last executing test programs:

37.639534253s ago: executing program 5 (id=4297):
r0 = syz_open_dev$sg(&(0x7f0000000440), 0x0, 0x181801)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000a00)="c3d20c7ccf073600040000000000005800ecff130091d42700ff81000e224e227f0000017b00092b1e58e6000001e80900e10a3a313ac7100003ffffffff000000", 0x41}], 0x1)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0])

37.452276447s ago: executing program 5 (id=4300):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

36.751849318s ago: executing program 2 (id=4310):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000440), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
io_setup(0xfb3, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r0, 0x0}])

36.586125158s ago: executing program 0 (id=4313):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000ac0)={0x30, r1, 0x1, 0x0, 0x2, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x79}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x30}}, 0x0)

36.425036915s ago: executing program 0 (id=4314):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="70000000100001042bbd70000000000000000000", @ANYRES32=r2, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028008000300040000000800050004000000050006000100000024000e"], 0x70}}, 0x0)

36.270810002s ago: executing program 0 (id=4315):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000002c0)='./bus\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB='discard=0x0000000000000004,usrquota,iocharset=ascii,errors=remount-ro,nointegrity,noquota,nodiscard\x00noquota,nointegresize,discard=0x000000000000043a,iocharset=macromanian,nointegridiscard,dont_appraise,defcontext=sysadm_u,subj_type={[,smackfsdef=nointeerity,func=CREDS_CLECK,audit,fowne2=\x00\x00\x00\x00\x00', @ANYRES8, @ANYBLOB="2c6d65b47d7189617375"], 0x1, 0x618a, &(0x7f0000007600)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288Szk92uU8c7a8/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vB2udiLj287RgJeIz0YvoRiyV9WpELK2u5PX7EfFc7DXHsxExWIgob7/3z9MRr0bER09F7OxurpeLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAGiboiiKTvqYfyZ9vu823SkAYCby63+R5OWnvv71P9/6yzz1R61Wq9XqGdRVxXj3qkVEbFVvU75ncDgeAE6Yrfi46S7QIPm3Wj8inmi6E8Bc6zTdAY7Fzu7meifl26m+Hqzut+dzQUby3+o8uL5j0nSa+jkms3p8bUcvnpnQn6UZ9WGe5Py79fyv7bcP03rHnf+sTMp/uH/pU+vk/Hv1/GtOT/7dsfm3Vc6//0j59+QPAAAAAABzLP///0rDx38Xjr4ph/JJx39XZ9QHAAAAAAAAAHjcjjr+3wPG/wMAAIC5VX5WL/3mqYNlk76LrVx+tRPxZG19oGXSxTLLTfcDAAAAAAAAAAAAANqkv38O79VOxCAinlxeLoqi/Kmq14/qqLc/6dq+/dBmTT/JAwDAvo+eql3L34lYjIir6bv+BsvLy0WxuLRcLBdLC/n97HBhsViqfK7N03LZwvAQb4j7w6L8ZYuV21VN+7w8rb3++8r7Gha9Q3TsMRmkv+aE5obCBoBk/9VoxyvSKVMUT0968wEj7P+n0EqsNP24Yv41/TAFAAAAjl9RFEUnfZ33mXTMv9t0pwCAmciv//XjAkequxPaIx7P71er1Wq1Wv2p6qpivHvVIiK2qrcp3zMYjh8ATpit+LjpLtAg+bdaPyKea7oTwFzrNN0BjsXO7uZ6J+Xbqb4epPHd87kgI/lvdfZul28/bjpN/RyTWT2+tqMXz0zoz7Mz6sM8yfl36/lf228fpvWOO/9ZmZT/cO+SufbJ+ffq+decnvy7Y/Nvq5x//5Hy78kfAAAAAADmWP7//xXHf/MmAwAAAAAAAMCJs7O7uZ6ve83H/z83Zj3Xf55OOf/Oo+a/lOblf6Ll/Lu1/L9cW69Xmb//5sH+/+/dzfXf3/nXZ/P0sPkv5JlOemR10iOik+6p00/To2zdw7YHvWF5T4NOt9dP5/wUg3fiRtyMjbgwsm43/T0O2tdG2sueDkbaL4609x9qvzTSPkjfO1As5fZzsR4/iZvx9l572bYwZfsXp7QXU9pz/j3P/62U8+9Xfsr8l1N7pzYt3f+w+9B+X52Ou583bnz+lxeOf3Om2o7eg22rKrfvbAP92fubPDGMn93euHXu7vU7d26tRZqMLL0YafKY5fwHez8LB8//L+y35+f96v56/8PhI+c/L7ajPzH/Fyrz5fa+NOO+NSHnP0w/Of+3U/v4/f8k5z95/3+5gf4AAAAAAAAAAAAAAADAJymKYu8S0Tci4nK6/qepazMBgNnKr/9Fkper1Wq1Wq0+fXVVMd7r1SIi/lq9Tfme4RfjfhkAMM/+FxH/aLoTNEb+LZa/76+cvth0Z4CZuv3+Bz+6fvPmxq3bTfcEAAAAAAAAAPi08vifq5Xxn1+MiJXaeiPjv74Zq0cd/7OfZx4MMPqYB/qeYLs77HUrw40/H3vjc5+bNP732Xh4/O88Jm6vuh0TDKa0D6e0L0xpXxy79CCtsRd6VOT8n6+Md17mf6Y2/Hobxn+tj3nfBjn/s5XHc5n/l2rrVfMvfjt3+W8ddsXt6I7kf/7Oez89f/v9D1658d71dzfe3fjxpbW1C5cuX75y5cr5d27c3Liw/+/x9HoO5Pzz2NfOA22XnH/OXP7tkvP/Qqrl3y45/y+mWv7tkvPP7/fk3y45//zZR/7tkvN/KdXyb5ec/1dSLf922dndXCjzfznV8m+XvP9/NdXyb5ec/yupln+75PzPpVr+7ZLzP5/qQ+Tv6+FPkZx/PsJl/2+XnP9aquXfLjn/i6mWf7vk/C+lWv7tkvN/NdXyb5ec/9dSLf92yflfTrX82yXn//VUHzL/aac9c0Lk/K+k2v7fLjn/b6Ra/u2S8/9mquXfLjn/11It/3bJ+X8r1fJvl5z/t1Mt/3bJ+X8n1fJvl5z/66mWf7scfP+/GTNmzOSZpp+ZAAAAAAAAAAAAAIC6WZxO3PQ2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2Lu3GLnu+g7gZ/Zirx1CDITgpIasHWOMs2TXl/hC62JCuDRAKZAE6AXb9a7Ngm947RIokk0DJRJGRRUV6UNbQKiNVFVYFQ+0ojQPVS9PpX2gLxVVJaRGlUEBFamtaLaaOf//3zOzszO73rE9e/6fj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2eY3zXy2VhRF/U/jrw1F8aL6x+vGNzQue/2t3kIAAABgpf6v8ffzd6QLDi3hRk3L/N2r/vEb8/Pz88X7h39v9Ivz8+mK8aIYXVsUjeuiK//+gVrzMsGTxVhtqOnzoR6rH+5x/UiP60d7XL+mx/Vre1w/1uP6BTtggXXlz2Mad7a18eGGcpcWdxajjeu2drjVk7W1Q0PxZzkNtcZt5kePF7PFyWKmmGpZvly21lj+W5vr63pbEdc11LSuTfUj5EefPBa3oRb28daWdV27z+gHbyzGf/yjTx774/NX7+40e+6Glvsrt3P7lvp2fjpcUm5rrVib9knczqGm7dzU4TkZbtnOWuN29Y/bt/P5JW7n8LXNvKnan/OxYqjx8Xca+2mk+cd6aT9tCpf9931FUVy6ttntyyxYVzFUrG+5ZOja8zNWHpH1+6gfSi8tRpZ1nG5ewnFan9NbW4/T9tdEfP43h9uNLLINzU/TDz61ZsHzvtzjNKo/6sVeK+3HYL9fK4NyDMbj4juNB/1Ux2Nwa3j8n9y2+DHY8djpcAymx910DG7pdQwOrRlubHN6EmqN21w7Bne2LD/cWFOtMZ/b1v0YnDx/6uzk3Mc/8brZU0dPzJyYOb17586p3Xv37t+/f/L47MmZqfLv69zbg299MZReA1vCvouvgde0Ldt8qM5/pX+vw7Eur8MNbcv2+3U40v7gajfnBbnwmC5fG4/Wd/rY5aFikddY4/nZsfLXYXrcTa/DkabXYcevKR1ehyNLeB3Wlzm7Y2nfs4w0/em0DTfqa8GGpmOw/fuR9mOw39+PDMoxOBaOi3/dsfjXgk1he5+aWO73I8MLjsH0cMN7T/2S9P3+2P7G6HRc3lO/4rY1xYW5mXMPPHH0/PlzO4swboqXNR0r7cfr+qbHVCw4XoeWfbwemn3VU/d0uHxD2Fdjr6v/Nbboc1VfZs8D3Z+rxle3zvuz5dJdRRh9drP3Z6ev5vX9mbJkl/1ZX+bTkyv/Xjzl0qb339FF3n9j7n+hXF+6qyeHR0fK1+9w2jujLe/HrU/VSOO9q9ZY9/OTS3s/Hg1/bvb78Z1d3o83ti3b7/fj0fYHF9+Pa71+2rEy7c/nWDhOTk51fz+uL7Nx13KPyZGu78f3hVkL+/+1ISmkXNR07Cx23KZ1jYyMhsc1EtfQepzubll+NGSz+rqe2XV9x+n2+8r7Gk6P7pqbdZyOty3b7+M0vV8tdpzWev307fq0P59j4bi4c3f347S+zLN7Vv7euS5+2PTeuabXMTg6vKa+zaPpICzf7+fXxWPwgeJYcaY4WUw3rl3TOJ5qjXVNPLi0Y3BN+HOz3ys3djkGt7ct2+9jMH0dW+zYq40sfPB90P58joXj4ukHux+D9WUe3tff7123h0vSMk3fu7b/fG2xn3nd07abbuTPvOrb+Tf7uv9str7Myf3LzZnd99P94ZLbOuyn9tfvYq+p6eLm7KeNYTuv7l98P9W3p77MFw8s8Xg6VBTFxY8+1Ph5b/j3lT+/8N1vtPy7S6d/07n40Yd+ePvxv13O9gOw+r1QjvXl17qmf5layr//AwAAAKtCzP1DYSbyPwAAAFRGzP3xf4Un8j8AAABURsz9I2EmmeT/jQ9fnX3hYpGa+fNBvD7thkfK5WLHdSp8Pj5/Tf3yh74285O/vLi0dQ8VRfHTR36z4/IbH4nbVRoP23nlza2XL7zhxSWt/8hj15Zr7q9/Odx/fDxLPQw6VXCniqL41h2fb6xn/AOXG/PZR4405nsuPfVkfZnnD5Sfx9s/97Jy+T8I5d9Dx4+23P65sB++H+bU2zvvj3i7r19+7aZ9j19bX7xdbcuLGw/76Q+W9xt/T84XniyXj/t5se3/q8898/X68k+8uvP2XxzqvP3PhPv9Wpj/88py+ebnoP55vN1nwvbH9cXbPfDVb3fc/iufLZc/+5ZyuSNhxvVvD59vfcvV2eb99UTtaMvjKt5aLhfXP/Xd32lcH+8v3n/79o8dvtyyP9qPj2f/ubyfybbl4+VxPdFftK2/fj/Nx2dc/zO/faRlP/da/5X3PPfK+v22r//+tuWG227f/hub/vAzn++4vrg9h/7sbMvjOfTu8DoO63/6g+F4DNf/75XPt6w3OvLu1vefuPyXN1xseTzR235crv/KG0405n+M/+T3b3vR7S++dG993xXFd95b3l+v9Z/4ozMt2/+Vu3Y0no94fezot69/MXH95z42cfrM3IXZ6aa92vjdOe8ot2ft2Lr19e29I7y3tn9++Mz5D82cG58anyqK8er+Cr3r9tUwf1iOS8u9/Y7HwvN5z5e+tX7bP30uXv4vj5aXX357+XXrNWG5L4TLN5TP33xthet/evNdjdd37dny85Yeex9s2vqf+5e0YHj87d8XxOP97Ms/1NgP9esaXzfi63qF2/+96fJ+vhn263z4zcxb7rq2vubl4+9GuPze8vW+4v0X3ubi8/on4fl+5/fL+4/bFR/v98L3Md/e2Pp+F4+Pb14car//xm/xuBTeT4pL5fVxqbi/Lz9/V8fNi7+HpLh0d+Pz3033c/eyHuZi5j4+N3ly9vSFJybPz8ydn5z7+CcOnzpz4fT5w43f5Xn4w71uf+39aX3j/Wl6Zu+eYmpdURRniqmb8IZ1Y7a//tHStv/sY8em901tm545fvTC8fOPnZ05d+LY3Nyxmem5bUePH5/5WK/bz04f3LnrwO59uyZOzE4f3H/gwO4DE7Onz9Q3o9yoHvZOfWTi9LnDjZvMHdxzYOeDD+6Zmjh1Znrm4L6pqYkLvW7f+No0Ub/1b0ycmzl59PzsqZmJudlPzBzceWDv3l09fxvgqbPH58Ynz104PXlhbubcZPlYxs83Lq5/7et1e6pp7t/K72fb1cpfxFe86/696fez1n3tU4veVblI2y8QvRp+F80/vOTs/qV8HnP/aJhJJvkfAAAAchBz/5owE/kfAAAAKiPm/rVhJvI/AAAAVEbM/WNhJpnkf/1//f+l9f/L6/X/8+r/n/1o2Std7f3/2J/X/8/DLe7/r3j9fej/39vtSv3/HvT/b2l/fkWGbv326//r/7PQoPX/Y+5fVxRZ5n8AAADIQcz968NM5H8AAACojJj7bwszkf8BAACgMmLuf1GYSSb5X/9/Sf3/Xb0KV9Xv/zv/v/5/sTr7//HJ0f/PxrL7948/2vJpBfr/Xen/96D/v3r7/wOw/fr/+v+0G130mlvV/4+5//Ywk0zyPwAAAOQg5v4Xh5nI/wAAAFAZMfffEWYi/wMAAEBlxNy/Icwkk/yv/+/8//r/+v+V7v+v9