last executing test programs:

7.256642866s ago: executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
symlink(&(0x7f0000001000)='./file0\x00', 0x0)
r3 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
readv(r3, &(0x7f0000000240)=[{&(0x7f0000000040)=""/84, 0x9000}], 0x1)
syz_emit_vhci(&(0x7f0000001880)=ANY=[@ANYBLOB="040e08000c08"], 0xb)
umount2(0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRESOCT=r2], 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2810880, &(0x7f0000000100)=ANY=[], 0x8a, 0x28e, &(0x7f0000000680)="$eJzs3U1r1EAcx/HfJNt1a2tNbUUQD1IteJK2XsRLQYqvwZOo3RWKSwWtoF4snsUX4N2LL8AX4UkEz3ry5AvoLTKzSXeiedi2dsel3w/sGpN5+E+STeYfKBGAE+v2xvcPN37aj5FixZJuSZHddFktSed1ofN8e2drp9/r1jUUSx25j5FcTfNXmc3tXllVW8/VyCT2fy3N+utwPNI0TX+EDgIhdbJ/47KNkXQq+3XGfuFJtxs6gMDMnvb0QnOh4wAAhGUG9/cou8/PZvP3KJKWs9u+f///diZwvEe1FzqAwLz7v8uyUmOP71m3aZjvuRTObo/yLPGg/djJY1uDM6swwTRNWaWLJZp+tNXvXd980u9GeqP1jFdsUdK6ulnOmmmIdqkkNy1qa/TWasy4MUzZMaxVxL9Q1unhe2xmPpsv5p5J9F7d/flfKzW2exdBsn+k7kwN41+pbtGNMhmUqhjlvOvkYnHH1o4yrspIlO+peRUfECTFONultdr6o9ZgdKvVo3PtLJTWWmuotWhrffRqDc/m6prHzbwzd82SfumTNrz5f2T39rJG+WXaMq5kdmbk4ynNDVuuZOKv2r1U2mZ0uPHgUN7qoW5q7tnLV48f9Pu9pyycoIX8JPhf4vl3C63x9NU+8q7r6ECFpboy+aVzhAbzi3Rjp2EuSxiv4UGvLvN6nAFh3OzFwwzyPy9fWXEpkv1KaubpadO0zWtxtSI3OOe+T3stmez5fHUGNFOdwY2ac125Jl31VjbkXImNc7p2rJPEbOir7vP8HwAAAAAAAAAAAAAAAAAAYNKM428zQo8RAAAAAAAAAAAAAAAAAAAAAIBJV/3+346O8f2/hZfp8P5fIIzfAQAA///stXSM")
pipe2(&(0x7f0000000040), 0x0)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
eventfd2(0x0, 0x0)

7.000049046s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x4}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000200000000000000006b79009500000000000000"], &(0x7f00000001c0)='syzkaller\x00'}, 0x80)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r3, r5, 0x25, 0x0, @val=@iter={0x0}}, 0x40)
sendto$inet(r2, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}}}}}}, 0x0)

6.091199998s ago: executing program 1:
pipe2$watch_queue(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)=@ipv6_getaddr={0x2c, 0x16, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r7}, [@IFA_ADDRESS={0x14, 0x1, @loopback}]}, 0x2c}}, 0x0)
dup(r4)
socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x400)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={&(0x7f0000000400)="194e607dd24befb261866c4f9791e2cd4e", 0x0, 0x0, 0x0, 0x0, 0x1}, 0x38)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r8)
shmctl$SHM_LOCK(0x0, 0xb)

5.929150163s ago: executing program 1:
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00')
umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x0)

5.720641846s ago: executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0xfe, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]})
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
fstat(r0, &(0x7f0000000300))

5.585754257s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0c00990000000200000000000800a00094090000080026009409000008002700000000000800a1"], 0x48}}, 0x0)

5.257448418s ago: executing program 2:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000711224000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)

5.1211153s ago: executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x58, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x1c, 0x11, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x5b59a396928ba8c6}]}}}]}], {0x14, 0x10}}, 0xa0}}, 0x0)

4.568350306s ago: executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001540)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000001580)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x2c}}, 0x0)

4.482923349s ago: executing program 2:
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
r0 = syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000080)={"a0453822", 0x0, 0x6, 0x1, 0x0, 0x0, "33793e77c734c4df2a87ba315ab8da", "000100", "00007f10", "8606ba80", ["d8085781ae0cff21223446fe", "51f3d17d0700", "2ce50f8a285d9500c522afe1"]})
unshare(0x20000400)
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "40fd1b53409e2852b9a48c86ec0826af"})

4.34941099s ago: executing program 1:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
symlink(&(0x7f0000001000)='./file0\x00', 0x0)
r3 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
readv(r3, &(0x7f0000000240)=[{&(0x7f0000000040)=""/84, 0x9000}], 0x1)
syz_emit_vhci(&(0x7f0000001880)=ANY=[@ANYBLOB="040e08000c08"], 0xb)
umount2(0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRESOCT=r2], 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x2810880, &(0x7f0000000100)=ANY=[], 0x8a, 0x28e, &(0x7f0000000680)="$eJzs3U1r1EAcx/HfJNt1a2tNbUUQD1IteJK2XsRLQYqvwZOo3RWKSwWtoF4snsUX4N2LL8AX4UkEz3ry5AvoLTKzSXeiedi2dsel3w/sGpN5+E+STeYfKBGAE+v2xvcPN37aj5FixZJuSZHddFktSed1ofN8e2drp9/r1jUUSx25j5FcTfNXmc3tXllVW8/VyCT2fy3N+utwPNI0TX+EDgIhdbJ/47KNkXQq+3XGfuFJtxs6gMDMnvb0QnOh4wAAhGUG9/cou8/PZvP3KJKWs9u+f///diZwvEe1FzqAwLz7v8uyUmOP71m3aZjvuRTObo/yLPGg/djJY1uDM6swwTRNWaWLJZp+tNXvXd980u9GeqP1jFdsUdK6ulnOmmmIdqkkNy1qa/TWasy4MUzZMaxVxL9Q1unhe2xmPpsv5p5J9F7d/flfKzW2exdBsn+k7kwN41+pbtGNMhmUqhjlvOvkYnHH1o4yrspIlO+peRUfECTFONultdr6o9ZgdKvVo3PtLJTWWmuotWhrffRqDc/m6prHzbwzd82SfumTNrz5f2T39rJG+WXaMq5kdmbk4ynNDVuuZOKv2r1U2mZ0uPHgUN7qoW5q7tnLV48f9Pu9pyycoIX8JPhf4vl3C63x9NU+8q7r6ECFpboy+aVzhAbzi3Rjp2EuSxiv4UGvLvN6nAFh3OzFwwzyPy9fWXEpkv1KaubpadO0zWtxtSI3OOe+T3stmez5fHUGNFOdwY2ac125Jl31VjbkXImNc7p2rJPEbOir7vP8HwAAAAAAAAAAAAAAAAAAYNKM428zQo8RAAAAAAAAAAAAAAAAAAAAAIBJV/3+346O8f2/hZfp8P5fIIzfAQAA///stXSM")
pipe2(&(0x7f0000000040), 0x0)
gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
eventfd2(0x0, 0x0)

4.175011497s ago: executing program 2:
inotify_init()
pipe2$9p(&(0x7f0000000000), 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x2284, &(0x7f0000000000))

3.226626546s ago: executing program 3:
socket$inet6(0xa, 0x80002, 0x0)
r0 = semget(0xffffffffffffffff, 0x8, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x20020084, 0x0, 0x0)
shutdown(r2, 0x1)
recvmsg(r2, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x10)
shmctl$SHM_STAT(r0, 0xd, &(0x7f0000000240)=""/32)
semtimedop(0x0, &(0x7f0000000180)=[{0x1, 0x40, 0x1800}, {0x0, 0x9, 0x800}], 0x2, &(0x7f0000000140))
clock_gettime(0x0, &(0x7f0000000080))

2.973659555s ago: executing program 0:
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000004408000008000300", @ANYRES32, @ANYBLOB="0a001800030303"], 0x44}}, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8954, &(0x7f0000000080)={{0x2, 0x0, @private}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000000000000001})
syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, &(0x7f0000000480)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x0, 0xd0}, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)

2.760973179s ago: executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x58, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x1c, 0x11, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x5b59a396928ba8c6}]}}}]}], {0x14, 0x10}}, 0xa0}}, 0x0)

2.086007134s ago: executing program 3:
creat(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose, 0x22}], [], 0x6b}})

1.981658761s ago: executing program 4:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000140), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vcan0\x00', <r2=>0x0})
sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="01000000cd0d00000000000000002000", @ANYRES64=r0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="0000000001"], 0x80}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000000280)={&(0x7f0000000940)={0x1, 0xb32, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "4210220097b2bb36662d7dd23a59126b470b759d7b9beb929157fbabb8971fdf7268450b731d6d110917f27e538256a669fea5023441347712804650cc7d8236"}}, 0x38}}, 0x0)

1.811613437s ago: executing program 3:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000680)='ns/cgroup\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)

1.785512281s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000001040)={0xa, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b326c078b089b3b083844090890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b333b0d07680936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0afc9397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6258742317662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76ccc2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2e57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849d11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f9d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f0712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1ccced94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1025}}, 0x1006)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

1.713179102s ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000bc0)={0x5c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x3e, 0x33, @assoc_req={{{}, {}, @device_b}, 0x0, 0x0, {}, @void, @val={0x2d, 0x1a}}}]}, 0x5c}}, 0x0)

1.527009342s ago: executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@enum={0x2, 0x0, 0x0, 0xf}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x9, 0x5, 0x3}]}]}, {0x0, [0x0, 0x61]}}, &(0x7f0000002200)=""/4110, 0x40, 0x100e, 0x1}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000080)={0x28}, 0xfdef)

1.483208028s ago: executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000140)=0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<'], 0x3c}}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r3, 0x8001}, 0x8)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)

1.15316179s ago: executing program 3:
sigaltstack(&(0x7f0000000000)={0xffffffffffffffff, 0x0, 0xfffffffffffffefa}, &(0x7f0000000080)={&(0x7f0000000040)})
sigaltstack(&(0x7f0000000040)={0xffffffffffffffff, 0x0, 0xfffffffffffffefa}, 0x0)

