850] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  350.713782][ T5858] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  350.731032][ T5845] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  350.741352][ T5858] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  350.753494][ T5858] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  350.764186][ T5858] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  350.788665][ T5858] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  350.802468][ T5858] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  350.812542][ T5860] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  350.851490][ T5860] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  353.056065][ T5850] Bluetooth: hci6: command tx timeout
[  355.494412][ T5845] Bluetooth: hci6: command tx timeout
[  355.499904][ T5845] Bluetooth: hci8: command tx timeout
[  357.015017][ T5845] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  357.046473][ T5845] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  357.062590][ T5845] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  357.071981][ T5845] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  357.088042][ T5845] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  357.100372][ T5845] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  360.625769][ T5845] Bluetooth: hci8: command tx timeout
[  360.631245][ T5845] Bluetooth: hci6: command tx timeout
[  360.637115][ T5845] Bluetooth: hci12: command tx timeout
[  363.695505][ T5850] Bluetooth: hci12: command tx timeout
[  363.701099][ T5850] Bluetooth: hci6: command tx timeout
[  363.707296][ T5850] Bluetooth: hci8: command tx timeout
[  366.893021][ T5845] Bluetooth: hci8: command tx timeout
[  366.898582][ T5845] Bluetooth: hci12: command tx timeout
[  366.983293][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  366.999373][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  367.017207][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  367.025534][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  367.049377][ T5845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  367.063287][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  372.594531][ T5845] Bluetooth: hci12: command tx timeout
[  372.600206][ T5845] Bluetooth: hci0: command tx timeout
[  375.114406][ T5850] Bluetooth: hci0: command tx timeout
[  380.132623][ T5850] Bluetooth: hci0: command tx timeout
[  382.552845][ T5850] Bluetooth: hci0: command tx timeout
[  391.364794][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  391.371423][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  398.717515][ T5845] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  398.726944][ T5845] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  398.736824][ T5845] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  398.745697][ T5845] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  398.753290][ T5845] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  398.762432][ T5845] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  401.201611][ T5845] Bluetooth: hci13: command tx timeout
[  401.493695][ T5850] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  401.509366][ T5850] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  401.519916][ T5850] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  401.532496][ T5850] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  401.542616][ T5850] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  401.563488][ T5850] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  405.684463][ T5850] Bluetooth: hci13: command tx timeout
[  405.690042][ T5850] Bluetooth: hci14: command tx timeout
[  411.537871][ T5845] Bluetooth: hci14: command tx timeout
[  411.543429][ T5845] Bluetooth: hci13: command tx timeout
[  412.774994][ T5845] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  412.794460][ T5845] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  412.802242][ T5845] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  412.811227][ T5845] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  412.835571][ T5845] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  412.844045][ T5845] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  412.975440][ T5850] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  412.991872][ T5850] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  413.002356][ T5850] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  413.013028][ T5850] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  413.021646][ T5850] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  413.030461][ T5850] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  413.585228][ T5845] Bluetooth: hci14: command tx timeout
