last executing test programs:

52.346611812s ago: executing program 4 (id=534):
syz_io_uring_setup(0x887, &(0x7f00000001c0)={0x0, 0x5d2d, 0x1000, 0x1, 0xbfdffffc}, 0x0, 0x0)
r0 = syz_io_uring_setup(0xd38, &(0x7f0000000500)={0x0, 0x2827, 0x80, 0x3, 0x350}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000003c0)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x36, 0x0, 0x0, 0x804, 0x0, 0x1, 0x20})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

51.758701948s ago: executing program 4 (id=541):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@private1, @in=@local, 0x0, 0x0, 0x4e22, 0x0, 0x2, 0x0, 0x20, 0x11}, {0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x10, 0xb}, {0x0, 0x0, 0x0, 0x80000}, 0x6, 0x0, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2, 0xfffffff9}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c)

50.409788918s ago: executing program 4 (id=544):
r0 = syz_io_uring_setup(0x117b, &(0x7f00000000c0)={0x0, 0x29d8, 0x10100, 0x200003, 0x60}, &(0x7f0000000140)=<r1=>0x0, &(0x7f00000006c0)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0xffffffffffffffed, 0x0, 0x300}, {0x0, 0x0, 0xfffd}, {0x0, 0x0, 0x4}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r3, 0x0, 0x0, 0x56, 0x200440c0, 0x1})
io_uring_enter(r0, 0x27e2, 0x0, 0x0, 0x0, 0x0)

49.839250124s ago: executing program 4 (id=549):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000000), 0xfd, 0x244, &(0x7f0000000680)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

48.813468855s ago: executing program 4 (id=567):
pipe2(&(0x7f0000000000)={0x0, <r0=>0x0}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x8000f28, 0x8)
splice(r2, 0x0, r0, 0x0, 0x6, 0xb)
ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000080))
close_range(r0, 0xffffffffffffffff, 0x0)

47.905875559s ago: executing program 4 (id=561):
r0 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f0000000000)='bat\x13\x1b\r\xcbs\xecave_5\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000000, 0x8, 0x1, 0xc05})
mq_getsetattr(r1, &(0x7f0000000040)={0x0, 0x40, 0x4, 0xffff}, 0x0)
mq_timedreceive(r1, &(0x7f0000000200)=""/100, 0xb1, 0xfffffffffffffff8, &(0x7f00000001c0)={0x77359400})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000140)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

47.364637069s ago: executing program 32 (id=561):
r0 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mq_open(&(0x7f0000000000)='bat\x13\x1b\r\xcbs\xecave_5\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000000, 0x8, 0x1, 0xc05})
mq_getsetattr(r1, &(0x7f0000000040)={0x0, 0x40, 0x4, 0xffff}, 0x0)
mq_timedreceive(r1, &(0x7f0000000200)=""/100, 0xb1, 0xfffffffffffffff8, &(0x7f00000001c0)={0x77359400})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000140)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

40.977528691s ago: executing program 0 (id=626):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001000390429bd7000fbdbdf2500000000", @ANYRES32=r3, @ANYBLOB="0198f9ffffff0000180012800b000100697036677265000008000280040012"], 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004)
sendto$packet(r0, &(0x7f0000000640)="e8", 0x1, 0x101, &(0x7f0000000200)={0x11, 0x86dd, r3}, 0x14)

40.695555344s ago: executing program 0 (id=627):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0xff, 0x4a1, &(0x7f00000004c0)="$eJzs3MtvVFUYAPDvTh+8aUVEQdAqGomPlhZUFi7UaOJCExNd4LK2BZGBGloTIY0WY3BpSNwblyb+Be7cGHVhTNxq4tKQEG1MKK5q7gum02mZlpYpnd8vmc45c1/nu+eemXPv6b0BtK2+9E8SsT0ifo+Injw7f4a+/G12Zmrk+szUSBJzc2/9nWTzXZuZGilnLZfbVmQOVSIqnyXxYrJwuxPnL5werlbHzhX5gckzHwxMnL/wzKkzwyfHTo6dHTp27OiRweefG3p2VeJM47q27+Px/Xtfe+fyGyPHL7/707dpsfYcyKfXxnFL1xsE1EBfutf+mcvUT3t8GWW/G+yoSSedLSwIy9IREWl1dWXtvyc64mbl9cSrn7a0cMCaSn+bNi0+eXoO2MCSaHUJgNYof+jT89/ydYe6HuvC1Zciuov07MzUyOyN+DujUnzetYbb74uI49P/fZW+YrnXIQAAViDr2zzdqP9XiT3Zez7WsbMYQ+mNiHsiYldE3BsRuyPivohs3vujOx7IF57raXL7fXX5hf2fypWGZV4laf/vhZq+32xN/MVbb0eR25HF35WcOFUdO1zsk0PRtSnNDy6xje9f+e2LxabV9v/SV7r9si9YFOBKZ90FutHhyeHV2glXL0bs62wUf3JjJCA9AvZGxL7lrXpnmTj15Df7F5vp1vEvYRXGmea+jngir//pqIu/lCw9PjmwOapjhwfKo2Khn3+99GaR7K6fdlvxr4K0/rfOP/6LKReL955/k3y8tiuq1bFzE8vfxqU/Pl/0nGalx3938nY2Zv3Le/lnHw1PTp4bjOhOXs/y5Y7OPh+6uWyZL+dP4z90sHH731Usk8b/YESkB/GBiHgoIh4uyv5IRDwaEQeXiP/Hlx97f4n4k0iipfU/2vD7L4nYnCV6k9rx+hUkOk7/8N1iI+bN1f/RmM6+a3PZ998tNFvA29+DAAAAsP5VImJ7JJX+PN23PSqV/v78f/h3x9ZKdXxi8qkT4x+eHc3vEeiNrkp5paun5nroYDJdrDHPDxXXisvpR4rrxl92bMny/SPj1dEWxw7tbtv89h9l+0/91dHq0gFrzv1a0L7q23+lReUA7rxmfv+dC8DG1KD9b2lFOYA7z/k/tK9G7f+Turz+P2xMC9v/nw0eWQdsRPr/0L60f2hf2j+0pWbv4i+fp7DihwDMS5Q3C6x8PZubvsN//SX61mTNZQ2tZeG3xM1PorJqa55eB5WyzhNpi1nJ4rGz+WdhzE80eFgNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXej/AAAA//+q8eIl")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000000280)='2', 0x1, 0x8080c61)
fallocate(r1, 0x3, 0x4100, 0x8000c62)

39.981438064s ago: executing program 0 (id=630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0x4, 0x5, 0x1, 0x1}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000a06700007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)

39.635234797s ago: executing program 0 (id=633):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x82, &(0x7f0000000700)=ANY=[@ANYBLOB='iocharset=default,noadinicb,gid=forget,gid=ignore,nostrict,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c616e63686f723d30303030000088be0900303030303030303030312c7569643d666f726765742c00215e8c2e42462f3ab5e1f7c0527abbb422be9178aa60681964adb069ae876c4a599d560075ac47c0de1a9bb9146af6433efdcdac853a8e8f16d6bad90ecce0a1fab46f48331e6b3c325c08df3c334e4da28067a30b3b1dc64bf692c712fc273bc1702008f563765c6f3e67d97e1369973c2a87f0ecca7320819863179fb85e394a8cf1d62c70d8306633b6958ebf998a0685bc5cdd1f97291328743add4c867115fae1082f8faf482e15eb939968"], 0xfd, 0xc34, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LMkkJcr+fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lhtwIAeJDOT3/1+AnPfwD4RLng//8BAAAAAAAAAAAAAOCgS1HEE5Fi6fxWmq0+dw2fa3euXpuZmLx9tZFU1Ryoypc/w8+fOHnqSy+Mn+7lh9ffa0/Fa9MXztZfXryytNxaWWnN12c67bnF+dY9b2G39W82Vh2A+pXXr85furRSP/HcyRu+vjb6wdDjR0bPjD9z7Ole2ZmJycnpvjK1wY+891vcaYTHoSjiWKR49vs/Ts2IKGL3x+Iu185+G6k6MVZ1YmZisurIQrvZWS2/nOodiCKi3lep0TtGD+Bc7EojYq1sftngsbJ700vN5ebFhVZ9qrm82l5tL3amUre1ZX/qUcTpFLEeEZtDt25uMIqoRYrvHt5KFyNioHccvlgNDL5zO4p97OM9KNtZH4xYLx6Bc3aADUURr0aKn7xTxFx5zPJPfCHi1TL/MeKtMl+KSOWFcSri/eo6GnnILWcv1KKIPyvP/5mtNF/dD3r3lXNfq3+lc2mxr2zvvvLIPx8epAN+bxqOIprVHX8rffTf7AAAAAAAAAAAAAAAAACw10aiiKcixSv//gfVuOKoxqUfPjP+u6M/3z9m/Mm7bKcs+1xErBX3Nib3UB5CPJWmUnrIY4k/yYajiD/K4/++/bAbAwAAAAAAAAAAAAAAAAAA8IlWxHuR4sV3j6b16J9TvN25XL/QvLjQnRW2N/dvb8707e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjluvnbOSczbmWcz3nRs7NnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIn0WK73xjK0WKiEbEbHRzY6hXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4mIZSET+IFPXfa1xfV4uIVP3bdbT85VQ0DpX56WiMl/lSNM7mbFZZa3z7IbSf3RlMRfwoUgwNv339hOfzP9j9dP0yiLe+ufPpl2rdHOh9OfrB0ONHDp8Zn/yVJ++0nG7XgLFz7c7Va/WZicnJ6b7Vtbz3T/etG837Lfam60TEyhtvvt5cWGgtW/hkLNS6C7XY0y2PROztBvduodZdyPereOjtucNC42A0Y2chqnv/be/ZfGyUz//3I8VvvvsfvQd+7/n/c91P15/w8dM/3nn+v3jzhvbp+f9E37oX8+9GBmsRw6tXlgaPRAyvvPHmsfaV5uXW5Vbn1PHjXx4f//LJ44OHIoYvtRdafUu7PlQAAAAAAAAAAAAAAAAAD1Yq4rcjRfNHW6keEdeq8VqjZ8afOfb0QAxU461uGLf12vSFs/WXF68sLbdWVlrz9ZlOe25xvnWvuxuuhnvNTEzuS2fuamSf2z8y/PLi0hvL7cu/v3rb7x8bPntxZXW5OXf7r2MkiohG/5qxqsEzE5NVoxfazU5VdWqPBmYOpiL+M1LMnaqnz+d1efxfGe8N9pXtH/+/1re+Wt6n8X+fumk/KRXx00jxG3/+ZHy+audjccsxy+X+OlKMnf5cLheHynK9NnTfK9AdGViW/d9I8fc/u7Fsr+9P7JR9/v6O7sFXnv/DkeIHf/q9+NW87sb3P+yM/+w//4/dvKF9Ov+f6Vv32A3vK9h118nn/1ikeOmJt+PX8roPe/9HEdvb29+KOJoLX38/xz6d/8/2rRuN7n5/fe+6DwAAAAAAAAAA8MgaTEX8TaR4erKWXsjr7uXv/83fvKF9+vtfv9i3bv4BzVe064MKAAAAAAfEYCrivUhxefXt62Oo+8Z/3zj+87d25l6fSDd9W/053y9U7w3Yyz//6zea9zu7+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dRn7zKf+kakeOW/n83l0pGyXG8e+NHq1+Hzi51jZxcWFueaq82LC6369FJzrlXW/Uyk2Pqrz+W6RTW/em+++e4c78PbvbnYlyPF5N/2ynbnYu/NTd6dD7w7F3tZ9lOR4r/+7sayvXmsP7tT9kRZ9i8jxdf/6fZlj+yUPVmW/V6k+OHX672yj5Vle+9H7b6TdLgWC63n5hYXbnkVKgAAAAAAAAAAAAAAAAAAANyvwVTEn0SK/7myHmt52H+e/783A3+tV/atb/bN93+Ta9U8/6PV/P93Wv4o8/+P7llPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg0ZGiiDcjxdL5rbQxVH7uGj7X7ly9NjMxeftqI6mqOVCVL3+Gnz9x8tSXXhg/3csPr7/XnorXpi+crb+8eGVpubWy0pqvz3Tac4vzrXvewm7r7xy6rrHqANSvvH51/tKllfqJ507e8PW10Q+GHj8yemb8mWNP98rOTExOTveVqQ3ex97vq3E7DkURfxEpnv3+j9M/D0UUsftjcZdrZ7+NVJ0YqzoxMzFZdWSh3eysll9O9Q5EEVHvq9ToHaMHcC52pRGxVja/bPBY2b3ppeZy8+JCqz7VXF5tr7YXO1Op29qyP/Uo4nSKWI+IzaFbNzcYRbweKb57eCv9y1DEQO84fPH89FePn7hzO4p97OM9KNtZH4xYLx6Bc3aADUUR/xApfvLO0fjXoYhadH/iCxGv9hd8KSKVF8apiPdvcx3xaKpFEf9Xnv8zW+mdofJ+0LuvnPta/SudS4t9ZXv3lYP0fNi+/2txZA92e+8O+L1pOIr4YXXH30r/5r9rAAAAAAAAAAAAAAAAgAOkiF+OFC++ezRV44Ovjyludy7XLzQvLnSH9fXG/tUj/rDM7e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjVsX29va3uvVruX7OtZzrtYiirJ8/b+aMAzJ2DwAAAAAAAAAAAAAAAAAA+Hgpqn9SfOcbW6maS7URMRvd3DAf6Mfe/wcAAP//3sf+xA==")
symlink(&(0x7f0000000400)='./bus\x00', &(0x7f00000000c0)='./file0\x00')
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x101, 0x1, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "806c64c97808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x400000]})
lstat(&(0x7f0000000280)='./file0\x00', 0x0)

39.056975267s ago: executing program 0 (id=639):
socket$inet6(0xa, 0x2, 0x0)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

38.437980569s ago: executing program 0 (id=644):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x17)
r0 = userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x67)

37.755806855s ago: executing program 33 (id=644):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x17)
r0 = userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x67)

15.719131175s ago: executing program 5 (id=773):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0x7ff8, 0x4, 0x0, 0x2, 0x0, 0x0, 0x20, 0x4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

15.164874509s ago: executing program 5 (id=780):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x4c)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4051}, 0x20008001)
recvmsg$can_raw(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000340)=""/197, 0xc5}], 0x1}, 0x1)

7.604901336s ago: executing program 5 (id=839):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000000)='./file1\x00', 0x2000494, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c00484516000000000037c015c57600912233eefc80e89be5a1ef2c27ebf5171169dcfa4805d89c7e1f70d73d649ba4afab8b2194a9e8b537ad2ed68f8319883b84237da3bf9213365872b3f3"], 0x1, 0x2b9, &(0x7f0000000fc0)="$eJzs3E1rE3sUx/HTpm3SlDa5cLlwL1w96EY3QxtfgAZpQQwotSnqQpjaiYaMSZkJlYjYbMStr6O4dCeoL8BuxI17d0UQ3HQhjjiTaZM2rWmap7bfD5T5Z87/x5ymD5wEJpu3Xz4q5FwjZ5ZlOKYyLFKVLZHk71XNUO047K/HpF5VLk58//z/rTt3r6czmdl51bn0wqWUqk6dffv46atz78sTi6+n3kRlI3lv81vqy8Y/G/9u/lx4mHdHxdViqaymLpVKZXPJtnQ57xYM1Zu2ZbqW5ouu5TTUc3ZpZaWiZnF5Mr7iWK6rZrGiBaui5ZKWnYqaD8x8UQ3D0Mm4nG4jLezJrs/Pm+l9y16kox2h68abnXScdLV5Mbveg54AAMCAOXj+D2b9/ef/zGJwbGv+1/x+87/Ikef/D2O9fy6Pg2rDoz/M/6FE07OxjjWFrnKctBmv/f02Yv4HAAAAAAAAAAAAAAAAAAAAAOA42PK8hOd5ifAYfkVrN3iEj/vdJ7qjzZ//5T61iw6ru3EvJmK/WM2uZoNjUE/nJC+2WDItCfnh/z7UBOu5a5nZafUl5Z29VsuvrWYjEg3zoWSYH/JvQwvyZ/6aCfLamB+VeP31U5KQv5tfP9U0PyYXztflDUnIx/tSEluW/Wvv5J/NqF69kdmVH/f3AQAAAABwEhi6bc/rd7/ub4jJ3nqQP8T7A7teX4/If618RCUAAAAAADgyt/KkYNq25bSxiIrIEeIndRGRgWhj1+KKiAxAG71axEQkOKPtxL9ux1tKeS3sGRGRvj8th1j0+z8TAAAAgE7bGfoPEfr0vIsdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+rT6eWDh/j2lsHBAvO5ykZ5/gwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA+RUAAP//ovscvw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000040)={0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x0)

7.213487108s ago: executing program 7 (id=843):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

7.026589691s ago: executing program 5 (id=845):
prlimit64(0x0, 0x8, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000380)="2190", 0x2}], 0x1}, 0x1)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000000), 0x4)
recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2)

6.938594941s ago: executing program 7 (id=848):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x21c0, 0x103)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x200030, 0x0, 0xfc, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f00000001c0)='./file3\x00', 0x0)
openat(r0, &(0x7f0000000080)='./file3\x00', 0x0, 0x0)

6.674426001s ago: executing program 3 (id=850):
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})

6.383237693s ago: executing program 3 (id=853):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
userfaultfd(0x801)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

6.285554466s ago: executing program 7 (id=855):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

5.860713682s ago: executing program 7 (id=858):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="180000001e000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020025318500000082000000850000000700000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2b}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)

5.765992501s ago: executing program 5 (id=859):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e031c00008c71ef2885634a8270e71111"], 0xffdd)

5.674660792s ago: executing program 2 (id=861):
sched_setattr(0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x19, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x200}})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)

5.447396226s ago: executing program 7 (id=862):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x7}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x4}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

5.000997956s ago: executing program 2 (id=863):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
fstat(r0, &(0x7f0000000080))
setresuid(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r1, 0x0, 0x0, 0x1, 0x3000)
msgrcv(r1, 0x0, 0x0, 0x2, 0x1000)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000680)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x8}, 0x0, 0x0, 0x0, 0x19, 0x5, 0x2bde, 0xffffffffffffff27, 0xc7, 0x2, 0x9})

4.990158541s ago: executing program 3 (id=864):
r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0xad40, 0x10100}, &(0x7f0000000380)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x3})
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.718762674s ago: executing program 1 (id=865):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000001a00)=ANY=[@ANYBLOB="03000000000000000a004e2300000010ff010000000000000000000000000001f8ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b0000000a004e2000000008fe8000000000000000000000000000aa05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000010000000c0000000000000000000000000000000104000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ad94e2100000073fe8000000000000000000000000000aa09000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e210000000800000000000000000000000000000001"], 0x610)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0x88f}}, {{0xa, 0x4e08, 0x4a3, @private2, 0x4f0}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000780)={0x3, {{0xa, 0x4e23, 0x9, @mcast1, 0x8}}}, 0x90)

4.712824685s ago: executing program 3 (id=866):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000500)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0x42, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000000)='e', 0x3f}])
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000380)="90", 0x1}], 0x1, 0x0, 0x0, 0x4004005}], 0x1, 0x80)

4.478199777s ago: executing program 1 (id=867):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r1, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x8)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @remote}, 0x1c)

4.287147465s ago: executing program 3 (id=868):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x2}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000e7ffffff850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r4, r1, 0x25, 0x4, @val=@netkit={@void, @value=r4}}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x2e, 0x28, 0x65, 0x0, 0x2, 0x6, 0x0, @private=0xa010102, @remote}, {{0x4e24, 0x4e23, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x8, 0xfffd, 0x0, 0x57}}}}}}, 0x0)

4.096671581s ago: executing program 1 (id=870):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)

3.982743779s ago: executing program 2 (id=872):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e1f, @empty}, 0x10)
socket$packet(0x11, 0x3, 0x300)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b40000000000900010073797a30"], 0xcc}, 0x1, 0x0, 0x0, 0x880}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

3.04024471s ago: executing program 2 (id=873):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000)
close(r0)

3.036554069s ago: executing program 1 (id=885):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000c00), &(0x7f0000000340), 0xe9f, r0}, 0x38)