859.188386ms ago: executing program 3:
syz_mount_image$xfs(&(0x7f0000000540), &(0x7f0000009640)='./file0\x00', 0x200800, &(0x7f0000001340)={[{@lazytime}, {@uqnoenforce}, {@swalloc}, {@filestreams}, {@grpquota}, {@allocsize={'allocsize', 0x3d, [0x30, 0x39, 0x6d]}}, {@gquota}], [{@flag='nomand'}]}, 0x4, 0x9606, &(0x7f0000012cc0)="$eJzs2gm8pnPhuP/nDGOXMVRSaiqiRdYsUc0MZigkS7QjS8pSUqESSgoVEe3Zt2xlCWVrJdlbKCFUskRabMP8X8ecYYyLb/36/l++dV3X63XO8zz3c9/3+Tyf972cw2wyaYOJg8Ecg2mNG8zceddOnjLm6nXvOGrz+Y9d5tR7DnjsiouOH3mcMPI4cTAYjBp5e2jasrGD004fNZj14eWPNveccw3NOxgsO/JyZD+DFac9zHvF9PWmztTMAx169Ns+074ebr7hHzH85PAD9jpiMBiMmWH7ocFgaPfHfVBpm0yYPOlRq0fchq1Gjzyf8Wu2aV/zXjwYzHvmgI+PGdcdego+0vDP3P0l545e9yn42f9xbTJh8loz+Q+fi7OMLFtx+Byf+Rw0NvNxfttim648MoUPH2+DwfAl7jHnyn9Em0yYtPbgia/zg6NWuXCfqdOum7MPpt0o5hwMBnONXF/neapd6t9rwsTlHr5nT389wj79WN6djosT3n7yQ8M36cFgsMBgMHbN6feCqqqq+s9owsTlVoP7/xxPdv8/5ZSFz+z+X1VV9Z/bWhMmLjd8r5/p/j/Pk93/d1z4oj2n/bf/8StO2+qhp/ZDVFVV1b/UpLXw/j/mye7/K6522drd/6uqqv5zW3+dh+//88x0/1/wye7/bzl5lUVG1pv+e8ODM+xyaIb/n/DADMtnmWH5/TMsHz3DfmZcf7YZlt87w/LZh9+D9ccNBmOn/3vBKY8uHjtu+L2R5ffNsHz8o/9OZ9HVZ1g+YYblk2ZYPnFkrMPLJ8+wfPIM66/5JFNdVVX1f6b1l5u02mCGf2c/snih6e/T/f+Cs65b8qkab1VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVf1n9tAdZ587GAyGBoPBqMFgymDk+YyPg6lTp04dfn3K+Zdf/pQN9P9GQ+ddO3nKmKvXveOozec/dplT7zng0Vn6j+0//xPUv9Ow/xzHjxsMtt/oqR5KPQV1/rvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMPJ89+mPZ+3/5reOrLryxqfedfCjWy46fpuRZ+ddO3nKNk/B2J+ChoY/65ir173jqM3nP3aZU+854L/g7PnP/wT17/Sw/zZDg8HI+T1m+Fxed8L6Gy4xGAwOvuvUjVcYPPLeSsPvrTJ2lsEsD2+6xMPf11iUd7z7mtMexw9/W/CRfZzy8P7XmnrYLEMzDWKGXnXejUe9a5N7lp/5cfEn/hyjpj854voz7p46derUxywcaY4n2Hj6/qd/lpnP85GxLzE89qV22u69S71/l12X3Ga7zbbecustt19muZWWX2HZZVZY+RVLbbXNtlsuPe37E8zZuIe/r/bPzNk8M8/ZHRNmnLOZP9sTzdm4J5+zh/c4ZdehDafP2az/4pyt9uRzNm6bkR+06PjRg00fnpqhwWDR1UcPdh5+sczsg8Gia4ysu9DwuquOHTUY7P/oBx1+Nvsjx+DQ7sPrbDJpg4mPjuzxn/Bx1+nHrLjo+JHHCSOPE6cNcdzg0UNx7OC000cNz8VjpnnuOecamncwWHbk5ch+BiuPvHvo9PWmztTMAx169Ns+074ebr7hnQw/effSZ18zfC7OtP3/H/0/Xf8f57XS0CMTNTTyNbLONK8Jk9d69Gc9PA3DczfLyLIVh01mnrP/zR433nGzDsY8yXgnrTVxueHFM83/9E3w+LpzsQs/PO3YGr/itK0e+n9GofHO8yTjXWsCjneeJxvv8R+59PRpu/pfG+9M17q1H/4+/p+51g2e/Fo3C+1gy0sWmfla97onHuJjzuPpczT7TCs90bVu50OW3X14/+Of/Fq39vDYRz/mWjdqMFh0tenXuuEL36TRg/2HXyw7/GLy6MGxwy+We/jFnIPzh1+8/J07bLvF8II1p8/J0sP7HT926GH3C1e8dfGpB06duvrIWMaPfexYR46PcTPezyeMnTaZ07edvt/hVafv95ZnTntv0sh+J/wL+52+LY33rvmmvTd5ZL8TZ9rv6CfZ7/RtH3c+LDH0yIXrCa43k2a63oz8jTP9xz3ma7ZpX/NePBjMeyb5zrTu/3jNpPN3jicZ74SJy602PL6Zzt9HDkc6fy+dfPXwvWLewWCwwGAwds3pY/8XG3qi8c765OOdCOOd9cnGe+Vx263zvzDewQzjfcxxtsn6046VNUeOs8n/wvE7fduZr2OjH3532mV/zX/mOjbucdexPWYZNdNkz9AT/c62Baw/7flCj/6ee+1Jx0yf+9Ez7fd/+p1ths8yBNexMTP9PT9qzRsGQzTnux+/6mVDBz35nI8ePPZvi+lzPn3bJ5vzyf/MnD/nyef8n/09eYkXTnt/9Ezjn3HO19vv2ftOn/PZZtrv/zTnk5/83vH4OR8/GE1zvvT90+btya6nTzTn07edPufDH3GVsbMO1hi+Z43M+aR/Zs4X+t85zueC9ac93/KRReccdeobp8/5zHP8P835pH91zsc9cpwv+vB7Lxg1mG22wc6b7bTTjstM+z795bLTvvO16N5rp83zk91Ln8ho+rZPdl6s/s8YjfmnjIb+J6OFZ30io0dPrSN32PEZ/6/XotX/VaMBX4uuPmbavD3Z70VPNOfTt6X74IIzbD/z36Hrr/Pw793zzHQfnL4J3gfPOWvtvafvcmSzB2ca5vT76gMzLJ9lhuX3z7B89Az7mXH92WZYfu8My4c/wmwzrD+dddzw37wjy6c8uvrY4V+exo0sv2+G5eMf3XbR1WdYPmGG5ZNmWD7x0UNj0ckzLJ88w/prDv7Fpv836W1mvsjXP1v//ddd/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMO350MjjYPeh9W5/zfDjYDAYveKJU9d7qsf7FDd03rWTp4y5et07jtp8/mOXOfWeA/4Lzp7//E9Q/04P+28zNBiMnN9jthkMButOWH/DJQaDwXpTT1xx1OCR9xYafm/VsaMGg/2HHrOD2R9ZZ2j34XU2mbTBxMFgjpE1xj3uhz7uPHrMiouOH3mcMPI4cdr1adzg0eN17OC000cNZn14+aPNPedcQ/MOBsuOvBzZz2DFaQ/zXjF9vakzNfNAhx79ts+0r4ebb/hHDD/ZeevJzx2eq5m2/z/T9Gv1NqP+x1U7/93l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u/jX/jpb/thJ1l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5i3vojrPPHTkGRg0GUwbTng/tPvI4GDr5tBePHCKjd7nq6MOe6vE+xQ2dd+3kKWOuXveOozaf/9hlTr3ngP+Cs+c//xPUv9PD/tsMDQYj5/eYbQaDwboT1t9wicFgcNjRV+0yavDIewsNv7fq2FGDwf5Dj9nB7I+sM7T78DqbTNpg4mAwx8ga4x73Qx93Hj1mxUXHjzxOGHmcOO36NG7w6PE6dnDa6aMGsz68/NHmnnOuoXkHg2VHXo7sZ7DitId5r5i+3tSZmnmgQ49+22fa18PNN/wjhp/sNc+1Jw/P1Uzb/59p+rV6m1H/46qd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5S/uoTvOPnfkGBg1GEwZTHs+auRxaPebb9ptw+HH4dfzr7n3tU/1eJ/ihs67dvKUMVeve8dRm89/7DKn3nPAf8HZ85//Cerfadh/juPHDQbbb/RUD6Wegjr/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9xDd5x97sjTUY8uHbV7xwU2dN61k6eMuXrdO47afP5jlzn1ngOe6gH9uz2B/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf5ZB/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkP/jmnXk0eD/wvwxy/m/aP6YxX+x/DGL/4vyxyz+i+ePWfyXyB+z+L84f8zi/5L8MYv/S/PHLP4vyx+z+C+ZP2bxf3n+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfyXyx+z+C+fP2bxf0X+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxfmT9m8V8lf8ziv2r+mMX/VfljFv9X549Z/F+TP2bxH58/ZvGfkD9m8Z+YP2bxXy1/zOK/ev6YxX+N/DGL/6T8MYv/ZJX/LP/0mhb/NVX+/3wW/7Xyxyz+r80fs/i/Ln/M4r92/pjFf538MYv/uvljFv/X549Z/NfLH7P4vyF/zOK/fv6YxX+D/DGL/4b5Yxb/jfLHLP5vzB+z+G+cP2bx3yR/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//b88cs/u/IH7P4b5o/ZvHfLH/M4r95/pjF/535Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvF/V/6YxX+b/DGL/7vzxyz+78kfs/hvmz9m8d8uf8ziv33+mMV/h/wxi/9788cs/u/LH7P475g/ZvF/f/6YxX+n/DGL/wfyxyz+H8wfs/h/KH/M4r9z/pjFf5f8MYv/rvljFv8P549Z/D+SP2bx/2j+mMV/t/wxi//H8scs/rvnj1n898gfs/jvmT9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/vvmj1n898sfs/h/Jn/M4v/Z/DGL/+fyxyz+++ePWfwPyB+z+H8+f8zif2D+mMX/oPwxi/8X8scs/gfnj1n8D8kfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+b+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOL/rfwxi/+388cs/qfmj1n8T8sfs/ifnj9m8T8jf8zi/538MYv/mfljFv+z8scs/mfnj1n8v5s/ZvH/Xv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/+F+WMW/4vyxyz+P80fs/hfnD9m8f9Z/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif3X+mMX/mvwxi/+v88cs/r/JH7P4X5s/ZvH/bf6Yxf+6/DGL//X5Yxb/G/LHLP6/yx+z+N+YP2bxvyl/zOJ/c/6Yxf/3+WMW/z/kj1n8/5g/ZvG/JX/M4v+n/DGL/635Yxb/2/LHLP63549Z/O/IH7P4/zl/zOJ/Z/6Yxf+u/DGL/1/yxyz+d+ePWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/5T8MYv/g/ljFv+H8scs/lPzxyT+sw7yxyz+Q/ljFv9R+WMW/1nyxyz+s+aPWfxH549Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n8n5Y/ZvGfL3/M4j8mf8ziP3/+mMV/bP6YxX+B/DGL/4L5Yxb/p+ePWfyfkT9m8X9m/pjFf6H8MYv/s/LHLP4L549Z/J+dP2bxf07+mMV/kfwxi/9z88cs/s/LH7P4j8sfs/g/P3/M4v+C/DGL/wvzxyz+i+aPWfwXyx+z+L8of8ziv3j+mMV/ifwxi/+L88cs/i/JH7P4vzR/zOL/svwxi/+S+WMW/5fnj1n8l8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/1fkj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMX/lfljFv9V8scs/qvmj1n8X5U/ZvF/df6Yxf81+WMW//H5Yxb/CfljFv+J+WMW/9Xyxyz+q+ePWfzXyB+z+E/KH7P4T84fs/ivmT9m8V8rf8zi/9r8MYv/6/LHLP5r549Z/NfJH7P4r5s/ZvF/ff6YxX+9/DGL/xsGl+cPWfzX7/zHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxHz3IH7P4D+WPWfxH5Y9Z/GfJH7P4z5o/ZvEfnT9m8Z8tf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxf1r+mMV/vvwxi/+Y/DGL//z5Yxb/sfljFv8F8scs/gvmj1n8n54/ZvF/Rv6Yxf+Z+WMW/4Xyxyz+z8ofs/gvnD9m8X92/pjF/zn5Yxb/RfLHLP7PzR+z+D8vf8ziPy5/zOL//Pwxi/8L8scs/i/MH7P4L5o/ZvFfLH/M4v+i/DGL/+L5Yxb/JfLHLP4vzh+z+L8kf8zi/9L8MYv/y/LHLP5L5o9Z/F+eP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/F+RP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/V+aPWfxXyR+z+K+aP2bxf1X+mMX/1fljFv/X5I9Z/Mfnj1n8J+SPWfwn5o9Z/FfLH7P4r54/ZvFfI3/M4j8pf8ziPzl/zOK/Zv6YxX+t/DGL/2vzxyz+r8sfs/ivnT9m8V8nf8ziv27+mMX/9fljFv/18scs/m/IH7P4r58/ZvHfIH/M4r9h/pjFf6P8MYv/G/PHLP4b549Z/DfJH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4vy1/zOL/9vwxi/878scs/pvmj1n8N8sfs/hvnj9m8X9n/pjFf4v8MYv/lvljFv+t8scs/lvnj1n835U/ZvHfJn/M4v/u/DGL/3vyxyz+2+aPWfy3yx+z+G+fP2bx3yF/zOL/3vwxi//78scs/jvmj1n8358/ZvHfKX/M4v+B/DGL/wfzxyz+H8ofs/jvnD9m8d8lf8ziv2v+mMX/w/ljFv+P5I9Z/D+aP2bx3y1/zOL/sfwxi//u+WMW/z3yxyz+e+aPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/+++WMW//3yxyz+n8kfs/h/Nn/M4v+5/DGL//75Yxb/A/LHLP6fzx+z+B+YP2bxPyh/zOL/hfwxi//B+WMW/0Pyxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/h/LX/M4v/1/DGL/zfyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Zv6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4fyt/zOL/7fwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+H8nf8zif2b+mMX/rPwxi//Z+WMW/+/mj1n8v5c/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/t/PH7P4/yB/zOL/w/wxi/+P8scs/j/OH7P4/yR/zOJ/Yf6Yxf+i/DGL/0/zxyz+F+ePWfx/lj9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+P88f8zi/4v8MYv/L/PHLP6/yh+z+F+dP2bxvyZ/zOL/6/wxi/9v8scs/tfmj1n8f5s/ZvG/Ln/M4n99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/2yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW/6flj1n858sfs/iPyR+z+M+fP2bxH5s/ZvFfIH/M4r9g/pjF/+n5Yxb/Z+SPWfyfmT9m8V8of8zi/6z8MYv/wvljFv9n549Z/J+TP2bxXyR/zOL/3Pwxi//z8scs/uPyxyz+z88fs/i/IH/M4v/C/DGL/6L5Yxb/xfLHLP4vyh+z+C+eP2bxXyJ/zOL/4vwxi/9L8scs/i/NH7P4vyx/zOK/ZP6Yxf/l+WMW/6Xyxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOK/fP6Yxf8V+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxf2X+mMV/lfwxi/+q+WMW/1flj1n8X50/ZvF/Tf6YxX98/pjFf0L+mMV/Yv6YxX+1/DGL/+r5Yxb/NfLHLP6T8scs/pPzxyz+a+aPWfzXyh+z+L82f8zi/7r8MYv/2vljFv918scs/uvmj1n8X58/ZvFfL3/M4v+G/DGL//r5Yxb/DfLHLP4b5o9Z/DfKH7P4vzF/zOK/cf6YxX+T/DGL/5vyxyz+b84fs/i/JX/M4v/W/DGL/9vyxyz+b88fs/i/I3/M4r9p/pjFf7P8MYv/5vljFv935o9Z/LfIH7P4b5k/ZvHfKn/M4r91/pjF/135Yxb/bfLHLP7vzh+z+L8nf8ziv23+mMV/u/wxi//2+WMW/x3yxyz+780fs/i/L3/M4r9j/pjF//35Yxb/nfLHLP4fyB+z+H8wf8zi/6H8MYv/zvljFv9d8scs/rvmj1n8P5w/ZvH/SP6Yxf+j+WMW/93yxyz+H8sfs/jvnj9m8d8jf8ziv2f+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/jvmz9m8d8vf8zi/5n8MYv/Z/PHLP6fyx+z+O+fP2bxPyB/zOL/+fwxi/+B+WMW/4Pyxyz+X8gfs/gfnD9m8T8kf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/b+aPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/7fyxyz+384fs/ifmj9m8T8tf8zif3r+mMX/jPwxi/938scs/mfmj1n8z8ofs/ifnT9m8f9u/pjF/3v5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/9/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+F+aPWfwvyh+z+P80f8zif3H+mMX/Z/ljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//P88cs/r/IH7P4/zJ/zOL/q/wxi//V+WMW/2vyxyz+v84fs/j/Jn/M4n9t/pjF/7f5Yxb/6/LHLP7X549Z/G/IH7P4/y5/zOJ/Y/6Yxf+m/DGL/835Yxb/3+ePWfz/kD9m8f9j/pjF/5b8MYv/n/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4v/n/DGL/535Yxb/u/LHLP5/yR+z+N+dP2bx/2v+mMX/b/ljFv+/549Z/P+RP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP5T8scs/g/mj1n8H8ofs/hPzR+T+M8+yB+z+A/lj1n8R+WPWfxnyR+z+M+aP2bxH50/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8X9a/pjFf778MYv/mPwxi//8+WMW/7H5Yxb/BfLHLP4L5o9Z/J+eP2bxf0b+mMX/mfljFv+F8scs/s/KH7P4L5w/ZvF/dv6Yxf85+WMW/0Xyxyz+z80fs/g/L3/M4j8uf8zi//z8MYv/C/LHLP4vzB+z+C+aP2bxXyx/zOL/ovwxi//i+WMW/yXyxyz+L84fs/i/JH/M4v/S/DGL/8vyxyz+S+aPWfxfnj9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxfkT9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1fmj1n8V8kfs/ivmj9m8X9V/pjF/9X5Yxb/1+SPWfzH549Z/Cfkj1n8J+aPWfxXyx+z+K+eP2bxXyN/zOI/KX/M4j85f8ziv2b+mMV/rfwxi/9r88cs/q/LH7P4r50/ZvFfJ3/M4r9u/pjF//X5Yxb/9fLHLP5vyB+z+K+fP2bx3yB/zOK/Yf6YxX+j/DGL/xvzxyz+G+ePWfw3yR+z+L8pf8zi/+b8MYv/W/LHLP5vzR+z+L8tf8zi//b8MYv/O/LHLP6b5o9Z/DfLH7P4b54/ZvF/Z/6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/N+VP2bx3yZ/zOL/7vwxi/978scs/tvmj1n8t8sfs/hvnz9m8d8hf8zi/978MYv/+/LHLP475o9Z/N+fP2bx3yl/zOL/gfwxi/8H88cs/h/KH7P475w/ZvHfJX/M4r9r/pjF/8P5Yxb/j+SPWfw/mj9m8d8tf8zi/7H8MYv/7vljFv898scs/nvmj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/vvljFv/98scs/p/JH7P4fzZ/zOL/ufwxi//++WMW/wPyxyz+n88fs/gfmD9m8T8of8zi/4X8MYv/wfljFv9D8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/2b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