[  413.591952][ T5850] Bluetooth: hci13: command tx timeout
[  414.944628][ T5850] Bluetooth: hci15: command tx timeout
[  416.054427][ T5850] Bluetooth: hci16: command tx timeout
[  416.061355][ T5850] Bluetooth: hci14: command tx timeout
[  416.713413][ T5850] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  416.725297][ T5850] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  416.735039][ T5850] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  416.743477][ T5850] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  416.751797][ T5850] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  416.759774][ T5850] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  418.372052][ T5850] Bluetooth: hci15: command tx timeout
[  418.377877][ T5845] Bluetooth: hci16: command tx timeout
[  418.784645][ T5850] Bluetooth: hci17: command tx timeout
[  420.464600][ T5845] Bluetooth: hci16: command tx timeout
[  420.470696][ T5850] Bluetooth: hci15: command tx timeout
[  420.864447][ T5145] Bluetooth: hci17: command tx timeout
[  423.952208][ T5145] Bluetooth: hci15: command tx timeout
[  423.957866][ T5145] Bluetooth: hci16: command tx timeout
[  423.963361][ T5145] Bluetooth: hci10: command 0x0406 tx timeout
[  423.969661][ T5145] Bluetooth: hci11: command 0x0406 tx timeout
[  423.975890][ T5145] Bluetooth: hci7: command 0x0406 tx timeout
[  423.981946][ T5145] Bluetooth: hci9: command 0x0406 tx timeout
[  423.988296][ T5145] Bluetooth: hci17: command tx timeout
[  427.214508][ T5843] Bluetooth: hci17: command tx timeout
[  429.389882][ T5145] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  429.417779][ T5145] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  429.429144][ T5145] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  429.441376][ T5145] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  429.460820][ T5145] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  429.468892][ T5145] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  431.636974][ T5145] Bluetooth: hci18: command tx timeout
[  434.824429][ T5145] Bluetooth: hci18: command tx timeout
[  440.853065][ T5145] Bluetooth: hci18: command tx timeout
[  447.631057][ T7932] Bluetooth: hci18: command tx timeout
[  452.062597][ T5850] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  452.071824][ T5850] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  452.079681][ T5850] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  452.088130][ T5850] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  452.095815][ T5850] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  452.103144][ T5850] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  455.084068][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[  455.090298][ T5843] Bluetooth: hci19: command tx timeout
[  455.120139][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  455.131057][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  457.543882][ T5850] Bluetooth: hci19: command tx timeout
[  459.774364][ T5850] Bluetooth: hci19: command tx timeout
[  464.120551][ T5850] Bluetooth: hci19: command tx timeout
[  467.074626][   T31] INFO: task syz-executor:5835 blocked for more than 146 seconds.
[  467.082496][   T31]       Not tainted 6.14.0-rc6-syzkaller #0
[  467.124682][   T31]       Blocked by coredump.
[  467.129315][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  467.164351][   T31] task:syz-executor    state:D stack:14448 pid:5835  tgid:5835  ppid:1      task_flags:0x40054c flags:0x00004006
[  467.176678][   T31] Call Trace:
[  467.179980][   T31]  <TASK>
[  467.182927][   T31]  __schedule+0x190e/0x4c90
[  467.187539][   T31]  ? __pfx___schedule+0x10/0x10
[  467.192420][   T31]  ? __pfx_lock_release+0x10/0x10
[  467.197693][   T31]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  467.204041][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.209755][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.215482][   T31]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  467.221405][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  467.227787][   T31]  ? schedule+0x90/0x320
[  467.232051][   T31]  schedule+0x14b/0x320
[  467.236276][   T31]  schedule_preempt_disabled+0x13/0x30
[  467.241759][   T31]  __mutex_lock+0x817/0x1010
[  467.246421][   T31]  ? __mutex_lock+0x602/0x1010
[  467.251217][   T31]  ? tun_chr_close+0x3b/0x1b0
[  467.255937][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  467.260999][   T31]  ? __pfx_call_rcu+0x10/0x10