2.924484235s ago: executing program 6 (id=874):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r0 = syz_io_uring_setup(0x5ce, &(0x7f0000000240)={0x0, 0x7734, 0x80, 0x40000, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2.634666409s ago: executing program 1 (id=875):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x1a2400, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000100)='pagemap\x00')
pread64(r2, &(0x7f0000000200)=""/102400, 0x19020, 0x1000000000)

2.522988095s ago: executing program 6 (id=876):
sched_setattr(0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x19, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x200}})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)

2.223248139s ago: executing program 6 (id=877):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18)
io_uring_setup(0x1fbb, &(0x7f0000000280)={0x0, 0x8f2b, 0x8, 0x0, 0x308})

2.121648809s ago: executing program 1 (id=878):
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x1200)
r0 = io_uring_setup(0x6576, &(0x7f0000000680)={0x0, 0x41f43, 0x1, 0x2, 0x3bd})
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000000000)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))
close_range(r0, 0xffffffffffffffff, 0x0)

2.047100827s ago: executing program 6 (id=879):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x35f, &(0x7f0000000180)={0x0, 0x4881, 0x800, 0x200003, 0x2de}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x12321, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.439946776s ago: executing program 2 (id=880):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r3, 0x1, 0x3, 0x100000, {{}, {}, {0x14, 0x19, {0x1, 0x1, 0x0, 0x22000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x1004)

1.163347295s ago: executing program 2 (id=881):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00bd9b124589a8c8201d361af26385e0757ca171375f6e83f03738a084d5fe4600b2fe6de02ad3e10893da97964b52fc78c719430dfa505a385c6d282d70e2fec553dd9ac9809243b1a29bc08d7f7a6f0e70a5508031645ef7add68d4d9c8754a3e90bbd4b024e15cc4f471f75c1b2a017c875e1914492cc452cf63ad6b967708973b6a817ee446b08bf4645fcb1c9ca7d2a050eedb746360c10fd7647e46600c87ff9593c24e6828a68c610300201e89491d853b6e412bf80a39bf4df669712a41e06dfea5f790ff9317cfbb6706e60a6f523fab861ff1b8e1a"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
open(&(0x7f0000000180)='./bus\x00', 0x4827e, 0x13)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)

1.027388788s ago: executing program 6 (id=882):
socket$alg(0x26, 0x5, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x22842, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0xfffffffd, 0x15f}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

397.622404ms ago: executing program 6 (id=883):
syz_mount_image$xfs(&(0x7f00000001c0), &(0x7f0000009640)='./file1\x00', 0x10040, &(0x7f0000000100)={[{@quota}, {@uqnoenforce}, {@inode32}, {@sysvgroups}, {@grpquota}, {@bsdgroups}, {@largeio}]}, 0x4, 0x968d, &(0x7f000001c300)="$eJzs3Am4pnMBuP/3DGOXMVRSaiqiRdYsUWYGMxSSJdqRJWUpqdCmRUoqItqzb9nKEsrWSrK3UEKoZIm02Ib5X2fmDGPcpF+//+VX931f1znv+z7v8zzn+34/z3KO5mrzSRtPHAzmGkxv3GDWzr1m8pQxV21w+5FbLXjMcqfcvf8jV1x8/MjjhJHHiYPBYNTI20PTl40dnHraqMHs05Y/3LxzzzM0/2Cw/MjLkf0MVp7+MP/lM9abOkuzDnTo4W/7TP+a1gLDP2L4yWH773X4YDAYM9P2Q4PB0J6P+qDSNp8wedLDVg+5DVuNHnk+89cc07/mv2gwmP+MAR8fM6879CR8pOGfueeLzhm9wZPws//r2nzC5HVn8R8+F2cbWbby8Dk+6zlobNbj/NYltlh1ZAqnHW+DwfAl7hHnyn9Fm0+YtN7gsa/zgyNXu2CfqdOvm3MOpt8o5h4MBvOMXF/ne7Jd6j9rwsQVpt2zZ7weYZ9xLO9Jx8XxbznpweGb9GAwWGgwGLvOjHtBVVVV/Xc0YeIKa8L9f67Hu/+ffPKiZ3T/r6qq+u9t3QkTVxi+189y/5/v8e7/uyx64cem/7f/8StP3+rBJ/dDVFVV1b/VpHXx/j/m8e7/K6956Xrd/6uqqv5722j9aff/+Wa5/y/8ePf/N5602mIj6834veGBmXY5NNP/nnD/TMtnm2n5fTMtHz3TfmZef46Zlt8z0/I5h9+D9ccNBmNn/HvBKQ8vHjtu+L2R5ffOtHz8w/9OZ/G1Zlo+Yablk2ZaPnFkrMPLJ8+0fPJM66/zOFNdVVX1/0wbrTBpzcFM/85+ZPEiM96n+//5Z1679JM13qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvrv7MHbzzpnMBgMDQaDUYPBlMHI85kfB1OnTp06/Prk8y677Ekb6P8bDZ17zeQpY67a4PYjt1rwmOVOuXv/h2fpv7b//k9Q/0nD/nMdN24w2GnTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrz9rHNGjoFRg8GUwcjzPWc8nrnfG940suqqm51y50EPb7n4+O1Hnp17zeQp2z8JY38SGhr+rGOu2uD2I7da8JjlTrl7//+Bs+e//xPUf9I0/+2HBoOR83vM8Lm8wYSNNllqMBgcdOcpm600eOi9VYbfW23sbIPZpm261LTvay/OO95znemP44e/LfzQPk6etv91px4629Asg5ipV5x7w5Fv3/zuFWd9XPKxP8eoGU8Ov+70u6ZOnTr1EQtHmusxNp6x/xmfZdbzfGTsSw2PfZldd3zXMu/ZfY+lt99xy+222W6bnZZbYZUVV1p+uZVWfdky226/wzbLTv/+GHM2btr3NZ/InM0365zdPmHmOZv1sz3WnI17/DmbtscpewxtMmPOZv8352zNx5+zcduP/KDFx48ebDFtaoYGg8XXGj3YbfjFcnMOBouvPbLuIsPrrj521GCw38MfdPjZnA8dg0N7Dq+z+aSNJz48skd/wkddpx+x4uLjRx4njDxOnD7EcYOHD8Wxg1NPGzU8F4+Y5nnnnmdo/sFg+ZGXI/sZrDry7iEz1ps6S7MOdOjhb/tM/5rWAsM7GX7yjmXPunr4XJxl+/8/+j+6/j/Ka5WhhyZqaORrZJ3pXhMmr/vwz5o2DcNzN9vIspWHTWads/+bPWq842YfjHmc8U5ad+IKw4tnmf8Zm+DxdccSF3xg+rE1fuXpWz34f4xC453vcca77gQc73yPN97jPnjJadN39X9tvLNc69ab9n38E7nWDR7/Wjcb7WCbixeb9Vr36sce4iPO4xlzNOcsKz3WtW63g5ffc3j/4x//Wrfe8NhHP+JaN2owWHzNGde64QvfpNGD/YZfLD/8YvLowTHDL1aY9mLuwXnDL176tp132Hp4wToz5mTZ4f2OHzs0zf2ClW9ZcuoBU6euNTKW8WMfOdaR42PczPfzCWOnT+aMbWfsd3jVGfu9+enT35s0st8J/8Z+Z2xL471zgenvTR7Z78RZ9jv6cfY7Y9tHnQ9LDT104XqM682kWa43I3/jzPhxj/iaY/rX/BcNBvOfQb6zrPsvr5l0/s71OOOdMHGFNYfHN8v5+9DhSOfvJZOvGr5XzD8YDBYaDMauM2Ps/2ZDjzXe2R9/vBNhvLM/3nivOHbH9f8vjHcw03gfcZxtvtH0Y2WdkeNs8r9x/M7Ydtbr2Ohp706/7K/zRK5j4x51HfvobKNmmeyZeqzf2baG9ac/X+Th33OvOfHoGXM/epb9/qvf2Wb6LENwHRszy9/zo9a5fjBEc77ncatfOnTg48/56MEj/7aYMecztn28OZ/8ROb8WY8/50/09+Slnj/9/dGzjH/mOd9w32d+ZsaczzHLfv/VnE9+/HvHo+d8/GA0zfmy902ft8e7nj7WnM/YdsacD3/E1cbOPlh7+J41MueTnsicL/J/5zifB9af/nybhxadfeQpr5sx57PO8b+a80n/7pyPe+g4X3zae88bNZhjjsFuW+666y7LTf8+4+Xy07/zteiea6bP8+PdSx/LaMa2j3derPVEjMY8IaOhf2W06OyPZfTwqXXEzrs87f/0WrTWv2s04GvRVUdPn7fH+73oseZ8xrZ0H1x4pu1n/Tt0o/Wn/d493yz3wRmb4H3w7DPX23vGLkc2e2CWYc64r94/0/LZZlp+30zLR8+0n5nXn2Om5ffMtHz4I8wx0/ozWMcN/807snzKw6uPHf7ladzI8ntnWj7+4W0XX2um5RNmWj5ppuUTHz40Fp880/LJM62/zuDfbMZ/k95+1ot8PdH677/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFPXj7WeeMHAOjBoMpg+nPh0YeB3sObXjbGsOPg8Fg9MonTN3wyR7vk9zQuddMnjLmqg1uP3KrBY9Z7pS79/8fOHv++z9B/SdN899+aDAYOb/HbD8YDDaYsNEmSw0Ggw2nnrDyqMFD7y0y/N7qY0cNBvsNPWIHcz60ztCew+tsPmnjiYPBXCNrjHvUD33UefSIFRcfP/I4YeRx4vTr07jBw8fr2MGpp40azD5t+cPNO/c8Q/MPBsuPvBzZz2Dl6Q/zXz5jvamzNOtAhx7+ts/0r2ktMPwjhp/stt3kZw/P1Szb/z/TjGv19qP+5aqd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93/55/R8v/Wom6y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u3/ff+7/X8ZRT06d/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3IO3n3XOyDEwajCYMpj+fGjPkcfB0EmnvnDkEBm9+5VHHfpkj/dJbujcayZPGXPVBrcfudWCxyx3yt37/w+cPf/9n6D+k6b5bz80GIyc32O2HwwGG0zYaJOlBoPBoUddufuowUPvLTL83upjRw0G+w09YgdzPrTO0J7D62w+aeOJg8FcI2uMe9QPfdR59IgVFx8/8jhh5HHi9OvTuMHDx+vYwamnjRrMPm35w8079zxD8w8Gy4+8HNnPYOXpD/NfPmO9qbM060CHHv62z/SvaS0w/COGn+w13zUnDc/VLNv/P9OMa/X2o/7lqp3/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+7B2886Z+QYGDUYTBlMfz5q5HFoz5tu/PAmw4/DrxdcZ+9rnuzxPskNnXvN5Cljrtrg9iO3WvCY5U65e///gbPnv/8T1H/SsP9cx40bDHba9MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uAdvP+uckaejHl46as+OC2zo3GsmTxlz1Qa3H7nVgscsd8rd+z/ZA/pPewz/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/p/JH7P475s/ZvH/bP6Yxf9z+WMW/8/nj1n898sfs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/A/KH7P4H5w/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8v5k/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi/+38scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/2/ljFv/v5I9Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/7v5Yxb/M/LHLP5n5o9Z/M/KH7P4fy9/zOL//fwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/p/ljFv8L8scs/hfmj1n8f5Y/ZvG/KH/M4v/z/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjF/6r8MYv/1fljFv/f5I9Z/H+bP2bxvyZ/zOL/u/wxi/+1+WMW/+vyxyz+1+ePWfx/nz9m8b8hf8zif2P+mMX/pvwxi/8f8scs/n/MH7P4/yl/zOJ/c/6Yxf/P+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bx/0v+mMX/jvwxi/+d+WMW/7/mj1n878ofs/j/LX/M4v/3/DGL/z/yxyz+/8wfs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/yn5Yxb/B/LHLP4P5o9Z/Kfmj0n8Zxvkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+T+q2UceDf7Pzx+znP+L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxXyV/zOK/av6Yxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjFf438MYv/+Pwxi/+E/DGL/8T8MYv/mvljFv+18scs/mvnj1n8J+WPWfwnq/xne8JrWvzXUfk/8Sz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyf/aR042yNfW/zPzR+z+J+XP2bxPz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/9P88cs/hfkj1n8L8wfs/j/LH/M4n9R/pjF/+f5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/VfljFv+r88cs/r/JH7P4/zZ/zOJ/Tf6Yxf93+WMW/2vzxyz+1+WPWfyvzx+z+P8+f8zif0P+mMX/xvwxi/9N+WMW/z/kj1n8/5g/ZvH/U/6Yxf/m/DGL/5/zxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/zvzxyz+f80fs/jflT9m8f9b/pjF/+/5Yxb/f+SPWfz/mT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+U/LHLP4P5I9Z/B/MH7P4T80fk/jPPsgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvF/Sv6YxX+B/DGL/5j8MYv/gvljFv+x+WMW/4Xyxyz+C+ePWfyfmj9m8X9a/pjF/+n5Yxb/RfLHLP7PyB+z+C+aP2bxf2b+mMX/WfljFv/F8scs/s/OH7P4Pyd/zOI/Ln/M4v/c/DGL//Pyxyz+z88fs/gvnj9m8V8if8zi/4L8MYv/kvljFv+l8scs/i/MH7P4vyh/zOL/4vwxi/9L8scs/kvnj1n8X5o/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8X5Y/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv+X549Z/FfLH7P4r54/ZvF/Rf6Yxf+V+WMW/zXyxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NcT+q/xBNax+K8v9H8iWfw3yB+z+L8mf8ziv2H+mMX/tYPL8ocs/ht1/mMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/6EH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/U/LHLP4L5I9Z/Mfkj1n8F8wfs/iPzR+z+C+UP2bxXzh/zOL/1Pwxi//T8scs/k/PH7P4L5I/ZvF/Rv6YxX/R/DGL/zPzxyz+z8ofs/gvlj9m8X92/pjF/zn5Yxb/cfljFv/n5o9Z/J+XP2bxf37+mMV/8fwxi/8S+WMW/xfkj1n8l8wfs/gvlT9m8X9h/pjF/0X5Yxb/F+ePWfxfkj9m8V86f8zi/9L8MYv/MvljFv9l88cs/svlj1n8l88fs/ivkD9m8V8xf8zi/7L8MYv/SvljFv+V88cs/qvkj1n8V80fs/i/PH/M4r9a/pjFf/X8MYv/K/LHLP6vzB+z+K+RP2bxH58/ZvGfkD9m8Z+YP2bxXzN/zOK/Vv6YxX/t/DGL/6T8MYv/5Pwxi/86+WMW/3Xzxyz+r8ofs/i/On/M4r9e/pjFf/38MYv/BvljFv/X5I9Z/DfMH7P4vzZ/zOK/Uf6YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8f9M/pjFf9/8MYv/Z/PHLP6fyx+z+H8+f8ziv1/+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4n9Q/pjF/+D8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zi/838MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfy/lT9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+384fs/h/J3/M4n9K/pjF/9T8MYv/afljFv/T88cs/t/NH7P4n5E/ZvE/M3/M4n9W/pjF/3v5Yxb/7+ePWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+P80fs/hfkD9m8b8wf8zi/7P8MYv/RfljFv+f549Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/lflj1n8r84fs/j/Jn/M4v/b/DGL/zX5Yxb/3+WPWfyvzR+z+F+XP2bxvz5/zOL/+/wxi/8N+WMW/xvzxyz+N+WPWfz/kD9m8f9j/pjF/0/5Yxb/m/PHLP5/zh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfzvzB+z+P81f8zif1f+mMX/b/ljFv+/549Z/P+RP2bx/2f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+E/JH7P4P5A/ZvF/MH/M4j81f0ziP8cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfzXyB+z+I/PH7P4T8gfs/hPzB+z+K+ZP2bxXyt/zOK/dv6YxX9S/pjFf3L+mMV/nfwxi/+6+WMW/1flj1n8X50/ZvFfL3/M4r9+/pjFf4P8MYv/a/LHLP4b5o9Z/F+bP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/1+WPWfw3yx+z+G+eP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/LfIH7P4b5k/ZvHfKn/M4v+2/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4vz1/zOK/ff6Yxf8d+WMW/3fmj