8rf8zi/+38MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/J3/M4n9m/pjF/6z8MYv/2fljFv/v5o9Z/L+XP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif2H+mMX/ovwxi/9P88cs/hfnj1n8f5Y/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfnT9m8b8mf8zi/+v8MYv/b/LHLP7X5o9Z/H+bP2bxvy5/zOJ/ff6Yxf+G/DGL/+/yxyz+N+aPWfxvyh+z+N+cP2bx/33+mMX/D/ljFv8/5o9Z/G/JH7P4/yl/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP5/zh+z+N+ZP2bxvyt/zOL/l/wxi//d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOI/JX/M4v9g/pjF/6H8MYv/1Pwxif8cg/wxi/9Q/pjFf1T+mMV/lvwxi/+s+WMW/9H5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv+n5Y9Z/OfLH7P4j8kfs/jPnz9m8R+bP2bxXyB/zOK/YP6Yxf/p+WMW/2fkj1n8n5k/ZvFfKH/M4v+s/DGL/8L5Yxb/Z+ePWfyfkz9m8V8kf8zi/9z8MYv/8/LHLP7j8scs/s/PH7P4vyB/zOL/wvwxi/+i+WMW/8Xyxyz+L8ofs/gvnj9m8V8if8zi/+L8MYv/S/LHLP4vzR+z+L8sf8ziv2T+mMX/5fljFv+l8scs/kvnj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/FfljFv8V8scs/ivmj1n8V8ofs/ivnD9m8X9l/pjFf5X8MYv/qvljFv9X5Y9Z/F+dP2bxf03+mMV/fP6YxX9C/pjFf2L+mMV/tfwxi//q+WMW/zXyxyz+k/LHLP6T88cs/mvmj1n818ofs/i/Nn/M4v+6/DGL/9r5Yxb/dfLHLP7r5o9Z/F+fP2bxXy9/zOL/hvwxi//6+WMW/w3yxyz+G+aPWfw3yh+z+L8xf8ziv3H+mMV/k/wxi/+b8scs/m/OH7P4vyV/zOL/1vwxi//b8scs/m/PH7P4vyN/zOK/af6YxX+z/DGL/+b5Yxb/d+aPWfy3yB+z+G+ZP2bx3yp/zOK/df6Yxf9d+WMW/23yxyz+784fs/i/J3/M4r9t/pjFf7v8MYv/9vljFv8d8scs/u/NH7P4vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPOcgfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz/2WP/RT/Vw/v2ewP+6/DHL+X99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/1yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf+y/33+OR97K//H99/s/3Fzz5I9Z/OfNH7P4Py1/zOI/X/6YxX9M/pjFf/78MYv/2Pwxi/8C+WMW/wXzxyz+T88fs/g/I3/M4v/M/DGL/0L5Yxb/Z+WPWfwXzh+z+D87f8zi/5z8MYv/IvljFv/n5o9Z/J+XP2bxH5c/ZvF/fv6Yxf8F+WMW/xfmj1n8F80fs/gvlj9m8X9R/pjFf/H8MYv/EvljFv8X549Z/F+SP2bxf2n+mMX/ZfljFv8l88cs/i/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/cvljFv/l88cs/q/IH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/K/PHLP6r5I9Z/FfNH7P4vyp/zOL/6vwxi/9r8scs/uPzxyz+E/LHLP4T88cs/qvlj1n8V88fs/ivkT9m8Z+UP2bxn5w/ZvFfM3/M4r9W/pjF/7X5Yxb/1+WPWfzXzh+z+K+TP2bxXzd/zOL/+vwxi/96+WMW/zfkj1n8188fs/hvkD9m8d8wf8ziv1H+mMX/jfljFv+N88cs/pvkj1n835Q/ZvF/c/6Yxf8t+WMW/7fmj1n835Y/ZvF/e/6Yxf8d+WMW/03zxyz+m+WPWfw3zx+z+L8zf8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+78ofs/hvkz9m8X93/pjF/z35Yxb/bfPHLP7b5Y9Z/LfPH7P475A/ZvF/b/6Yxf99+WMW/x3zxyz+788fs/jvlD9m8f9A/pjF/4P5Yxb/D+WPWfx3zh+z+O+SP2bx3zV/zOL/4fwxi/9H8scs/h/NH7P475Y/ZvH/WP6YxX/3/DGL/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf+5B/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkD9m8X9h/pjFf9H8MYv/YvljFv8X5Y9Z/BfPH7P4L5E/ZvF/cf6Yxf8l+WMW/5fmj1n8X5Y/ZvFfMn/M4v/y/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4v+K/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4vzJ/zOK/Sv6YxX/V/DGL/6vyxyz+r84fs/i/Jn/M4j8+f8ziPyF/zOI/MX/M4r9a/pjFf/X8MYv/GvljFv9J+WMW/8n5Yxb/NfPHLP5r5Y9Z/F+bP2bxf13+mMV/7fwxi/86+WMW/3Xzxyz+r88fs/ivlz9m8X9D/pjFf/38MYv/BvljFv8N88cs/hvlj1n835g/ZvHfOH/M4r9J/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/t+ePWfzfkT9m8d80f8ziv1n+mMV/8/wxi/8788cs/lvkj1n8t8wfs/hvlT9m8d86f8zi/678MYv/NvljFv93549Z/N+TP2bx3zZ/zOK/Xf6YxX/7/DGL/w75Yxb/9+aPWfzflz9m8d8xf8zi//78MYv/TvljFv8P5I9Z/D+YP2bx/1D+mMV/5/wxi/8u+WMW/13zxyz+H84fs/h/JH/M4v/R/DGL/275Yxb/j+WPWfx3zx+z+O+RP2bx3zN/zOL/8fwxi/8n8scs/nvlj1n8P5k/ZvHfO3/M4v+p/DGL/6fzxyz+++SPWfz3zR+z+O+XP2bx/0z+mMX/s/ljFv/P5Y9Z/PfPH7P4H5A/ZvH/fP6Yxf/A/DGL/0H5Yxb/L+SPWfwPzh+z+B+SP2bx/2L+mMX/S/ljFv8v549Z/L+SP2bx/2r+mMX/a/ljFv+v549Z/L+RP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/N/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/1v5Yxb/b+ePWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf87+WMW/zPzxyz+Z+WPWfzPzh+z+H83f8zi/738MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9+/pjF/wf5Yxb/H+aPWfx/lD9m8f9x/pjF/yf5Yxb/C/PHLP4X5Y9Z/H+aP2bxvzh/zOL/s/wxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/n+WMW/1/kj1n8f5k/ZvH/Vf6Yxf/q/DGL/zX5Yxb/X+ePWfx/kz9m8b82f8zi/9v8MYv/dfljFv/r88cs/jfkj1n8f5c/ZvG/MX/M4n9T/pjF/+b8MYv/7/PHLP5/yB+z+P8xf8zif0v+mMX/T/ljFv9b88cs/rflj1n8b88fs/jfkT9m8f9z/pjF/878MYv/XfljFv+/5I9Z/O/OH7P4/zV/zOL/t/wxi//f88cs/v/IH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8p+WMW/wfzxyz+D+WPWfyn5o9J/OcZ5I9Z/Ifyxyz+o/LHLP6z5I9Z/GfNH7P4j84fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+D8tf8ziP1/+mMV/TP6YxX/+/DGL/9j8MYv/AvljFv8F88cs/k/PH7P4PyN/zOL/zPwxi/9C+WMW/2flj1n8F84fs/g/O3/M4v+c/DGL/yL5Yxb/5+aPWfyflz9m8R+XP2bxf37+mMX/BfljFv8X5o9Z/BfNH7P4L5Y/ZvF/Uf6YxX/x/DGL/xL5Yxb/F+ePWfxfkj9m8X9p/pjF/2X5Yxb/JfPHLP4vzx+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP6vyB+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yvzxyz+q+SPWfxXzR+z+L8qf8zi/+r8MYv/a/LHLP7j88cs/hPyxyz+E/PHLP6r5Y9Z/FfPH7P4r5E/ZvGflD9m8Z+cP2bxXzN/zOK/Vv6Yxf+1+WMW/9flj1n8184fs/ivkz9m8V83f8zi//r8MYv/evljFv835I9Z/NfPH7P4b5A/ZvHfMH/M4r9R/pjF/435Yxb/jfPHLP6b5I9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/N+WP2bxf3v+mMX/HfljFv9N88cs/pvlj1n8N88fs/i/M3/M4r9F/pjFf8v8MYv/VvljFv+t88cs/u/KH7P4b5M/ZvF/d/6Yxf89+WMW/23zxyz+2+WPWfy3zx+z+O+QP/aI/1Yn/1f7vzd/zHL+vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPO8gfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz9m8b8uf8zif33+mMX/hvwxi//v8scs/jfmj1n8b8ofs/jfnD9m8f99/pjF/w/5Yxb/P+aPWfxvyR+z+P8pf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+f84fs/jfmT9m8b8rf8zi/5f8MYv/3fljFv+/5o9Z/P+WP2bx/3v+mMX/H/ljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8ziPyV/zOL/YP6Yxf+h/DGL/9T8MYn/0wb5Yxb/ofwxi/+o/DGL/yz5Yxb/WfPHLP6j88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+T8sfs/jPlz9m8R+TP2bxnz9/zOI/Nn/M4r9A/pjFf8H8MYv/0/PHLP7PyB+z+D8zf8ziv1D+mMX/WfljFv+F88cs/s/OH7P4Pyd/zOK/SP6Yxf+5+WMW/+flj1n8x+WPWfyfnz9m8X9B/pjF/4X5Yxb/RfPHLP6L5Y9Z/F+UP2bxXzx/zOK/RP6Yxf/F+WMW/5fkj1n8X5o/ZvF/Wf6YxX/J/DGL/8vzxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/yvyxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOL/yvwxi/8q+WMW/1Xzxyz+r8ofs/i/On/M4v+a/DGL//j8MYv/hPwxi//E/DGL/2r5Yxb/1UX+c/wL61r81xD5/ytZ/Cflj1n8J+ePWfzXzB+z+K+VP2bxf23+mMX/dfljFv+188cs/uvkj1n8180fs/i/Pn/M4r9e/pjF/w35Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxn2+QP2bxH8ofs/iPyh+z+M+SP2bxnzX/xzTLyKPFf3T+mMV/tvwxi//s+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6Yxf9p+WMW//nyxyz+Y/LHLP7z549Z/Mfmj1n8F8gfs/gvmD9m8X96/pjF/xn5Yxb/Z+aPWfwXyh+z+D8rf8ziv3D+mMX/2fljFv/n5I9Z/BfJH7P4Pzd/zOL/vPwxi/+4/DGL//Pzxyz+L8gfs/i/MH/M4r9o/pjFf7H8MYv/i/LHLP6L549Z/JfIH7P4vzh/zOL/kvwxi/9L88cs/i/LH7P4L5k/ZvF/ef6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvF/Rf6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/F+ZP2bxXyV/zOK/av6Yxf9V+WMW/1fnj1n8X5M/ZvEfnz9m8Z+QP2bxn5g/ZvFfLX/M4r96/pjFf438MYv/pPwxi//k/DGL/5r5Yxb/tfLHLP6vzR+z+L8uf8ziv3b+mMV/nfwxi/+6+WMW/9fnj1n818sfs/i/IX/M4r9+/pjFf4P8MYv/hvljFv+N8scs/m/MH7P4b5w/ZvHfJH/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4v+2/DGL/9vzxyz+78gfs/hvmj9m8d8sf8ziv3n+mMX/nfljFv8t8scs/lvmj1n8t8ofs/hvnT9m8X9X/pjFf5v8MYv/u/PHLP7vyR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/3vzxyz+78sfs/jvmD9m8X9//pjFf6f8MYv/B/LHLP4fzB+z+H8of8ziv3P+mMV/l/wxi/+u+WMW/w/nj1n8P5I/ZvH/aP6YxX+3/DGL/8fyxyz+u+ePWfz3yB+z+O+ZP2bx///Yo6cEUAgACIDZeNm2bdu2bdv1kW3btm3btm3zAnuCduYKc6D/qOX/IP9Ry//B/qOW/0P8Ry3/h/qPWv4P8x+1/B/uP2r5P8J/1PJ/pP+o5f8o/1HL/9H+o5b/Y/xHLf/H+o9a/o/zH7X8H+8/avk/wX/U8n+i/6jl/yT/Ucv/yf6jlv9T/Ect/6f6j1r+T/Mftfyf7j9q+T/Df9Tyf6b/qOX/LP9Ry//Z/qOW/3P8Ry3/5/qPWv7P8x+1/J/vP2r5v8B/1PJ/of+o5f8i/1HL/8X+o5b/S/xHLf+X+o9a/i/zH7X8X+4/avm/wn/U8n+l/6jl/yr/Ucv/1f6jlv9r/Ect/9f6j1r+r/Mftfxf7z9q+b/Bf9Tyf6P/qOX/Jv9Ry//N/qOW/1v8Ry3/t/qPWv5v8x+1/N/uP2r5v8N/1PJ/p/+o5f8u/1HL/93+o5b/e/xHLf/3+o9a/u/zH7X83+8/avl/wH/U8v+g/6jl/yH/Ucv/w/6jlv9H/Ect/4/6j1r+H/Mftfw/7j9q+X/Cf9Ty/6T/qOX/Kf9Ry//T/qOW/2f8Ry3/z/qPWv6f8x+1/D/vP2r5f8F/1PL/ov+o5f8l/1HL/8v+o5b/V/xHLf+v+o9a/l/zH7X8v+4/avl/w3/U8v+m/6jl/y3/Ucv/2/6jlv93/Ect/+/6j1r+3/Mftfy/7z9q+f/Af9Ty/6H/qOX/I/9Ry//H/qOW/0/8Ry3/n/qPWv4/8x+1/H/uP2r5/8J/1PL/pf+o5f8r/1HL/9f+o5b/b/xHLf/f+o9a/r/zH7X8f+8/avn/wX/U8v+j/6jl/yf/Ucv/z/6jlv9f/Ect/7/6j1r+f/Mftfz/7j9q+f/Df9Ty/6f/qOX/L/9Ry//f/qOW/3/8Ry3///qPSv4HDOQ/avkf2H/U8j+I/6jlf1D/Ucv/YP6jlv/B/Uct/0P4j1r+h/QftfwP5T9q+R/af9TyP4z/qOV/WP9Ry/9w/qOW/+H9Ry3/I/iPWv5H9B+1/A/wH7X8j+Q/avkf2X/U8j+K/6jlf1T/Ucv/aP6jlv/R/Uct/2P4j1r+x/QftfyP5T9q+R/bf9TyP47/qOV/XP9Ry/94/qOW//H9Ry3/E/iPWv4n9B+1/E/kP2r5n9h/1PI/if+o5X9S/1HL/2T+o5b/yf1HLf9T+I9a/qf0H7X8T+U/avmf2n/U8j+N/6jlf1r/Ucv/dP6jlv/p/Uct/zP4j1r+Z/QftfzP5D9q+Z/Zf9TyP4v/qOV/Vv9Ry/9s/qOW/9n9Ry3/c/iPWv7n9B+1/M/lP2r5n9t/1PI/j/+o5X9e/1HL/3z+o5b/+f1HLf8L+I9a/hf0H7X8L+Q/avlf2H/U8r+I/6jlf1H/Ucv/Yv6jlv/F/Uct/0v4j1r+l/Qftfwv5T9q+V/af9Tyv4z/qOV/Wf9Ry/9y/qOW/+X9Ry3/K/iPWv5X9B+1/K/kP2r5X9l/1PK/iv+o5X9V/1HL/2r+o5b/1f1HLf9r+I9a/tf0H7X8r+U/avlf23/U8r+O/6jlf13/Ucv/ev6jlv/1/Uct/xv4j1r+N/Qftfxv5D9q+d/Yf9Tyv4n/qOV/U/9Ry/9m/qOW/839Ry3/W/iPWv639B+1/G/lP2r539p/1PK/jf+o5X9b/1HL/3b+o5b/7f1HLf87+I9a/nf0H7X87+Q/avnf2X/U8r+L/6jlf1f/Ucv/bv6jlv/d/Uct/3v4j1r+9/Qftfzv5T9q+d/bf9Tyv4//qOV/X/9Ry/9+/qOW//39Ry3/B/iP/nf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf+zbbWydZeHH8bvbOsb+/JMRF1yGJptcKCTCbPeQ8YKwydhWB914HgMc3dqNjXabXYddAffwYhIhPEgyyRIlypahhJnQSAwEK4ho0EVNNPgAiEIUjRMh6Ja4WHPa09Ieu8Zz1etalM/nRc+577Pfva3Jd/e9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ns1NC48Mr5m2KnxQw8+eLil73XO0ZU3H/htz4UDr+WPl41wyXFDD3p7e3vnPDd7R/nwlKIoSj/bzvLxpMpx6fo767/Q2X8UFvS8tOT4lJ83Hjmw5vRH6rqP3l/bd7a2uGndhtaWj40rinBxbdFZOqirKYqwuLa4r3RQXzpYUls8UjqY3XdwavHt0sH5aze3NpdOLI3+nsH/iobGncX4YcUWw/40GNr/zvpv3TnwOsolB642oSj3f0XX99+q+GzACfofuH5YWNl/1b9B4ISq6/+FBQOvo1zyX+7/k59a9cpIn524/4Hrh4/rH9IZ4fl/WKOVz/0Vz/8zRrjk4P6qmq7jpf4vve3ZmeVTE/6d5/93rx8urux/3LDn/9Jz/KKB5/9TiiJcMsZvB7ynNDTuOjLa/X/0/idMr9jUDO3/jPbN+0v9P77ke0+UT9VW2f+iUe7/45ZW/FqB6jQ0frm34v5fRf/FR0a45GD/bz/x64dL/T/2+wfOHPJZNf1fUtn/rI62LbO2bu86b0Nb0/qW9S2b6mbPnzOvvm7eBXNn9T0S9H8d43cF3hvGdv8vJldsaoqiZXB/TfeBp0v9z33wwTnlU5Oq7H/xqPf/Ge7/MKIPjSsmTiw6mzo62uv6vw4c1vd/7f9hI/Rfxd//zzqn/MNqy681RTFtcH/XmXevKPX/zqFnd5dPTayy/yWj9r9g8OcFIozx/t9csRnW/8FDL/U9/y+79+AZ5VPV/v1/6aj9v+r+D2PR0FjxP/z8h5X631VcFtlpaPDf/yCdHP0/9s4NPXHr8An9Qzo5+v/d546eG7cOy/QP6eTof8LGB56PW4dL9Q/p5Oh/+dT5K+LW4TL9Qzo5+l/76rl/jluHRv1DOjn6P+dLuzvj1mG5/iGdHP0/1D5nW9w6rNA/pJOj/5+e9tBrcetwuf4hnRz9Hzt2z41x63CF/iGdHP137zn7B3HrcKX+IZ0c/V++bmGIW4er9A/p5Oh/+rQ/Ph63DlfrH9LJ0f+8P/39tLh1uEb/kE6O/u/4/Ip9cetwrf4hnRz9j7/+lRfj1mGl/iGdHP0vPXvbwrh1uE7/kE6O/pt/0twbtw6r9A/p5Oh/1td/tCFuHa7XP6STo//Dyx/dE7cON+gf0snR/566YkrcOtyof0gnR/9f++7ph+LW4ZP6h3Ry9P+bp56cH7cOq/UP6eTo/7kP3P6NuHW4Sf+QTo7+713z4llx69Ckf0gnR/8P733+i3HrsEb/kE6O/t94o+3/4tZhrf4hnRz9T5506utx69Csf0gnR/8Lb/1Ke9w6tOgf0snRf9vu7h/GrcM6/UM6Ofr/8PFpq+LWYb3+IZ0c/a+cu/f9cetws/4hnRz9v2/Zhbvi1mGD/iGdHP1f1PPRi+LWYaP+IZ0c/Xc889mvxq3DLfqHdHL0v3fma4vj1qFV/5BOjv5fXr30x3Hr0KZ/SCdH/289et2muHXYpH9IJ0f/T/7s7WNx67BZ/5BOjv7//4JFf41bhy36h3Ry9L94yZtr49bhU/qHdHL0v7H7Hy/HrUO7/iGdHP3PPHz1srh12Kp/SCdH/985r25/3Dp06B/SydH/nVfuq49bh236h3Ry9L//4F13x63DrfqHdHL0/+YvZkyPW4dP6x/SydH//VMOXRu3Dp36h3Ry9P/LTbXPxK3Ddv1DOjn6/9u+qTvi1qFL/5BOjv6ffr3nD3HrcJv+IZ0c/a+e8KuJcetwu/4hnRz9T+3acl/cOtyhf0gnR//z72k6P24dPqN/SCdH/1v/8sI349Zhh/4hna3bu25pam1taffGG2+8GXxzsv9kAlJ7N/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+yQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRC9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//+O1eBI")
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0xc040583c, 0x0)