Pz/TRuj/786OP9/d/r/PVx3/39M/3819v9H+7v9g93/77n5+v/cEIN2/v+Y+18SZpJJ/gcAAIAcxNz/0jAT+R8AAAAqI+b+l4WZyP8AAABQGTH33xlmkkn+1//X/9f/1//X/++8/t7n/y8/0v8fLPr/3en/9+D8/3n1//u8/YPd/+/3+f9H39x+e/1/Ohm0/n/M/S8PM8kk/wMAAEAOYu6/K8xE/gcAAIDKiLn/FWEm8j8AAABURsz9G8NMMsn/+v/6//r/+v/6/53X37v/X9L/Hyz6/93p//eg/6//r/+/tP5/h29+9f/pZND6/zH33x1mkkn+BwAAgBzE3H9PmIn8DwAAAJURc//PhJnI/wAAAFAZMfdvCjPJJP9vfPjq419qfKT/X+j/6/9n0P+/f43+v/5/ten/d6f/34P+v/6//v8Sz/+/0HL6/2t73RmVMWj9/5j7Xxlmkkn+BwAAgBzE3P+qMBP5HwAAACoj5v57w0zkfwAAAKiMmPvHw0xWX/5/39B13Mj5/6vV///Tv3763kL/X/+/x/or2v+Ph4H+f+b0/7vT/+9B/1//X///pvT/yceg9f9j7t8cZrL68j8AAACwiJj7t4SZyP8AAABQGTH33xdmIv8DAABAZcTcvzXMJJP8r/9frf5/pP+v/99t/RXt/yf6/3nT/++g6UW6Svr/4/r/+v+rcfur0f+P3/3q/9Mfg9b/j7n/1WEmmeR/AAAAyEHM/dvCTOR/AAAAqIyY+18TZiL/AwAAQGXE3L89zCST/K//r/+v/6//r//fef36/6uT/n93y+3/r3H+f/1//f/M+v/O/09/DVr/P+b+14aZZJL/AQAAIAcx9+8IM5H/AQAAoDLi/98s/9+r/A8AAABVFHP/RJhJJvl/Bf3/+WH9/0T/v3X7B7X/X9P/1//X/688/f/uVsn5//X/B6j/X79c/1//X/+f6zVo/f+Y+18XZpJJ/gcAAIAcxNz/QJiJ/A8AAACVEXP/ZJiJ/A8AAACVEXP/VJhJJvnf+f+z6/+vzbn/7/z/+v/6/9Wn/9+d/n8P+v/O/1+1/n9R6P9zSw1a/z/m/p1hJpnkfwAAAMhBzP27wkzkfwAAAKiMmPt3h5nI/wAAAFAZMffvCTPJJP/r/2fX/8/6/P/6//r/+v/Vp//fnf5/D/r/+v9V6/87/z+32KD1/2PufzDMJJP8DwAAADmIuX9vmIn8DwAAAJURc/++MJOQ/zv9v24AAABgdYm5f3+YSSb//q//X5H+/2/9fcu69f/1/7utvz/9/3X6/2Hq/w+Wivb/218W103/vwf9f/1//X/9f/pq0Pr/MfcfCDPJJP8DAABADmLuf32YifwPAAAAlRFz/8+Gmcj/AAAAUBkx9/9cmEkm+V//vyL9/zb6//r/3dbv/P/6/1VW0f5/31Sq/z+k/6//P1jbr/+v/89CN77/Hz9aWv8/5v6DYSaZ5H8AAADIQcz9Px9mIv8DAABAZcTc/4YwE/kfAAAAKiPm/kNhJpnkf/1//X/9f/3/G9P/f0PRbhD7//WDR/+/WvT/u6tU/9/5//X/B2z79f/1/1lo0M7/H3P/G8NMMsn/AAAAkIOY+x8KM5H/AQAAoDJi7n9TmIn8DwAAAJURc//DYSaZ5H/9f/1//X/9f+f/77x+/f/VSf+/O/3/HvT/9f/1//X/6atB6//H3P/mMJNM8j8AAADkIOb+t4SZyP8AAABQGTH3vzXMRP4HAACAyoi5/21hJpnkf/1//X/9f/1//f/O69f/X530/7vT/+9B/1//X/9f/5++GrT+f8z9vxBmkkn+BwAAgBzE3P9ImIn8DwAAAJURc//bw0zkfwAAAKiMmPvfEWaSSf7X/9f/1//X/9f/77x+/f/VSf+/O/3/HvT/9f/1//X/6atB6//H3P/OMJNM8j8AAADkIOb+Xwwzkf8BAACgMmLuf1eYifwPAAAAlRFz/y+FmWSS//X/9f8Hq/8/f7H5dvr/+v9Fv/r/9Rvp/2dB/787/f8eOvT/1+r/6//r/+v/c90Grf8fc/+7w0wyyf8AAACQg5j73xNmIv8DAABAZcTc/94wE/kfAAAAKiPm/kfDTDLJ//r/Wfb/00MevP6/8//r/zv/v/7/yuj/d6f/34Pz/+v/6//r/9NXg9b/j7n/sTCTTPI/AAAA5CDm/sfDTOR/AAAAqIyY+98XZiL/AwAAQGXE3P/+MJNM8r/+f5b9/wE+/3/V+v8jLcdHTv3/sabnMx2X+v/6/zeB/n93+v896P+H/nwxpP8/gP3/cDSvW+T2+v8MokHr/8fc/4Ewk0zyPwAAAOQg5v5fDjOR/wEAAKAyYu7/lTAT+R8AAAAqI+b+Xw0zyST/6//r/+v/O/+/8/93Xr/+/+qk/9+d/n8P+v/O/z/I/f8e9P8ZRIPW/4+5/9fCTBYNfj/8ryU8TAAAAGCAxNz/wTCTTP79HwAAAHIQc//hMBP5HwAAACoj5v4jYSaZ5H/9//b+fzyjqv6//v+q6/+P6P+X9P/z1r/+/ytuLwr9f/1//X/9f/1//