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMX/XfljFv93549Z/HfJH7P4vyd/zOK/a/6Yxf+9+WMW//flj1n8358/ZvHfLX/M4r97/pjFf4/8MYv/B/LHLP4fzB+z+H8of8zi/+H8MYv/R/LHLP575o9Z/D+aP2bx/1j+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/h/Jn/M4r9v/pjF/7P5Yxb/z+WPWfw/nz9m8d8vf8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvE/KH/M4n9w/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8f9m/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+38ofs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/2/nj1n8v5M/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv/v5o9Z/M/IH7P4n5k/ZvE/K3/M4v+9/DGL//fzxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/5/mj1n8L8gfs/hfmD9m8f9Z/pjF/6L8MYv/z/PHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv+r8scs/lfnj1n8f5M/ZvH/bf6Yxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d1r95378ty3+f7X6/4ss/nflj1n8/5Y/ZvH/e/6Yxf8f+WMW/3/mj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/+U/DGL/wP5Yxb/B/PHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMV/jfwxi//4/DGL/4T8MYv/xPwxi/+a+WMW/7Xyxyz+a+ePWfwn5Y9Z/Cfnj1n818kfs/ivmz9m8X9V/pjF/9X5Yxb/9fLHLP7r549Z/DfIH7P4vyZ/zOK/Yf6Yxf+1+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bxf13+mMV/s/wxi//m+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6YxX+L/DGL/5b5Yxb/rfLHLP5vyx+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/9vzxyz+2+ePWfzfkT9m8X9n/pjFf4f8MYv/jvljFv+d8scs/jvnj1n835U/ZvF/d/6YxX+X/DGL/3vyxyz+u+aPWfzfmz9m8X9f/pjF//35Yxb/3fLHLP67549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/Z/LHLP775o9Z/D+bP2bx/1z+mMX/8/ljFv/98scs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/g/LHLP4H549Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9v5o9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zi/638MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f92/pjF/zv5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvH/bv6Yxf+M/DGL/5n5Yxb/s/LHLP7fyx+z+H8/f8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8f9p/pjF/4L8MYv/hfljFv+f5Y9Z/C/KH7P4/zx/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvG/Kn/M4n91/pjF/zf5Yxb/3+aPWfyvyR+z+P8uf8zif23+mMX/uvwxi//1+WMW/9/nj1n8b8gfs/jfmD9m8b8pf8zi/4f8MYv/H/PHLP5/yh+z+N+cP2bx/3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zif2f+mMX/r/ljFv+78scs/n/LH7P4/z1/zOL/j/wxi/8/88cs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMV/Sv6Yxf+B/DGL/4P5Yxb/qfljEv+5BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/3IP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/ef6YxX+1/DGL/+r5Yxb/V+SPWfxfmT9m8V8jf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+O+ZP2bx/2j+mMX/Y/ljFv+P549Z/D+RP2bx3yt/zOL/yfwxi//e+WMW/0/lj1n8P50/ZvHfJ3/M4v+Z/DGL/775Yxb/z+aPWfw/lz9m8f98/pjFf7/8MYv//vljFv8v5I9Z/A/IH7P4H5g/ZvH/Yv6Yxf+g/DGL/8H5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/5v5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/h/K3/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8v50/ZvH/Tv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/L+bP2bxPyN/zOJ/Zv6Yxf+s/DGL//fyxyz+388fs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8f5o/ZvG/IH/M4n9h/pjF/2f5Yxb/i/LHLP4/zx+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/K/KH7P4X50/ZvH/Tf6Yxf+3+WMW/2vyxyz+v8sfe6T/6Cd7OP95j+F/bf6Y5fy/Ln/M4n99/pjF//f5Yxb/G/LHLP435o9Z/G/KH7P4/yF/zOL/x/wxi/+f8scs/jfnj1n8/5w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv+/5I9Z/O/IH7P435k/ZvH/a/6Yxf+u/DGL/9/yxyz+f88fs/j/I3/M4v/P/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvGfkj9m8X8gf8zi/2D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/2v+8/10Nv5f/o/vf9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/isp/ad+5F+tYfFfWen/r7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+bmf2HOhhmZPH/beSYxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d+aPWfz/mj9m8b8rf8zi/7f8MYv/3/PHLP7/yB+z+P8zf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfyn5I9Z/B/IH7P4P5g/ZvGfmj8m8Z93kD9m8e//8o2z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/yx/2X/qR95aOm8r8sf+1/2n/n83yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfx/mj9m8b8gf8zif2H+mMX/Z/ljFv+L8scs/j/PH7P4X5w/ZvG/JH/M4n9p/pjF/zKf/9xPZCWL/+U+/yeUxf+K/DGL/5X5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/q/LHLP5X549Z/H+TP2bx/23+mMX/mvwxi//v8scs/tfmj1n8r8sfs/hfnz9m8f99/pjF/4b8MYv/jfljFv+b8scs/n/IH7P4/zF/zOL/p/wxi//N+WMW/z/nj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/L/ljFv878scs/nfmj1n8/5o/ZvG/K3/M4v+3/DGL/9/zxyz+/8gfs/j/M3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8p+SPWfwfyB+z+D+YP2bxn5o/JvGfb5A/ZvEfyh+z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/wxi//r8scs/pvlj1n8N88fs/i/Pn/M4v+G/DGL/xvzxyz+b8ofs/i/OX/M4v+W/DGL/1vzxyz+W+SPWfy3zB+z+G+VP2bxf1v+mMV/6/wxi/82+WMW/23zxyz+2+WPWfzfnj9m8d8+f8zi/478MYv/O/PHLP475I9Z/HfMH7P475Q/ZvHfOX/sIf9tT/qf9n9X/pjl/H93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/9n8scs/vvmj1n8P5s/ZvH/XP6Yxf/z+WMW//3yxyz+++ePWfy/kD9m8T8gf8zif2D+mMX/i/ljFv+D8scs/gfnj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/2/mj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOL/rfwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/3b+mMX/O/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8f9u/pjF/4z8MYv/mfljFv+z8scs/t/LH7P4fz9/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bx/2n+mMX/gvwxi/+F+WMW/5/lj1n8L8ofs/j/PH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8b8qf8zif3X+mMX/N/ljFv/f5o9Z/K/JH7P4/y5/zOJ/bf6Yxf+6/DGL//X5Yxb/3+ePWfxvyB+z+N+YP2bxvyl/zOL/h/wxi/8f88cs/n/KH7P435w/ZvH/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/P+SP2bxvyN/zOJ/Z/6Yxf+v+WMW/7vyxyz+f8sfs/j/PX/M4v+P/DGL/z/zxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6YxX9K/pjF/4H8MYv/g/ljFv+p+WMS//kH+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMX/M/ljFv9988cs/p/NH7P4fy5/zOL/+fwxi/9++WMW//3zxyz+X8gfs/gfkD9m8T8wf8zi/8X8MYv/QfljFv+D88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/8388cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bx/1b+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+H87f8zi/538MYv/KfljFv9T88cs/qflj1n8T88fs/h/N3/M4n9G/pjF/8z8MYv/WfljFv/v5Y9Z/L+fP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+P80f8zif0H+mMX/wvwxi//P8scs/hflj1n8f54/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/j/In/M4v/L/DGL/6/yxyz+v84fs/hflT9m8b86f8zi/5v8MYv/b/PHLP7X5I9Z/H+XP2bxvzZ/zOJ/Xf6Yxf/6/DGL/+/zxyz+N+SPWfxvzB+z+N+UP2bx/0P+mMX/j/ljFv8/5Y9Z/G/OH7P4/zl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bxvzN/zOL/1/wxi/9d+WMW/7/lj1n8/54/ZvH/R/6Yxf+f+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOI/JX/M4v9A/pjF/8H8MYv/1Pwxif9TBvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9aIv+5/o11Lf5ri/z/nSz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/AoP8MYv/UP6YxX9U/pjFf7b8MYv/7Pk/otlGHi3+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj/1/7NGzFiCGAkXRZ79kYtu2bdu2bWdi27Zt27Zt254UqbLW/YLcvbtTn5b/A/2PWv7v5n/U8n93/6OW/3v4H7X839P/qOX/Xv5HLf/39j9q+b+P/1HL/339j1r+7+d/1PJ/f/+jlv8H+B+1/D/Q/6jl/0H+Ry3/D/Y/avl/iP9Ry/9D/Y9a/h/mf9Ty/3D/o5b/R/gftfw/0v+o5f9R/kct/4/2P2r5f4z/Ucv/Y/2PWv4f53/U8v94/6OW/yf4H7X8P9H/qOX/Sf5HLf9P9j9q+X+K/1HL/1P9j1r+n+Z/1PL/dP+jlv9n+B+1/D/T/6jl/1n+Ry3/z/Y/avl/jv9Ry/9z/Y9a/p/nf9Ty/3z/o5b/F/gftfy/0P+o5f9F/kct/y/2P2r5f4n/Ucv/S/2PWv5f5n/U8v9y/6OW/1f4H7X8v9L/qOX/Vf5HLf+v9j9q+X+N/1HL/2v9j1r+X+d/1PL/ev+jlv83+B+1/L/R/6jl/03+Ry3/b/Y/avl/i/9Ry/9b/Y9a/t/mf9Ty/3b/o5b/d/gftfy/0/+o5f9d/kct/+/2P2r5f4//Ucv/e/2PWv7f53/U8v9+/6OW/w/4H7X8f9D/qOX/Q/5HLf8f9j9q+f+I/1HL/0f9j1r+P+Z/1PL/cf+jlv9P+B+1/H/S/6jl/1P+Ry3/n/Y/avn/jP9Ry/9n/Y9a/j/nf9Ty/3n/o5b/L/gftfx/0f+o5f9L/kct/1/2P2r5/4r/Ucv/V/2PWv6/5n/U8v91/6OW/2/4H7X8f9P/qOX/W/5HLf/f9j9q+f+O/1HL/3f9j1r+v+d/1PL/ff+jlv8f+B+1/P/Q/6jl/0f+Ry3/P/Y/avn/if9Ry/9P/Y9a/n/mf9Ty/3P/o5b/X/gftfz/0v+o5f9X/kct/7/2P2r5/43/Ucv/b/2PWv5/53/U8v97/6OW/z/4H7X8/9H/qOX/T/5HLf9/9j9q+f+L/1HL/0H+RyX/B/zJ/6jl/5/9j1r+/8X/qOX/X/2PWv7/zf+o5f/f/Y9a/v/D/6jl/z/9j1r+/8v/qOX/v/2PWv7/x/+o5f9//Y9a/v/P/6jl///9j1r+D+Z/1PJ/cP+jlv8D/I9a/g/hf9Tyf0j/o5b/Q/kftfwf2v+o5f8w/kct/4f1P2r5P5z/Ucv/4f2PWv6P4H/U8n9E/6OW/yP5H7X8H9n/qOX/KP5HLf9H9T9q+T+a/1HL/9H9j1r+j+F/1PJ/TP+jlv9j+R+1/B/b/6jl/zj+Ry3/x/U/avk/nv9Ry//x/Y9a/k/gf9Tyf0L/o5b/E/kftfyf2P+o5f8k/kct/yf1P2r5P5n/Ucv/yf2PWv5P4X/U8n9K/6OW/1P5H7X8n9r/qOX/NP5HLf+n9T9q+T+d/1HL/+n9j1r+z+B/1PJ/Rv+jlv8z+R+1/J/Z/6jl/yz+Ry3/Z/U/avk/m/9Ry//Z/Y9a/s/hf9Tyf07/o5b/c/kftfyf2/+o5f88/kct/+f1P2r5P5//Ucv/+f2PWv4v4H/U8n9B/6OW/wv5H7X8X9j/qOX/Iv5HLf8X9T9q+b+Y/1HL/8X9j1r+L+F/1PJ/Sf+jlv9L+R+1/F/a/6jl/zL+Ry3/l/U/avm/nP9Ry//l/Y9a/q/gf9Tyf0X/o5b/K/kftfxf2f+o5f8q/kct/1f1P2r5v5r/Ucv/1f2PWv6v4X/U8n9N/6OW/2v5H7X8X9v/qOX/Ov5HLf/X9T9q+b+e/1HL//X9j1r+b+B/1PJ/Q/+jlv8b+R+1/N/Y/6jl/yb+/2bQ77Pl/6b+Ry3/N/M/avm/uf9Ry/8t/I9a/m/pf9Tyfyv/o5b/W/sftfzfxv+o5f+2/kct/7fzP2r5v73/Ucv/HfyPWv7v6H/U8n8n/6OW/zv7H7X838X/qOX/rv5HLf8H+h/94f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mq+/cd4XRdwHP8ccIBkGy5mDGuDfFu6pXTHj+EfTkgELvTA34gaAncgeAd0HHacGj/+IJfOH7mRYytXwrCctHnLNZ1dmlmzWLXV7IeapStrkeks2GJd+95977z7dtz6vs/3m5WPxx/3/X4+X14f4LYnnw9TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9dDY0LjoytGXJq7OCDDx9u7n2dfXTFTQd+331B/2v546XDXHLM4IOenp6e2c/O2lE+nFAUReln21k+nlg5Ll1/Z/2XOvqOwvzuFxcfn/zLxiMH1pz2cF3X0ftqe8/WFjeu29DS/IkxRREuqi06Sgd1NUURFtUW95YO6ksHi2uLh0sHs3oPTim+Wzo4b+3mlqbSiSXR3zP4f9HQuLMYO6TYYsifBoP731n/nTv6X0e4ZP/VxhXl/i/v/OGbFZ/1O0H//dcPCyr7r/o3CJxQdf0/P7//dYRL/sf9f9KTK18e7rMT999//fBJ/UM6wzz/D2m08rm/4vl/+jCXHNhfWdN5vNT/Jbc+M6N8atx/8/z/zvXDRZX9jxny/F96jl/Y//w/oSjCxaP8dsB7SkPjriMj3f9H7n/ctIpNzeD+T2/bvL/U/2OLf/B4+VRtlf0vHOH+P2ZJxa8VqE5D41d7Ku7/VfRffGyYSw70/9bjv32o1P+jf7z/jEGfVdP/xZX9z2xv3TJz6/bOcze0rl7fvL55U92sebPn1tfNPX/OzN5Hgr6vo/yuwHvD6O7/xaSKTU1RNA/sr+468FSp/zkPPDC7fGpilf0vGvH+P939H4b1kTHF+PFFx+r29ra6vq/9h/V9X/t+2DD9V/H3/zPPLv+w2vJrTVFMHdjfecZdy0v9v33omd3lU+Or7H/xiP3PH/h5gQijvP83VWyG9H/w0Iu9z/9L7zl4evlUtX//XzJi/6+4/8NoNDRW/A8/77JS/7uKSyM7DQ3++x+kk6P/R9++vjtuHT6lf0gnR/9/+MLRc+LWYan+IZ0c/Y/beP9zcetwif4hnRz9L5syb3ncOlyqf0gnR/9rXznnr3Hr0Kh/SCdH/2d/ZXdH3Dos0z+kk6P/B9tmb4tbh+X6h3Ry9P/zUx98NW4dLtM/pJOj/2PH7r4hbh0u1z+kk6P/rj1n/ShuHa7QP6STo//L1i0Icetwpf4hnRz9T5v658fi1uEq/UM6Ofqf+5d/nhq3DlfrH9LJ0f/tX1y+L24drtE/pJOj/7HXvfxC3Dqs0D+kk6P/JWdtWxC3DtfqH9LJ0X/Tz5p64tZhZbn/CYX+4V2Xo/+Z3/zJhrh1uM79H9LJ0f/hZY/siVuH6/UP6eTof09dMTluHW7QP6STo/9vfP+0Q3Hr8Gn9Qzo5+v/dk0/Mi1uHVfqHdHL0/+yHbvtW3DrcqH9IJ0f/96x54cy4dVitf0gnR/8P7X3uy3HrsEb/kE6O/l9/vfV9ceuwVv+QTo7+J0085bW4dWjSP6STo/8Ft3ytLW4dmvUP6eTov3V314/j1mGd/iGdHP1/9PjUlXHrsF7/kE6O/lfM2fvBuHW4Sf+QTo7+P7D0gl1x67BB/5BOjv4v7P74hXHrsFH/kE6O/tuf/vzX49bhZv1DOjn63zvj1UVx69Cif0gnR/8vrVry07h1aNU/pJOj/zcfuXZT3Dps0j+kk6P/J37x1rG4ddisf0gnR//vP3/h3+PWYYv+IZ0c/S9a/MbauHX4jP4hnRz9b+z610tx69Cmf0gnR/8zDl+1NG4dtuof0snR//fOrdsftw7t+od0cvR/xxX76uPWYZv+IZ0c/e8/eOddcetwi/4hnRz9v/Gr6dPi1uGz+od0cvR/3+RD18StQ4f+IZ0c/f96U+3TceuwXf+QTo7+/7Fvyo64dejUP6STo/+nXuv+U9w63Kp/SCdH/6vG/WZ83Drcpn9IJ0f/Uzq33Bu3DrfrH9LJ0f+8u1efF7cOn9M/pJOj/61/e/7bceuwQ/+QztbtnTevbmlpbvPGG2+8GXhzsv9kAlJ7J/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5WwfRuwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//9O+OOp")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r1, &(0x7f0000000280)=[{&(0x7f00000005c0)="be", 0x1}], 0x1, 0x5404, 0x0, 0x4)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0}, 0x2000)
lchown(&(0x7f00000001c0)='./file1\x00', r2, r3)