857.555206ms ago: executing program 4:
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x0, 0x0})
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
munlock(&(0x7f0000ffb000/0x1000)=nil, 0x1000)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xf, 0x32, 0xffffffffffffffff, 0x0)

598.287347ms ago: executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$unix(r1, &(0x7f000000ad80)=[{{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000001d80)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0)

442.700481ms ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x810, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r8, 0x8208200)
r9 = open(&(0x7f0000000780)='./bus\x00', 0x14117e, 0x0)
dup3(r5, r7, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r9, 0x0)
truncate(&(0x7f0000000080)='./bus\x00', 0x4)
syz_usb_control_io(r2, &(0x7f0000000500)={0x2c, &(0x7f0000000440)={0x20, 0x22, 0x4e, {0x4e, 0x9, "8d8710779add64778a4fea0ccd02a3448b37306afe4ae757720566c954df8a24daadfc96796e39f5c5afaeee68582a4004b79fead28dfdc9cfbaa45968c0eb09e36dc67950076785dd660c34"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x80a}}, &(0x7f0000000580)={0x0, 0xf, 0x85, {0x5, 0xf, 0x85, 0x4, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0xc, 0x5, 0x8, 0x5}, @wireless={0xb, 0x10, 0x1, 0x8, 0x0, 0x68, 0x2, 0x7fff, 0x3}, @generic={0x64, 0x10, 0xb, "30d3df7988656a91818cf22294aede17b481cc4a999f80aca932eaf515b58f3ce085a65a888b6bd26ce0b218d9d9df74acdb3289ef8ac4e2c9515a312b7d575707bb0a5b90165c7d966969fbb17df7551a07b316e4c16c866cfb34b9bba123dae6"}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0xd, 0x9, 0x3}]}}, &(0x7f0000000240)={0x20, 0x29, 0xf, {0xf, 0x29, 0x7, 0x1, 0x4b, 0xd5, "6d1aea21", "a05d21de"}}, &(0x7f00000004c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x0, 0x2, 0x2, 0x6a, 0x8f, 0x7b}}}, &(0x7f0000000b00)={0x84, &(0x7f00000006c0)={0x0, 0x1, 0x7c, "9348b3d519e03e4bb8a9f28312457a1663b5284149f2f307444e3af228fba38792095c98899c0f1dadc9bee6e7f08716e1d407c23c2bfff21ddd5a1b3a3439f25f368bf37ffdbb550095617021cace23761c6c9d397439eaa519311b10775ba53c27c5c1a8a7fb13afa7e015831eed307f3fecd77f1571c3bc608b93"}, &(0x7f0000000640)={0x0, 0xa, 0x1, 0x8b}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x9}, &(0x7f00000007c0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000800)=ANY=[@ANYBLOB="20001800000000100800"], &(0x7f0000000840)={0x40, 0x7, 0x2, 0x6fa}, &(0x7f0000000880)={0x40, 0x9, 0x1, 0x2a}, &(0x7f00000008c0)={0x40, 0xb, 0x2, "32b3"}, &(0x7f0000000900)={0x40, 0xf, 0x2, 0x400}, &(0x7f0000000940)={0x40, 0x13, 0x6}, &(0x7f0000000980)={0x40, 0x17, 0x6, @link_local}, &(0x7f00000009c0)={0x40, 0x19, 0x2, "0e41"}, &(0x7f0000000a00)={0x40, 0x1a, 0x2, 0x1}, &(0x7f0000000a40)={0x40, 0x1c, 0x1, 0x3}, &(0x7f0000000a80)={0x40, 0x1e, 0x1, 0x5}, &(0x7f0000000ac0)={0x40, 0x21, 0x1, 0x58}})
syz_usb_control_io(r2, &(0x7f0000001500)={0x2c, &(0x7f00000012c0)=ANY=[@ANYBLOB="f8b50300000003"], 0x0, 0x0, 0x0, 0x0}, 0x0)

228.829105ms ago: executing program 0:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000140), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vcan0\x00', <r2=>0x0})
sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x1d, r2}, 0x10, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="01000000cd0d00000000000000002000", @ANYRES64=r0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="0000000001"], 0x80}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000000280)={&(0x7f0000000940)={0x1, 0xb32, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "4210220097b2bb36662d7dd23a59126b470b759d7b9beb929157fbabb8971fdf7268450b731d6d110917f27e538256a669fea5023441347712804650cc7d8236"}}, 0x38}}, 0x0)

111.884973ms ago: executing program 0:
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000680)='ns/cgroup\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)

0s ago: executing program 0:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
time(0xfffffffffffffffc)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x38, 0x1403, 0x6c08c44bda12f87d, 0x0, 0x0, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'team_slave_1\x00'}}]}, 0x38}}, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000540)={0xfffffffffffffffc, 0x208000, 0x800}, 0x20)
time(&(0x7f0000000080))
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000040))
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28}, @TCA_TBF_BURST={0x8, 0x6, 0x58}]}}]}, 0x60}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}}}, 0x24}}, 0x0)
r10 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r10, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x12}}}}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{}, {0x5}, {0x6}]})
prlimit64(0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