[  467.265734][   T31]  tun_chr_close+0x3b/0x1b0
[  467.270255][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  467.275412][   T31]  __fput+0x3eb/0x9f0
[  467.279438][   T31]  task_work_run+0x251/0x310
[  467.284092][   T31]  ? __pfx_task_work_run+0x10/0x10
[  467.289305][   T31]  ? do_exit+0xa25/0x28e0
[  467.293664][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.299355][   T31]  ? do_exit+0xa25/0x28e0
[  467.304145][   T31]  do_exit+0xa2a/0x28e0
[  467.308441][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.314191][   T31]  ? __pfx_do_exit+0x10/0x10
[  467.318961][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  467.324391][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.330047][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  467.336104][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  467.342480][   T31]  ? _raw_spin_lock_irq+0xdf/0x120
[  467.347651][   T31]  do_group_exit+0x207/0x2c0
[  467.352263][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  467.357503][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  467.363163][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  467.369241][   T31]  get_signal+0x168c/0x1720
[  467.373787][   T31]  ? __pfx_get_signal+0x10/0x10
[  467.378695][   T31]  arch_do_signal_or_restart+0x96/0x860
[  467.384421][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  467.390630][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  467.396801][   T31]  ? syscall_exit_to_user_mode+0xa3/0x340
[  467.402569][   T31]  syscall_exit_to_user_mode+0xce/0x340
[  467.408450][   T31]  do_syscall_64+0x100/0x230
[  467.413095][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.434505][   T31] RIP: 0033:0x7fd344d8bb7c
[  467.438981][   T31] RSP: 002b:00007ffe3efb1480 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  467.453075][   T31] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007fd344d8bb7c
[  467.463270][   T31] RDX: 0000000000000030 RSI: 00007ffe3efb1540 RDI: 00000000000000f9
[  467.471373][   T31] RBP: 00007ffe3efb14ec R08: 0000000000000000 R09: 0079746972756365
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  467.479453][   T31] R10: 00007fd344f797e0 R11: 0000000000000246 R12: 0000000000000061
[  467.514370][   T31] R13: 000055556f334590 R14: 000000000002eb54 R15: 00007ffe3efb1540
[  467.522446][   T31]  </TASK>
[  467.552593][   T31] 
[  467.552593][   T31] Showing all locks held in the system:
[  467.574422][   T31] 2 locks held by kworker/0:0/9:
[  467.579427][   T31] 3 locks held by kworker/0:1/10:
[  467.608906][   T31]  #0: ffff88801b078d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  467.646394][   T31]  #1: ffffc900000f7c60 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  467.674427][   T31]  #2: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  467.693086][   T31] 1 lock held by khungtaskd/31:
[  467.698040][   T31]  #0: ffffffff8eb39360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  467.708034][   T31] 2 locks held by kworker/u8:4/62:
[  467.713648][   T31] 3 locks held by kworker/u8:8/3504:
[  467.719064][   T31]  #0: ffff88814ce9b148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  467.731189][   T31]  #1: ffffc9000c9b7c60 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  467.745297][   T31]  #2: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  467.755258][   T31] 4 locks held by kworker/u8:9/3519:
[  467.760568][   T31]  #0: ffff88801beee148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  467.772007][   T31]  #1: ffffc9000cf17c60 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  467.782698][   T31]  #2: ffffffff8fec9450 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x17a/0xd60
[  467.792532][   T31]  #3: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1f/0x1e0
[  467.802212][   T31] 3 locks held by kworker/u8:10/3527:
[  467.807885][   T31]  #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  467.885142][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  467.895448][   T31]  #1: ffffc9000cfd7c60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  467.906940][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  467.924437][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  467.942038][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  467.950492][ T5843] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  467.958172][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  467.979765][   T31]  #2: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  467.989838][   T31] 2 locks held by dhcpcd/5500:
[  467.994927][   T31]  #0: ffff88805b35e6c8 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: __netlink_dump_start+0x119/0x790
[  468.005670][   T31]  #1: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x99/0x200
[  469.794386][   T31] 2 locks held by getty/5594:
[  469.799121][   T31]  #0: ffff88814c5b30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  469.815867][   T31]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770
[  469.826249][   T31] 1 lock held by syz-executor/5835:
[  469.831451][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0
[  469.840588][   T31] 2 locks held by syz-executor/5836:
[  469.846168][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0
[  469.855274][   T31]  #1: ffffffff8eb3e838 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x820
[  469.866810][   T31] 3 locks held by kworker/u9:2/5839:
[  469.872108][   T31]  #0: ffff88804f56e948 ((wq_completion)hci4#4){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[  469.883789][   T31]  #1: ffffc9000400fc60 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[  469.896225][   T31]  #2: ffff8880121c0d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_power_on+0x1bf/0x6b0
[  469.905830][   T31] 2 locks held by kworker/u9:3/5843:
[  469.911227][   T31] 3 locks held by kworker/u9:5/5850:
[  469.916606][   T31] 1 lock held by syz-executor/7502:
[  469.921813][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0
[  469.930875][   T31] 2 locks held by syz.1.607/7804:
[  469.935959][   T31] 2 locks held by syz-executor/7833:
[  469.941248][   T31]  #0: ffffffff8fec9450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570
[  469.950762][   T31]  #1: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1f/0x1e0
[  469.960215][   T31] 2 locks held by syz-executor/7840:
[  469.966097][   T31]  #0: ffffffff8fec9450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570
[  469.976163][   T31]  #1: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x29a/0x7e0
[  469.985904][   T31] 2 locks held by syz-executor/7844:
[  469.991194][   T31]  #0: ffffffff8fec9450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570
[  470.006868][   T31]  #1: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1f/0x1e0
[  470.024370][   T31] 2 locks held by syz-executor/7847:
[  470.029668][   T31]  #0: ffffffff8fec9450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570
[  470.040800][   T31]  #1: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: setup_net+0x602/0x9e0
[  470.049626][   T31] 4 locks held by syz-executor/7869:
[  470.054979][   T31]  #0: ffff888027f74d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x203/0x510
[  470.065122][   T31]  #1: ffff888027f74078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x60d/0x1260
[  470.075464][   T31]  #2: ffff88803342b338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x71/0x690
[  470.085397][   T31]  #3: ffffffff8eb3e838 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x820
[  470.096402][   T31] 1 lock held by syz-executor/7873:
[  470.101606][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.111567][   T31] 1 lock held by syz-executor/7877:
[  470.116844][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.126468][   T31] 1 lock held by syz-executor/7881:
[  470.131672][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.142083][   T31] 1 lock held by syz-executor/7885:
[  470.147327][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.156884][   T31] 1 lock held by syz-executor/7889:
[  470.162087][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.186277][ T5843] Bluetooth: hci2: command 0x0406 tx timeout
[  470.202761][   T31] 1 lock held by syz-executor/7895:
[  470.209729][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.219402][   T31] 1 lock held by syz-executor/7901:
[  470.224674][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.234160][   T31] 1 lock held by syz-executor/7906:
[  470.239434][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.248978][   T31] 1 lock held by syz-executor/7910:
[  470.254179][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.263738][   T31] 1 lock held by syz-executor/7914:
[  470.268997][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.279063][   T31] 1 lock held by syz-executor/7917:
[  470.285241][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.294898][   T31] 1 lock held by syz-executor/7929:
[  470.300106][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.309634][   T31] 1 lock held by syz-executor/7937:
[  470.315057][   T31]  #0: ffffffff8fed5c88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bc0
[  470.324587][   T31] 