183.250997ms ago: executing program 5 (id=884):
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc4a)
pipe2(&(0x7f0000001440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
fcntl$setpipe(r1, 0x407, 0x100000)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)

60.047016ms ago: executing program 3 (id=886):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000900)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x1408009, 0x0)

0s ago: executing program 7 (id=887):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000240)={&(0x7f000046a000/0x2000)=nil, &(0x7f000012a000/0x3000)=nil, 0x2000, 0x3})
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

kernel console output (not intermixed with test programs):

SB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.616404][ T5920] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  130.637882][   T44] usb 1-1: config 0 descriptor??
[  130.654872][ T5920] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  130.672640][ T5920] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  130.692448][ T5920] usb 4-1: USB disconnect, device number 2
[  130.911507][ T6264] IPv4: Oversized IP packet from 127.202.26.0
[  131.098058][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.128009][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.147791][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.171682][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.178704][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.206689][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.222558][   T44] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  131.282803][   T44] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  131.397513][   T44] cp2112 0003:10C4:EA90.0001: Part Number: 0x00 Device Version: 0x00
[  131.804920][   T44] cp2112 0003:10C4:EA90.0001: error setting SMBus config
[  131.844293][   T44] cp2112 0003:10C4:EA90.0001: probe with driver cp2112 failed with error -71
[  131.923747][   T44] usb 1-1: USB disconnect, device number 2
[  133.411432][ T5920] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  133.538153][ T6303] sctp: [Deprecated]: syz.5.119 (pid 6303) Use of struct sctp_assoc_value in delayed_ack socket option.
[  133.538153][ T6303] Use struct sctp_sack_info instead
[  133.591419][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  133.618746][ T5920] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  133.648724][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.670953][ T5920] usb 1-1: Product: syz
[  133.681062][ T5920] usb 1-1: Manufacturer: syz
[  133.697921][ T5920] usb 1-1: SerialNumber: syz
[  133.713118][ T5920] usb 1-1: config 0 descriptor??
[  133.873826][ T6315] loop5: detected capacity change from 0 to 256
[  133.892039][ T6289] loop1: detected capacity change from 0 to 32768
[  133.910157][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  133.910181][   T30] audit: type=1326 audit(1759635922.587:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  133.938915][ T6289] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.112 (6289)
[  133.995514][ T5920] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  134.023932][ T6315] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  134.047602][   T30] audit: type=1326 audit(1759635922.587:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.103284][ T6289] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  134.156804][   T30] audit: type=1326 audit(1759635922.627:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.169321][ T6289] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  134.271948][   T30] audit: type=1326 audit(1759635922.627:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.338147][   T30] audit: type=1326 audit(1759635922.627:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.389451][   T30] audit: type=1326 audit(1759635922.637:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.513130][ T6289] BTRFS info (device loop1): enabling ssd optimizations
[  134.520144][ T6289] BTRFS info (device loop1): enabling free space tree
[  134.542218][   T30] audit: type=1326 audit(1759635922.637:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.768101][   T30] audit: type=1326 audit(1759635922.637:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.813468][   T30] audit: type=1326 audit(1759635922.637:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.836446][   T30] audit: type=1326 audit(1759635922.637:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.2.123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f487eb8eec9 code=0x7ffc0000
[  134.861225][ T6348] netlink: 4 bytes leftover after parsing attributes in process `syz.5.127'.
[  134.873053][ T6348] netlink: 'syz.5.127': attribute type 3 has an invalid length.
[  135.456786][ T5847] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  135.546047][ T6347] loop4: detected capacity change from 0 to 65536
[  135.554376][ T5920] gspca_sunplus: reg_w_riv err -71
[  135.559602][ T5920] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  135.577466][ T5920] usb 1-1: USB disconnect, device number 3
[  135.613277][ T6347] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  135.823282][ T6347] XFS (loop4): Ending clean mount
[  135.872866][ T6347] XFS (loop4): Metadata CRC error detected at xfs_agf_read_verify+0x139/0x1e0, xfs_agf block 0x1 
[  135.883647][ T6347] XFS (loop4): Unmount and run xfs_repair
[  135.891583][ T6347] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  135.900959][ T6347] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  135.909950][ T6347] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  135.918906][ T6347] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  135.927884][ T6347] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  135.936820][ T6347] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  135.945750][ T6347] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  135.954699][ T6347] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  135.963677][ T6347] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  135.973030][ T6347] XFS (loop4): metadata I/O error in "xfs_read_agf+0x290/0x560" at daddr 0x1 len 1 error 74
[  136.112358][ T5846] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  136.598578][ T5846] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair.
[  136.888919][ T6380] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  137.254164][ T6387] loop3: detected capacity change from 0 to 512
[  137.363359][ T6387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.391495][ T6387] ext4 filesystem being mounted at /19/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.547171][ T6397] tls_set_device_offload: netdev not found
[  137.721908][ T1219] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  137.740806][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.929058][ T1219] usb 1-1: Using ep0 maxpacket: 8
[  137.954584][ T1219] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  138.021454][ T1219] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  138.075276][ T1219] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  138.094514][ T1219] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  138.107597][ T1219] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  138.129876][ T1219] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  138.147326][ T1219] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  138.169504][ T1219] usb 1-1: Product: syz
[  138.181477][ T1219] usb 1-1: Manufacturer: syz
[  138.196539][ T1219] usb 1-1: SerialNumber: syz
[  138.213523][ T1219] usb 1-1: config 0 descriptor??
[  138.328225][ T6410] loop2: detected capacity change from 0 to 4096
[  138.358210][ T6410] ntfs3: Unknown parameter 'cdg'
[  138.471475][ T5920] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  138.486725][ T1219] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  138.516016][ T1219] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  138.666417][ T5920] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  138.675231][ T5920] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  138.698284][ T1219] radio-si470x 1-1:0.0: software version 0, hardware version 0
[  138.718883][ T5920] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  138.737727][ T1219] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  138.767934][ T5920] usb 6-1: config 220 has no interface number 2
[  138.797146][ T1219] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  138.818543][ T6421] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  138.825970][ T5920] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  138.987230][ T1219] radio-si470x 1-1:0.0: submitting int urb failed (-90)
[  138.991755][ T6421] 
@0Ù: renamed from bond_slave_1 (while UP)
[  139.053929][ T5920] usb 6-1: config 220 interface 0 has no altsetting 0
[  139.060836][ T5920] usb 6-1: config 220 interface 76 has no altsetting 0
[  139.097014][ T5920] usb 6-1: config 220 interface 1 has no altsetting 0
[  139.110741][ T5920] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  139.120871][ T5920] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.131976][ T5920] usb 6-1: Product: syz
[  139.139486][ T5920] usb 6-1: Manufacturer: syz
[  139.144761][ T5920] usb 6-1: SerialNumber: syz
[  139.332009][   T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  139.403142][ T5920] usb 6-1: selecting invalid altsetting 0
[  139.430092][ T5920] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  139.450962][ T5920] uvcvideo 6-1:220.0: No valid video chain found.
[  139.509133][ T5920] usb 6-1: selecting invalid altsetting 0
[  139.515992][ T5920] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  139.547539][   T10] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  139.587871][ T1219] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -71
[  139.596863][ T1219] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22
[  139.608429][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.629568][ T5920] usb 6-1: USB disconnect, device number 2
[  139.639692][   T10] usb 2-1: Product: syz
[  139.648987][ T6427] loop3: detected capacity change from 0 to 4096
[  139.677540][   T10] usb 2-1: Manufacturer: syz
[  139.689143][ T1219] usb 1-1: USB disconnect, device number 4
[  139.739937][    T9] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  139.752551][   T10] usb 2-1: SerialNumber: syz
[  139.822891][   T10] usb 2-1: config 0 descriptor??
[  139.833536][    T9] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  140.135215][   T10] usb 2-1: Firmware version (0.0) predates our first public release.
[  140.163109][   T10] usb 2-1: Please update to version 0.2 or newer
[  140.410424][   T10] usb 2-1: USB disconnect, device number 2
[  140.579886][   T44] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  140.644845][   T44] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  141.080295][ T6449] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  141.637332][ T6462] loop3: detected capacity change from 0 to 512
[  141.846198][ T6462] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.166: casefold flag without casefold feature
[  141.898506][ T6462] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.166: couldn't read orphan inode 15 (err -117)
[  141.943965][ T6462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.037516][ T6471] loop4: detected capacity change from 0 to 4096
[  142.479221][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  142.491387][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  142.555176][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.713722][ T6485] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  142.778718][ T6488] loop3: detected capacity change from 0 to 512
[  142.897115][ T6488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.980865][ T6488] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.363855][ T6495] loop2: detected capacity change from 0 to 32768
[  143.383436][ T6495] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  143.391867][ T6495] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  143.486454][ T6495] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  143.498354][   T44] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  143.521584][   T44] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  143.740879][   T44] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 219ms
[  143.748680][   T44] gfs2: fsid=syz:syz.0: jid=0: Done
[  143.769972][ T6495] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  143.800223][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.687059][ T6534] sctp: [Deprecated]: syz.4.195 (pid 6534) Use of struct sctp_assoc_value in delayed_ack socket option.
[  144.687059][ T6534] Use struct sctp_sack_info instead
[  145.032303][ T6548] Invalid ELF header magic: != ELF
[  145.948571][ T6568] loop0: detected capacity change from 0 to 128
[  146.081522][ T6568] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  146.183861][ T6568] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  146.215951][    C0] vkms_vblank_simulate: vblank timer overrun
[  146.514918][ T5845] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  146.609002][ T6584] loop4: detected capacity change from 0 to 2048
[  146.636998][ T6584] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.504159][ T6615] netlink: 24 bytes leftover after parsing attributes in process `syz.0.226'.
[  147.679828][ T6621] bond1: entered allmulticast mode
[  147.752049][ T6621] 8021q: adding VLAN 0 to HW filter on device bond1
[  147.782901][ T6621] bridge0: port 3(bond1) entered blocking state
[  147.807398][ T6621] bridge0: port 3(bond1) entered disabled state
[  147.833358][ T6621] bond1: entered promiscuous mode
[  147.885976][ T6621] bridge0: port 3(bond1) entered blocking state
[  147.892703][ T6621] bridge0: port 3(bond1) entered forwarding state
[  147.923748][ T1311] bridge0: port 3(bond1) entered disabled state
[  149.839111][ T6679] loop1: detected capacity change from 0 to 256
[  149.870514][ T6679] exFAT-fs (loop1): bogus number of FAT structure
[  149.893662][ T6679] exFAT-fs (loop1): failed to read boot sector
[  149.912519][ T6679] exFAT-fs (loop1): failed to recognize exfat type
[  149.969200][ T6679] loop1: detected capacity change from 0 to 8
[  150.068322][ T6685] loop4: detected capacity change from 0 to 512
[  150.164128][ T6685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.184268][ T6685] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.293018][ T6685] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.252: corrupted xattr block 19: overlapping e_value 
[  150.361048][ T6685] EXT4-fs (loop4): Remounting filesystem read-only
[  150.692161][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.5.257'.
[  150.963875][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.258390][   T12] Bluetooth: (null): Invalid header checksum
[  151.296880][   T12] Bluetooth: (null): Invalid header checksum
[  151.365849][   T12] Bluetooth: (null): Invalid header checksum
[  151.473831][   T12] Bluetooth: (null): Invalid header checksum
[  151.583607][   T12] Bluetooth: (null): Invalid header checksum
[  151.647297][ T6724] netlink: 'syz.2.266': attribute type 1 has an invalid length.
[  151.660115][ T6724] netlink: 'syz.2.266': attribute type 3 has an invalid length.
[  151.674295][ T6724] netlink: 12 bytes leftover after parsing attributes in process `syz.2.266'.
[  151.703382][ T1156] Bluetooth: (null): Invalid header checksum
[  151.813470][   T12] Bluetooth: (null): Invalid header checksum
[  151.923368][   T12] Bluetooth: (null): Invalid header checksum
[  152.031875][   T12] Bluetooth: (null): Invalid header checksum
[  152.151904][ T1156] Bluetooth: (null): Invalid header checksum
[  152.277604][ T1156] Bluetooth: (null): Invalid header checksum
[  152.377861][ T6743] netlink: 'syz.4.272': attribute type 1 has an invalid length.
[  152.403839][ T1156] Bluetooth: (null): Invalid header checksum
[  152.469420][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.4.272'.
[  152.485694][ T6743] bond2: entered promiscuous mode
[  152.493253][ T6743] 8021q: adding VLAN 0 to HW filter on device bond2
[  152.621932][ T6746] bond2: (slave bridge1): making interface the new active one
[  152.651172][ T6746] bridge1: entered promiscuous mode
[  152.670738][ T6746] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  153.389769][ T6762] loop3: detected capacity change from 0 to 1024
[  153.454396][ T6762] EXT4-fs: Ignoring removed orlov option
[  153.647869][ T6762] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  153.648029][ T6762] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.672483][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  153.704723][ T6762] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  153.739940][ T6762] EXT4-fs (loop3): This should not happen!! Data will be lost
[  153.739940][ T6762] 
[  153.760825][ T6771] binder: 6767:6771 ioctl c0306201 200000000640 returned -22
[  153.779642][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  153.869126][ T6759] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  153.895421][ T6759] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  153.985451][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.016646][ T6778] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  154.064450][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.109982][ T6759] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.139673][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.200341][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.248752][ T6762] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.279: lblock 3 mapped to illegal pblock 3 (length 1)
[  154.508272][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  154.781205][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  154.781231][   T30] audit: type=1326 audit(1759635943.457:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  154.889175][   T30] audit: type=1326 audit(1759635943.527:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  154.993252][ T6797] loop2: detected capacity change from 0 to 2048
[  154.999699][   T30] audit: type=1326 audit(1759635943.527:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  155.057149][   T30] audit: type=1326 audit(1759635943.527:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  155.158638][ T6801] netlink: 'syz.3.294': attribute type 1 has an invalid length.
[  155.175066][   T30] audit: type=1326 audit(1759635943.527:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6789 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  155.273211][ T6806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.294'.
[  155.398402][ T6801] 8021q: adding VLAN 0 to HW filter on device bond1
[  155.497211][ T6810] loop2: detected capacity change from 0 to 64
[  155.597605][ T6812] loop4: detected capacity change from 0 to 64
[  155.871004][ T6796] loop5: detected capacity change from 0 to 32768
[  155.943894][ T6796] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  156.028357][   T30] audit: type=1804 audit(1759635944.707:40): pid=6812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.298" name=2F6E6577726F6F742F35312F66696C65302FF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFF
[  156.090109][ T6806] bond1 (unregistering): Released all slaves
[  156.455827][ T5843] ocfs2: Unmounting device (7,5) on (node local)
[  156.527767][ T6840] hsr0: entered allmulticast mode
[  156.550259][ T6840] hsr_slave_0: entered allmulticast mode
[  156.568497][ T6840] hsr_slave_1: entered allmulticast mode
[  157.476071][ T6844] hsr_slave_0: left promiscuous mode
[  157.691670][ T6844] hsr_slave_1: left promiscuous mode
[  157.796618][ T6844] hsr0 (unregistering): left allmulticast mode
[  158.514018][ T6881] loop0: detected capacity change from 0 to 512
[  158.602569][ T6881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  158.688562][ T6881] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.093048][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  159.396843][ T6873] loop3: detected capacity change from 0 to 32768
[  159.423242][ T6878] loop1: detected capacity change from 0 to 32768
[  159.455525][ T6878] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.324 (6878)
[  159.458589][ T6873] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  159.498151][ T6878] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  159.524193][ T6878] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  159.589271][ T6873] XFS (loop3): Ending clean mount
[  159.627546][ T6873] XFS (loop3): Quotacheck needed: Please wait.
[  159.669203][ T6878] BTRFS info (device loop1): enabling ssd optimizations
[  159.683371][ T6878] BTRFS info (device loop1): turning on async discard
[  159.705641][ T6878] BTRFS info (device loop1): enabling free space tree
[  159.716610][ T6873] XFS (loop3): Quotacheck: Done.
[  159.753812][ T6927] serio: Serial port ptm0
[  159.950719][ T5848] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.037318][ T5847] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  160.164146][ T6933] macvtap1: entered promiscuous mode
[  160.169729][ T6933] macvtap1: entered allmulticast mode
[  160.200914][ T6933] veth1_vlan: entered allmulticast mode
[  160.344224][ T6937] macvtap2: entered promiscuous mode
[  160.349590][ T6937] macvtap2: entered allmulticast mode
[  160.507117][ T6937] Zero length message leads to an empty skb
[  160.679757][ T6946] loop0: detected capacity change from 0 to 8
[  160.732638][ T6946] SQUASHFS error: zstd decompression error: 10
[  160.756213][ T6946] SQUASHFS error: zstd decompression failed, data probably corrupt
[  160.811603][ T6946] SQUASHFS error: Failed to read block 0x62b: -5
[  160.817995][ T6946] SQUASHFS error: Unable to read metadata cache entry [629]
[  160.832170][ T6946] SQUASHFS error: Unable to read directory block [629:ff26]
[  160.850531][ T6946] SQUASHFS error: Unable to read metadata cache entry [629]
[  160.883744][ T6946] SQUASHFS error: Unable to read directory block [629:ff26]
[  161.135635][ T6960] loop1: detected capacity change from 0 to 4096
[  161.344091][ T6967] loop0: detected capacity change from 0 to 1024
[  161.467917][ T6967] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  161.525510][ T6967] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.683793][ T6976] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.348: lblock 3 mapped to illegal pblock 3 (length 3)
[  161.764913][ T6976] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  161.794868][ T6976] EXT4-fs (loop0): This should not happen!! Data will be lost
[  161.794868][ T6976] 
[  161.829483][ T6979] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.348: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  161.911893][ T6979] EXT4-fs error (device loop0) in ext4_setattr:6042: Corrupt filesystem
[  161.931128][ T6978] netlink: 64 bytes leftover after parsing attributes in process `syz.4.353'.
[  161.974626][ T6978] netlink: 64 bytes leftover after parsing attributes in process `syz.4.353'.
[  162.131217][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  162.458254][ T6962] loop5: detected capacity change from 0 to 40427
[  162.511767][ T6962] F2FS-fs (loop5): build fault injection rate: 25
[  162.535617][ T6962] F2FS-fs (loop5): invalid crc value
[  162.805117][ T6962] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  162.834966][ T6962] F2FS-fs (loop5): Start checkpoint disabled!
[  162.872076][ T6962] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  162.895284][ T6962] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  163.541498][ T5927] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  163.688402][ T7022] loop1: detected capacity change from 0 to 128
[  163.739811][ T5927] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  163.758315][ T7023] loop2: detected capacity change from 0 to 1024
[  163.771495][ T5927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.805414][ T5927] usb 1-1: config 0 descriptor??
[  163.811990][   T30] audit: type=1800 audit(1759635952.487:41): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.370" name="file1" dev="loop1" ino=1048612 res=0 errno=0
[  163.843301][ T5927] cp210x 1-1:0.0: cp210x converter detected
[  163.883765][ T7023] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  leaving read-only.
[  163.888456][   T30] audit: type=1800 audit(1759635952.567:42): pid=7028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.349" name="bus" dev="loop5" ino=10 res=0 errno=0
[  163.961683][ T5941] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  164.147152][ T5941] usb 5-1: Using ep0 maxpacket: 32
[  164.168291][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.182804][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.194588][ T5941] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  164.203835][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.218613][ T5941] usb 5-1: config 0 descriptor??
[  164.255382][ T5927] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  164.269124][ T7009] loop0: detected capacity change from 0 to 512
[  164.305166][ T3556] kworker/u8:9: attempt to access beyond end of device
[  164.305166][ T3556] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.327099][ T7009] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.340192][ T3556] CPU: 0 UID: 0 PID: 3556 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) 
[  164.340239][ T3556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  164.340264][ T3556] Workqueue: writeback wb_workfn (flush-7:5)
[  164.340330][ T3556] Call Trace:
[  164.340342][ T3556]  <TASK>
[  164.340355][ T3556]  dump_stack_lvl+0x16c/0x1f0
[  164.340405][ T3556]  f2fs_handle_critical_error+0x624/0x9f0
[  164.340446][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.340491][ T3556]  ? f2fs_build_fault_attr+0x53/0x1f0
[  164.340559][ T3556]  f2fs_write_end_io+0x958/0xcf0
[  164.340605][ T3556]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  164.340659][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.340713][ T3556]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  164.340753][ T3556]  bio_endio+0x713/0x860
[  164.340806][ T3556]  submit_bio_noacct+0x306/0x1f60