4, nr_sectors = 8 limit=40427
[  241.211274][ T6816] syz-executor.3: attempt to access beyond end of device
[  241.211274][ T6816] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  241.410653][ T7537] XFS (loop4): Mounting V5 Filesystem
[  241.706924][ T7537] XFS (loop4): Ending clean mount
[  241.989498][ T6021] syz-executor.1: attempt to access beyond end of device
[  241.989498][ T6021] loop1: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[  242.024081][ T6021] syz-executor.1: attempt to access beyond end of device
[  242.024081][ T6021] loop1: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  242.134645][ T6021] F2FS-fs (loop1): Issue discard(4614, 4614, 1019) failed, ret: -5
[  242.134893][ T6021] F2FS-fs (loop1): Issue discard(5637, 5637, 10747) failed, ret: -5
[  242.845858][ T5854] XFS (loop4): Unmounting Filesystem
[  243.002865][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  243.035366][ T7581] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  243.043460][ T7581] IPv6: NLM_F_CREATE should be set when creating new route
[  243.052578][ T7581] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  243.059924][ T7581] IPv6: NLM_F_CREATE should be set when creating new route
[  243.094237][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  244.086708][ T5207] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.204334][ T5207] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.311513][ T5207] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.385897][ T5207] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.416233][ T4850] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  244.649526][ T7593] loop2: detected capacity change from 0 to 32768
[  244.698230][ T4850] usb 1-1: Using ep0 maxpacket: 16
[  244.751121][ T7593] XFS (loop2): Mounting V5 Filesystem
[  244.763266][ T3583] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  244.775718][ T3583] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  244.792016][ T3583] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  244.800664][ T3583] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  244.808476][ T3583] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  244.818696][ T4850] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  244.829341][ T3583] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  244.844575][ T4850] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  244.878529][ T4850] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  244.904692][ T4850] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.917952][ T7593] XFS (loop2): Ending clean mount
[  244.950501][ T4850] usb 1-1: config 0 descriptor??
[  244.992345][ T4850] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  245.028148][ T7604] loop1: detected capacity change from 0 to 32768
[  245.101274][ T7604] XFS (loop1): Mounting V5 Filesystem
[  245.138413][ T4587] XFS (loop2): Unmounting Filesystem
[  245.218761][ T7604] XFS (loop1): Ending clean mount
[  245.457774][ T7610] chnl_net:caif_netlink_parms(): no params data found
[  245.487409][ T7616] loop4: detected capacity change from 0 to 40427
[  245.497392][ T7616] F2FS-fs (loop4): invalid crc value
[  245.987071][ T7616] F2FS-fs (loop4): Found nat_bits in checkpoint
[  246.106543][ T7610] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.122788][ T7610] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.132330][ T7616] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  246.152590][ T7610] device bridge_slave_0 entered promiscuous mode
[  246.166193][ T6021] XFS (loop1): Unmounting Filesystem
[  246.233888][ T7610] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.241600][ T7610] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.244826][ T5854] syz-executor.4: attempt to access beyond end of device
[  246.244826][ T5854] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  246.264203][ T7610] device bridge_slave_1 entered promiscuous mode
[  246.277294][ T5854] syz-executor.4: attempt to access beyond end of device
[  246.277294][ T5854] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  246.364323][ T5854] syz-executor.4: attempt to access beyond end of device
[  246.364323][ T5854] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  246.516362][ T7610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.561682][ T7610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.648344][ T5207] device hsr_slave_0 left promiscuous mode
[  246.658447][ T5207] device hsr_slave_1 left promiscuous mode
[  246.677137][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.706355][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.730036][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.745248][ T7639] loop1: detected capacity change from 0 to 1024
[  246.745622][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.767946][ T7639] EXT4-fs: Ignoring removed orlov option
[  246.773809][ T7639] EXT4-fs: Ignoring removed nomblk_io_submit option
[  246.782841][ T5207] device bridge_slave_1 left promiscuous mode
[  246.792474][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.804774][ T5207] device bridge_slave_0 left promiscuous mode
[  246.812445][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.814715][ T7639] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  246.843481][ T5207] device veth1_macvtap left promiscuous mode
[  246.851478][ T5207] device veth0_macvtap left promiscuous mode
[  246.858215][ T5207] device veth1_vlan left promiscuous mode
[  246.865561][ T5207] device veth0_vlan left promiscuous mode
[  246.876549][ T3581] Bluetooth: hci2: command tx timeout
[  247.049565][ T5989] usb 1-1: USB disconnect, device number 6
[  247.850601][ T6021] EXT4-fs (loop1): unmounting filesystem.
[  248.065701][ T5207] team0 (unregistering): Port device team_slave_1 removed
[  248.082223][ T5207] team0 (unregistering): Port device team_slave_0 removed
[  248.102684][ T5207] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  248.116567][ T5207] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.189969][ T5207] bond0 (unregistering): Released all slaves
[  248.380127][ T7610] team0: Port device team_slave_0 added
[  248.392945][ T7665] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  248.401140][ T7610] team0: Port device team_slave_1 added
[  248.442449][ T7610] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.449742][ T7610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.475720][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.482204][ T7610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.495611][ T7610] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.504096][ T7610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.530130][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.589960][ T7610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.976712][ T3581] Bluetooth: hci2: command tx timeout
[  249.082793][ T7675] ipt_ECN: cannot use operation on non-tcp rule
[  249.188558][ T7672] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  249.360791][ T7673] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  249.375626][ T7672] syz-executor.0 (7672) used greatest stack depth: 18968 bytes left
[  249.447299][ T7610] device hsr_slave_0 entered promiscuous mode
[  249.458767][ T7679] loop2: detected capacity change from 0 to 1024
[  249.518269][ T7679] EXT4-fs: Ignoring removed orlov option
[  249.520425][ T7610] device hsr_slave_1 entered promiscuous mode
[  249.525688][ T7679] EXT4-fs: Ignoring removed nomblk_io_submit option
[  249.550646][ T7610] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.580655][ T7610] Cannot create hsr debugfs directory
[  249.648326][ T7679] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  250.649358][ T4587] EXT4-fs (loop2): unmounting filesystem.
[  250.709537][ T7703] loop0: detected capacity change from 0 to 4096
[  250.925032][ T7711] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  250.987696][ T7714] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  250.995010][ T7714] IPv6: NLM_F_CREATE should be set when creating new route
[  251.036346][ T3583] Bluetooth: hci2: command tx timeout
[  251.075385][ T7715] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  251.082743][ T7715] IPv6: NLM_F_CREATE should be set when creating new route
[  251.097387][ T7711] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  251.284530][ T3581] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  251.304598][ T3581] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  251.314149][ T3581] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  251.322677][ T3581] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  251.335060][ T3581] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  251.343079][ T3581] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  251.770654][ T7722] chnl_net:caif_netlink_parms(): no params data found
[  251.837531][ T7610] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  251.925832][ T7610] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  251.944868][ T7736] loop0: detected capacity change from 0 to 1024
[  251.968730][ T7610] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  251.972251][ T7736] EXT4-fs: Ignoring removed orlov option
[  251.996509][ T7736] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.044352][ T7610] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  252.063543][ T7736] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  252.425615][ T7722] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.489316][ T7722] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.551978][ T7722] device bridge_slave_0 entered promiscuous mode
[  252.632217][ T7722] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.672928][ T7722] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.961770][ T7722] device bridge_slave_1 entered promiscuous mode
[  253.033966][ T7722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.062241][ T7722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.109906][ T5711] EXT4-fs (loop0): unmounting filesystem.
[  253.116393][ T3581] Bluetooth: hci2: command tx timeout
[  253.245330][ T7761] loop1: detected capacity change from 0 to 4096
[  253.283413][ T7722] team0: Port device team_slave_0 added
[  253.305930][ T7722] team0: Port device team_slave_1 added
[  253.404917][ T7722] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.431646][ T7722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.436317][ T3581] Bluetooth: hci0: command tx timeout
[  253.457601][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.546394][ T7722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.633505][ T7722] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.651251][ T7722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.677206][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.714065][ T7722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  253.751579][ T7610] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.887877][ T7772] loop0: detected capacity change from 0 to 32768
[  253.903042][ T7772] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (7772)
[  253.925680][ T7772] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  253.947383][ T7772] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  253.965867][ T7772] BTRFS info (device loop0): enabling auto defrag
[  253.972573][ T7772] BTRFS info (device loop0): doing ref verification
[  253.978860][ T7722] device hsr_slave_0 entered promiscuous mode
[  253.985417][ T7772] BTRFS info (device loop0): force clearing of disk cache
[  253.992992][ T7772] BTRFS info (device loop0): turning on sync discard
[  254.006340][ T7772] BTRFS info (device loop0): disabling free space tree
[  254.034690][ T7722] device hsr_slave_1 entered promiscuous mode
[  254.053007][ T7722] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  254.064380][ T7722] Cannot create hsr debugfs directory
[  254.166176][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  254.174258][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  254.201997][ T7772] BTRFS info (device loop0): enabling ssd optimizations
[  254.212853][ T7610] 8021q: adding VLAN 0 to HW filter on device team0
[  254.228829][ T7772] BTRFS info (device loop0): rebuilding free space tree
[  254.344397][ T7772] BTRFS info (device loop0): disabling free space tree
[  254.361915][ T7772] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  254.376359][ T7772] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  254.445602][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  254.484789][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  254.503816][ T5991] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.511065][ T5991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  254.579276][ T7778] loop1: detected capacity change from 0 to 32768
[  254.612553][ T5207] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.623660][ T7778] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz-executor.1 (7778)
[  254.657375][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  254.661274][ T5711] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  254.665606][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  254.686648][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  254.695409][ T5989] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.702608][ T5989] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.741326][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  254.765660][ T7799] loop2: detected capacity change from 0 to 4096
[  254.792740][ T7799] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  254.884420][ T7799] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  255.003980][ T7801] loop1: detected capacity change from 0 to 1024
[  255.011732][ T7801] EXT4-fs: Ignoring removed orlov option
[  255.020988][ T7801] EXT4-fs: Ignoring removed nomblk_io_submit option
[  255.028703][ T5207] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.074581][ T7801] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  255.088272][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  255.104423][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  255.151327][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  255.176685][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  255.185931][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  255.195135][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  255.204355][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  255.214844][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  255.244028][ T7610] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  255.296589][ T7610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  255.389522][ T5207] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.518609][ T3581] Bluetooth: hci0: command tx timeout
[  256.136998][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  256.146855][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  256.149184][ T6021] EXT4-fs (loop1): unmounting filesystem.
[  256.196772][ T7821] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  256.298797][ T5207] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.398862][ T1252] ieee802154 phy0 wpan0: encryption failed: -22
[  256.405229][ T1252] ieee802154 phy1 wpan1: encryption failed: -22
[  256.486891][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  256.495057][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  256.522711][ T7610] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.608384][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  256.620545][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  256.664741][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  256.682287][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  256.699993][ T7610] device veth0_vlan entered promiscuous mode
[  256.712260][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  256.721443][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  256.780460][ T7610] device veth1_vlan entered promiscuous mode
[  256.876434][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  256.884823][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  256.910134][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  256.930222][ T7841] netlink: 'syz-executor.2': attribute type 27 has an invalid length.
[  256.940230][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  256.950570][ T7841] 9pnet_fd: Insufficient options for proto=fd
[  256.976975][ T7610] device veth0_macvtap entered promiscuous mode
[  257.023206][ T7610] device veth1_macvtap entered promiscuous mode
[  257.110971][ T7833] loop0: detected capacity change from 0 to 32768
[  257.138348][ T7833] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (7833)
[  257.182834][ T7833] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  257.203778][ T7833] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  257.213523][ T7833] BTRFS info (device loop0): enabling auto defrag
[  257.231722][ T7833] BTRFS info (device loop0): doing ref verification
[  257.258374][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  257.269352][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  257.276861][ T7833] BTRFS info (device loop0): force clearing of disk cache
[  257.276890][ T7833] BTRFS info (device loop0): turning on sync discard
[  257.276915][ T7833] BTRFS info (device loop0): disabling free space tree
[  257.362783][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.379930][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.393009][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.411568][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.422053][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.432970][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.474040][ T7833] BTRFS info (device loop0): enabling ssd optimizations
[  257.477113][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.504553][ T7833] BTRFS info (device loop0): rebuilding free space tree
[  257.511157][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.544327][ T7833] BTRFS info (device loop0): disabling free space tree
[  257.552228][ T7610] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.561851][ T7833] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  257.582765][ T7833] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  257.597969][ T3581] Bluetooth: hci0: command tx timeout
[  257.636904][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  257.653592][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  257.673563][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.703961][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.729344][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.765412][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.781636][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.792290][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.812313][ T7610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.826240][ T7610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.847070][ T5711] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  257.849309][ T7610] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.890546][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  257.908765][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  258.197436][ T7610] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.219127][ T7610] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.244883][ T7610] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.264179][ T7610] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.337734][ T7879] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  258.694949][ T7885] loop1: detected capacity change from 0 to 1764
[  258.751921][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.778371][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.829681][ T6021] iso9660: Corrupted directory entry in block 2 of inode 1920
[  258.871787][ T6021] iso9660: Corrupted directory entry in block 2 of inode 1920
[  258.903331][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  258.921730][ T7722] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  258.928962][ T7889] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  259.053675][ T3816] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  259.076728][ T3816] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.160453][ T7893] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  259.184837][ T7893] loop1: detected capacity change from 0 to 512
[  259.192101][ T7893] EXT4-fs: Ignoring removed orlov option
[  259.201315][ T7893] EXT4-fs (loop1): unable to read superblock
[  259.294555][ T7893] fuse: Unknown parameter 'ft'
[  259.304576][ T7722] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  259.321668][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  259.347686][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  259.367568][ T7897] device bond_slave_0 entered promiscuous mode
[  259.367690][ T7897] device bond_slave_1 entered promiscuous mode
[  259.367918][ T7897] device macvtap1 entered promiscuous mode
[  259.367930][ T7897] device bond0 entered promiscuous mode
[  259.371355][ T7897] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  259.410571][ T7899] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  259.417246][ T7899] device bond0 left promiscuous mode
[  259.417728][ T7899] device bond_slave_0 left promiscuous mode
[  259.417771][ T7899] device bond_slave_1 left promiscuous mode
[  259.489984][ T7722] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  259.496618][ T7902] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  259.502373][ T7722] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  259.773414][ T7722] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.790191][ T3573] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  259.799969][ T3581] Bluetooth: hci0: command tx timeout
[  259.800647][ T3573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  259.840606][ T7722] 8021q: adding VLAN 0 to HW filter on device team0
[  259.854628][ T7915] loop3: detected capacity change from 0 to 256
[  259.866341][ T7911] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  260.647584][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  260.668222][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  260.679758][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.686958][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.710009][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  260.725736][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  260.742447][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.749646][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.771890][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  260.787306][ T2964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  261.104539][ T5207] device hsr_slave_0 left promiscuous mode
[  261.135280][ T7926] loop2: detected capacity change from 0 to 32768
[  261.150815][ T5207] device hsr_slave_1 left promiscuous mode
[  261.183823][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.199054][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.245239][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.261642][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.298689][ T7931] loop3: detected capacity change from 0 to 512
[  261.308325][ T5207] device bridge_slave_1 left promiscuous mode
[  261.326307][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.338259][ T5207] device bridge_slave_0 left promiscuous mode
[  261.340000][ T7931] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  261.344534][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.360788][ T7931] ext4 filesystem being mounted at /root/syzkaller-testdir1145823949/syzkaller.OIIGhl/5/file1 supports timestamps until 2038 (0x7fffffff)
[  261.410535][ T5207] device veth1_macvtap left promiscuous mode
[  261.424021][ T5207] device veth0_macvtap left promiscuous mode
[  261.430602][ T5207] device veth1_vlan left promiscuous mode
[  261.443802][ T5207] device veth0_vlan left promiscuous mode
[  261.545009][ T7610] EXT4-fs (loop3): unmounting filesystem.
[  262.048506][ T5207] team0 (unregistering): Port device team_slave_1 removed
[  262.073689][ T5207] team0 (unregistering): Port device team_slave_0 removed
[  262.095627][ T5207] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.121577][ T5207] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.194671][ T5207] bond0 (unregistering): Released all slaves
[  262.253688][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  262.262775][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  262.287940][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  262.299074][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  262.308412][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  262.324848][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  262.357242][ T7939] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  262.371933][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  262.403403][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  262.423117][ T7941] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  262.460979][ T7722] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  262.506943][ T7722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  262.647698][ T7950] loop1: detected capacity change from 0 to 256
[  262.696294][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  262.711227][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  263.592171][ T7958] netlink: 'syz-executor.3': attribute type 27 has an invalid length.
[  263.648975][ T7958] 9pnet_fd: Insufficient options for proto=fd
[  263.821437][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  263.830347][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  263.875338][ T7722] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.990263][ T7977] vcan0: tx drop: invalid da for name 0x0000000000000003
[  264.151705][ T7980] netlink: 'syz-executor.1': attribute type 2 has an invalid length.
[  264.425325][ T7964] loop2: detected capacity change from 0 to 32768
[  264.467702][ T7964] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (7964)
[  264.514581][ T7964] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  264.548596][ T7964] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  264.579869][ T7964] BTRFS info (device loop2): using free space tree
[  264.592123][ T6987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  264.611663][ T6987] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  264.702889][ T7995] loop1: detected capacity change from 0 to 256
[  264.715192][ T7970] loop0: detected capacity change from 0 to 32768
[  264.724751][ T7970] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (7970)
[  264.740954][ T7970] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  264.751423][ T7970] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  264.752505][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  264.760182][ T7970] BTRFS info (device loop0): enabling auto defrag