[  470.326916][   T31] =============================================
[  470.326916][   T31] 
[  470.335407][   T31] NMI backtrace for cpu 0
[  470.335420][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc6-syzkaller #0
[  470.335447][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  470.335462][   T31] Call Trace:
[  470.335472][   T31]  <TASK>
[  470.335482][   T31]  dump_stack_lvl+0x241/0x360
[  470.335516][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  470.335543][   T31]  ? __pfx__printk+0x10/0x10
[  470.335581][   T31]  nmi_cpu_backtrace+0x49c/0x4d0
[  470.335620][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  470.335649][   T31]  ? _printk+0xd5/0x120
[  470.335672][   T31]  ? __pfx__printk+0x10/0x10
[  470.335694][   T31]  ? __wake_up_klogd+0xcc/0x110
[  470.335731][   T31]  ? __pfx__printk+0x10/0x10
[  470.335755][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.335804][   T31]  ? __rcu_read_unlock+0xa1/0x110
[  470.335845][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  470.335881][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  470.335918][   T31]  watchdog+0x1058/0x10a0
[  470.335959][   T31]  ? watchdog+0x1ea/0x10a0
[  470.336002][   T31]  ? __pfx_watchdog+0x10/0x10
[  470.336041][   T31]  kthread+0x7ab/0x920
[  470.336078][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336119][   T31]  ? __pfx_watchdog+0x10/0x10
[  470.336157][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336194][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336236][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336273][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  470.336304][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.336343][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  470.336378][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336418][   T31]  ret_from_fork+0x4d/0x80
[  470.336452][   T31]  ? __pfx_kthread+0x10/0x10
[  470.336491][   T31]  ret_from_fork_asm+0x1a/0x30
[  470.336536][   T31]  </TASK>
[  470.336545][   T31] Sending NMI from CPU 0 to CPUs 1:
[  470.517081][    C1] NMI backtrace for cpu 1
[  470.517099][    C1] CPU: 1 UID: 0 PID: 47 Comm: kworker/1:1 Not tainted 6.14.0-rc6-syzkaller #0
[  470.517122][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  470.517138][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  470.517172][    C1] RIP: 0010:lock_release+0x1c3/0xa30
[  470.517208][    C1] Code: 80 3c 3b 00 74 08 4c 89 f7 e8 69 29 8c 00 48 8b 9c 24 b0 00 00 00 fa 48 c7 c7 a0 bf 2a 8c e8 14 f1 6b 0a 65 ff 05 fd 8e 65 7e <48> 8d 94 24 80 00 00 00 48 c1 ea 03 42 0f b6 04 3a 84 c0 0f 85 6e
[  470.517227][    C1] RSP: 0018:ffffc90000a27900 EFLAGS: 00000002
[  470.517245][    C1] RAX: 0000000000000001 RBX: 0000000000000046 RCX: ffffffff819cfa70
[  470.517260][    C1] RDX: 0000000000000000 RSI: ffffffff8c2abfa0 RDI: ffffffff8c80fe20
[  470.517276][    C1] RBP: ffffc90000a27a30 R08: ffffffff903cf777 R09: 1ffffffff2079eee
[  470.517292][    C1] R10: dffffc0000000000 R11: fffffbfff2079eef R12: 1ffff92000144f2c
[  470.517309][    C1] R13: ffffffff85874ea6 R14: ffffc90000a279b0 R15: dffffc0000000000
[  470.517329][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  470.517347][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  470.517362][    C1] CR2: 00007ffbdd52335c CR3: 000000000e938000 CR4: 0000000000350ef0
[  470.517380][    C1] Call Trace:
[  470.517388][    C1]  <NMI>
[  470.517398][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  470.517427][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  470.517461][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  470.517497][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  470.517526][    C1]  ? nmi_handle+0x151/0x5a0
[  470.517566][    C1]  ? nmi_handle+0x2a/0x5a0
[  470.517600][    C1]  ? lock_release+0x1c3/0xa30
[  470.517631][    C1]  ? default_do_nmi+0x63/0x160
[  470.517658][    C1]  ? exc_nmi+0x123/0x1f0
[  470.517682][    C1]  ? end_repeat_nmi+0xf/0x53
[  470.517714][    C1]  ? get_random_u16+0x196/0xa80
[  470.517744][    C1]  ? lock_release+0xb0/0xa30
[  470.517776][    C1]  ? lock_release+0x1c3/0xa30
[  470.517809][    C1]  ? lock_release+0x1c3/0xa30
[  470.517842][    C1]  ? lock_release+0x1c3/0xa30
[  470.517874][    C1]  </NMI>
[  470.517882][    C1]  <IRQ>
[  470.517891][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  470.517924][    C1]  ? get_random_u16+0x196/0xa80
[  470.517950][    C1]  ? __pfx_lock_release+0x10/0x10
[  470.517981][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  470.518019][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518054][    C1]  ? get_random_u16+0x196/0xa80