[  164.340855][ T3556]  __submit_merged_bio+0x33c/0x770
[  164.340902][ T3556]  __submit_merged_write_cond+0x319/0x3f0
[  164.340957][ T3556]  f2fs_write_cache_pages+0x2067/0x2570
[  164.341035][ T3556]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  164.341090][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341134][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341177][ T3556]  ? find_held_lock+0x2b/0x80
[  164.341233][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341281][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341322][ T3556]  ? do_raw_spin_unlock+0x172/0x230
[  164.341384][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341423][ T3556]  ? f2fs_available_free_memory+0x279/0xa30
[  164.341553][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341604][ T3556]  f2fs_write_data_pages+0x4ad/0xd90
[  164.341668][ T3556]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  164.341727][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341770][ T3556]  ? __lock_acquire+0xb97/0x1ce0
[  164.341811][ T3556]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  164.341861][ T3556]  do_writepages+0x27a/0x600
[  164.341906][ T3556]  ? __pfx_do_writepages+0x10/0x10
[  164.341944][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.341986][ T3556]  ? reacquire_held_locks+0xcd/0x1f0
[  164.342024][ T3556]  ? writeback_sb_inodes+0x3b0/0xfa0
[  164.342079][ T3556]  __writeback_single_inode+0x160/0xfb0
[  164.342133][ T3556]  ? __pfx___writeback_single_inode+0x10/0x10
[  164.342180][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342223][ T3556]  ? do_raw_spin_unlock+0x172/0x230
[  164.342271][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342322][ T3556]  writeback_sb_inodes+0x60d/0xfa0
[  164.342395][ T3556]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  164.342441][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342484][ T3556]  ? find_held_lock+0x2b/0x80
[  164.342603][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342652][ T3556]  ? rcu_is_watching+0x12/0xc0
[  164.342706][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342749][ T3556]  ? queue_io+0x3f6/0x520
[  164.342796][ T3556]  wb_writeback+0x419/0xb70
[  164.342855][ T3556]  ? __pfx_wb_writeback+0x10/0x10
[  164.342899][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342954][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.342997][ T3556]  ? mark_held_locks+0x49/0x80
[  164.343042][ T3556]  wb_workfn+0x14d/0xbe0
[  164.343096][ T3556]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  164.343142][ T3556]  ? __pfx_wb_workfn+0x10/0x10
[  164.343196][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343244][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343293][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343336][ T3556]  ? rcu_is_watching+0x12/0xc0
[  164.343398][ T3556]  process_one_work+0x9cf/0x1b70
[  164.343466][ T3556]  ? __pfx_process_one_work+0x10/0x10
[  164.343512][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343568][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343611][ T3556]  ? assign_work+0x1a0/0x250
[  164.343667][ T3556]  worker_thread+0x6c8/0xf10
[  164.343725][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343770][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343813][ T3556]  ? __kthread_parkme+0x19e/0x250
[  164.343872][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.343919][ T3556]  ? __pfx_worker_thread+0x10/0x10
[  164.343966][ T3556]  kthread+0x3c5/0x780
[  164.344009][ T3556]  ? __pfx_kthread+0x10/0x10
[  164.344054][ T3556]  ? srso_alias_return_thunk+0x5/0xfbef5
[  164.344096][ T3556]  ? rcu_is_watching+0x12/0xc0
[  164.344151][ T3556]  ? __pfx_kthread+0x10/0x10
[  164.344195][ T3556]  ret_from_fork+0x56d/0x730
[  164.344233][ T3556]  ? __pfx_kthread+0x10/0x10
[  164.344277][ T3556]  ret_from_fork_asm+0x1a/0x30
[  164.344352][ T3556]  </TASK>
[  164.806206][ T3556] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  164.867473][ T7009] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.875877][ T7041] binder: 7040:7041 ioctl c0306201 200000000040 returned -22
[  164.938266][ T5927] usb 1-1: cp210x converter now attached to ttyUSB0
[  165.109259][ T5941] savu 0003:1E7D:2D5A.0004: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  165.202461][ T7054] loop3: detected capacity change from 0 to 256
[  165.215136][ T5927] usb 1-1: USB disconnect, device number 5
[  165.267337][ T5927] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  165.353610][ T7054] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  165.371912][ T5927] cp210x 1-1:0.0: device disconnected
[  165.391950][ T5941] usb 5-1: USB disconnect, device number 2
[  165.687385][ T7063] warning: `syz.5.376' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  166.020029][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.171193][ T7069] loop1: detected capacity change from 0 to 8
[  166.252220][ T7069] SQUASHFS error: Failed to read block 0x260685: -5
[  166.258867][ T7069] SQUASHFS error: Unable to read metadata cache entry [260685]
[  166.309430][ T7069] SQUASHFS error: Unable to read directory block [260685:0]
[  166.331182][ T7073] loop3: detected capacity change from 0 to 128
[  166.353502][ T7067] loop5: detected capacity change from 0 to 32768
[  166.404565][ T7073] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.452084][ T7073] ext4 filesystem being mounted at /52/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  166.486041][ T7067] XFS (loop5): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  166.579559][ T7067] XFS (loop5): Starting recovery (logdev: internal)
[  166.607196][ T7067] XFS (loop5): Ending recovery (logdev: internal)
[  166.644486][ T7067] XFS (loop5): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  166.660675][ T7067] XFS (loop5): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x4 
[  166.672060][ T7067] XFS (loop5): Unmount and run xfs_repair
[  166.677833][ T7067] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  166.685366][ T7067] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  166.694320][ T7067] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  166.703300][ T7067] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  166.713393][ T7067] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  166.725441][ T7067] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  166.734631][ T7067] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  166.743583][ T7067] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  166.752606][ T7067] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  166.761566][ T7067] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x4 len 4 error 74
[  166.781992][ T7067] XFS (loop5): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  166.796796][ T7067] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  166.894209][ T5843] XFS (loop5): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  166.906821][ T5848] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.444250][ T7094] netlink: 'syz.4.398': attribute type 5 has an invalid length.
[  168.100218][ T7105] vxcan1: tx address claim with different name
[  168.198680][ T7091] loop0: detected capacity change from 0 to 131072
[  168.208887][ T7091] F2FS-fs (loop0): Test dummy encryption mode enabled
[  168.231582][ T7091] F2FS-fs (loop0): invalid crc value
[  168.330120][ T7091] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  168.360195][ T7091] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  168.392436][ T7091] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  168.582101][ T7118] loop2: detected capacity change from 0 to 1024
[  168.601443][ T5920] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  168.634789][ T7118] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.731459][ T5927] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  168.783623][ T5920] usb 6-1: Using ep0 maxpacket: 32
[  168.789092][ T7118] EXT4-fs error (device loop2): mb_free_blocks:2014: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  168.801816][ T7127] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  168.809943][ T5920] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.827860][ T5920] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.838925][ T5920] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  168.848180][ T5920] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.882469][ T5920] usb 6-1: config 0 descriptor??
[  168.903564][ T5927] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.927330][ T5927] usb 5-1: config 0 interface 0 has no altsetting 0
[  168.958246][ T5927] usb 5-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  168.970255][ T5927] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.987098][ T5927] usb 5-1: Product: syz
[  168.989435][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.999820][ T5927] usb 5-1: Manufacturer: syz
[  169.014977][ T5927] usb 5-1: SerialNumber: syz
[  169.037118][ T5927] usb 5-1: config 0 descriptor??
[  169.061110][ T5927] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  169.124869][ T5927] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  169.162412][ T5927] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  169.192508][ T5927] usb 5-1: media controller created
[  169.306650][ T5927] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.353082][ T5920] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  169.397410][ T7130] loop2: detected capacity change from 0 to 4096
[  169.432219][ T7130] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  169.510611][ T5927] DVB: Unable to find symbol tda10046_attach()
[  169.543668][ T5927] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  169.570903][ T5927] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  169.647033][ T5941] usb 6-1: USB disconnect, device number 3
[  170.417191][ T5927] dvb_usb_m920x 5-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  170.430818][ T5927] usb 5-1: USB disconnect, device number 3
[  170.591464][ T5920] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  170.803503][ T5920] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  170.835861][ T5920] usb 1-1: config 0 has no interface number 0
[  170.854357][ T5920] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  170.886601][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.927329][ T5920] usb 1-1: config 0 descriptor??
[  170.944760][ T5920] cp210x 1-1:0.1: cp210x converter detected
[  171.109103][ T7170] netlink: 'syz.1.424': attribute type 15 has an invalid length.
[  171.141785][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.424'.
[  171.287342][   T13] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 2816 - 0
[  171.301710][ T7170] netlink: 'syz.1.424': attribute type 15 has an invalid length.
[  171.350230][   T13] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 2816 - 0
[  171.361851][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.424'.
[  171.401496][ T5920] cp210x 1-1:0.1: failed to get vendor val 0x000e size 3: -32
[  171.413289][   T13] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 2816 - 0
[  171.442458][   T13] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 2816 - 0
[  171.635233][ T5920] usb 1-1: cp210x converter now attached to ttyUSB0
[  171.866169][ T5920] usb 1-1: USB disconnect, device number 6
[  171.884039][ T5920] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  171.939361][ T5920] cp210x 1-1:0.1: device disconnected
[  172.596178][ T7186] loop3: detected capacity change from 0 to 40427
[  172.612766][ T7186] F2FS-fs: heap/no_heap options were deprecated
[  172.622084][ T7186] F2FS-fs (loop3): build fault injection rate: 19
[  172.628548][ T7186] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  172.667936][ T7186] F2FS-fs (loop3): invalid crc value
[  172.723302][ T7186] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x207/0xfe0
[  172.901447][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  172.923668][ T7186] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0
[  172.940252][ T7186] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  173.001549][ T7186] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  173.055040][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.105738][   T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  173.124962][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.144456][ T7186] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0
[  173.173962][   T10] usb 3-1: Product: syz
[  173.178715][   T10] usb 3-1: Manufacturer: syz
[  173.184699][ T7186] syz.3.431: attempt to access beyond end of device
[  173.184699][ T7186] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  173.185155][ T7186] syz.3.431: attempt to access beyond end of device
[  173.185155][ T7186] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  173.220270][   T10] usb 3-1: SerialNumber: syz
[  173.276588][ T7186] F2FS-fs (loop3): inject inconsistent footer in sanity_check_node_footer of __get_node_folio+0x17b/0x1b0
[  173.311455][ T7186] F2FS-fs (loop3): inconsistent node block, node_type:1, nid:3, node_footer[nid:3,ino:3,ofs:0,cpver:1219692001,blkaddr:4098]
[  173.494633][ T5848] syz-executor: attempt to access beyond end of device
[  173.494633][ T5848] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  173.542790][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  173.542841][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  173.542862][ T5848] Call Trace:
[  173.542874][ T5848]  <TASK>
[  173.542888][ T5848]  dump_stack_lvl+0x16c/0x1f0
[  173.542952][ T5848]  f2fs_handle_critical_error+0x624/0x9f0
[  173.542995][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.543039][ T5848]  ? f2fs_build_fault_attr+0x53/0x1f0
[  173.543107][ T5848]  f2fs_write_end_io+0x958/0xcf0
[  173.543154][ T5848]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  173.543201][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.543262][ T5848]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  173.543302][ T5848]  bio_endio+0x713/0x860
[  173.543355][ T5848]  submit_bio_noacct+0x306/0x1f60
[  173.543414][ T5848]  __submit_merged_bio+0x33c/0x770
[  173.543462][ T5848]  __submit_merged_write_cond+0x319/0x3f0
[  173.543517][ T5848]  f2fs_sync_node_pages+0x1394/0x1620
[  173.543588][ T5848]  ? sync_inode_metadata+0xa4/0xe0
[  173.543647][ T5848]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  173.543706][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.543749][ T5848]  ? __lock_acquire+0xb97/0x1ce0
[  173.543837][ T5848]  ? down_write+0x14d/0x200
[  173.543889][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.543935][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.543978][ T5848]  ? up_write+0x1b2/0x520
[  173.544029][ T5848]  block_operations+0x952/0xfe0
[  173.544094][ T5848]  ? __pfx_block_operations+0x10/0x10
[  173.544203][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.544251][ T5848]  ? ktime_get+0x200/0x310
[  173.544292][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.544334][ T5848]  ? lockdep_hardirqs_on+0x7c/0x110
[  173.544385][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.544427][ T5848]  ? rcu_is_watching+0x12/0xc0
[  173.544488][ T5848]  f2fs_write_checkpoint+0x32b/0x5300
[  173.544550][ T5848]  ? kfree+0x2b8/0x6d0
[  173.544594][ T5848]  ? f2fs_stop_gc_thread+0x79/0xd0
[  173.544652][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.544695][ T5848]  ? rcu_is_watching+0x12/0xc0
[  173.544749][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.544792][ T5848]  ? kthread_stop+0x272/0x630
[  173.544838][ T5848]  kill_f2fs_super+0x3d6/0x490
[  173.544891][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  173.544962][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.545022][ T5848]  deactivate_locked_super+0xc1/0x1a0
[  173.545080][ T5848]  deactivate_super+0xde/0x100
[  173.545136][ T5848]  cleanup_mnt+0x225/0x450
[  173.545197][ T5848]  task_work_run+0x150/0x240
[  173.545247][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  173.545291][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.545338][ T5848]  ? __pfx___x64_sys_umount+0x10/0x10
[  173.545390][ T5848]  exit_to_user_mode_loop+0xec/0x130
[  173.545440][ T5848]  do_syscall_64+0x419/0x4e0
[  173.545492][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.545529][ T5848] RIP: 0033:0x7fbcf37901f7
[  173.545558][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  173.545592][ T5848] RSP: 002b:00007ffc2c6792b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  173.545626][ T5848] RAX: 0000000000000000 RBX: 00007fbcf3811d7d RCX: 00007fbcf37901f7
[  173.545650][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2c679370
[  173.545672][ T5848] RBP: 00007ffc2c679370 R08: 0000000000000000 R09: 0000000000000000
[  173.545694][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc2c67a400
[  173.545716][ T5848] R13: 00007fbcf3811d7d R14: 000000000002a519 R15: 00007ffc2c67a440
[  173.545765][ T5848]  </TASK>
[  173.545879][ T5848] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  173.821098][ T7212] loop0: detected capacity change from 0 to 32768
[  173.950214][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  173.950262][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  173.950283][ T5848] Call Trace:
[  173.950295][ T5848]  <TASK>
[  173.950308][ T5848]  dump_stack_lvl+0x16c/0x1f0
[  173.950361][ T5848]  f2fs_handle_critical_error+0x624/0x9f0
[  173.950401][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.950446][ T5848]  ? f2fs_build_fault_attr+0x53/0x1f0
[  173.950513][ T5848]  f2fs_write_end_io+0x958/0xcf0
[  173.950559][ T5848]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  173.950606][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.950669][ T5848]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  173.950708][ T5848]  bio_endio+0x713/0x860
[  173.950759][ T5848]  submit_bio_noacct+0x306/0x1f60
[  173.950806][ T5848]  __submit_merged_bio+0x33c/0x770
[  173.950850][ T5848]  __submit_merged_write_cond+0x319/0x3f0
[  173.950902][ T5848]  f2fs_sync_node_pages+0x1394/0x1620
[  173.950969][ T5848]  ? sync_inode_metadata+0xa4/0xe0
[  173.951029][ T5848]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  173.951086][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951127][ T5848]  ? __lock_acquire+0xb97/0x1ce0
[  173.951214][ T5848]  ? down_write+0x14d/0x200
[  173.951268][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951312][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951353][ T5848]  ? up_write+0x1b2/0x520
[  173.951402][ T5848]  block_operations+0x952/0xfe0
[  173.951464][ T5848]  ? __pfx_block_operations+0x10/0x10
[  173.951572][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951619][ T5848]  ? ktime_get+0x200/0x310
[  173.951657][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951699][ T5848]  ? lockdep_hardirqs_on+0x7c/0x110
[  173.951741][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.951783][ T5848]  ? rcu_is_watching+0x12/0xc0
[  173.951840][ T5848]  f2fs_write_checkpoint+0x32b/0x5300
[  173.951900][ T5848]  ? kfree+0x2b8/0x6d0
[  173.951943][ T5848]  ? f2fs_stop_gc_thread+0x79/0xd0
[  173.951999][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.952042][ T5848]  ? rcu_is_watching+0x12/0xc0
[  173.952095][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.952139][ T5848]  ? kthread_stop+0x272/0x630
[  173.952185][ T5848]  kill_f2fs_super+0x3d6/0x490
[  173.952238][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  173.952305][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.952364][ T5848]  deactivate_locked_super+0xc1/0x1a0
[  173.952418][ T5848]  deactivate_super+0xde/0x100
[  173.952474][ T5848]  cleanup_mnt+0x225/0x450
[  173.952533][ T5848]  task_work_run+0x150/0x240
[  173.952580][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  173.952635][ T5848]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.952681][ T5848]  ? __pfx___x64_sys_umount+0x10/0x10
[  173.952727][ T5848]  exit_to_user_mode_loop+0xec/0x130
[  173.952777][ T5848]  do_syscall_64+0x419/0x4e0
[  173.952829][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.952866][ T5848] RIP: 0033:0x7fbcf37901f7
[  173.952894][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  173.952928][ T5848] RSP: 002b:00007ffc2c6792b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  173.952962][ T5848] RAX: 0000000000000000 RBX: 00007fbcf3811d7d RCX: 00007fbcf37901f7
[  173.952985][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2c679370
[  173.953007][ T5848] RBP: 00007ffc2c679370 R08: 0000000000000000 R09: 0000000000000000
[  173.953028][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc2c67a400
[  173.953050][ T5848] R13: 00007fbcf3811d7d R14: 000000000002a519 R15: 00007ffc2c67a440
[  173.953100][ T5848]  </TASK>
[  174.319100][ T7220] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  174.341492][ T5848] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  174.466713][ T7212] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.614198][ T7212] XFS (loop0): Ending clean mount
[  174.666203][ T7212] XFS (loop0): Quotacheck needed: Please wait.
[  174.782067][ T7212] XFS (loop0): Quotacheck: Done.
[  174.817161][   T10] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  174.826068][   T10] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  174.843779][   T10] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  175.041692][   T10] cdc_ncm 3-1:1.0: setting tx_max = 88
[  175.088015][   T10] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  175.160002][   T10] usb 3-1: USB disconnect, device number 2
[  175.192105][   T10] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  175.290493][ T5845] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.165655][ T7236] loop4: detected capacity change from 0 to 32768
[  176.320551][ T7260] netlink: 84 bytes leftover after parsing attributes in process `syz.3.457'.
[  177.086847][ T7278] loop3: detected capacity change from 0 to 128
[  177.176105][ T7278] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  177.268470][ T7278] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  177.481074][ T5848] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  177.611955][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  177.821751][   T10] usb 6-1: Using ep0 maxpacket: 16
[  177.844903][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.887458][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  177.930763][   T10] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  177.971409][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.022501][   T10] usb 6-1: config 0 descriptor??
[  178.054651][ T7311] loop1: detected capacity change from 0 to 64
[  178.577665][ T7322] loop0: detected capacity change from 0 to 4096
[  178.685400][ T7320] loop4: detected capacity change from 0 to 32768
[  178.713173][   T10] HID 045e:07da: Invalid code 65791 type 1
[  178.744472][ T7320] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  178.800065][   T10] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0006/input/input6
[  178.818073][   T10] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  178.890733][ T7320] XFS (loop4): Starting recovery (logdev: internal)
[  178.976806][ T7320] XFS (loop4): Ending recovery (logdev: internal)
[  179.050997][ T7320] XFS (loop4): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  179.066105][ T7320] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x4 
[  179.077185][ T7320] XFS (loop4): Unmount and run xfs_repair
[  179.083060][ T7320] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  179.090464][ T7320] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  179.099434][ T7320] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  179.111467][ T7320] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  179.122915][ T7320] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  179.131893][ T7320] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  179.140909][ T7320] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  179.149922][ T7320] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  179.158850][ T7320] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  179.167793][ T7320] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x4 len 4 error 74
[  179.199973][ T7320] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x400/0x970 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  179.220042][ T7320] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  179.392359][ T5846] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  179.499490][   T10] usb 6-1: USB disconnect, device number 4
[  179.908506][ T7349] loop2: detected capacity change from 0 to 512
[  179.989790][ T7349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.018920][ T7349] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.569566][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.699530][ T7370] trusted_key: syz.1.500 sent an empty control message without MSG_MORE.
[  181.215569][ T7391] loop2: detected capacity change from 0 to 1024
[  181.237283][ T7358] loop5: detected capacity change from 0 to 32768
[  181.267439][ T7391] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  181.281948][ T7391] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.292858][ T7358] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  181.325792][ T7391] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 3)
[  181.341644][ T7391] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  181.377031][ T7391] EXT4-fs (loop2): This should not happen!! Data will be lost
[  181.377031][ T7391] 
[  181.425172][ T7407] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.448524][ T7407] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.472551][ T7386] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.472637][   T44] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  181.501409][ T7358] XFS (loop5): Ending clean mount
[  181.531040][ T7386] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.558783][ T7358] XFS (loop5): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x4 
[  181.591520][ T7358] XFS (loop5): Unmount and run xfs_repair