[  264.760213][ T7970] BTRFS info (device loop0): doing ref verification
[  264.760235][ T7970] BTRFS info (device loop0): force clearing of disk cache
[  264.760254][ T7970] BTRFS info (device loop0): turning on sync discard
[  264.760276][ T7970] BTRFS info (device loop0): disabling free space tree
[  264.818398][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  264.832667][ T7722] device veth0_vlan entered promiscuous mode
[  264.861008][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  264.880684][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  264.901581][ T8009] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  264.922579][ T7964] BTRFS info (device loop2): enabling ssd optimizations
[  264.926280][ T8009] device wg1 entered promiscuous mode
[  264.977152][ T7722] device veth1_vlan entered promiscuous mode
[  265.008839][ T8020] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  265.026573][ T8017] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  265.049750][ T8020] loop1: detected capacity change from 0 to 512
[  265.058733][ T8020] EXT4-fs: Ignoring removed orlov option
[  265.064806][ T8020] EXT4-fs (loop1): unable to read superblock
[  265.073110][ T7970] BTRFS info (device loop0): enabling ssd optimizations
[  265.099534][   T26] audit: type=1800 audit(1718724412.113:1215): pid=8031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=263 res=0 errno=0
[  265.099634][ T7970] BTRFS info (device loop0): rebuilding free space tree
[  265.138340][ T7970] BTRFS info (device loop0): disabling free space tree
[  265.140368][ T8020] fuse: Unknown parameter 'ft'
[  265.145343][ T7970] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  265.167721][ T7970] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  265.191934][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  265.209809][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  265.229029][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  265.231406][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  265.247329][ T7722] device veth0_macvtap entered promiscuous mode
[  265.260115][ T7722] device veth1_macvtap entered promiscuous mode
[  265.328334][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.345515][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.360093][ T4587] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  265.365924][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.435292][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.435324][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.435342][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.435365][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  265.435377][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.441505][ T5711] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  265.469684][ T7722] batman_adv: batadv0: Interface activated: batadv_slave_0
[  265.491429][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.491456][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.491468][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.491479][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.491490][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.491500][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.491512][ T7722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  265.491522][ T7722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  265.495458][ T7722] batman_adv: batadv0: Interface activated: batadv_slave_1
[  265.689783][    C0] vkms_vblank_simulate: vblank timer overrun
[  265.839503][    C0] vkms_vblank_simulate: vblank timer overrun
[  265.931578][ T7722] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.965597][ T7722] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.999265][ T7722] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.021333][ T7722] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.045190][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  266.054171][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  266.062607][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  266.071735][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  266.080934][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  266.089984][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  266.293118][ T8052] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  266.433026][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.479253][ T8060] loop3: detected capacity change from 0 to 8
[  266.489785][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.540965][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  266.541903][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.574248][ T8056] SQUASHFS error: Unknown inode type 0 in squashfs_iget!
[  266.593521][ T8062] loop2: detected capacity change from 0 to 128
[  266.594161][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.661020][ T8062] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  266.681472][ T5989] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  266.889865][ T8066] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  267.148488][ T8070] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  267.900895][ T8071] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  268.542717][ T8064] loop0: detected capacity change from 0 to 32768
[  269.117683][ T8077] loop4: detected capacity change from 0 to 32768
[  269.151641][ T8077] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8077)
[  269.180023][ T8092] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  269.211916][ T8077] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  269.214509][ T8092] loop0: detected capacity change from 0 to 512
[  269.241944][ T8077] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  269.260859][ T8092] EXT4-fs: Ignoring removed orlov option
[  269.266750][ T8077] BTRFS info (device loop4): using free space tree
[  269.303800][ T8092] EXT4-fs (loop0): unable to read superblock
[  269.370556][ T8092] fuse: Unknown parameter 'ft'
[  269.433317][ T8114] loop2: detected capacity change from 0 to 128
[  269.444021][ T8095] loop1: detected capacity change from 0 to 8192
[  269.455124][ T8114] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  269.482504][ T8095] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  269.509091][ T8095] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  269.524022][ T8077] BTRFS info (device loop4): enabling ssd optimizations
[  269.539103][ T8095] REISERFS (device loop1): using ordered data mode
[  269.545732][ T8095] reiserfs: using flush barriers
[  269.592007][ T8095] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  269.627116][   T26] audit: type=1800 audit(1718724416.643:1216): pid=8077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0
[  269.647997][ T8095] REISERFS (device loop1): checking transaction log (loop1)
[  269.835887][ T7722] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  269.862363][ T8095] REISERFS (device loop1): Using tea hash to sort names
[  269.903306][ T8095] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  269.922306][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.949045][ T8095] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  270.037943][ T8130] loop3: detected capacity change from 0 to 4096
[  270.085588][ T8130] NILFS (loop3): invalid segment: Checksum error in segment payload
[  270.123127][ T8130] NILFS (loop3): trying rollback from an earlier position
[  270.197870][ T8130] NILFS (loop3): recovery complete
[  270.231901][ T8133] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  270.427834][ T8137] vcan0: tx drop: invalid da for name 0x0000000000000003
[  270.438937][ T8126] loop2: detected capacity change from 0 to 32768
[  270.461894][ T8130] overlayfs: upper fs does not support tmpfile.
[  270.473155][ T8130] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  270.481925][   T14] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  270.501154][ T8130] overlayfs: failed to set xattr on upper
[  270.525531][ T8130] overlayfs: ...falling back to index=off,metacopy=off.
[  270.766408][   T14] usb 1-1: Using ep0 maxpacket: 32
[  270.785987][ T8141] loop4: detected capacity change from 0 to 40427
[  270.796183][ T8141] F2FS-fs (loop4): invalid crc value
[  271.000360][ T8141] F2FS-fs (loop4): Found nat_bits in checkpoint
[  271.048278][ T8141] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  271.544188][   T14] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  272.314173][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  272.386275][   T14] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  272.395591][   T14] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  272.405990][   T14] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.425419][ T7722] syz-executor.4: attempt to access beyond end of device
[  272.425419][ T7722] loop4: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[  272.429858][   T14] usb 1-1: config 0 descriptor??
[  272.445267][ T8161] device bond_slave_0 entered promiscuous mode
[  272.452296][ T8161] device bond_slave_1 entered promiscuous mode
[  272.465483][ T7722] syz-executor.4: attempt to access beyond end of device
[  272.465483][ T7722] loop4: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  272.489699][ T8161] device macvtap1 entered promiscuous mode
[  272.495716][ T8161] device bond0 entered promiscuous mode
[  272.519040][ T7722] F2FS-fs (loop4): Issue discard(4614, 4614, 1019) failed, ret: -5
[  272.519091][ T7722] F2FS-fs (loop4): Issue discard(5637, 5637, 10747) failed, ret: -5
[  272.533864][ T8161] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  272.559299][ T8162] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  272.585932][ T8162] device bond0 left promiscuous mode
[  272.637794][ T8162] device bond_slave_0 left promiscuous mode
[  272.643918][ T8162] device bond_slave_1 left promiscuous mode
[  272.703048][ T8150] loop2: detected capacity change from 0 to 40427
[  272.750379][ T4850] usb 1-1: USB disconnect, device number 7
[  272.794243][ T8150] F2FS-fs (loop2): Found nat_bits in checkpoint
[  272.899719][ T8164] loop3: detected capacity change from 0 to 32768
[  272.923113][ T8164] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (8164)
[  272.945132][ T8150] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  272.954664][ T8164] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  272.975490][ T8164] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  272.993900][ T8164] BTRFS info (device loop3): using free space tree
[  273.027905][ T3813] kworker/u4:7: attempt to access beyond end of device
[  273.027905][ T3813] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  273.070127][ T8181] vcan0: tx drop: invalid da for name 0x0000000000000003
[  273.097617][ T8187] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  273.309980][ T8164] BTRFS info (device loop3): enabling ssd optimizations
[  273.438919][ T8204] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  273.586309][ T8205] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  274.645507][   T26] audit: type=1800 audit(1718724421.653:1217): pid=8216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0
[  275.140897][ T7610] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  275.278255][    C0] vkms_vblank_simulate: vblank timer overrun
[  275.332473][ T8227] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  275.443968][   T26] audit: type=1326 audit(1718724422.453:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8229 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fad2fe7cf29 code=0x0
[  275.915587][ T8225] loop2: detected capacity change from 0 to 32768
[  275.945350][ T8225] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8225)
[  275.961876][ T8225] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  275.974691][ T8246] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  275.990646][ T8225] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  276.016260][ T8225] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  276.030900][ T8225] BTRFS info (device loop2): use lzo compression, level 0
[  276.052593][ T8225] BTRFS info (device loop2): using free space tree
[  276.148389][   T26] audit: type=1800 audit(1718724423.163:1219): pid=8225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=260 res=0 errno=0
[  276.157957][ T8232] loop0: detected capacity change from 0 to 40427
[  276.220493][ T8232] F2FS-fs (loop0): Found nat_bits in checkpoint
[  276.379494][ T8232] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  276.393295][ T4587] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  276.521335][ T3813] kworker/u4:7: attempt to access beyond end of device
[  276.521335][ T3813] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  276.678365][ T8277] syz-executor.0: attempt to access beyond end of device
[  276.678365][ T8277] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  276.836568][ T8268] loop3: detected capacity change from 0 to 32768
[  276.994227][ T8268] XFS (loop3): Mounting V5 Filesystem
[  277.135215][ T8268] XFS (loop3): Ending clean mount
[  277.155383][ T8268] XFS (loop3): Quotacheck needed: Please wait.
[  277.195538][ T8293] loop0: detected capacity change from 0 to 128
[  277.251541][ T8293] VFS: unable to find oldfs superblock on device loop0
[  277.254116][ T8268] XFS (loop3): Quotacheck: Done.
[  277.553270][   T26] audit: type=1804 audit(1718724424.513:1220): pid=8305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/13/bus" dev="sda1" ino=1946 res=1 errno=0
[  277.578359][    C0] vkms_vblank_simulate: vblank timer overrun
[  277.650255][ T7610] XFS (loop3): Unmounting Filesystem
[  278.167276][ T8323] loop2: detected capacity change from 0 to 128
[  278.168048][ T8324] 9pnet_virtio: no channels available for device syz
[  278.215137][ T8323] VFS: unable to find oldfs superblock on device loop2
[  278.247400][ T8326] loop1: detected capacity change from 0 to 2048
[  278.264460][ T8326] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  278.285139][   T26] audit: type=1326 audit(1718724425.293:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x0
[  278.307537][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.325439][   T26] audit: type=1800 audit(1718724425.333:1222): pid=8326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=1367 res=0 errno=0
[  278.474737][ T8344] program syz-executor.2 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.667447][ T8349] loop4: detected capacity change from 0 to 8
[  278.729276][ T8349] SQUASHFS error: Unknown inode type 0 in squashfs_iget!
[  278.956208][ T3581] Bluetooth: hci3: command 0x0406 tx timeout
[  279.731808][ T8367] loop3: detected capacity change from 0 to 2048
[  279.779724][ T8367] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  279.863513][   T26] audit: type=1800 audit(1718724426.873:1223): pid=8367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0
[  280.028286][   T26] audit: type=1326 audit(1718724427.043:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.085580][   T26] audit: type=1326 audit(1718724427.043:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.129271][   T26] audit: type=1326 audit(1718724427.083:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.193254][ T8379] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  280.203259][   T26] audit: type=1326 audit(1718724427.143:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.212201][ T8375] loop2: detected capacity change from 0 to 512
[  280.330133][   T26] audit: type=1326 audit(1718724427.143:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.411524][   T26] audit: type=1326 audit(1718724427.163:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.489802][   T26] audit: type=1326 audit(1718724427.163:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  280.571529][   T26] audit: type=1326 audit(1718724427.163:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  280.634991][ T8363] loop1: detected capacity change from 0 to 32768
[  280.653983][   T26] audit: type=1326 audit(1718724427.163:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8376 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9392640379 code=0x7ffc0000
[  280.690744][ T8363] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (8363)
[  280.751628][ T8363] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  280.769177][ T8363] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  280.782579][ T8363] BTRFS info (device loop1): using free space tree
[  280.963009][ T8375] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  281.030518][ T8375] EXT4-fs (loop2): Test dummy encryption mode enabled
[  281.081842][ T8396] loop3: detected capacity change from 0 to 256
[  281.111303][ T8396] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  281.155651][ T8363] BTRFS info (device loop1): enabling ssd optimizations
[  281.204020][ T8375] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  281.238007][ T8375] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz-executor.2: attempt to clear invalid blocks 2 len 1
[  281.256893][ T8375] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  281.312109][ T8375] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor.2: invalid indirect mapped block 1819239214 (level 0)
[  281.331138][ T8375] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor.2: invalid indirect mapped block 1819239214 (level 1)
[  281.354282][ T8375] EXT4-fs (loop2): 1 truncate cleaned up
[  281.361117][ T8375] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  281.577253][ T6021] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  281.618801][ T8423] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  281.916731][ T8425] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  282.850255][ T8433] loop0: detected capacity change from 0 to 8
[  282.910244][ T8426] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  282.956452][ T8431] SQUASHFS error: Unknown inode type 0 in squashfs_iget!
[  283.037686][ T4587] EXT4-fs (loop2): unmounting filesystem.
[  283.269843][ T8437] loop2: detected capacity change from 0 to 2048
[  283.328410][ T8437] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  283.337510][ T8420] loop3: detected capacity change from 0 to 40427
[  283.360734][ T8420] F2FS-fs (loop3): Found nat_bits in checkpoint
[  283.369613][ T8437] ext4 filesystem being mounted at /root/syzkaller-testdir1226058624/syzkaller.EM9OiK/270/file0 supports timestamps until 2038 (0x7fffffff)
[  283.427971][ T8447] netlink: 56 bytes leftover after parsing attributes in process `syz-executor.1'.
[  283.491126][ T8420] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  283.526793][ T8437] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 192: padding at end of block bitmap is not set
[  284.529918][ T7610] syz-executor.3: attempt to access beyond end of device
[  284.529918][ T7610] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  284.553932][ T4587] EXT4-fs (loop2): unmounting filesystem.
[  284.895488][ T8468] program syz-executor.1 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  285.408479][ T8040] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  285.625642][ T8462] loop4: detected capacity change from 0 to 40427
[  285.690895][ T8462] F2FS-fs (loop4): Found nat_bits in checkpoint
[  285.778079][ T8040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.797633][ T8462] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  285.805228][ T8040] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.825783][ T8040] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  285.857189][ T8478] loop3: detected capacity change from 0 to 32768
[  285.860963][ T8040] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.878248][ T8478] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (8478)
[  285.898133][ T8040] usb 3-1: config 0 descriptor??
[  285.906199][ T7722] syz-executor.4: attempt to access beyond end of device
[  285.906199][ T7722] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  285.907784][ T8478] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  285.943213][ T8478] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  285.966236][ T8478] BTRFS info (device loop3): using free space tree
[  286.146443][ T5207] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.213484][ T8478] BTRFS info (device loop3): enabling ssd optimizations
[  286.313442][ T5207] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.330021][   T26] kauditd_printk_skb: 105 callbacks suppressed
[  286.330039][   T26] audit: type=1800 audit(1718724433.343:1338): pid=8478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=263 res=0 errno=0
[  286.342332][ T8487] loop0: detected capacity change from 0 to 40427
[  286.381226][ T8040] hid-thrustmaster 0003:044F:B65D.0003: unbalanced collection at end of report description
[  286.426498][ T8040] hid-thrustmaster 0003:044F:B65D.0003: parse failed with error -22
[  286.434593][ T8040] hid-thrustmaster: probe of 0003:044F:B65D.0003 failed with error -22
[  286.470145][ T8487] F2FS-fs (loop0): Found nat_bits in checkpoint
[  286.485261][ T7610] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  286.521864][ T5207] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.580420][ T5991] usb 3-1: USB disconnect, device number 7
[  286.601632][ T8487] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  286.695271][ T3814] kworker/u4:8: attempt to access beyond end of device
[  286.695271][ T3814] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  286.715261][ T8513] loop4: detected capacity change from 0 to 64
[  286.764282][ T3581] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  286.784239][ T3581] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  286.813805][ T3581] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  286.846281][ T3584] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  286.854184][ T3584] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  286.861879][ T3584] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  286.944547][ T5207] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.999357][ T8517] netlink: 716 bytes leftover after parsing attributes in process `syz-executor.4'.
[  287.074593][ T8517] unsupported nlmsg_type 40
[  287.278151][ T8519] loop0: detected capacity change from 0 to 8192
[  287.288945][ T8519] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  287.302589][ T8519] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  287.315189][ T8519] REISERFS (device loop0): using journaled data mode
[  287.325894][ T8519] reiserfs: using flush barriers
[  287.343674][ T8519] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  287.366009][ T8519] REISERFS (device loop0): checking transaction log (loop0)
[  287.380133][ T8519] REISERFS (device loop0): Using r5 hash to sort names
[  287.409271][ T8519] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  287.431411][ T5207] tipc: Disabling bearer <eth:vlan0>
[  287.445300][ T8532] loop4: detected capacity change from 0 to 512
[  287.465138][ T5207] tipc: Left network mode
[  287.469278][ T8532] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  287.478950][ T8519] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  287.547154][ T8532] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  287.562368][ T8532] EXT4-fs (loop4): 1 truncate cleaned up
[  287.585890][ T8532] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  287.607045][ T8512] chnl_net:caif_netlink_parms(): no params data found
[  287.738518][ T7722] EXT4-fs (loop4): unmounting filesystem.
[  287.885546][ T8512] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.902440][ T8512] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.906554][   T26] audit: type=1804 audit(1718724434.913:1339): pid=8553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1145823949/syzkaller.OIIGhl/33/bus" dev="sda1" ino=1939 res=1 errno=0
[  287.928044][ T8512] device bridge_slave_0 entered promiscuous mode
[  287.991654][ T8512] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.007454][ T8557] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  288.026645][ T8512] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.035426][ T8561] loop4: detected capacity change from 0 to 512
[  288.106341][ T8561] EXT4-fs: Ignoring removed bh option
[  288.136397][   T26] audit: type=1326 audit(1718724435.153:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  288.159301][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.172392][ T8512] device bridge_slave_1 entered promiscuous mode
[  288.206251][   T26] audit: type=1326 audit(1718724435.183:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  288.208700][ T8561] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #16: comm syz-executor.4: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  288.249651][   T26] audit: type=1326 audit(1718724435.183:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  288.276305][ T8561] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 16 (err -117)
[  288.429684][ T8568] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  288.495084][ T8567] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  288.600163][ T8561] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  288.732749][ T8561] ext4 filesystem being mounted at /root/syzkaller-testdir3069818163/syzkaller.vsembw/32/file1 supports timestamps until 2038 (0x7fffffff)
[  288.956789][ T3584] Bluetooth: hci1: command tx timeout
[  288.976674][   T26] audit: type=1326 audit(1718724435.183:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  289.065441][ T8512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.082884][ T8542] loop2: detected capacity change from 0 to 32768
[  289.095880][ T8542] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8542)
[  289.096562][   T26] audit: type=1326 audit(1718724435.183:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  289.111975][ T8512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.150496][   T26] audit: type=1326 audit(1718724435.183:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  289.173327][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.189179][   T26] audit: type=1326 audit(1718724435.183:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  289.216403][ T8542] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  289.219695][   T26] audit: type=1326 audit(1718724435.203:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8562 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  289.234769][ T8542] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  289.279721][ T7722] EXT4-fs (loop4): unmounting filesystem.
[  289.327406][ T8512] team0: Port device team_slave_0 added
[  289.334395][ T8542] BTRFS info (device loop2): metadata ratio 2
[  289.340924][ T8542] BTRFS info (device loop2): force zlib compression, level 3