X9WYtD6/zH3Hw0zyST/AwAAQA5i7v/1MBP5HwAAACoj5v5jYSbyPwAAAFRGzP3TYSaZ5H/9f+f/71f//6f6/7e6/+/8/4H+f96c/787/f8e9P/1//X/9f/pq0Hr/8fcPxNmkkn+BwAAgApLPw6Ouf94mIn8DwAAAJURc/+JMBP5HwAAACoj5v4PhZlkkv/1//X/nf//VvT/R1qW1/8v6f/r//eD/n93+v896P/r/+v/6//TV4PW/4+5fzbMJJP8DwAAADmIuf/DYSbyPwAAAFRGzP0fCTOR/wEAAKAyYu4/GWaSSf7X/9f/z73/XyuKS87/r//faf36/6uT/n93+v896P/r/+v/6//TV4PW/4+5/1SYSSb5HwAAAHIQc//p/2fvPp7suqo9jl+MLamZwJ/AmBFDGJkJc6bMqGJMkUwOtskZTMZkk3POyeScMyaYnKOJhipRbq21rO57+xxJfXTvOXt/PpP1pOd2d9v9HvVD9a0dt9j/AAAA0Izc/feNW+x/AAAAaEbu/vvFLZ3sf/2//r/3/n+1k/f/D/71+v8z9P/6/yms9feXnt/HH9n/3/kuV9xL/6//1/8P0v/r//X/HDa3/j93//3jlk72PwAAAPQgd/8D4hb7HwAAAJqRu/+BcYv9DwAAAM3I3X9F3NLJ/tf/6//1//r/A/3/9fp//f+yef9/mP5/hP5f/6//1/8zqbn1/7n7HxS3dLL/AQAAoAe5+x8ct9j/AAAA0Izc/Q+JW+x/AAAAaEbu/ofGLZ3sf/2//l//v5T+/4T3/w99P/p//f8m+v9h+v8R+n/9v/5f/8+k5tb/5+5/WNzSyf4HAACAHuTuf3jcYv8DAABAM3L3PyJusf8BAACgGbn7Hxm3dLL/9f/6f/3/Uvr/Lb3/r//X/y/cdatb/3+C/n+d/n/ESP+/Wun/h5xzP7/521vO138E/b/+n3Vz6/9z9z8qbrnbanXiQr9JAAAAYFZy9z86bunkz/8BAACgB7n7r4xb7H8AAABoRu7+q+KWTva//l//r//X/+v/N39+/f8ynVt/f/LIj9f/hyP7/zvd4T737rf/9/7/MO//6//1/xw2t/4/d//VcUsn+x8AAAB6kLv/MXGL/Q8AAADNyN3/2LjF/gcAAIBm5O5/XNzSyf7X/7fW/9/2wMed1f/v1y76f/2//l//37rj9vf6/9D1+/979Uv9v/5f/6//53jm1v/n7n983NLJ/gcAAIAe5O5/Qtxi/wMAAEAzcvc/MW6x/wEAAKAZufufFLd0sv/1/631/wc/zvv/+v9Nn1//r/9vmf5/mP5/RCvv/1/gT82u+/nj2vXXr//X/7Nubv1/7v4nxy2d7H8AAADoQe7+p8Qt9j8AAAA0I3f/U+MW+x8AAACakbv/aXFLJ/tf/6//X0b/n59B/6//v/j9f9L/L5P+f5j+f0Qr/f8F2nU/v/SvX/+v/2fd3Pr/3P1Pj1s62f8AAADQg9z9z4hb7H8AAABoRu7+Z8Yt9j8AAAA0I3f/s+KWTva//l//v4z+3/v/+n/v/+v/z43+f5j+f4T+X/+v/9f/M6m59f+5+6+JWzrZ/wAAANCD3P3PjlvsfwAAAGhG7v7nxC32PwAAADQjd/9z45ZO9r/+X/+v/9f/6/83f379/zLp/4fp/0fo//X/+n/9P5OaUf9/1kedWj0vbulk/wMAAEAPcvc/P26x/wEAAKAZuftfELfY/wAAANCM3P0vjFs62f/6/9n0//s5X1v9/95qtbrg/v/u+v9l9/97Z/37rJ9L/b/+fwv0/8P0/yP0//p//b/+n0nNqP/f/3Xu/hfFLZ3sfwAAAOhB7v5r4xb7HwAAAJqRu//FcYv9DwAAAM3I3f+SuKWT/a//n03/v6+t/t/7/4d/Pnrq/73/v07/vx36/2H6/xH6f/2//l//z6Tm1v/n7n9p3HTisgv+FgEAAICZyd3/srilkz//BwAAgB7k7n953GL/AwAAwEJds/Y7uftfEbd0sv/1/9P2/yfO+j39v/7/8M+H/l//r/+/+PT/w/T/I/T/+n/9v/6fSc2t/8/d/8q4pZP9DwAAAD3I3X9d3GL/AwAAQDNy978qbrH/AQAAoBm5+18dt3Sy//X/3v/X/+v/9f+bP7/+f5n0/8P0/yP0//r/3fb/J2/9H/X/tOE8+v/Tp09fedH7/9z9r4lbOtn/AAAA0IPc/a+NW+x/AAAAaEbu/tfFLfY/AAAANCN3/+vjlk72v/7/YvT/Z2rFWff/+aO+rP7/qtVK/6//1//r/4fp/4fp/0fo//X/3v/X/zOpub3/n7v/DXFLJ/sfAAAAepC7/41xi/0PAAAAzcjd/6a4xf4HAACAZuTuf3Pc0sn+1/97/39B/b/3//X/B76fhfX/N6/0/1uxiP5/7+jPP/f+/2r9v/5/QHf9/z3ueuCX+n/9P+vm1v/n7n9L3NLJ/gcAAIAe5O5/a9xi/wMAAEAzcve/LW6x/wEAAKAZufvfHjdd2sn+1//r//X/+n/9/+bPv+X3/0+sViv9/wQW0f8PmHv/7/