[  181.597294][ T7358] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  181.607387][ T7407] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.621909][ T7358] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff  AB3B............
[  181.636674][ T7386] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.653081][ T7358] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 10  ................
[  181.670872][ T7358] 00000020: ed 37 bf 6e 74 ea 4e 01 f8 ba 5f ee 27 4b 0f 3a  .7.nt.N..._.'K.:
[  181.682844][ T7407] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.697074][ T7358] 00000030: 00 00 00 00 f6 3b 25 b5 00 00 00 07 00 00 00 01  .....;%.........
[  181.708045][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.719977][ T7386] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.741579][ T7358] 00000040: 00 00 0b fe 00 00 00 02 00 00 0c 20 00 00 13 e0  ........... ....
[  181.750024][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.754021][ T7358] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.760946][   T44] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  181.783079][ T7414] loop1: detected capacity change from 0 to 4096
[  181.791157][ T7407] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.507: lblock 3 mapped to illegal pblock 3 (length 1)
[  181.796602][ T7414] EXT4-fs: Ignoring removed mblk_io_submit option
[  181.813355][ T7358] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.836004][ T7358] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.845374][   T44] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  181.861651][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.870677][ T7414] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  181.876088][ T7358] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x4 len 4 error 74
[  181.881933][ T7414] EXT4-fs (loop1): Test dummy encryption mode enabled
[  181.892320][   T44] usb 1-1: config 0 descriptor??
[  181.911058][ T7358] XFS (loop5): page discard on page ffffea0001224300, inode 0x180a, pos 0.
[  181.962898][ T7414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.994495][ T5843] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  182.013097][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  182.032623][ T5843] XFS (loop5): Uncorrected metadata errors detected; please run xfs_repair.
[  182.144299][ T7414] process 'syz.1.512' launched './file1' with NULL argv: empty string added
[  182.309933][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.375854][   T44] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  182.542380][ T7433] netlink: 12 bytes leftover after parsing attributes in process `syz.5.526'.
[  182.667539][ T7433] bond1: entered promiscuous mode
[  182.690023][ T7433] 8021q: adding VLAN 0 to HW filter on device bond1
[  182.907839][ T7438] 8021q: adding VLAN 0 to HW filter on device bond1
[  182.924508][ T7438] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  182.947176][ T7438] bond1: (slave vcan1): Error -95 calling set_mac_address
[  183.427320][ T5825] usb 1-1: USB disconnect, device number 7
[  184.701385][   T10] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  184.785826][ T7485] bond1: entered allmulticast mode
[  184.809719][ T7485] 8021q: adding VLAN 0 to HW filter on device bond1
[  184.853173][ T7485] bridge0: port 3(bond1) entered blocking state
[  184.871353][   T10] usb 3-1: Using ep0 maxpacket: 32
[  184.880029][ T7485] bridge0: port 3(bond1) entered disabled state
[  184.892588][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.913646][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.933224][ T7485] bond1: entered promiscuous mode
[  184.951453][   T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  184.991882][ T7485] bridge0: port 3(bond1) entered blocking state
[  184.998302][ T7485] bridge0: port 3(bond1) entered forwarding state
[  185.005351][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.039087][   T10] usb 3-1: config 0 descriptor??
[  185.233980][ T1311] bridge0: port 3(bond1) entered disabled state
[  185.585471][   T10] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  185.859036][   T44] usb 3-1: USB disconnect, device number 3
[  186.757913][ T7548] loop5: detected capacity change from 0 to 128
[  186.827764][ T7548] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  186.874387][ T7552] 8021q: adding VLAN 0 to HW filter on device bond1
[  186.884418][ T7552] bond0: (slave bond1): Enslaving as an active interface with an up link
[  186.897499][ T7548] hpfs: filesystem error: improperly stopped
[  186.903631][ T7548] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  186.911781][ T7548] hpfs: You really don't want any checks? You are crazy...
[  186.923513][ T7554] netlink: 14 bytes leftover after parsing attributes in process `syz.0.547'.
[  186.924990][ T7548] hpfs: hpfs_map_sector(): read error
[  186.938602][ T7548] hpfs: code page support is disabled
[  186.962842][ T7548] hpfs: hpfs_map_4sectors(): unaligned read
[  186.969414][ T7548] hpfs: hpfs_map_4sectors(): unaligned read
[  186.980711][ T7548] hpfs: filesystem error: unable to find root dir
[  187.027190][ T7556] loop4: detected capacity change from 0 to 128
[  187.038812][ T7548] hpfs: hpfs_map_4sectors(): unaligned read
[  187.060018][ T7548] hpfs: hpfs_map_sector(): read error
[  187.077258][ T7548] hpfs: hpfs_map_4sectors(): unaligned read
[  187.102574][ T7548] hpfs: hpfs_map_sector(): read error
[  187.332139][ T7556] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.393486][ T7556] ext4 filesystem being mounted at /89/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  187.634811][ T7556] loop4: detected capacity change from 128 to 0
[  187.641646][    C0] I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  187.669437][ T7564] EXT4-fs error (device loop4): __ext4_find_entry:1613: inode #2: comm syz.4.549: reading directory lblock 0
[  187.713417][ T7564] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  187.721888][ T7564] EXT4-fs (loop4): I/O error while writing superblock
[  187.832569][ T7569] netlink: 'syz.1.551': attribute type 1 has an invalid length.
[  187.871948][ T5846] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  187.913639][ T5846] EXT4-fs error (device loop4): ext4_get_inode_loc:4969: inode #2: block 35: comm syz-executor: unable to read itable block
[  187.942861][ T7572] loop5: detected capacity change from 0 to 512
[  187.954812][ T5846] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  187.963801][ T5846] EXT4-fs (loop4): I/O error while writing superblock
[  187.972042][ T5846] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6305: IO failure
[  187.980940][ T5846] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  187.995672][ T7572] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.553: casefold flag without casefold feature
[  188.008991][ T5846] EXT4-fs (loop4): I/O error while writing superblock
[  188.043262][ T7572] EXT4-fs error (device loop5): ext4_orphan_get:1395: comm syz.5.553: couldn't read orphan inode 15 (err -117)
[  188.049941][ T5846] EXT4-fs error (device loop4): ext4_dirty_inode:6509: inode #2: comm syz-executor: mark_inode_dirty error
[  188.067858][ T5846] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  188.076998][ T7554] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.081125][ T7572] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.100337][ T5846] EXT4-fs (loop4): I/O error while writing superblock
[  188.122275][ T7554] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.182253][ T7554] bond0 (unregistering): (slave bond1): Releasing backup interface
[  188.195803][ T7554] bond0 (unregistering): Released all slaves
[  188.249358][ T7533] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4954: inode #2: block 35: comm kworker/u8:13: unable to read itable block
[  188.265519][ T7575] loop3: detected capacity change from 0 to 2048
[  188.292050][ T7533] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  188.310989][ T7533] EXT4-fs (loop4): I/O error while writing superblock
[  188.325086][ T7575] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  188.376403][ T5846] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.388230][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.419672][ T5846] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  188.485740][ T5846] EXT4-fs (loop4): I/O error while writing superblock
[  188.530260][ T7570] bond1: (slave bridge1): making interface the new active one
[  188.543174][ T7570] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  188.761404][ T7583] netlink: 'syz.5.558': attribute type 1 has an invalid length.
[  188.776919][ T7583] netlink: 'syz.5.558': attribute type 3 has an invalid length.
[  188.799781][ T7583] netlink: 12 bytes leftover after parsing attributes in process `syz.5.558'.
[  189.887192][ T7604] loop3: detected capacity change from 0 to 4096
[  190.135218][ T5857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  190.146196][ T5857] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  190.154613][ T5857] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  190.166869][ T5857] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  190.175051][ T5857] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  190.786788][ T7641] loop0: detected capacity change from 0 to 64
[  190.843220][ T7645] loop3: detected capacity change from 0 to 64
[  190.925733][ T7622] chnl_net:caif_netlink_parms(): no params data found
[  191.088637][   T30] audit: type=1804 audit(1759635979.767:43): pid=7645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.586" name=2F6E6577726F6F742F39302F66696C65302FF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFF
[  191.208347][ T7622] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.324469][ T7622] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.324733][ T7622] bridge_slave_0: entered allmulticast mode
[  191.327023][ T7622] bridge_slave_0: entered promiscuous mode
[  191.330509][ T7622] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.330712][ T7622] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.330895][ T7622] bridge_slave_1: entered allmulticast mode
[  191.352121][ T7622] bridge_slave_1: entered promiscuous mode
[  191.505751][ T7622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.557167][ T7622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.941229][ T7622] team0: Port device team_slave_0 added
[  191.955018][ T7622] team0: Port device team_slave_1 added
[  192.044603][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.056440][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  192.102491][ T7622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.106873][ T7680] loop1: detected capacity change from 0 to 1024
[  192.138797][ T7622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.146318][ T7622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  192.173463][ T7622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.203932][ T7680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  192.223961][ T5857] Bluetooth: hci3: command tx timeout
[  192.227312][ T7680] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.355911][ T7680] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 3)
[  192.381682][ T7680] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  192.400364][ T7622] hsr_slave_0: entered promiscuous mode
[  192.425070][ T7622] hsr_slave_1: entered promiscuous mode
[  192.433015][ T7680] EXT4-fs (loop1): This should not happen!! Data will be lost
[  192.433015][ T7680] 
[  192.452570][ T7622] debugfs: 'hsr0' already exists in 'hsr'
[  192.458357][ T7622] Cannot create hsr debugfs directory
[  192.473385][ T7687] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.514998][ T7687] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.550695][ T7687] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.584216][ T7691] Bluetooth: hci0: unsupported parameter 178
[  192.609260][ T7691] Bluetooth: hci0: invalid length 0, exp 2 for type 1
[  192.612292][ T7687] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.667142][ T7679] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.691903][ T7679] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.712742][ T7693] loop3: detected capacity change from 0 to 1024
[  192.720664][ T7687] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.790203][ T7693] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.846894][ T7679] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.851668][ T7693] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  192.877356][ T7679] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.598: lblock 3 mapped to illegal pblock 3 (length 1)
[  192.973297][ T7697] Illegal XDP return value 1276216951 on prog  (id 119) dev N/A, expect packet loss!
[  192.986284][ T7693] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  193.065055][ T7693] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  193.146748][ T7693] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  193.204192][ T7693] EXT4-fs error (device loop3): ext4_get_journal_inode:5808: comm syz.3.602: inode #1: comm syz.3.602: iget: illegal inode #
[  193.257194][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  193.300876][ T7693] EXT4-fs (loop3): Remounting filesystem read-only
[  193.307933][ T7693] EXT4-fs (loop3): no journal found
[  193.601014][ T7705] loop2: detected capacity change from 0 to 4096
[  193.740872][ T7622] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  193.788545][ T7622] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  193.846191][ T7622] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  193.880520][ T7622] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  194.242591][ T7622] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.301630][ T5857] Bluetooth: hci3: command tx timeout
[  194.314799][ T7622] 8021q: adding VLAN 0 to HW filter on device team0
[  194.424234][ T7536] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.431580][ T7536] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.489026][ T7536] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.496333][ T7536] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.690838][ T7707] loop1: detected capacity change from 0 to 32768
[  194.763796][ T7707] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  195.159085][ T7747] loop3: detected capacity change from 0 to 1024
[  195.233190][ T7747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  195.251912][ T1219] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  195.269991][ T7622] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.285109][ T7747] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.376573][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 3)
[  195.412107][ T1219] usb 3-1: Using ep0 maxpacket: 32
[  195.430555][ T1219] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.437181][ T7747] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  195.447687][ T1219] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.454270][ T7747] EXT4-fs (loop3): This should not happen!! Data will be lost
[  195.454270][ T7747] 
[  195.494363][ T1219] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  195.512795][ T1219] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.534451][ T1219] usb 3-1: config 0 descriptor??
[  195.544526][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[  195.606359][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.643599][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.679198][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.725605][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.752304][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.817033][ T7746] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.843712][ T7746] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.865372][ T7747] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.895300][ T7746] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: block 3: comm syz.3.621: lblock 3 mapped to illegal pblock 3 (length 1)
[  195.995227][ T1219] ft260 0003:0403:6030.0009: unknown main item tag 0x7
[  196.110986][ T7622] veth0_vlan: entered promiscuous mode
[  196.136373][ T7622] veth1_vlan: entered promiscuous mode
[  196.136855][ T7770] loop0: detected capacity change from 0 to 512
[  196.188414][ T1219] ft260 0003:0403:6030.0009: chip code: 0000 0000
[  196.189125][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  196.215340][ T7622] veth0_macvtap: entered promiscuous mode
[  196.237703][ T7770] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.627: casefold flag without casefold feature
[  196.252254][ T7772] loop5: detected capacity change from 0 to 1024
[  196.264847][ T7770] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.627: couldn't read orphan inode 15 (err -117)
[  196.265754][ T7622] veth1_macvtap: entered promiscuous mode
[  196.278459][ T7772] EXT4-fs: Ignoring removed orlov option
[  196.314719][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.334015][ T7622] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.338197][ T7770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.357921][   T60] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.371711][ T5857] Bluetooth: hci3: command tx timeout
[  196.389193][ T1219] ft260 0003:0403:6030.0009: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0
[  196.404918][ T7772] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  196.425133][ T7772] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.435997][   T60] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.447270][   T60] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.463204][   T60] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.550926][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.590131][ T1219] ft260 0003:0403:6030.0009: failed to retrieve status: -32, no wakeup
[  196.602280][ T7772] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  196.668054][ T7772] EXT4-fs (loop5): This should not happen!! Data will be lost
[  196.668054][ T7772] 
[  196.689307][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.722471][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.740272][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.743263][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.757722][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.783132][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.791938][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.832067][ T7771] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.850117][ T1219] usb 3-1: USB disconnect, device number 5
[  196.871817][ T7771] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.927616][ T1311] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.929991][ T7771] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  196.957309][ T1311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.989240][ T7781] loop3: detected capacity change from 0 to 128
[  197.010641][ T7782] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.628: lblock 0 mapped to illegal pblock 0 (length 1)
[  197.018025][ T7772] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: block 3: comm syz.5.628: lblock 3 mapped to illegal pblock 3 (length 1)
[  197.054996][ T7781] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  197.075991][ T7781] hpfs: filesystem error: improperly stopped
[  197.102078][ T7781] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  197.129236][ T7781] hpfs: You really don't want any checks? You are crazy...
[  197.143691][ T7781] hpfs: hpfs_map_sector(): read error
[  197.170524][ T7781] hpfs: code page support is disabled
[  197.181253][ T7786] loop0: detected capacity change from 0 to 2048
[  197.200391][ T7781] hpfs: hpfs_map_4sectors(): unaligned read
[  197.223361][ T7781] hpfs: hpfs_map_4sectors(): unaligned read
[  197.241533][ T7781] hpfs: filesystem error: unable to find root dir
[  197.278818][ T7786] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  197.302784][ T7781] hpfs: hpfs_map_4sectors(): unaligned read
[  197.320902][ T7786] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  197.324221][ T7781] hpfs: hpfs_map_sector(): read error
[  197.333147][ T5843] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  197.402785][ T7792] hpfs: hpfs_map_4sectors(): unaligned read
[  197.446479][ T7792] hpfs: hpfs_map_sector(): read error
[  197.543426][ T7786] loop0: detected capacity change from 2048 to 0
[  197.616018][ T7797] ref_ctr_offset mismatch. inode: 0x261 offset: 0x0 ref_ctr_offset(old): 0x3070 ref_ctr_offset(new): 0x0
[  197.794886][ T5845] Buffer I/O error on dev loop0, logical block 128, lost sync page write
[  198.409657][ T7791] loop1: detected capacity change from 0 to 32768
[  198.451563][ T5857] Bluetooth: hci3: command tx timeout
[  198.496008][ T7791] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  198.610890][ T7796] loop2: detected capacity change from 0 to 32768
[  198.644530][ T7791] XFS (loop1): Ending clean mount
[  198.769470][ T7533] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.838721][ T7796] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  198.885251][ T7791] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x4 
[  198.918681][ T7791] XFS (loop1): Unmount and run xfs_repair
[  198.925248][ T7791] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  198.949694][ T7791] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff  AB3B............
[  199.003046][ T7791] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 10  ................
[  199.020902][ T7791] 00000020: ed 37 bf 6e 74 ea 4e 01 f8 ba 5f ee 27 4b 0f 3a  .7.nt.N..._.'K.:
[  199.044337][ T7533] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.102501][ T7791] 00000030: 00 00 00 00 f6 3b 25 b5 00 00 00 07 00 00 00 01  .....;%.........
[  199.186252][ T7791] 00000040: 00 00 0b fe 00 00 00 02 00 00 0c 20 00 00 13 e0  ........... ....
[  199.281203][ T7791] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.372210][ T7791] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.507122][ T7861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.648'.
[  199.607416][ T7791] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  199.640759][ T7861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.648'.
[  199.779882][ T7791] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x23f/0x4f0" at daddr 0x4 len 4 error 74
[  199.917511][ T7791] XFS (loop1): page discard on page ffffea00013ed600, inode 0x180a, pos 0.
[  199.942547][ T7533] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.015756][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  200.161829][ T5847] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  200.208829][ T5847] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[  200.327670][ T7533] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.639712][ T7874] loop3: detected capacity change from 0 to 1024
[  200.655128][ T7875] loop2: detected capacity change from 0 to 128
[  200.716049][ T7874] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  leaving read-only.
[  200.743572][ T7875] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  200.769158][ T7533] bridge_slave_1: left allmulticast mode
[  200.778771][ T7533] bridge_slave_1: left promiscuous mode
[  200.788783][ T7875] hpfs: filesystem error: improperly stopped
[  200.801589][ T7533] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.825331][ T7875] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  200.851460][ T7875] hpfs: You really don't want any checks? You are crazy...
[  200.866198][ T7875] hpfs: hpfs_map_sector(): read error
[  200.881430][ T7875] hpfs: code page support is disabled
[  200.896981][ T7879] loop1: detected capacity change from 0 to 256
[  200.930551][ T5862] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  200.944719][ T5862] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  200.953117][ T5862] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  200.961724][ T5862] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  200.963026][ T7875] hpfs: hpfs_map_4sectors(): unaligned read
[  200.969503][ T5862] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  200.985333][ T7533] bridge_slave_0: left allmulticast mode
[  200.991008][ T7533] bridge_slave_0: left promiscuous mode
[  201.001823][ T7879] exfat: Deprecated parameter 'namecase'
[  201.008442][ T7879] exfat: Bad value for 'allow_utime'
[  201.041500][ T7875] hpfs: hpfs_map_4sectors(): unaligned read
[  201.047444][ T7875] hpfs: filesystem error: unable to find root dir
[  201.064556][ T7533] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.198438][ T7875] hpfs: hpfs_map_4sectors(): unaligned read
[  201.226364][ T7875] hpfs: hpfs_map_sector(): read error
[  201.251516][ T7875] hpfs: hpfs_map_4sectors(): unaligned read
[  201.265841][ T7875] hpfs: hpfs_map_sector(): read error
[  201.489391][ T7896] serio: Serial port ptm0
[  203.014432][ T5862] Bluetooth: hci2: command tx timeout
[  203.246673][ T7533] bond1 (unregistering): Released all slaves
[  203.305760][ T7904] netlink: 'syz.6.663': attribute type 5 has an invalid length.
[  203.901699][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  203.908077][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  205.091514][ T5862] Bluetooth: hci2: command tx timeout
[  205.344506][ T7533] hsr_slave_0: left promiscuous mode
[  205.386900][ T7533] hsr_slave_1: left promiscuous mode
[  205.393472][ T7533] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.411184][ T7533] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.444288][ T7533] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.471452][ T7533] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.561896][ T7533] veth1_macvtap: left promiscuous mode
[  205.568173][ T7533] veth0_macvtap: left promiscuous mode
[  205.590099][ T7533] veth1_vlan: left promiscuous mode
[  205.599843][ T7533] veth0_vlan: left promiscuous mode
[  205.654880][ T8011] evm: overlay not supported
[  205.703700][ T7958] loop2: detected capacity change from 0 to 40427
[  205.723498][ T7958] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  205.752221][ T7958] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  205.765884][ T7958] F2FS-fs (loop2): invalid crc value