[  289.360902][ T8512] team0: Port device team_slave_1 added
[  289.368681][ T8575] loop4: detected capacity change from 0 to 1764
[  289.373804][ T8573] loop3: detected capacity change from 0 to 8192
[  289.386186][ T8542] BTRFS info (device loop2): use zlib compression, level 3
[  289.392110][ T5994] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  289.393488][ T8542] BTRFS info (device loop2): enabling auto defrag
[  289.430087][ T8573] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  289.444748][ T8542] BTRFS info (device loop2): max_inline at 0
[  289.454805][ T8578] loop4: detected capacity change from 0 to 512
[  289.457491][ T8542] BTRFS info (device loop2): using free space tree
[  289.467049][ T8573] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  289.475529][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.478854][ T8573] REISERFS (device loop3): using journaled data mode
[  289.491585][ T8573] reiserfs: using flush barriers
[  289.497316][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.506594][ T8573] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  289.543671][ T8512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.545259][ T8578] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  289.559766][ T8573] REISERFS (device loop3): checking transaction log (loop3)
[  289.570779][ T8578] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  289.578040][ T8573] REISERFS (device loop3): Using r5 hash to sort names
[  289.584277][ T8578] EXT4-fs (loop4): 1 truncate cleaned up
[  289.593996][ T8573] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  289.603877][ T8578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  289.613645][ T8573] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  289.640818][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.653451][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.679379][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.694173][ T8512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.697657][ T7722] EXT4-fs (loop4): unmounting filesystem.
[  289.777439][ T8542] BTRFS info (device loop2): enabling ssd optimizations
[  289.818548][ T5994] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.835191][ T5994] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  289.857074][ T5994] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  289.873466][ T5994] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.895941][ T5994] usb 1-1: config 0 descriptor??
[  289.934227][ T8512] device hsr_slave_0 entered promiscuous mode
[  289.939345][ T8605] netlink: 716 bytes leftover after parsing attributes in process `syz-executor.3'.
[  289.977115][ T8512] device hsr_slave_1 entered promiscuous mode
[  289.987627][ T8512] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.995248][ T8512] Cannot create hsr debugfs directory
[  290.154153][ T8615] loop4: detected capacity change from 0 to 128
[  290.166790][ T8615] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  290.172424][ T4587] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  290.190453][ T5207] device hsr_slave_0 left promiscuous mode
[  290.202295][ T5207] device hsr_slave_1 left promiscuous mode
[  290.228518][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  290.252182][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_0
[  290.480897][ T5994] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  290.483224][ T5207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  290.530049][ T5207] batman_adv: batadv0: Removing interface: batadv_slave_1
[  290.545791][ T5994] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  290.563542][ T5207] device bridge_slave_1 left promiscuous mode
[  290.580356][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.594490][ T5207] device bridge_slave_0 left promiscuous mode
[  290.616554][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.644284][ T5207] device veth1_macvtap left promiscuous mode
[  290.651066][ T8625] loop2: detected capacity change from 0 to 256
[  290.659247][ T5207] device veth0_macvtap left promiscuous mode
[  290.665389][ T5207] device veth1_vlan left promiscuous mode
[  290.671907][ T5207] device veth0_vlan left promiscuous mode
[  290.697369][ T8625] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  290.732217][ T8625] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  290.743267][ T8625] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  290.751761][ T8625] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  290.762668][ T8625] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  290.794795][ T4587] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  290.849929][ T8627] loop2: detected capacity change from 0 to 1764
[  291.043281][ T8631] loop2: detected capacity change from 0 to 8192
[  291.050762][ T3584] Bluetooth: hci1: command tx timeout
[  291.072686][ T8631] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  291.088796][ T5207] team0 (unregistering): Port device team_slave_1 removed
[  291.099984][ T8631] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  291.110184][ T5207] team0 (unregistering): Port device team_slave_0 removed
[  291.115830][ T8631] REISERFS (device loop2): using journaled data mode
[  291.124844][ T5207] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.138365][ T8631] reiserfs: using flush barriers
[  291.155852][ T8631] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  291.157294][ T5207] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.172599][ T8631] REISERFS (device loop2): checking transaction log (loop2)
[  291.191260][ T8631] REISERFS (device loop2): Using r5 hash to sort names
[  291.208571][ T8631] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  291.239724][ T8631] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  291.283073][ T8635] loop3: detected capacity change from 0 to 512
[  291.302799][ T5207] bond0 (unregistering): Released all slaves
[  291.324069][ T5990] usb 1-1: USB disconnect, device number 8
[  291.340109][ T8635] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  291.351413][ T8635] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  291.363030][ T8635] EXT4-fs (loop3): 1 truncate cleaned up
[  291.369463][ T8635] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  291.476242][ T7610] EXT4-fs (loop3): unmounting filesystem.
[  291.592845][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  291.592862][   T26] audit: type=1804 audit(1718724438.603:1382): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1226058624/syzkaller.EM9OiK/284/bus" dev="sda1" ino=1960 res=1 errno=0
[  291.624587][    C0] vkms_vblank_simulate: vblank timer overrun
[  291.654383][   T26] audit: type=1800 audit(1718724438.653:1383): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1960 res=0 errno=0
[  291.746530][ T3814] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  291.763967][ T3814] kworker/u4:8: attempt to access beyond end of device
[  291.763967][ T3814] loop4: rw=1, sector=144, nr_sectors = 1 limit=128
[  291.791233][ T3814] Buffer I/O error on dev loop4, logical block 144, lost async page write
[  291.981384][ T8653] 9pnet_virtio: no channels available for device syz
[  292.072339][ T8656] loop0: detected capacity change from 0 to 256
[  292.120907][ T8656] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  292.173646][ T8656] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  292.204957][ T8656] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  292.242560][ T8656] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  292.260196][ T8656] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  292.317895][ T8512] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  292.332282][ T8512] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  292.343757][ T8512] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  292.355159][ T8512] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  292.376309][ T5711] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  292.587849][ T8512] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.628843][   T26] audit: type=1800 audit(1718724439.643:1384): pid=8661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1941 res=0 errno=0
[  292.632285][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  292.668913][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  292.687138][ T8512] 8021q: adding VLAN 0 to HW filter on device team0
[  292.730029][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  292.734588][ T8650] loop4: detected capacity change from 0 to 32768
[  292.750049][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  292.751260][ T8650] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8650)
[  292.783382][ T5991] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.790597][ T5991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.802150][ T8650] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  292.824791][ T8650] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  292.835184][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  292.843864][ T8650] BTRFS info (device loop4): metadata ratio 2
[  292.843901][ T8650] BTRFS info (device loop4): force zlib compression, level 3
[  292.843928][ T8650] BTRFS info (device loop4): use zlib compression, level 3
[  292.843947][ T8650] BTRFS info (device loop4): enabling auto defrag
[  292.872327][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  292.881796][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  292.901649][ T5991] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.908904][ T5991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.927040][ T5991] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  292.931445][ T8650] BTRFS info (device loop4): max_inline at 0
[  292.954123][ T8650] BTRFS info (device loop4): using free space tree
[  292.982071][ T8512] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  293.022886][ T8512] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  293.043061][   T26] audit: type=1800 audit(1718724440.053:1385): pid=8673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  293.062369][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  293.074707][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  293.085655][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  293.095584][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  293.100619][   T26] audit: type=1800 audit(1718724440.053:1386): pid=8673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  293.106481][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  293.133139][ T3584] Bluetooth: hci1: command tx timeout
[  293.140237][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  293.149800][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  293.159305][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  293.168536][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  293.172521][ T8650] BTRFS info (device loop4): enabling ssd optimizations
[  293.177706][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  293.192153][ T5990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  293.298339][   T26] audit: type=1800 audit(1718724440.313:1387): pid=8650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0
[  293.410802][   T26] audit: type=1804 audit(1718724440.423:1388): pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/37/file1/bus" dev="loop4" ino=263 res=1 errno=0
[  293.518985][   T26] audit: type=1804 audit(1718724440.483:1389): pid=8650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/37/file1/bus" dev="loop4" ino=263 res=1 errno=0
[  293.597818][ T7722] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  293.677053][ T8701] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  294.626688][ T8705] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  295.370583][ T3584] Bluetooth: hci1: command tx timeout
[  295.868455][ T8708] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  296.166227][ T8512] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.212271][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  296.231515][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  296.277533][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  296.311737][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  296.327919][   T26] audit: type=1800 audit(1718724443.343:1390): pid=8725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="sda1" ino=1949 res=0 errno=0
[  296.381571][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  296.398802][ T8729] loop4: detected capacity change from 0 to 128
[  296.412196][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  296.423480][ T8512] device veth0_vlan entered promiscuous mode
[  296.439146][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  296.452287][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  296.461801][ T8729] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  296.483813][ T8512] device veth1_vlan entered promiscuous mode
[  296.492836][ T8732] loop2: detected capacity change from 0 to 2048
[  296.535689][ T8732] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  296.575844][ T8512] device veth0_macvtap entered promiscuous mode
[  296.585777][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  296.600612][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  296.633101][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  296.648539][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  296.674953][ T8512] device veth1_macvtap entered promiscuous mode
[  296.698150][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  296.722955][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  296.759098][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.774449][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.811940][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.825998][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.842316][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.853315][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.869176][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.896235][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.913104][ T3816] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  296.924367][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.938948][ T3816] kworker/u4:10: attempt to access beyond end of device
[  296.938948][ T3816] loop4: rw=1, sector=144, nr_sectors = 1 limit=128
[  296.957973][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  296.972938][ T8044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  296.985699][ T8738] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  296.991475][ T3816] Buffer I/O error on dev loop4, logical block 144, lost async page write
[  297.039753][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.061202][ T8741] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  297.075153][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.112337][ T8727] loop0: detected capacity change from 0 to 32768
[  297.119171][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.131661][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.142687][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.160691][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.181367][ T8727] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (8727)
[  297.213792][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.242663][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.255142][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.262472][ T8727] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  297.262561][ T8727] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  297.282176][ T8739] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  297.314823][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  297.331154][ T8727] BTRFS info (device loop0): metadata ratio 2
[  297.333770][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.417504][ T8727] BTRFS info (device loop0): force zlib compression, level 3
[  297.425054][ T8727] BTRFS info (device loop0): use zlib compression, level 3
[  297.435905][ T8512] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.534403][ T8727] BTRFS info (device loop0): enabling auto defrag
[  297.591165][ T8512] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.669204][ T8727] BTRFS info (device loop0): max_inline at 0
[  297.730931][ T8512] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.759172][ T8727] BTRFS info (device loop0): using free space tree
[  297.863551][ T8512] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.019619][ T8746] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  298.047302][ T8747] netlink: 'syz-executor.4': attribute type 4 has an invalid length.
[  298.259385][ T8727] BTRFS info (device loop0): enabling ssd optimizations
[  298.334674][   T26] audit: type=1800 audit(1718724445.343:1391): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=263 res=0 errno=0
[  298.355511][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.394320][ T3816] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.418334][ T3816] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.435604][ T8779] 9pnet_fd: Insufficient options for proto=fd
[  298.460211][   T26] audit: type=1804 audit(1718724445.413:1392): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3281976942/syzkaller.s9K2Ok/176/file1/bus" dev="loop0" ino=263 res=1 errno=0
[  298.502894][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  298.554976][   T26] audit: type=1804 audit(1718724445.463:1393): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir3281976942/syzkaller.s9K2Ok/176/file1/bus" dev="loop0" ino=263 res=1 errno=0
[  298.584065][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.597670][ T5711] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  298.611379][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.631803][ T3616] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  298.636880][ T8790] loop4: detected capacity change from 0 to 128
[  298.653870][   T26] audit: type=1326 audit(1718724445.633:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8786 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x0
[  298.671010][ T8784] loop2: detected capacity change from 0 to 512
[  298.694573][ T8790] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  298.766517][ T8784] EXT4-fs (loop2): orphan cleanup on readonly fs
[  298.815703][ T8784] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 248: padding at end of block bitmap is not set
[  298.949946][ T8784] Quota error (device loop2): write_blk: dquota write failed
[  298.975395][ T8784] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  299.021820][ T8784] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz-executor.2: Failed to acquire dquot type 1
[  299.106577][ T8784] EXT4-fs (loop2): 1 truncate cleaned up
[  299.146951][ T8784] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  299.224519][    T9] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  299.242062][    T9] kworker/u4:0: attempt to access beyond end of device
[  299.242062][    T9] loop4: rw=1, sector=144, nr_sectors = 1 limit=128
[  299.265523][    T9] Buffer I/O error on dev loop4, logical block 144, lost async page write
[  299.314486][   T26] audit: type=1800 audit(1718724446.323:1395): pid=8805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1955 res=0 errno=0
[  299.359687][ T8784] syz-executor.2 (8784) used greatest stack depth: 18832 bytes left
[  299.373100][ T4587] EXT4-fs (loop2): unmounting filesystem.
[  299.667649][ T8829] loop4: detected capacity change from 0 to 128
[  299.678441][ T8829] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  300.736218][   T26] audit: type=1326 audit(1718724447.743:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8844 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd31d47cf29 code=0x0
[  300.758588][    C0] vkms_vblank_simulate: vblank timer overrun
[  300.796576][ T3583] Bluetooth: hci1: command tx timeout
[  301.002886][   T41] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  301.151219][   T41] kworker/u4:2: attempt to access beyond end of device
[  301.151219][   T41] loop4: rw=1, sector=144, nr_sectors = 1 limit=128
[  301.365566][   T41] Buffer I/O error on dev loop4, logical block 144, lost async page write
[  301.523476][ T8819] loop2: detected capacity change from 0 to 32768
[  301.551538][ T8819] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8819)
[  301.600285][ T8819] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  301.621952][ T8819] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  301.633947][   T26] audit: type=1800 audit(1718724448.643:1397): pid=8860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1965 res=0 errno=0
[  301.641279][ T8819] BTRFS info (device loop2): metadata ratio 2
[  301.654979][    C0] vkms_vblank_simulate: vblank timer overrun
[  301.703635][ T8819] BTRFS info (device loop2): force zlib compression, level 3
[  301.712409][ T8819] BTRFS info (device loop2): use zlib compression, level 3
[  301.728206][ T8819] BTRFS info (device loop2): enabling auto defrag
[  301.734742][ T8819] BTRFS info (device loop2): max_inline at 0
[  301.741937][ T8819] BTRFS info (device loop2): using free space tree
[  302.492456][ T8819] BTRFS info (device loop2): enabling ssd optimizations
[  302.676499][ T4587] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  302.924652][ T8908] loop4: detected capacity change from 0 to 512
[  302.976463][ T8908] EXT4-fs (loop4): can't mount with both data=journal and delalloc
[  303.791242][ T8870] loop1: detected capacity change from 0 to 40427
[  303.843599][ T8870] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(50334208) blocks(1024)
[  303.871463][ T8870] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  303.907520][ T8870] F2FS-fs (loop1): invalid crc value
[  303.944681][ T8870] F2FS-fs (loop1): Found nat_bits in checkpoint
[  304.051396][ T8870] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  304.064585][ T8870] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  304.160530][ T8925] program syz-executor.2 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  304.283084][ T8931] loop2: detected capacity change from 0 to 256
[  304.318429][ T8931] exfat: Deprecated parameter 'utf8'
[  304.333531][ T8931] exfat: Deprecated parameter 'namecase'
[  304.366461][ T5994] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  304.381792][ T8931] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d)
[  304.529587][ T8939] loop4: detected capacity change from 0 to 1024
[  304.586626][ T8939] hfsplus: extend alloc file! (8192,65536,366)
[  304.626529][ T5994] usb 1-1: Using ep0 maxpacket: 16
[  304.706512][ T8939] user requested TSC rate below hardware speed
[  304.734669][ T8939] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2504106137 (5008212274 ns) > initial count (4114034220 ns). Using initial count to start timer.
[  304.756593][ T5994] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  304.787423][ T5994] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  304.806717][ T5994] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  304.873596][ T8952] loop2: detected capacity change from 0 to 512
[  304.884471][ T8952] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  304.905045][   T26] audit: type=1800 audit(1718724451.913:1398): pid=8927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1957 res=0 errno=0
[  304.959500][   T26] audit: type=1804 audit(1718724451.953:1399): pid=8927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1145823949/syzkaller.OIIGhl/74/bus" dev="sda1" ino=1957 res=1 errno=0
[  304.982529][ T8952] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  304.985871][   T26] audit: type=1804 audit(1718724451.953:1400): pid=8927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1145823949/syzkaller.OIIGhl/74/bus" dev="sda1" ino=1957 res=1 errno=0
[  305.019559][ T8952] ext4 filesystem being mounted at /root/syzkaller-testdir1226058624/syzkaller.EM9OiK/303/file0 supports timestamps until 2038 (0x7fffffff)
[  305.036866][ T5994] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  305.051737][ T5994] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  305.060376][ T5994] usb 1-1: Product: syz
[  305.064578][ T5994] usb 1-1: Manufacturer: syz
[  305.075244][ T5994] usb 1-1: SerialNumber: syz
[  305.081880][ T5994] usb 1-1: config 0 descriptor??
[  305.085691][ T8954] loop4: detected capacity change from 0 to 4096
[  305.136573][ T8954] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  305.137911][ T5994] usb 1-1: NFC: intf ffff88805dd88000 id ffffffff8d9d0040
[  305.154069][ T4587] EXT4-fs (loop2): unmounting filesystem.
[  305.443891][ T8975] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  305.451380][ T8975] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  305.527726][ T5994] usb 1-1: USB disconnect, device number 9
[  305.635285][ T8983] loop2: detected capacity change from 0 to 1024
[  305.671233][ T8983] hfsplus: extend alloc file! (8192,65536,366)
[  305.705485][ T8957] loop1: detected capacity change from 0 to 32768
[  305.791423][ T8983] user requested TSC rate below hardware speed
[  305.823802][ T8983] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2504106137 (5008212274 ns) > initial count (4114034220 ns). Using initial count to start timer.
[  306.054197][ T8994] loop4: detected capacity change from 0 to 4096
[  306.120544][ T8994] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  306.307565][ T9004] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  306.314201][ T9004] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  306.823405][ T9009] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'.
[  307.184538][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  307.541252][ T9027] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  307.678690][ T8996] loop2: detected capacity change from 0 to 32768
[  307.723090][ T8996] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (8996)
[  307.803003][ T8996] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  307.876784][ T8996] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  308.007779][ T8996] BTRFS info (device loop2): using free space tree
[  308.220332][ T9040] loop0: detected capacity change from 0 to 1024
[  308.569472][ T9040] hfsplus: extend alloc file! (8192,65536,366)
[  308.689404][ T9040] user requested TSC rate below hardware speed
[  308.701094][ T9040] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2504106137 (5008212274 ns) > initial count (4114034220 ns). Using initial count to start timer.
[  308.719046][ T8996] BTRFS info (device loop2): enabling ssd optimizations
[  308.813895][ T4587] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  308.867471][ T9078] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  310.148569][ T9099] loop0: detected capacity change from 0 to 64
[  310.174640][ T9100] netlink: 'syz-executor.4': attribute type 12 has an invalid length.