1//f+Q7vr/Q/T/+n/Wza3/z93/jrilk/0PAAAAPcjd/864xf4HAACAZuTuf1fcYv8DAABAM3L3vztu6WT/6//1//p//X/z/f/Vi+j/vf8/Ef3/MP3/CP2//l//r/9nK3bV/+fuf0/c0sn+BwAAgB7k7n9v3GL/AwAAQDNy978vbrH/AQAAoBm5+98ft3Sy//X/+v/z6f/z69T/t9X/n5xd/3/qwN+vk/f/9f8T0f8P0/+P0P/r//X/1+j/mdLc3v/P3f+BuKWT/Q8AAAA9yN3/wbj1X93a/wAAANCM3P0filvsfwAAAGhG7v4Pxy2d7H/9v/7f+//6/+bf/9f/d0X/P0z/P0L/r//X/3v/n0nNrf/P3f+RuKWT/Q8AAAA9yN3/0bjF/gcAAIBm5O7/WNxi/wMAAEAzcvdfH7d0sv/1//p//b/+X/9/5t+h/r8N+v9h2+n/9/T/+v/q528T/1eg/9f/j308bZpb/5+7/+NxSyf7HwAAAHqQu/8TcYv9DwAAAM3I3f/JuMX+BwAAgEW6dMPv5e7/VNzSyf7X/+v/9f/6f/3/5s+v/18m/f8w7/8f5XbXnv0r/f+59vN3PPCrpb3/f/g/v/T/+n+mN7f+P3f/p+OWTvY/AAAA9CB3/2fiFvsfAAAAmpG7/7Nxi/0PAAAAzcjd/7m4pZP9r//X/zfT/9/yRej/9f/6/+7p/4fp/0d4/3+n7+cv/evX/+v/WTe3/j93/+fjlk72PwAAAPQgd/8X4hb7HwAAAJqRu/+LcYv9DwAAAM3Y3/0Zl3W4//X/O+v/9//++n/v/+v/9f/6/2np/4fp/0fo//X/+n/9P5OaW///pf2POrX6ctzSyf4HAACAHuTu/0rcYv8DAABAM3L3fzVusf8BAACgGbn7vxa3dLL/9f/e/19G/3/69Okr9f/6/4Pfz639/436f4r+f5j+f4T+X/+v/9f/M6m59f+5+78et3Sy/wEAAKAHufu/EbfY/wAAANCM3P3fjFvsfwAAAGhG7v5vxS2d7H/9/wz6/1P6f+//6/9X3v/X/09E/7/ZXlz9/4gW+/9T5/7t77qfP65df/36f/0/6+bW/+fu/3bc0sn+BwAAgB7k7v9O3LK2/2/Y4lcFAAAATCl3/3fjFn/+DwAAAM3I3f+9uKWT/a//317/f8s/u17e/99bbf769f/6f/2//v9i0/8P0/+PaLH/Pw+77ueX/vXr//X/rJtb/5+7//txy8Hhd9n5fZcAAADAnOTu/0Hc0smf/wMAAEAPcvffELfY/wAAANCM3P0/jFs62f/6/xm8/99g/7+d9/9P6f/1/1P2/5fo/9ug/x+m/x+h/9f/6/8n6v/zp1n/37u59f+5+38Ut3Sy/wEAAKAHuft/HLfY/wAAANCM3P0/iVvsfwAAAGhG7v4b45az9v+mtrsV+n/9/3L7f+//6/+9/6//X6f/3xv8355r/39ydbz+P+n/9f/6/177f+//c8bc+v/c/T+NW/z5PwAAACzOZUf8fu7+n8Ut9j8AAAA0I3f/z+MW+x8AAACakbv/F3HLTZfs6kvaKv2//l//r//X/2/+/Pr/ZdL/D/P+/wj9/xT9/OX6/zb6/9VK/8/xza3/z93/y7jFn/8DAABAM3L3/ypusf8BAACgGbn7fx232P8AAADQjNz9v4lbOtn/+n/9/zH7//00U/9/hv7/DP3/Zvr/7dD/D9P/j9D/e/9f/+/9fyY1t/4/d/9v45ZO9j8AAAD0IHf/7+IW+x8AAACakbv/93GL/Q8AAADNyN3/h7ilk/2/s/4//lHr/3fb/1/i/f99+n/9/6bPr/9fJv3/MP3/CP2//l//r/9nUnPr/3P3/zFu6WT/AwAAQA9y9/8pbrH/AQAAoBm5+/8ct9j/AAAA0Izc/X+JWzrZ/97/77v/n+D9f/2//l//r/+fFf3/MP3/ZvUvSv+v/9f/6/+Z1Nz6/9z9f41bOtn/AAAA0IPc/X+LW+x/AAAAaEbu/pviFvsfAAAAmpG7/+9xSyf7X/+v/9f/6//1/5s/v/5/mfT/w3bZ/9/z9uOf1vv/O+//80vQ/+v/9f9MYm79f+7+f8Qtnex/AAAA6EHu/n/GLfY/AAAANCN3/7/iFvsfAAAAmpG7/99xSyf7f6T/P1l/of5/kP7/4Nev/9/886H/1//r/y8+/f8w7/+P0P97/1//r/9nUnPr/3P3/ydu6WT/AwAAQA9y998ct9j/AAAA0Izc/f+NW+x/AAAAaEbu/v/FLZ3sf+//L6n/v1z/r//X/+v/9f8j9P/D9P8j9P/6f/2//p9Jza3/z93//wAAAP//HKdWTw==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
symlinkat(&(0x7f00000001c0)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000b80)='./file6\x00', 0xffffffffffffff9c, &(0x7f0000000bc0)='./file3\x00', 0x0)