[  205.998423][ T8018] loop6: detected capacity change from 0 to 4096
[  206.015908][ T8018] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.047562][ T7958] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  206.054878][ T8018] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  206.070592][ T8018] EXT4-fs (loop6): Test dummy encryption mode enabled
[  206.095119][ T7958] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  206.102788][ T7958] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  206.140074][ T8018] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.602095][ T7622] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.174527][ T5862] Bluetooth: hci2: command tx timeout
[  207.411193][ T8023] loop3: detected capacity change from 0 to 131072
[  207.647655][ T8023] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  207.679759][ T8023] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  207.824755][   T30] audit: type=1800 audit(1759635996.507:44): pid=8023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.691" name="file2" dev="loop3" ino=8 res=0 errno=0
[  207.850436][ T8036] loop6: detected capacity change from 0 to 32768
[  207.913117][ T8036] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  207.921485][ T8036] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  208.012129][ T7533] team0 (unregistering): Port device team_slave_1 removed
[  208.024399][ T8036] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  208.036179][   T44] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  208.046015][   T44] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  208.297365][   T44] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 251ms
[  208.314397][ T7533] team0 (unregistering): Port device team_slave_0 removed
[  208.325862][   T44] gfs2: fsid=syz:syz.0: jid=0: Done
[  208.333442][ T8036] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  209.260386][ T5862] Bluetooth: hci2: command tx timeout
[  210.954267][ T7880] chnl_net:caif_netlink_parms(): no params data found
[  211.154143][   T30] audit: type=1326 audit(1759635999.827:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.6.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994a78eec9 code=0x7ffc0000
[  211.290093][   T30] audit: type=1326 audit(1759635999.837:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.6.706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f994a78eec9 code=0x7ffc0000
[  211.405815][ T7880] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.421514][ T7880] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.433899][ T7880] bridge_slave_0: entered allmulticast mode
[  211.440930][   T30] audit: type=1326 audit(1759636000.117:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.469324][ T7880] bridge_slave_0: entered promiscuous mode
[  211.486252][   T30] audit: type=1326 audit(1759636000.117:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.520275][ T7880] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.541033][ T7880] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.560079][ T7880] bridge_slave_1: entered allmulticast mode
[  211.596253][ T7880] bridge_slave_1: entered promiscuous mode
[  211.614131][   T30] audit: type=1326 audit(1759636000.167:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.701095][   T30] audit: type=1326 audit(1759636000.167:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.800763][ T7880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.831373][   T30] audit: type=1326 audit(1759636000.167:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.895329][ T8111] loop5: detected capacity change from 0 to 4096
[  211.895342][   T30] audit: type=1326 audit(1759636000.197:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  211.924497][ T7880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.022816][   T30] audit: type=1326 audit(1759636000.197:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994c38eec9 code=0x7ffc0000
[  212.157628][ T7880] team0: Port device team_slave_0 added
[  212.179868][ T7880] team0: Port device team_slave_1 added
[  212.304642][ T7880] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.314092][ T7880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  212.360364][ T7880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.389362][ T7880] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.401581][ T7880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  212.444150][ T7880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.557313][ T7880] hsr_slave_0: entered promiscuous mode
[  212.565462][ T7880] hsr_slave_1: entered promiscuous mode
[  212.566451][ T7880] debugfs: 'hsr0' already exists in 'hsr'
[  212.566480][ T7880] Cannot create hsr debugfs directory
[  212.609355][ T8129] loop2: detected capacity change from 0 to 256
[  212.706001][ T8129] Invalid ELF header magic: != ELF
[  212.845468][ T8133] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  213.259066][ T7880] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  213.270735][ T5927] libceph: connect (1)[c::]:6789 error -101
[  213.271925][ T7880] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  213.287145][ T5927] libceph: mon0 (1)[c::]:6789 connect error
[  213.316364][ T7880] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  213.340932][ T8145] ceph: No mds server is up or the cluster is laggy
[  213.404308][ T7880] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  213.797199][ T8169] loop1: detected capacity change from 0 to 512
[  213.907891][ T8169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.925560][ T8169] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.978832][ T7880] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.019514][ T7880] 8021q: adding VLAN 0 to HW filter on device team0
[  214.039049][ T7536] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.046244][ T7536] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.190986][ T7531] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.198195][ T7531] bridge0: port 2(bridge_slave_1) entered forwarding state
[  214.260620][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.349597][ T7880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  214.661088][ T8192] loop2: detected capacity change from 0 to 512
[  214.695572][ T8192] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.740: casefold flag without casefold feature
[  214.746203][ T8192] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.740: couldn't read orphan inode 15 (err -117)
[  214.864942][ T7880] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.904666][ T8192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.926108][ T8203] loop3: detected capacity change from 0 to 512
[  214.943766][ T8203] EXT4-fs: Ignoring removed i_version option
[  214.959363][ T8203] EXT4-fs: Ignoring removed bh option
[  215.033639][ T8203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.111595][ T8203] ext4 filesystem being mounted at /118/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  215.585177][ T5844] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.599395][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.988470][ T8223] bond0: (slave veth0_virt_wifi): Enslaving as an active interface with an up link
[  216.195520][ T7880] veth0_vlan: entered promiscuous mode
[  216.258926][ T7880] veth1_vlan: entered promiscuous mode
[  216.448041][ T7880] veth0_macvtap: entered promiscuous mode
[  216.477447][ T7880] veth1_macvtap: entered promiscuous mode
[  216.540366][ T7880] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.586829][ T8230] loop6: detected capacity change from 0 to 512
[  216.628092][ T7880] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.685555][ T1311] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.714791][ T1311] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.757349][ T8230] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.786377][ T1311] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.860476][ T1311] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.891663][ T8230] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.110231][ T7531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.138982][ T7531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.305085][ T7622] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.339299][ T1311] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.364993][ T1311] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.624691][ T8242] loop3: detected capacity change from 0 to 512
[  217.691577][ T8242] EXT4-fs: Ignoring removed bh option
[  217.762218][ T8242] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  217.823061][ T8246] loop5: detected capacity change from 0 to 2048
[  217.864895][ T8242] EXT4-fs (loop3): 1 truncate cleaned up
[  217.928197][ T8246] NILFS (loop5): invalid segment: Inconsistency found
[  217.951827][ T8242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.998035][ T8246] NILFS (loop5): trying rollback from an earlier position
[  218.122720][ T8246] NILFS (loop5): recovery complete
[  218.165791][ T8256] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.201462][ T8253] capability: warning: `syz.2.758' uses deprecated v2 capabilities in a way that may be insecure
[  218.953069][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.364496][ T8254] loop6: detected capacity change from 0 to 40427
[  219.418394][ T8254] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  219.473066][ T8254] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  219.502989][ T8254] F2FS-fs (loop6): invalid crc value
[  219.835937][ T8254] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  219.850640][ T8281] all: renamed from bridge_slave_0 (while UP)
[  219.880299][ T8254] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  219.924470][ T8254] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  220.263195][ T8286] loop1: detected capacity change from 0 to 1024
[  220.380720][ T8286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  220.521674][ T8286] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.644770][ T8286] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 3: comm syz.1.766: lblock 3 mapped to illegal pblock 3 (length 3)
[  220.669159][ T8263] loop2: detected capacity change from 0 to 32768
[  220.687993][ T8286] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  220.715908][ T8295] netlink: 63503 bytes leftover after parsing attributes in process `syz.3.770'.
[  220.733366][ T8286] EXT4-fs (loop1): This should not happen!! Data will be lost
[  220.733366][ T8286] 
[  220.735219][ T8263] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.782160][ T8299] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.766: lblock 3 mapped to illegal pblock 3 (length 1)
[  220.892342][ T8299] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #15: block 3: comm syz.1.766: lblock 3 mapped to illegal pblock 3 (length 1)
[  220.963940][ T8286] EXT4-fs error (device loop1): ext4_ext_remove_space:2955: inode #15: comm syz.1.766: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  221.020092][ T8263] XFS (loop2): Ending clean mount
[  221.059888][ T8263] XFS (loop2): Quotacheck needed: Please wait.
[  221.075227][ T8286] EXT4-fs error (device loop1) in ext4_setattr:6042: Corrupt filesystem
[  221.119575][ T8263] XFS (loop2): Quotacheck: Done.
[  221.209890][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  221.258713][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  221.258740][   T30] audit: type=1800 audit(1759636009.937:67): pid=8263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.761" name="file1" dev="loop2" ino=9286 res=0 errno=0
[  221.325280][   T30] audit: type=1800 audit(1759636009.937:68): pid=8263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.761" name="file1" dev="loop2" ino=9286 res=0 errno=0
[  221.608906][ T5844] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.635896][ T8320] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  221.744102][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  221.915390][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.977807][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.033018][    T9] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  222.062426][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.207204][    T9] usb 4-1: config 0 descriptor??
[  222.756640][    T9] hid-steam 0003:28DE:1142.000A: item fetching failed at offset 3/5
[  222.780000][    T9] hid-steam 0003:28DE:1142.000A: steam_probe:parse of hid interface failed
[  222.795739][    T9] hid-steam 0003:28DE:1142.000A: probe with driver hid-steam failed with error -22
[  223.004301][ T5927] usb 4-1: USB disconnect, device number 3
[  223.292259][ T5941] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  223.475967][ T5941] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  223.524737][ T5941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.558725][ T5941] usb 3-1: Product: syz
[  223.646828][ T5941] usb 3-1: Manufacturer: syz
[  223.665595][ T5941] usb 3-1: SerialNumber: syz
[  224.837906][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  224.938369][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  224.982853][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  224.997705][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.025941][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.047146][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.064752][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.080722][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.111514][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.129170][ T8380] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  225.155014][ T5941] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  225.197510][ T5941] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  225.235771][ T5941] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  225.262987][ T5941] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  225.305345][ T5941] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  225.371744][ T5941] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  225.433287][ T5941] usb 3-1: USB disconnect, device number 6
[  225.579503][ T8397] loop1: detected capacity change from 0 to 1024
[  225.633465][ T8397] EXT4-fs: Ignoring removed nomblk_io_submit option
[  225.683811][ T8397] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  225.693913][ T8397] System zones: 0-1, 3-36
[  225.737236][ T8397] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.994748][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.167505][ T8412] 8021q: adding VLAN 0 to HW filter on device bond1
[  226.186577][ T8412] bond0: (slave bond1): Enslaving as an active interface with an up link
[  226.199998][ T8414] netlink: 14 bytes leftover after parsing attributes in process `syz.2.816'.
[  226.315924][    T9] libceph: connect (1)[c::]:6789 error -101
[  226.324469][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  226.348474][ T8416] ceph: No mds server is up or the cluster is laggy
[  226.796424][ T8414] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.832836][ T8414] bond0 (unregistering): (slave 
c
@0Ù): Releasing backup interface
[  226.884125][ T8414] bond0 (unregistering): (slave bond1): Releasing backup interface
[  226.967916][ T8414] bond0 (unregistering): Released all slaves
[  227.050228][ T8442] loop6: detected capacity change from 0 to 256
[  227.090074][ T8442] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  227.116079][ T8442] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  227.162153][ T8442] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  227.224191][ T8442] exFAT-fs (loop6): failed to load alloc-bitmap
[  227.253416][ T8442] exFAT-fs (loop6): failed to recognize exfat type
[  227.272308][   T30] audit: type=1326 audit(1759636015.937:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.294418][    C1] vkms_vblank_simulate: vblank timer overrun
[  227.356762][   T30] audit: type=1326 audit(1759636015.947:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.418297][   T30] audit: type=1326 audit(1759636015.947:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.440517][    C1] vkms_vblank_simulate: vblank timer overrun
[  227.511479][   T30] audit: type=1326 audit(1759636015.947:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.581464][   T30] audit: type=1326 audit(1759636015.977:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.681659][   T30] audit: type=1326 audit(1759636016.007:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  227.814548][ T8451] netlink: 4 bytes leftover after parsing attributes in process `syz.6.826'.
[  227.862717][    C1] vcan0: j1939_session_tx_dat: 0xffff8880550bf400: queue data error: -100
[  227.880502][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  227.887159][    C1] vcan0: j1939_xtp_rx_dat: no rx connection found
[  227.893743][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  227.900173][    C1] vcan0: j1939_xtp_rx_dat: no rx connection found
[  227.906753][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.914617][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  227.922587][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.930407][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  227.938415][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.946286][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  227.954238][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.962120][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  227.970052][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.977927][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  227.985905][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  227.993767][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.001726][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.009543][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.017523][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.025377][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.033366][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.041202][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.049234][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.057110][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.065085][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.072958][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.080914][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.088790][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.096759][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.104732][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.112726][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.120560][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.128583][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.136455][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.144476][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.152356][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.160305][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.168193][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.176185][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.184061][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.192046][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.199876][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.207895][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.215761][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.223742][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.231610][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.239581][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.247488][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.255496][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  228.263405][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  228.286453][   T30] audit: type=1326 audit(1759636016.027:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  228.308834][   T30] audit: type=1326 audit(1759636016.067:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  228.352523][   T30] audit: type=1326 audit(1759636016.087:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  228.417103][   T30] audit: type=1326 audit(1759636016.147:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8444 comm="syz.3.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fbcf378eec9 code=0x7ffc0000
[  229.238613][ T8478] loop5: detected capacity change from 0 to 128
[  229.258674][ T8478] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  229.301532][ T8479] netlink: 156 bytes leftover after parsing attributes in process `syz.2.838'.
[  229.351492][ T8478] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  229.374573][ T8479] netlink: 12 bytes leftover after parsing attributes in process `syz.2.838'.
[  229.714946][ T7536] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  229.849750][ T8496] netlink: 'syz.2.847': attribute type 1 has an invalid length.
[  229.909995][ T8496] gretap1: entered allmulticast mode
[  229.920072][ T8496] bond0: (slave gretap1): making interface the new active one
[  229.928787][ T8496] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  230.733570][ T8518] netlink: 12 bytes leftover after parsing attributes in process `syz.7.855'.
[  230.916542][ T8520] loop6: detected capacity change from 0 to 4096
[  230.948725][ T8520] EXT4-fs (loop6): Invalid log cluster size: 134217734
[  231.201138][ T8529] netlink: 'syz.1.860': attribute type 1 has an invalid length.
[  231.290993][ T8525] syzkaller0: entered promiscuous mode
[  231.312608][ T8525] syzkaller0: entered allmulticast mode
[  231.450455][ T8529] 8021q: adding VLAN 0 to HW filter on device bond2
[  231.577120][   T52] Bluetooth: hci0: command 0x0406 tx timeout
[  231.581717][ T5157] Bluetooth: hci5: command 0x0406 tx timeout
[  231.583721][   T52] Bluetooth: hci1: command 0x0406 tx timeout
[  231.667898][ T8534] bond2: (slave gretap1): making interface the new active one
[  231.699927][ T8534] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  232.758370][ T8565] netlink: 12 bytes leftover after parsing attributes in process `syz.1.870'.
[  235.172088][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  235.331665][    T9] usb 2-1: Using ep0 maxpacket: 8
[  235.358470][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  235.392446][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  235.434634][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  235.454932][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  235.500739][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  235.523605][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.801907][    T9] usb 2-1: GET_CAPABILITIES returned 0
[  235.807457][    T9] usbtmc 2-1:16.0: can't read capabilities
[  236.011738][    T9] usb 2-1: USB disconnect, device number 3
[  236.417618][ T8597] loop2: detected capacity change from 0 to 32768
[  236.509687][ T8597] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  236.790083][ T8597] ==================================================================
[  236.798183][ T8597] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220
[  236.805427][ T8597] Read of size 8 at addr ffff888034a900f8 by task syz.2.881/8597
[  236.813247][ T8597] 
[  236.815574][ T8597] CPU: 0 UID: 0 PID: 8597 Comm: syz.2.881 Not tainted syzkaller #0 PREEMPT(full) 
[  236.815619][ T8597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  236.815642][ T8597] Call Trace:
[  236.815654][ T8597]  <TASK>
[  236.815667][ T8597]  dump_stack_lvl+0x116/0x1f0
[  236.815717][ T8597]  print_report+0xcd/0x630
[  236.815754][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.815800][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.815844][ T8597]  ? __phys_addr+0xe8/0x180
[  236.815905][ T8597]  ? __cpa_addr+0x1d3/0x220
[  236.815943][ T8597]  kasan_report+0xe0/0x110
[  236.815981][ T8597]  ? __cpa_addr+0x1d3/0x220
[  236.816026][ T8597]  __cpa_addr+0x1d3/0x220
[  236.816067][ T8597]  cpa_flush+0x28b/0x8a0
[  236.816115][ T8597]  ? __pfx_cpa_flush+0x10/0x10
[  236.816159][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.816204][ T8597]  ? pgprot2cachemode+0x9a/0x130
[  236.816263][ T8597]  ? __pfx_pgprot2cachemode+0x10/0x10
[  236.816321][ T8597]  ? drm_gem_get_pages+0x6a0/0xa10
[  236.816389][ T8597]  change_page_attr_set_clr+0x34e/0x4a0
[  236.816442][ T8597]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  236.816494][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.816556][ T8597]  _set_pages_array+0x1ab/0x2c0
[  236.816607][ T8597]  drm_gem_shmem_get_pages_locked+0x384/0x490
[  236.816657][ T8597]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  236.816707][ T8597]  ? __pfx___might_resched+0x10/0x10
[  236.816770][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  236.816816][ T8597]  ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10
[  236.816866][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  236.816921][ T8597]  drm_gem_mmap+0x40b/0x620
[  236.816975][ T8597]  ? __pfx_drm_gem_mmap+0x10/0x10
[  236.817026][ T8597]  ? vm_area_alloc+0x1f/0x160
[  236.817076][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817121][ T8597]  ? lockdep_init_map_type+0x5c/0x280
[  236.817167][ T8597]  __mmap_region+0x1309/0x27a0
[  236.817224][ T8597]  ? __pfx___mmap_region+0x10/0x10
[  236.817278][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817324][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817369][ T8597]  ? rcu_is_watching+0x12/0xc0
[  236.817429][ T8597]  ? finish_task_switch.isra.0+0x221/0xc10
[  236.817484][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817529][ T8597]  ? lockdep_hardirqs_on+0x7c/0x110
[  236.817573][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817618][ T8597]  ? finish_task_switch.isra.0+0x221/0xc10
[  236.817673][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817719][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817818][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817863][ T8597]  ? __lock_acquire+0xb97/0x1ce0
[  236.817904][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.817955][ T8597]  mmap_region+0x1ab/0x3f0