[  310.214554][ T9106] loop1: detected capacity change from 0 to 1024
[  310.223158][ T9106] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  310.256858][ T9106] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal
[  310.342076][ T9113] xt_CT: You must specify a L4 protocol and not use inversions on it
[  311.762898][ T9145] netlink: 'syz-executor.3': attribute type 12 has an invalid length.
[  311.780515][ T9150] xt_CT: You must specify a L4 protocol and not use inversions on it
[  312.656015][ T9186] xt_CT: You must specify a L4 protocol and not use inversions on it
[  312.887238][ T9200] netlink: 'syz-executor.0': attribute type 12 has an invalid length.
[  313.414452][ T9214] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.0'.
[  313.445708][ T9220] xt_CT: You must specify a L4 protocol and not use inversions on it
[  313.679183][ T9229] loop1: detected capacity change from 0 to 128
[  313.776290][ T8512] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  313.784346][ T8512] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  314.039508][ T9250] loop2: detected capacity change from 0 to 256
[  315.130016][ T3816] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.261112][ T3816] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.485310][ T9274] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'.
[  315.517953][ T3816] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.287415][ T3584] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  316.299833][ T3584] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  316.317456][ T3584] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  316.331736][ T3584] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  316.342241][ T3816] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.356785][ T3584] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  316.364183][ T3584] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  317.841984][ T1252] ieee802154 phy0 wpan0: encryption failed: -22
[  317.848432][ T1252] ieee802154 phy1 wpan1: encryption failed: -22
[  317.910689][ T9283] loop2: detected capacity change from 0 to 32768
[  318.491455][ T9286] chnl_net:caif_netlink_parms(): no params data found
[  318.601651][ T3584] Bluetooth: hci1: command tx timeout
[  318.676829][ T9283] XFS (loop2): Mounting V5 Filesystem
[  318.807418][ T9283] XFS (loop2): Ending clean mount
[  319.037796][ T9283] XFS (loop2): Quotacheck needed: Please wait.
[  320.109491][ T9283] XFS (loop2): Quotacheck: Done.
[  320.169835][ T4587] XFS (loop2): Unmounting Filesystem
[  320.232302][ T9328] loop4: detected capacity change from 0 to 40427
[  320.257134][ T9286] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.288363][ T9286] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.324544][ T9286] device bridge_slave_0 entered promiscuous mode
[  320.345442][ T9286] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.352783][ T9286] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.362448][ T9286] device bridge_slave_1 entered promiscuous mode
[  320.393330][ T9328] F2FS-fs (loop4): Found nat_bits in checkpoint
[  320.514526][ T9286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.516037][ T9328] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  320.541073][ T9286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.573430][   T26] audit: type=1804 audit(1718724467.583:1401): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/82/file0/bus" dev="loop4" ino=10 res=1 errno=0
[  320.636201][ T3584] Bluetooth: hci1: command tx timeout
[  320.714736][ T9286] team0: Port device team_slave_0 added
[  320.741993][ T9286] team0: Port device team_slave_1 added
[  320.812029][ T9286] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.997756][ T7722] syz-executor.4: attempt to access beyond end of device
[  320.997756][ T7722] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  321.016016][ T9286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.145628][ T9286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.635524][ T9286] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.686097][ T9286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.753867][ T9286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  322.803671][ T3584] Bluetooth: hci1: command tx timeout
[  322.964442][ T9378] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  323.077747][ T9286] device hsr_slave_0 entered promiscuous mode
[  323.107928][ T9286] device hsr_slave_1 entered promiscuous mode
[  323.136304][ T9286] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  323.143963][ T9286] Cannot create hsr debugfs directory
[  323.403292][ T3816] device hsr_slave_0 left promiscuous mode
[  323.431155][ T3816] device hsr_slave_1 left promiscuous mode
[  323.463210][ T3816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  323.476570][ T3816] batman_adv: batadv0: Removing interface: batadv_slave_0
[  323.515692][ T3816] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  323.544390][ T3816] batman_adv: batadv0: Removing interface: batadv_slave_1
[  323.566872][ T3816] device bridge_slave_1 left promiscuous mode
[  323.593582][ T3816] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.653372][ T3816] device bridge_slave_0 left promiscuous mode
[  323.666280][ T3816] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.742260][ T3816] device veth1_macvtap left promiscuous mode
[  323.766302][ T3816] device veth0_macvtap left promiscuous mode
[  323.789740][ T3816] device veth1_vlan left promiscuous mode
[  323.805950][ T3816] device veth0_vlan left promiscuous mode
[  324.723049][ T9404] loop0: detected capacity change from 0 to 8192
[  324.803972][ T9404] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  324.880750][ T3584] Bluetooth: hci1: command tx timeout
[  325.958507][ T9395] loop4: detected capacity change from 0 to 32768
[  326.055553][ T9395] XFS (loop4): Mounting V5 Filesystem
[  326.081990][ T9427] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  326.139281][ T9395] XFS (loop4): Ending clean mount
[  326.258968][ T9395] XFS (loop4): Quotacheck needed: Please wait.
[  326.364170][ T9395] XFS (loop4): Quotacheck: Done.
[  327.195245][ T3816] team0 (unregistering): Port device team_slave_1 removed
[  327.228260][ T7722] XFS (loop4): Unmounting Filesystem
[  327.238678][ T9437] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  327.256443][ T9437] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  327.277311][ T3816] team0 (unregistering): Port device team_slave_0 removed
[  327.348776][ T3816] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  327.425250][ T3816] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  327.594868][ T3816] bond0 (unregistering): Released all slaves
[  327.734398][ T9453] loop4: detected capacity change from 0 to 2048
[  327.794636][ T9453] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  327.804003][ T9458] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  327.837856][ T9458] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.3'.
[  328.810253][ T9286] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  328.886726][ T9286] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  328.910723][ T9286] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  329.250289][ T9286] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  329.876885][ T9466] loop2: detected capacity change from 0 to 32768
[  329.900365][ T9286] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.933775][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  329.942123][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  329.978080][ T9466] XFS (loop2): Mounting V5 Filesystem
[  329.989124][ T9286] 8021q: adding VLAN 0 to HW filter on device team0
[  330.072071][ T9466] XFS (loop2): Ending clean mount
[  330.083737][ T4847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  330.106330][ T4847] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  330.150593][ T4847] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.157845][ T4847] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.233824][ T9466] XFS (loop2): Quotacheck needed: Please wait.
[  330.255533][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  330.266779][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  330.301925][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  330.320066][ T8040] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.327300][ T8040] bridge0: port 2(bridge_slave_1) entered forwarding state
[  330.355698][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  330.376691][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  330.410068][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  330.427129][ T9466] XFS (loop2): Quotacheck: Done.
[  330.460806][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  330.514048][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  330.528663][ T9528] loop0: detected capacity change from 0 to 2048
[  330.535289][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  330.545496][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  330.561576][ T9528] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  330.657344][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  330.672721][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  330.698801][ T9286] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  330.751428][ T9286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  330.767544][ T4587] XFS (loop2): Unmounting Filesystem
[  330.778070][ T9537] loop4: detected capacity change from 0 to 256
[  330.785561][ T9537] exfat: Unknown parameter 'polazytime'
[  330.832916][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  330.850513][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.422630][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  331.445386][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  331.484158][ T9286] 8021q: adding VLAN 0 to HW filter on device batadv0
[  331.522785][ T9564] loop4: detected capacity change from 0 to 4096
[  331.545082][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  331.565097][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  331.585433][ T9564] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[  331.624909][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  331.636135][ T9564] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  331.648005][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  331.670688][ T9564] ntfs: (device loop4): ntfs_read_locked_attr_inode(): First extent of attribute has non-zero lowest_vcn.
[  331.672279][ T9286] device veth0_vlan entered promiscuous mode
[  331.708004][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  331.722246][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  331.742778][ T9286] device veth1_vlan entered promiscuous mode
[  331.764574][ T9564] ntfs: (device loop4): ntfs_read_locked_attr_inode(): Failed with error code -5 while reading attribute inode (mft_no 0x0, type 0xb0, name_len 0).  Marking corrupt inode and base inode 0x0 as bad.  Run chkdsk.
[  331.785066][    C0] vkms_vblank_simulate: vblank timer overrun
[  331.841245][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  331.853017][ T9564] ntfs: (device loop4): load_system_files(): Failed to load $MFT/$BITMAP attribute.
[  331.862907][ T9564] ntfs: (device loop4): ntfs_fill_super(): Failed to load system files.
[  331.889034][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  331.912316][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  332.702918][ T9564] loop4: detected capacity change from 0 to 2048
[  332.763808][ T9576] mmap: syz-executor.3 (9576) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  332.785011][ T9564] NILFS (loop4): unrecognized mount option "FڐQ��H̹/g��Q=_1�5����&��b���y�Oݒ���C��ٿ)��}~�W���W$Q$��!UH�1<=�y����1$�y 4-��d?g�	K��*����?uK�.�&��Ht���d�./file0"
[  332.799636][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  332.814658][ T9286] device veth0_macvtap entered promiscuous mode
[  332.852582][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  332.868842][ T9286] device veth1_macvtap entered promiscuous mode
[  332.893468][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.904345][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.914267][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.936099][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.964474][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.985305][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.012019][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  333.022980][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.050891][ T9286] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.090968][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  333.107537][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  333.134132][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.155283][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.205377][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.226596][ T9562] loop0: detected capacity change from 0 to 32768
[  333.232152][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.263744][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.304834][ T9562] XFS (loop0): Mounting V5 Filesystem
[  333.309954][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.346525][ T9286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  333.381488][ T9286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  333.407704][ T9286] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.426269][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  333.435276][ T5994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  333.457325][ T9286] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.473203][ T9286] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.482957][ T9286] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.499385][ T9286] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.561745][ T9562] XFS (loop0): Ending clean mount
[  333.604154][ T9562] XFS (loop0): Quotacheck needed: Please wait.
[  334.450650][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.502323][ T9582] loop2: detected capacity change from 0 to 32768
[  334.509929][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.509971][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.529419][ T9562] XFS (loop0): Quotacheck: Done.
[  334.541140][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.553600][ T8045] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  334.582945][ T9610] tipc: Started in network mode
[  334.598675][ T5711] XFS (loop0): Unmounting Filesystem
[  334.605050][ T9610] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  334.620617][ T9610] tipc: Enabled bearer <udp:syz0>, priority 10
[  334.634220][ T8040] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  334.665377][ T9582] XFS (loop2): Mounting V5 Filesystem
[  334.728211][ T9617] Invalid ELF header len 6
[  334.890213][   T26] audit: type=1804 audit(1718724481.733:1402): pid=9617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/99/bus" dev="sda1" ino=1957 res=1 errno=0
[  335.465495][   T26] audit: type=1804 audit(1718724481.733:1403): pid=9617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/99/bus" dev="sda1" ino=1957 res=1 errno=0
[  335.490112][    C0] vkms_vblank_simulate: vblank timer overrun
[  335.848854][   T26] audit: type=1804 audit(1718724481.743:1404): pid=9617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3069818163/syzkaller.vsembw/99/bus" dev="sda1" ino=1957 res=1 errno=0
[  335.902030][ T9582] XFS (loop2): Ending clean mount
[  335.920919][   T14] tipc: Node number set to 4269801491
[  335.932700][ T9582] XFS (loop2): Quotacheck needed: Please wait.
[  336.105140][ T9582] XFS (loop2): Quotacheck: Done.
[  336.159558][ T4587] XFS (loop2): Unmounting Filesystem
[  337.223754][ T9651] loop4: detected capacity change from 0 to 1024
[  337.425079][ T9651] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'.
[  337.450087][ T9640] loop1: detected capacity change from 0 to 32768
[  337.463941][ T9640] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (9640)
[  337.475668][ T9662] loop0: detected capacity change from 0 to 256
[  337.485171][ T9640] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  337.513096][ T9662] exfat: Unknown parameter 'polazytime'
[  337.525393][ T9640] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  337.547330][ T9640] BTRFS info (device loop1): using free space tree
[  337.606763][   T26] audit: type=1326 audit(1718724484.623:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  337.670755][   T26] audit: type=1326 audit(1718724484.623:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9392640379 code=0x7ffc0000
[  337.705315][   T26] audit: type=1326 audit(1718724484.623:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f939267cf29 code=0x7ffc0000
[  337.736158][ T9640] BTRFS info (device loop1): enabling ssd optimizations
[  337.764795][   T26] audit: type=1326 audit(1718724484.623:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  337.787636][    C0] vkms_vblank_simulate: vblank timer overrun
[  337.806999][   T26] audit: type=1326 audit(1718724484.623:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9392640379 code=0x7ffc0000
[  337.835421][   T26] audit: type=1326 audit(1718724484.623:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  337.883782][   T26] audit: type=1326 audit(1718724484.623:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9392640379 code=0x7ffc0000
[  337.906575][    C0] vkms_vblank_simulate: vblank timer overrun
[  337.923592][   T26] audit: type=1326 audit(1718724484.623:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  337.947159][ T9286] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  337.971961][   T26] audit: type=1326 audit(1718724484.623:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9392640379 code=0x7ffc0000
[  338.008108][   T26] audit: type=1326 audit(1718724484.623:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9674 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f939267a6a7 code=0x7ffc0000
[  338.109694][ T9704] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  338.767185][ T9726] block nbd1: shutting down sockets
[  338.815969][ T9726] block nbd1: NBD_DISCONNECT
[  338.833682][ T9726] block nbd1: Send disconnect failed -32
[  339.059420][ T9742] loop4: detected capacity change from 0 to 256
[  339.085425][ T9742] FAT-fs (loop4): Directory bread(block 64) failed
[  339.093768][ T9742] FAT-fs (loop4): Directory bread(block 65) failed
[  339.100724][ T9742] FAT-fs (loop4): Directory bread(block 66) failed
[  339.112902][ T9742] FAT-fs (loop4): Directory bread(block 67) failed
[  339.121003][ T9742] FAT-fs (loop4): Directory bread(block 68) failed
[  339.131628][ T9742] FAT-fs (loop4): Directory bread(block 69) failed
[  339.140682][ T9742] FAT-fs (loop4): Directory bread(block 70) failed
[  339.147558][ T9742] FAT-fs (loop4): Directory bread(block 71) failed
[  339.154660][ T9742] FAT-fs (loop4): Directory bread(block 72) failed
[  339.172608][ T9742] FAT-fs (loop4): Directory bread(block 73) failed
[  339.460013][ T9764] loop4: detected capacity change from 0 to 2048
[  339.489899][ T9764] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  339.504222][ T9764] ext4 filesystem being mounted at /root/syzkaller-testdir3069818163/syzkaller.vsembw/113/bus supports timestamps until 2038 (0x7fffffff)
[  339.536000][ T9764] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 16: comm syz-executor.4: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  339.648600][ T7722] EXT4-fs (loop4): unmounting filesystem.
[  339.758474][ T3583] Bluetooth: hci4: unexpected event for opcode 0x080c
[  339.804073][ T9775] loop2: detected capacity change from 0 to 64
[  339.848763][ T9775] hfs: unable to parse mount options
[  340.991744][ T9817] loop1: detected capacity change from 0 to 128
[  341.147487][ T9286] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  341.155355][ T9286] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  343.837901][ T3583] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  343.847156][ T3583] Bluetooth: hci4: Injecting HCI hardware error event
[  343.879532][ T3584] Bluetooth: hci4: hardware error 0x00
[  344.750376][ T3583] Bluetooth: hci3: Dropping invalid advertising data
[  344.758605][ T3583] Bluetooth: hci3: Malformed LE Event: 0x02
[  344.830808][ T9877] 9p: Unknown Cache mode loose"k
[  344.862479][ T3581] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  344.888653][ T3581] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  344.898461][ T3581] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  344.912383][ T3581] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  344.920118][ T3581] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  344.940596][ T3581] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  346.049817][ T3581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  346.063933][ T3581] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  346.075660][ T3581] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  346.084668][ T9876] chnl_net:caif_netlink_parms(): no params data found
[  346.095087][ T3581] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  346.102853][ T3581] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  346.110239][ T3581] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  346.344606][ T9907] syz-executor.4 sent an empty control message without MSG_MORE.
[  346.466318][ T9876] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.493896][ T9876] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.516981][ T9876] device bridge_slave_0 entered promiscuous mode
[  346.535214][ T9876] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.551087][ T9876] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.570903][ T9876] device bridge_slave_1 entered promiscuous mode
[  346.710916][ T9876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.748422][ T9876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.766394][   T14] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  346.796945][ T3584] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  346.816262][ T3584] 
[  346.818646][ T3584] ============================================
[  346.824821][ T3584] WARNING: possible recursive locking detected
[  346.830988][ T3584] 6.1.94-syzkaller #0 Not tainted
[  346.836028][ T3584] --------------------------------------------
[  346.842174][ T3584] kworker/u5:7/3584 is trying to acquire lock:
[  346.848317][ T3584] ffff88807981f138 ((wq_completion)hci4){+.+.}-{0:0}, at: __flush_workqueue+0x157/0x1610
[  346.858228][ T3584] 
[  346.858228][ T3584] but task is already holding lock:
[  346.865579][ T3584] ffff88807981f138 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  346.875322][ T3584] 
[  346.875322][ T3584] other info that might help us debug this:
[  346.883378][ T3584]  Possible unsafe locking scenario:
[  346.883378][ T3584] 
[  346.890817][ T3584]        CPU0
[  346.894083][ T3584]        ----
[  346.897352][ T3584]   lock((wq_completion)hci4);
[  346.902117][ T3584]   lock((wq_completion)hci4);
[  346.906871][ T3584] 
[  346.906871][ T3584]  *** DEADLOCK ***
[  346.906871][ T3584] 
[  346.915008][ T3584]  May be due to missing lock nesting notation
[  346.915008][ T3584] 
[  346.923318][ T3584] 2 locks held by kworker/u5:7/3584:
[  346.928644][ T3584]  #0: ffff88807981f138 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  346.938825][ T3584]  #1: ffffc90003e0fd20 ((work_completion)(&hdev->error_reset)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  346.950571][ T3584] 
[  346.950571][ T3584] stack backtrace:
[  346.956456][ T3584] CPU: 1 PID: 3584 Comm: kworker/u5:7 Not tainted 6.1.94-syzkaller #0
[  346.964600][ T3584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  346.974677][ T3584] Workqueue: hci4 hci_error_reset
[  346.979711][ T3584] Call Trace:
[  346.983032][ T3584]  <TASK>
[  346.985955][ T3584]  dump_stack_lvl+0x1e3/0x2cb
[  346.990717][ T3584]  ? nf_tcp_handle_invalid+0x642/0x642
[  346.996175][ T3584]  ? panic+0x764/0x764
[  347.000244][ T3584]  validate_chain+0x4711/0x5950
[  347.005139][ T3584]  ? reacquire_held_locks+0x660/0x660
[  347.010516][ T3584]  ? rcu_read_lock_sched_held+0x89/0x130
[  347.016153][ T3584]  ? __bpf_trace_rcu_stall_warning+0x10/0x10
[  347.022130][ T3584]  ? reacquire_held_locks+0x660/0x660
[  347.027520][ T3584]  ? rcu_is_watching+0x11/0xb0
[  347.032298][ T3584]  ? __update_load_avg_cfs_rq+0x6cc/0xbe0
[  347.038016][ T3584]  ? cpufreq_update_util+0x94/0x250
[  347.043215][ T3584]  ? update_load_avg+0xf61/0x1540
[  347.048248][ T3584]  ? mark_lock+0x9a/0x340
[  347.052597][ T3584]  __lock_acquire+0x125b/0x1f80
[  347.057470][ T3584]  lock_acquire+0x1f8/0x5a0
[  347.061972][ T3584]  ? __flush_workqueue+0x157/0x1610
[  347.067169][ T3584]  ? read_lock_is_recursive+0x10/0x10
[  347.072541][ T3584]  ? lockdep_softirqs_off+0x420/0x420
[  347.077916][ T3584]  ? __init_swait_queue_head+0xaa/0x140
[  347.083464][ T3584]  ? __flush_workqueue+0x157/0x1610
[  347.088661][ T3584]  __flush_workqueue+0x170/0x1610
[  347.093679][ T3584]  ? __flush_workqueue+0x157/0x1610
[  347.098872][ T3584]  ? trace_contention_end+0x61/0x170
[  347.104159][ T3584]  ? rcu_work_rcufn+0x140/0x140
[  347.109002][ T3584]  ? print_irqtrace_events+0x210/0x210
[  347.114457][ T3584]  ? rcu_is_watching+0x11/0xb0
[  347.119211][ T3584]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  347.125419][ T3584]  drain_workqueue+0xc5/0x390
[  347.130093][ T3584]  destroy_workqueue+0x7b/0xae0
[  347.134937][ T3584]  hci_release_dev+0x165/0x16b0
[  347.139784][ T3584]  ? devres_release_all+0x1e1/0x240
[  347.145004][ T3584]  ? device_release+0x62/0x1c0
[  347.149761][ T3584]  ? _raw_spin_unlock+0x40/0x40
[  347.154613][ T3584]  ? hci_unregister_suspend_notifier+0x90/0x90
[  347.160765][ T3584]  ? devres_release+0x90/0x90
[  347.165437][ T3584]  ? device_release+0x62/0x1c0
[  347.170198][ T3584]  bt_host_release+0x7f/0x90
[  347.174782][ T3584]  ? bt_link_release+0x20/0x20
[  347.179548][ T3584]  device_release+0x91/0x1c0
[  347.184136][ T3584]  kobject_put+0x224/0x460
[  347.188555][ T3584]  ? process_one_work+0x7a9/0x11d0
[  347.193665][ T3584]  process_one_work+0x8a9/0x11d0
[  347.198604][ T3584]  ? worker_detach_from_pool+0x260/0x260
[  347.204237][ T3584]  ? _raw_spin_lock_irqsave+0x120/0x120
[  347.209791][ T3584]  ? kthread_data+0x4e/0xc0
2024/06/18 15:28:14 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  347.214294][ T3584]  ? wq_worker_running+0x97/0x190
[  347.219319][ T3584]  worker_thread+0xa47/0x1200
[  347.223997][ T3584]  ? __sched_text_start+0x8/0x8
[  347.228854][ T3584]  kthread+0x28d/0x320
[  347.232916][ T3584]  ? worker_clr_flags+0x190/0x190
[  347.237935][ T3584]  ? kthread_blkcg+0xd0/0xd0
[  347.242520][ T3584]  ret_from_fork+0x1f/0x30
[  347.246940][ T3584]  </TASK>
[  347.250947][ T3583] Bluetooth: hci1: command tx timeout