[  470.518081][    C1]  get_random_u16+0x4bb/0xa80
[  470.518108][    C1]  ? get_random_u16+0x196/0xa80
[  470.518136][    C1]  ? __pfx_get_random_u16+0x10/0x10
[  470.518164][    C1]  ? irqentry_exit+0x63/0x90
[  470.518195][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518228][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  470.518264][    C1]  ? cake_get_flow_quantum+0x16e/0x290
[  470.518298][    C1]  cake_get_flow_quantum+0x191/0x290
[  470.518330][    C1]  cake_dequeue+0x2b04/0x4be0
[  470.518377][    C1]  ? __pfx_cake_dequeue+0x10/0x10
[  470.518410][    C1]  __qdisc_run+0x274/0x2180
[  470.518443][    C1]  __dev_queue_xmit+0x10dd/0x3f50
[  470.518473][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518509][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518547][    C1]  ? __dev_queue_xmit+0x2f4/0x3f50
[  470.518574][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[  470.518603][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518639][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518675][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518708][    C1]  ? mark_lock+0x9a/0x360
[  470.518730][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518763][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  470.518800][    C1]  ? ip_finish_output2+0x948/0x12e0
[  470.518836][    C1]  ip_finish_output2+0xcd3/0x12e0
[  470.518870][    C1]  ? ip_finish_output2+0x43e/0x12e0
[  470.518906][    C1]  ? __pfx_ip_finish_output2+0x10/0x10
[  470.518938][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.518972][    C1]  ? ip_skb_dst_mtu+0x147/0xbc0
[  470.519003][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519036][    C1]  ? __ip_finish_output+0x349/0x400
[  470.519070][    C1]  ip_push_pending_frames+0xbf/0x150
[  470.519103][    C1]  __icmp_send+0x12b2/0x1800
[  470.519127][    C1]  ? __icmp_send+0x212/0x1800
[  470.519151][    C1]  ? __pfx___icmp_send+0x10/0x10
[  470.519176][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519209][    C1]  ? raw_local_deliver+0xe16/0xf20
[  470.519237][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519288][    C1]  ? __pfx_raw_local_deliver+0x10/0x10
[  470.519315][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519349][    C1]  ? xfrm4_policy_check+0x2ad/0x6a0
[  470.519375][    C1]  ? __pfx_tcp_v4_rcv+0x10/0x10
[  470.519399][    C1]  ip_protocol_deliver_rcu+0x41b/0x440
[  470.519425][    C1]  ? ip_local_deliver_finish+0x230/0x5f0
[  470.519449][    C1]  ip_local_deliver_finish+0x341/0x5f0
[  470.519476][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  470.519501][    C1]  NF_HOOK+0x3a6/0x450
[  470.519521][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519561][    C1]  ? NF_HOOK+0x9a/0x450
[  470.519583][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  470.519606][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  470.519633][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519667][    C1]  ? ip_rcv_finish+0x406/0x560
[  470.519691][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  470.519714][    C1]  NF_HOOK+0x3a6/0x450
[  470.519734][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.519768][    C1]  ? __lock_acquire+0x1397/0x2100
[  470.519801][    C1]  ? NF_HOOK+0x9a/0x450
[  470.519822][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  470.519844][    C1]  ? ip_rcv_core+0x801/0xd10
[  470.519867][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  470.519894][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  470.519917][    C1]  __netif_receive_skb+0x2bf/0x650
[  470.519947][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  470.519980][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  470.520007][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  470.520040][    C1]  ? __pfx_lock_release+0x10/0x10
[  470.520073][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  470.520107][    C1]  process_backlog+0x662/0x15b0
[  470.520140][    C1]  ? process_backlog+0x33b/0x15b0
[  470.520174][    C1]  ? __pfx_process_backlog+0x10/0x10
[  470.520204][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  470.520238][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  470.520273][    C1]  __napi_poll+0xcd/0x490
[  470.520302][    C1]  net_rx_action+0x89b/0x1240
[  470.520343][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  470.520374][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.520408][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  470.520442][    C1]  ? __pfx_net_tx_action+0x10/0x10
[  470.520473][    C1]  ? sched_clock_cpu+0x76/0x490