[  236.818007][ T8597]  ? __get_unmapped_area+0x267/0x440
[  236.818044][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.818092][ T8597]  do_mmap+0xa3e/0x1210
[  236.818130][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.818177][ T8597]  ? __pfx_do_mmap+0x10/0x10
[  236.818211][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.818258][ T8597]  ? __pfx_down_write_killable+0x10/0x10
[  236.818317][ T8597]  vm_mmap_pgoff+0x29e/0x470
[  236.818358][ T8597]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  236.818404][ T8597]  ? __fget_files+0x20e/0x3c0
[  236.818463][ T8597]  ? __entry_text_end+0x1020b5/0x1020b9
[  236.818512][ T8597]  ksys_mmap_pgoff+0x32c/0x5c0
[  236.818547][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  236.818596][ T8597]  __x64_sys_mmap+0x125/0x190
[  236.818639][ T8597]  do_syscall_64+0xcd/0x4e0
[  236.818689][ T8597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.818727][ T8597] RIP: 0033:0x7f487eb8eec9
[  236.818753][ T8597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.818792][ T8597] RSP: 002b:00007f487f98f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  236.818827][ T8597] RAX: ffffffffffffffda RBX: 00007f487ede5fa0 RCX: 00007f487eb8eec9
[  236.818852][ T8597] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[  236.818876][ T8597] RBP: 00007f487ec11f91 R08: 0000000000000005 R09: 0000000100000000
[  236.818900][ T8597] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  236.818924][ T8597] R13: 00007f487ede6038 R14: 00007f487ede5fa0 R15: 00007ffd3adffc08
[  236.818962][ T8597]  </TASK>
[  236.818974][ T8597] 
[  237.241927][ T8597] Allocated by task 8597:
[  237.246249][ T8597]  kasan_save_stack+0x33/0x60
[  237.250953][ T8597]  kasan_save_track+0x14/0x30
[  237.255656][ T8597]  __kasan_kmalloc+0xaa/0xb0
[  237.260274][ T8597]  __kvmalloc_node_noprof+0x3a3/0x9c0
[  237.265673][ T8597]  drm_gem_get_pages+0x144/0xa10
[  237.270629][ T8597]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  237.276710][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  237.281663][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  237.286529][ T8597]  drm_gem_mmap+0x40b/0x620
[  237.291046][ T8597]  __mmap_region+0x1309/0x27a0
[  237.295825][ T8597]  mmap_region+0x1ab/0x3f0
[  237.300258][ T8597]  do_mmap+0xa3e/0x1210
[  237.304418][ T8597]  vm_mmap_pgoff+0x29e/0x470
[  237.309009][ T8597]  ksys_mmap_pgoff+0x32c/0x5c0
[  237.313771][ T8597]  __x64_sys_mmap+0x125/0x190
[  237.318458][ T8597]  do_syscall_64+0xcd/0x4e0
[  237.322981][ T8597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.328886][ T8597] 
[  237.331197][ T8597] The buggy address belongs to the object at ffff888034a90000
[  237.331197][ T8597]  which belongs to the cache kmalloc-256 of size 256
[  237.345247][ T8597] The buggy address is located 0 bytes to the right of
[  237.345247][ T8597]  allocated 248-byte region [ffff888034a90000, ffff888034a900f8)
[  237.360001][ T8597] 
[  237.362315][ T8597] The buggy address belongs to the physical page:
[  237.368711][ T8597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34a90
[  237.377477][ T8597] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  237.386060][ T8597] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  237.393603][ T8597] page_type: f5(slab)
[  237.397585][ T8597] raw: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  237.406174][ T8597] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  237.414760][ T8597] head: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  237.423434][ T8597] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  237.432106][ T8597] head: 00fff00000000001 ffffea0000d2a401 00000000ffffffff 00000000ffffffff
[  237.440778][ T8597] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  237.449440][ T8597] page dumped because: kasan: bad access detected
[  237.455846][ T8597] page_owner tracks the page as allocated
[  237.461546][ T8597] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8597, tgid 8596 (syz.2.881), ts 236719472125, free_ts 236495728685
[  237.482969][ T8597]  post_alloc_hook+0x1c0/0x230
[  237.487755][ T8597]  get_page_from_freelist+0x10a3/0x3a30
[  237.493322][ T8597]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  237.499243][ T8597]  alloc_pages_mpol+0x1fb/0x550
[  237.504209][ T8597]  new_slab+0x24a/0x360
[  237.508376][ T8597]  ___slab_alloc+0xdc4/0x1ae0
[  237.513064][ T8597]  __slab_alloc.constprop.0+0x63/0x110
[  237.518533][ T8597]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  237.523925][ T8597]  drm_gem_get_pages+0x144/0xa10
[  237.528889][ T8597]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  237.534965][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  237.539909][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  237.544771][ T8597]  drm_gem_mmap+0x40b/0x620
[  237.549289][ T8597]  __mmap_region+0x1309/0x27a0
[  237.554064][ T8597]  mmap_region+0x1ab/0x3f0
[  237.558491][ T8597]  do_mmap+0xa3e/0x1210
[  237.562648][ T8597] page last free pid 1311 tgid 1311 stack trace:
[  237.568968][ T8597]  __free_frozen_pages+0x7df/0x1160
[  237.574181][ T8597]  qlist_free_all+0x4d/0x120
[  237.578788][ T8597]  kasan_quarantine_reduce+0x195/0x1e0
[  237.584266][ T8597]  __kasan_slab_alloc+0x69/0x90
[  237.589116][ T8597]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  237.595028][ T8597]  __alloc_skb+0x2b2/0x380
[  237.599461][ T8597]  rtmsg_ifinfo_build_skb+0x81/0x280
[  237.604748][ T8597]  rtnetlink_event+0xf3/0x1f0
[  237.609423][ T8597]  notifier_call_chain+0xbc/0x410
[  237.614469][ T8597]  call_netdevice_notifiers_info+0xbe/0x140
[  237.620365][ T8597]  call_netdevice_notifiers+0x7c/0xb0
[  237.625741][ T8597]  bond_resend_igmp_join_requests_delayed+0x5e/0x170
[  237.632428][ T8597]  process_one_work+0x9cf/0x1b70
[  237.637376][ T8597]  worker_thread+0x6c8/0xf10
[  237.641979][ T8597]  kthread+0x3c5/0x780
[  237.646051][ T8597]  ret_from_fork+0x56d/0x730
[  237.650646][ T8597] 
[  237.652954][ T8597] Memory state around the buggy address:
[  237.658573][ T8597]  ffff888034a8ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  237.666630][ T8597]  ffff888034a90000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  237.674686][ T8597] >ffff888034a90080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[  237.682738][ T8597]                                                                 ^
[  237.690709][ T8597]  ffff888034a90100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  237.698767][ T8597]  ffff888034a90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  237.706817][ T8597] ==================================================================
[  237.812566][ T8597] Disabling lock debugging due to kernel taint
[  237.835847][ T8597] ==================================================================
[  237.843927][ T8597] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220
[  237.851161][ T8597] Read of size 8 at addr ffff888034a900f8 by task syz.2.881/8597
[  237.858890][ T8597] 
[  237.861222][ T8597] CPU: 1 UID: 0 PID: 8597 Comm: syz.2.881 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  237.861277][ T8597] Tainted: [B]=BAD_PAGE
[  237.861291][ T8597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  237.861314][ T8597] Call Trace:
[  237.861325][ T8597]  <TASK>
[  237.861337][ T8597]  dump_stack_lvl+0x116/0x1f0
[  237.861388][ T8597]  print_report+0xcd/0x630
[  237.861426][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.861472][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.861516][ T8597]  ? __phys_addr+0xe8/0x180
[  237.861576][ T8597]  ? __cpa_addr+0x1d3/0x220
[  237.861614][ T8597]  kasan_report+0xe0/0x110
[  237.861656][ T8597]  ? __cpa_addr+0x1d3/0x220
[  237.861700][ T8597]  __cpa_addr+0x1d3/0x220
[  237.861741][ T8597]  cpa_flush+0x28b/0x8a0
[  237.861787][ T8597]  ? __pfx_cpa_flush+0x10/0x10
[  237.861830][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.861875][ T8597]  ? pgprot2cachemode+0x9a/0x130
[  237.861932][ T8597]  ? __pfx_pgprot2cachemode+0x10/0x10
[  237.861990][ T8597]  ? drm_gem_get_pages+0x6a0/0xa10
[  237.862049][ T8597]  change_page_attr_set_clr+0x34e/0x4a0
[  237.862101][ T8597]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  237.862152][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.862212][ T8597]  _set_pages_array+0x20a/0x2c0
[  237.862263][ T8597]  drm_gem_shmem_get_pages_locked+0x384/0x490
[  237.862312][ T8597]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  237.862361][ T8597]  ? __pfx___might_resched+0x10/0x10
[  237.862422][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  237.862467][ T8597]  ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10
[  237.862517][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  237.862571][ T8597]  drm_gem_mmap+0x40b/0x620
[  237.862624][ T8597]  ? __pfx_drm_gem_mmap+0x10/0x10
[  237.862681][ T8597]  ? vm_area_alloc+0x1f/0x160
[  237.862730][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.862775][ T8597]  ? lockdep_init_map_type+0x5c/0x280
[  237.862820][ T8597]  __mmap_region+0x1309/0x27a0
[  237.862875][ T8597]  ? __pfx___mmap_region+0x10/0x10
[  237.862925][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.862971][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863016][ T8597]  ? rcu_is_watching+0x12/0xc0
[  237.863069][ T8597]  ? finish_task_switch.isra.0+0x221/0xc10
[  237.863124][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863168][ T8597]  ? lockdep_hardirqs_on+0x7c/0x110
[  237.863212][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863256][ T8597]  ? finish_task_switch.isra.0+0x221/0xc10
[  237.863310][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863356][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863448][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863492][ T8597]  ? __lock_acquire+0xb97/0x1ce0
[  237.863533][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863581][ T8597]  mmap_region+0x1ab/0x3f0
[  237.863634][ T8597]  ? __get_unmapped_area+0x267/0x440
[  237.863673][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863721][ T8597]  do_mmap+0xa3e/0x1210
[  237.863758][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863804][ T8597]  ? __pfx_do_mmap+0x10/0x10
[  237.863838][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.863885][ T8597]  ? __pfx_down_write_killable+0x10/0x10
[  237.863943][ T8597]  vm_mmap_pgoff+0x29e/0x470
[  237.863984][ T8597]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  237.864025][ T8597]  ? __fget_files+0x20e/0x3c0
[  237.864082][ T8597]  ? __entry_text_end+0x1020b5/0x1020b9
[  237.864131][ T8597]  ksys_mmap_pgoff+0x32c/0x5c0
[  237.864165][ T8597]  ? srso_alias_return_thunk+0x5/0xfbef5
[  237.864214][ T8597]  __x64_sys_mmap+0x125/0x190
[  237.864256][ T8597]  do_syscall_64+0xcd/0x4e0
[  237.864305][ T8597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.864341][ T8597] RIP: 0033:0x7f487eb8eec9
[  237.864369][ T8597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.864404][ T8597] RSP: 002b:00007f487f98f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  237.864439][ T8597] RAX: ffffffffffffffda RBX: 00007f487ede5fa0 RCX: 00007f487eb8eec9
[  237.864465][ T8597] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[  237.864489][ T8597] RBP: 00007f487ec11f91 R08: 0000000000000005 R09: 0000000100000000
[  237.864513][ T8597] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  237.864536][ T8597] R13: 00007f487ede6038 R14: 00007f487ede5fa0 R15: 00007ffd3adffc08
[  237.864573][ T8597]  </TASK>
[  237.864585][ T8597] 
[  238.294056][ T8597] Allocated by task 8597:
[  238.298376][ T8597]  kasan_save_stack+0x33/0x60
[  238.303084][ T8597]  kasan_save_track+0x14/0x30
[  238.307792][ T8597]  __kasan_kmalloc+0xaa/0xb0
[  238.312404][ T8597]  __kvmalloc_node_noprof+0x3a3/0x9c0
[  238.317799][ T8597]  drm_gem_get_pages+0x144/0xa10
[  238.322753][ T8597]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  238.328836][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  238.333790][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  238.338660][ T8597]  drm_gem_mmap+0x40b/0x620
[  238.343175][ T8597]  __mmap_region+0x1309/0x27a0
[  238.347952][ T8597]  mmap_region+0x1ab/0x3f0
[  238.352386][ T8597]  do_mmap+0xa3e/0x1210
[  238.356543][ T8597]  vm_mmap_pgoff+0x29e/0x470
[  238.361131][ T8597]  ksys_mmap_pgoff+0x32c/0x5c0
[  238.365894][ T8597]  __x64_sys_mmap+0x125/0x190
[  238.370576][ T8597]  do_syscall_64+0xcd/0x4e0
[  238.375094][ T8597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.380989][ T8597] 
[  238.383304][ T8597] The buggy address belongs to the object at ffff888034a90000
[  238.383304][ T8597]  which belongs to the cache kmalloc-256 of size 256
[  238.397443][ T8597] The buggy address is located 0 bytes to the right of
[  238.397443][ T8597]  allocated 248-byte region [ffff888034a90000, ffff888034a900f8)
[  238.411938][ T8597] 
[  238.414252][ T8597] The buggy address belongs to the physical page:
[  238.420653][ T8597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34a90
[  238.429411][ T8597] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  238.437994][ T8597] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  238.445535][ T8597] page_type: f5(slab)
[  238.449517][ T8597] raw: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  238.458100][ T8597] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  238.466687][ T8597] head: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  238.475360][ T8597] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  238.484030][ T8597] head: 00fff00000000001 ffffea0000d2a401 00000000ffffffff 00000000ffffffff
[  238.492756][ T8597] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  238.501419][ T8597] page dumped because: kasan: bad access detected
[  238.507826][ T8597] page_owner tracks the page as allocated
[  238.513528][ T8597] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8597, tgid 8596 (syz.2.881), ts 236719472125, free_ts 236495728685
[  238.534819][ T8597]  post_alloc_hook+0x1c0/0x230
[  238.539600][ T8597]  get_page_from_freelist+0x10a3/0x3a30
[  238.545167][ T8597]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  238.551079][ T8597]  alloc_pages_mpol+0x1fb/0x550
[  238.555932][ T8597]  new_slab+0x24a/0x360
[  238.560097][ T8597]  ___slab_alloc+0xdc4/0x1ae0
[  238.564955][ T8597]  __slab_alloc.constprop.0+0x63/0x110
[  238.570427][ T8597]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  238.575820][ T8597]  drm_gem_get_pages+0x144/0xa10
[  238.580784][ T8597]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  238.586864][ T8597]  drm_gem_shmem_mmap+0xc9/0x550
[  238.591811][ T8597]  drm_gem_mmap_obj+0x1b5/0x560
[  238.596679][ T8597]  drm_gem_mmap+0x40b/0x620
[  238.601213][ T8597]  __mmap_region+0x1309/0x27a0
[  238.606002][ T8597]  mmap_region+0x1ab/0x3f0
[  238.610436][ T8597]  do_mmap+0xa3e/0x1210
[  238.614595][ T8597] page last free pid 1311 tgid 1311 stack trace:
[  238.620914][ T8597]  __free_frozen_pages+0x7df/0x1160
[  238.626120][ T8597]  qlist_free_all+0x4d/0x120
[  238.630733][ T8597]  kasan_quarantine_reduce+0x195/0x1e0
[  238.636302][ T8597]  __kasan_slab_alloc+0x69/0x90
[  238.641150][ T8597]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  238.647056][ T8597]  __alloc_skb+0x2b2/0x380
[  238.651605][ T8597]  rtmsg_ifinfo_build_skb+0x81/0x280
[  238.656912][ T8597]  rtnetlink_event+0xf3/0x1f0
[  238.661591][ T8597]  notifier_call_chain+0xbc/0x410
[  238.666712][ T8597]  call_netdevice_notifiers_info+0xbe/0x140
[  238.672608][ T8597]  call_netdevice_notifiers+0x7c/0xb0
[  238.677989][ T8597]  bond_resend_igmp_join_requests_delayed+0x5e/0x170
[  238.684689][ T8597]  process_one_work+0x9cf/0x1b70
[  238.689652][ T8597]  worker_thread+0x6c8/0xf10
[  238.694249][ T8597]  kthread+0x3c5/0x780
[  238.698324][ T8597]  ret_from_fork+0x56d/0x730
[  238.702924][ T8597] 
[  238.705234][ T8597] Memory state around the buggy address:
[  238.710851][ T8597]  ffff888034a8ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  238.719087][ T8597]  ffff888034a90000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  238.727171][ T8597] >ffff888034a90080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[  238.735236][ T8597]                                                                 ^
[  238.743211][ T8597]  ffff888034a90100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  238.751278][ T8597]  ffff888034a90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  238.759342][ T8597] ==================================================================
[  238.866194][ T8601] loop6: detected capacity change from 0 to 32768
[  238.894809][ T8614] SQUASHFS error: Failed to read block 0x0: -5
[  238.901004][ T8614] unable to read squashfs_super_block
[  238.917833][ T8601] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  238.952143][ T8596] ==================================================================
[  238.960226][ T8596] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220
[  238.967461][ T8596] Read of size 8 at addr ffff888034a900f8 by task syz.2.881/8596
[  238.975170][ T8596] 
[  238.977487][ T8596] CPU: 0 UID: 0 PID: 8596 Comm: syz.2.881 Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  238.977527][ T8596] Tainted: [B]=BAD_PAGE
[  238.977537][ T8596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  238.977554][ T8596] Call Trace:
[  238.977563][ T8596]  <TASK>
[  238.977574][ T8596]  dump_stack_lvl+0x116/0x1f0
[  238.977611][ T8596]  print_report+0xcd/0x630
[  238.977641][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.977674][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.977707][ T8596]  ? __phys_addr+0xe8/0x180
[  238.977751][ T8596]  ? __cpa_addr+0x1d3/0x220
[  238.977779][ T8596]  kasan_report+0xe0/0x110
[  238.977807][ T8596]  ? __cpa_addr+0x1d3/0x220
[  238.977840][ T8596]  __cpa_addr+0x1d3/0x220
[  238.977871][ T8596]  cpa_flush+0xec/0x8a0
[  238.977904][ T8596]  ? __pfx_cpa_flush+0x10/0x10
[  238.977937][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.977969][ T8596]  ? pgprot2cachemode+0x9a/0x130
[  238.978011][ T8596]  ? __pfx_pgprot2cachemode+0x10/0x10
[  238.978058][ T8596]  set_pages_array_wb+0x238/0x280
[  238.978094][ T8596]  ? __pfx_set_pages_array_wb+0x10/0x10
[  238.978137][ T8596]  ? __pfx___might_resched+0x10/0x10
[  238.978179][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978234][ T8596]  drm_gem_shmem_put_pages_locked+0x27e/0x300
[  238.978287][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978321][ T8596]  drm_gem_shmem_vm_close+0x63/0xc0
[  238.978353][ T8596]  ? __pfx_drm_gem_shmem_vm_close+0x10/0x10
[  238.978390][ T8596]  remove_vma+0x88/0x160
[  238.978425][ T8596]  exit_mmap+0x50a/0xb90
[  238.978455][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978488][ T8596]  ? __pfx_exit_mmap+0x10/0x10
[  238.978516][ T8596]  ? lock_release+0x201/0x2f0
[  238.978548][ T8596]  ? lock_release+0x201/0x2f0
[  238.978575][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978616][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978650][ T8596]  ? arch_uprobe_clear_state+0x16/0x150
[  238.978685][ T8596]  __mmput+0x12a/0x410
[  238.978726][ T8596]  mmput+0x62/0x70
[  238.978762][ T8596]  do_exit+0x7c7/0x2bf0
[  238.978792][ T8596]  ? __pfx_do_exit+0x10/0x10
[  238.978816][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978849][ T8596]  ? do_raw_spin_lock+0x12c/0x2b0
[  238.978884][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.978917][ T8596]  ? rcu_is_watching+0x12/0xc0
[  238.978961][ T8596]  do_group_exit+0xd3/0x2a0
[  238.978989][ T8596]  get_signal+0x2671/0x26d0
[  238.979030][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.979068][ T8596]  ? __pfx_get_signal+0x10/0x10
[  238.979106][ T8596]  ? vm_mmap_pgoff+0x103/0x470
[  238.979137][ T8596]  arch_do_signal_or_restart+0x8f/0x7c0
[  238.979178][ T8596]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  238.979222][ T8596]  ? ksys_mmap_pgoff+0x85/0x5c0
[  238.979247][ T8596]  ? xfd_validate_state+0x61/0x180
[  238.979307][ T8596]  ? srso_alias_return_thunk+0x5/0xfbef5
[  238.979363][ T8596]  exit_to_user_mode_loop+0x85/0x130
[  238.979402][ T8596]  do_syscall_64+0x419/0x4e0
[  238.979439][ T8596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.979466][ T8596] RIP: 0033:0x7f487eb8ef03
[  238.979486][ T8596] Code: Unable to access opcode bytes at 0x7f487eb8eed9.
[  238.979499][ T8596] RSP: 002b:00007ffd3adffba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  238.979524][ T8596] RAX: 00007f487f94e000 RBX: 00007f487d5f76c0 RCX: 00007f487eb8ef03
[  238.979543][ T8596] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[  238.979560][ T8596] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  238.979577][ T8596] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffd3adffd00
[  238.979594][ T8596] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  238.979626][ T8596]  </TASK>
[  238.979638][ T8596] 
[  239.336313][ T8596] Allocated by task 8597:
[  239.340626][ T8596]  kasan_save_stack+0x33/0x60
[  239.345326][ T8596]  kasan_save_track+0x14/0x30
[  239.350023][ T8596]  __kasan_kmalloc+0xaa/0xb0
[  239.354646][ T8596]  __kvmalloc_node_noprof+0x3a3/0x9c0
[  239.360035][ T8596]  drm_gem_get_pages+0x144/0xa10
[  239.364990][ T8596]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  239.371070][ T8596]  drm_gem_shmem_mmap+0xc9/0x550
[  239.376101][ T8596]  drm_gem_mmap_obj+0x1b5/0x560
[  239.380973][ T8596]  drm_gem_mmap+0x40b/0x620
[  239.385491][ T8596]  __mmap_region+0x1309/0x27a0
[  239.390261][ T8596]  mmap_region+0x1ab/0x3f0
[  239.394716][ T8596]  do_mmap+0xa3e/0x1210
[  239.398867][ T8596]  vm_mmap_pgoff+0x29e/0x470
[  239.403450][ T8596]  ksys_mmap_pgoff+0x32c/0x5c0
[  239.408206][ T8596]  __x64_sys_mmap+0x125/0x190
[  239.412881][ T8596]  do_syscall_64+0xcd/0x4e0
[  239.417418][ T8596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.423308][ T8596] 
[  239.425619][ T8596] The buggy address belongs to the object at ffff888034a90000
[  239.425619][ T8596]  which belongs to the cache kmalloc-256 of size 256
[  239.439771][ T8596] The buggy address is located 0 bytes to the right of
[  239.439771][ T8596]  allocated 248-byte region [ffff888034a90000, ffff888034a900f8)
[  239.454256][ T8596] 
[  239.456578][ T8596] The buggy address belongs to the physical page:
[  239.463002][ T8596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34a90
[  239.471749][ T8596] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  239.480236][ T8596] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  239.487864][ T8596] page_type: f5(slab)
[  239.491845][ T8596] raw: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  239.500455][ T8596] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  239.509038][ T8596] head: 00fff00000000040 ffff88801b026b40 dead000000000122 0000000000000000
[  239.517710][ T8596] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  239.526383][ T8596] head: 00fff00000000001 ffffea0000d2a401 00000000ffffffff 00000000ffffffff
[  239.535072][ T8596] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  239.543732][ T8596] page dumped because: kasan: bad access detected
[  239.550143][ T8596] page_owner tracks the page as allocated
[  239.555867][ T8596] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8597, tgid 8596 (syz.2.881), ts 236719472125, free_ts 236495728685
[  239.566395][ T8601] XFS (loop6): Ending clean mount
[  239.577179][ T8596]  post_alloc_hook+0x1c0/0x230
[  239.577233][ T8596]  get_page_from_freelist+0x10a3/0x3a30
[  239.592516][ T8596]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  239.598418][ T8596]  alloc_pages_mpol+0x1fb/0x550
[  239.603269][ T8596]  new_slab+0x24a/0x360
[  239.607429][ T8596]  ___slab_alloc+0xdc4/0x1ae0
[  239.612116][ T8596]  __slab_alloc.constprop.0+0x63/0x110
[  239.617584][ T8596]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  239.622977][ T8596]  drm_gem_get_pages+0x144/0xa10
[  239.627920][ T8596]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[  239.634070][ T8596]  drm_gem_shmem_mmap+0xc9/0x550
[  239.639003][ T8596]  drm_gem_mmap_obj+0x1b5/0x560
[  239.643857][ T8596]  drm_gem_mmap+0x40b/0x620
[  239.648358][ T8596]  __mmap_region+0x1309/0x27a0
[  239.653121][ T8596]  mmap_region+0x1ab/0x3f0
[  239.657552][ T8596]  do_mmap+0xa3e/0x1210
[  239.661711][ T8596] page last free pid 1311 tgid 1311 stack trace:
[  239.668020][ T8596]  __free_frozen_pages+0x7df/0x1160
[  239.673215][ T8596]  qlist_free_all+0x4d/0x120
[  239.677822][ T8596]  kasan_quarantine_reduce+0x195/0x1e0
[  239.683317][ T8596]  __kasan_slab_alloc+0x69/0x90
[  239.688158][ T8596]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  239.694053][ T8596]  __alloc_skb+0x2b2/0x380
[  239.698469][ T8596]  rtmsg_ifinfo_build_skb+0x81/0x280
[  239.703747][ T8596]  rtnetlink_event+0xf3/0x1f0
[  239.708418][ T8596]  notifier_call_chain+0xbc/0x410
[  239.713439][ T8596]  call_netdevice_notifiers_info+0xbe/0x140
[  239.719327][ T8596]  call_netdevice_notifiers+0x7c/0xb0
[  239.724692][ T8596]  bond_resend_igmp_join_requests_delayed+0x5e/0x170
[  239.731371][ T8596]  process_one_work+0x9cf/0x1b70
[  239.736308][ T8596]  worker_thread+0x6c8/0xf10
[  239.740893][ T8596]  kthread+0x3c5/0x780
[  239.745040][ T8596]  ret_from_fork+0x56d/0x730
[  239.749630][ T8596] 
[  239.751938][ T8596] Memory state around the buggy address:
[  239.757567][ T8596]  ffff888034a8ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  239.765617][ T8596]  ffff888034a90000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  239.773666][ T8596] >ffff888034a90080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[  239.781711][ T8596]                                                                 ^
[  239.789675][ T8596]  ffff888034a90100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  239.797726][ T8596]  ffff888034a90180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  239.805773][ T8596] ==================================================================
[  239.836860][ T8601] XFS (loop6): Quotacheck needed: Please wait.
[  239.850482][ T8601] XFS (loop6): Quotacheck: Done.
[  239.978833][ T5844] ocfs2: Unmounting device (7,2) on (node local)
[  240.002773][ T7622] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791