36.175772775s ago: executing program 2 (id=4319):
r0 = io_uring_setup(0x6cfb, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xfffffffc})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f00000002c0)={&(0x7f00000007c0)="d1", 0x1})
close_range(r0, 0xffffffffffffffff, 0x0)

35.751737043s ago: executing program 2 (id=4322):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_serviced\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000880)={0x2020}, 0x2020)

35.657668603s ago: executing program 5 (id=4324):
r0 = syz_open_dev$sg(&(0x7f0000000440), 0x0, 0x181801)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000a00)="c3d20c7ccf073600040000000000005800ecff130091d42700ff81000e224e227f0000017b00092b1e58e6000001e80900e10a3a31", 0x35}], 0x1)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0])

35.538479511s ago: executing program 2 (id=4326):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000006600), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x2982, 0x0)

35.396517222s ago: executing program 5 (id=4329):
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000043, &(0x7f0000000040), 0x8a, 0x51b, &(0x7f0000000f00)="$eJzs3c1uW2kZAOD3OHGbpGGcGVgMIzFTZjpqEdRJJvMTsRimEj+rkRDDPg2JE0Vx4ipxpk1UQXoFIFQBEhfABokLQEK9BIRUie5YsAJVkLYLhISMjn3cJI6dJuDarfM80sn5zvf1+H3fOra/86M4gDPrYkR8EhFDEfFuRBSy/ly2xG5jSf/do73bC+mSRK322T+SSLK+1se8kO2W+sH3In6UHI27ub2zOl8ulzYOd+9cXVmbXy4tl9ZnZqY/nP1o9oPZqRNWkgwfN/pKRHz87Se/+OlvvvvxH75x869zf7/y43xEXM/G29XRDY3S8zFyvtlzbJovnaGsony/EwEA4EQuRcRrEfF2RHwtCjE0YPNTAAAAIKL2rfHmlala7d81AAAAYADlImI8klwxu993PHK5YrFxD++XYixXrmxWv75U2VpfTMciJiKfW1opl6aye4UnIp+k29P19v72ey3bMxHxakTcLYym2/UxAAAAoDcutBz/Pyk0jv8BAACAAeNiPAAAAAw+x/8AAAAw+Bz/AwAAwED7/qefpkvt0d7t+vcALH6+vbVa+fzqYmlztbi2tVBcqGzcKC5XKsvlUnHo2Y9XrlRuvB/rW7cmq8Ob1cnN7Z25tcrWenWu/r3ec6XXelATAAAAcNirb917kNT/8l9qdDT9eS7byvcvLeDFkgy3dFz/ap8yAbriBKf0D7u49XwSAXqu9TMdODsc4wNJa0fLxGCk01Thj6ePZc4BAAD9cfnL9x6kc//db47Wl3D9H86MXL8TAPrmZ/1OAOgb5+Lh7Mqf/g5AYMAcuf7fYqTTwDOu/++fQ6zVTp0UAADQVeON1W5k1wLHI5crFp9eFkyWVsqlqYh4JSL+XMifT7en+5gvAAAAAAAAAAAAAAAAAAAAAAAAALyMarUkagAAAMBAi8j9Lcm+/+ty4dJ46/mBc8m/CvV1RNz89We/vDVfrW5Mp/3/fNpf/VXW/14/zmAAAADAWZQ/drR5nN48jgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbnq0d3uhufQy7sNrMRoT7eIPx0h9PRL5iBh7nMTwgf2SiBjqQvzdOxHxerv4SZpWTGRZjD0+f2i/XESM9jT+4frT+Be6EB/OsnvXIuKTdq+/XFysr9u//oaz5f/18Fr9Rd42fvP9b6jD+98XThjjjfu/m+wY/07EG8Pt33+a8ZMO8d85YfzrP9zZ6TRWS7JGm/gHY01W125Mbm7vXF1Zm18uLZfWZ2amP5z9aPaD2anJpZVyKfvZNsbPv/L73bsd68/V1wfrb9Y50cjwJ53qv3TC+v9z/9beFxvN/NH4EVfeaf/8v15ft///T38n3s0+B9Lxy832bqN90Ju//dObnXJL4y+2/fxvPv+FWqf6r5zrWHJyoH2kZgCgvza3d1bny+XSRg8ab7/fvQdMepTzy9BYHovoedCRF6P2jo10bvocHvk7p98rsvlw1tOcDj9z92Oe0790ra7cfmItQ/19XwIAALpvf9Lf70wAAAAAAAAAAAAAAAAAAADg7Pqf/njYW6fbqzXmbn9KBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41n8DAAD//zAevgQ=")
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

34.730268198s ago: executing program 0 (id=4334):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x24, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

34.593028585s ago: executing program 5 (id=4336):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0x5, 0x8, 0x60d0})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)