[  470.520504][    C1]  handle_softirqs+0x2d6/0x9b0
[  470.520542][    C1]  ? do_softirq+0x11b/0x1e0
[  470.520568][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  470.520595][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.520631][    C1]  do_softirq+0x11b/0x1e0
[  470.520654][    C1]  </IRQ>
[  470.520662][    C1]  <TASK>
[  470.520670][    C1]  ? __pfx_do_softirq+0x10/0x10
[  470.520695][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  470.520728][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.520762][    C1]  ? rcu_is_watching+0x15/0xb0
[  470.520787][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  470.520813][    C1]  ? wg_socket_send_skb_to_peer+0x176/0x1d0
[  470.520842][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  470.520866][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  470.520891][    C1]  ? mod_peer_timer+0x21/0x260
[  470.520914][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.520950][    C1]  wg_socket_send_skb_to_peer+0x176/0x1d0
[  470.520981][    C1]  wg_packet_tx_worker+0x1bf/0x810
[  470.521011][    C1]  ? process_scheduled_works+0x9c6/0x18e0
[  470.521039][    C1]  process_scheduled_works+0xac0/0x18e0
[  470.521081][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  470.521114][    C1]  ? assign_work+0x364/0x3d0
[  470.521144][    C1]  worker_thread+0x870/0xd30
[  470.521179][    C1]  ? __kthread_parkme+0x169/0x1d0
[  470.521212][    C1]  ? __pfx_worker_thread+0x10/0x10
[  470.521241][    C1]  kthread+0x7ab/0x920
[  470.521273][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521307][    C1]  ? __pfx_worker_thread+0x10/0x10
[  470.521337][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521369][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521403][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521436][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  470.521463][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  470.521496][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  470.521527][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521564][    C1]  ret_from_fork+0x4d/0x80
[  470.521594][    C1]  ? __pfx_kthread+0x10/0x10
[  470.521628][    C1]  ret_from_fork_asm+0x1a/0x30
[  470.521662][    C1]  </TASK>
[  471.366636][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  471.373512][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-rc6-syzkaller #0
[  471.382286][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  471.392346][   T31] Call Trace:
[  471.395635][   T31]  <TASK>
[  471.398568][   T31]  dump_stack_lvl+0x241/0x360
[  471.403265][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  471.408480][   T31]  ? __pfx__printk+0x10/0x10
[  471.413078][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  471.419089][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.424751][   T31]  ? vscnprintf+0x5d/0x90
[  471.429096][   T31]  panic+0x349/0x880
[  471.432997][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.438651][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  471.444823][   T31]  ? __pfx_panic+0x10/0x10
[  471.449243][   T31]  ? tick_nohz_tick_stopped+0x82/0xb0
[  471.454627][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.460281][   T31]  ? __irq_work_queue_local+0x137/0x410
[  471.465852][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.471504][   T31]  ? preempt_schedule_thunk+0x1a/0x30
[  471.477163][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  471.483333][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  471.489507][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.495164][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  471.501335][   T31]  watchdog+0x1097/0x10a0
[  471.505690][   T31]  ? watchdog+0x1ea/0x10a0
[  471.510130][   T31]  ? __pfx_watchdog+0x10/0x10
[  471.514830][   T31]  kthread+0x7ab/0x920
[  471.518920][   T31]  ? __pfx_kthread+0x10/0x10
[  471.523538][   T31]  ? __pfx_watchdog+0x10/0x10
[  471.528237][   T31]  ? __pfx_kthread+0x10/0x10
[  471.532845][   T31]  ? __pfx_kthread+0x10/0x10
[  471.537461][   T31]  ? __pfx_kthread+0x10/0x10
[  471.542081][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  471.547295][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  471.553382][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  471.558600][   T31]  ? __pfx_kthread+0x10/0x10
[  471.563211][   T31]  ret_from_fork+0x4d/0x80
[  471.567798][   T31]  ? __pfx_kthread+0x10/0x10
[  471.572585][   T31]  ret_from_fork_asm+0x1a/0x30
[  471.577379][   T31]  </TASK>
[  471.580681][   T31] Kernel Offset: disabled
[  471.585003][   T31] Rebooting in 86400 seconds..