34.410389784s ago: executing program 0 (id=4339):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000", @ANYRESHEX, @ANYRES32, @ANYRESDEC=0x0, @ANYRESHEX], 0x1, 0x1a2, &(0x7f0000000780)="$eJzs0L9r1GAcx/H390nul1DlVBwq2AOLMUe1yVUdnA6nEy7g4CJ46HGNvWKqXHODLS10kYJU+y/oIHVUQScRBefiIDhoXLpJbygO4iAnyT0V/Bt8XpB88v1Aki9PN+7FBeD33kqHOhmLg3xEsIEJGXVKjfK1nr/r3BwFl/S8ofOZzvF4afl2O4rCxcrFCuV/CuBH1v2t4hccU5SEOvJ5b6XTlpsBwzoLajag3KT6EKtFz33EuD3G0RtYDJ0NLit64jTh0HS/yHS8tHxmfqE9F86Fd2q1mQveOc87n+4fhd4rxH0gises4gYUAkruKrkW97ftA0wJ4nZVYkl1QL7F5rZ1+uTUAOXuMkR45wwofLW7FXWVUxSvp8s3OCI8wQqYbFJS2Nyaj0KvgVxRL8W3P9k/c4rimmWd7dyNZtevKfmV36rLblH8HXKOT63qM5MeDYd5z3rCZEIjYSth5xsT8ib9y/652mvp/bmejnOCp3nutfv9RT8PH8QJqKVXGcayz6lsrzK81e/o4Mv+g2EYhmEYhmEYhvEf+BMAAP//l8hh1g==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

34.372586926s ago: executing program 3 (id=4340):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000023c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="cc", 0x1}, {&(0x7f0000000040)="e20207952648a715f4cf8d1649a57e95c5fd7a9b5c441f68", 0x18}, {&(0x7f0000000180)="9d43d90ebd93b5e5c2b02e3615c8c122e521c8fd1787cc85ce4b3ed854b179e64008a4fbe7fa5c3d7a6470b9e9dc5432716b81662712b7d564312ff7683c7832df68c2014a0b18ee78c7ea481cc637525f366f555a8f8287af8404f387bcbe04e9f3b4c189a8f9", 0x67}], 0x3}, 0x0)

34.294993973s ago: executing program 5 (id=4341):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
timer_create(0x0, &(0x7f0000000140)={0x0, 0x11}, &(0x7f0000001400))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
read$nci(r0, 0x0, 0x0)

34.162170585s ago: executing program 0 (id=4343):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

34.107723474s ago: executing program 3 (id=4344):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
write$binfmt_misc(r0, &(0x7f0000000240)=ANY=[], 0xfffffecc)

33.988340603s ago: executing program 2 (id=4345):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x0, 0x0, 0x6}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b32, &(0x7f0000000040))

33.847096918s ago: executing program 2 (id=4346):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x24, 0x9, 0x0, 0x25dfdbff, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

32.963678582s ago: executing program 3 (id=4347):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xb)
copy_file_range(r1, &(0x7f0000000080), r0, &(0x7f0000000100), 0xfffffffffffffff8, 0x0)

32.84375493s ago: executing program 3 (id=4348):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x3c, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x5, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8, 0x2}, {0x8, 0x1}]}}]}]}, 0x3c}}, 0x0)

32.758207347s ago: executing program 3 (id=4349):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x20108c0, &(0x7f0000000440)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703835352c6572726f72733d72656d6f756e742d726f2c696e746567726974792c6e6f646973636172642c646973636172643d3078303030303030303030303030303030382c6572726f72733d636f6e74696e7565006969736f383835392d342c756d61736b3d3078303030303030303030303030303038312c696f6368617257fd743d6d6163677265656b2c71756f74612c6572726f72733d72656d6f756e742d726f2c726573697a653d3078303030303030303030181829303030303030312c756d61736b3d3078303030303030303030303032303034352c66736d616769633d3078303030303030303030303030303030392c646566636f6e746578743d726f6f742c66736e616d653d757d407d587d5b2d292b2c000d1c13f7c892c8615d265c6376539175380511bac765713e83a65e4fdf011c705fc6838005120385ac61b970f45d1492a0612eb8000000000000808fc76f91b7b9a5ce77887858ea333961d1ef1e4eabd4c84e81dbf575c47e9b8eea9d6806fa159e0525146f6312b4931cffed00"/420], 0xfe, 0x612b, &(0x7f0000006700)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0x80086601, 0x0)

31.034984076s ago: executing program 3 (id=4356):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000800)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x6}]}}]}, 0x44}}, 0x0)

15.875590347s ago: executing program 4 (id=4485):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x40)

15.846427915s ago: executing program 4 (id=4486):
ioprio_set$pid(0x1, 0x0, 0x2007)
r0 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
io_setup(0x1, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2600, 0xc8, 0x8, 0x1, 0x0, r0, 0x0}])

15.705911487s ago: executing program 4 (id=4487):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f00000022c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000019c0)="b7e4beaed65f8fe1c5637dde8f69cfe980e7a306412915e780ffc71fd638b3f90864c23359c3f9761da280741935969696111ac4adb81b886a915c2f8d857b376a3f9bedb9171a2e2831a985", 0x4c}, {&(0x7f00000003c0)="dbf518c8df2bab21c743a413818a1b695f18c7ab7c305b0bb0bfa2b2fae3d8808fc3845c8ea35a7ba60d6bc24ef1292f646a516b15a5a8e3e749d944f25f0489f9c2c699ae9ad726c592645a245bb6e8a729ace3d1ee0623f73cc9c0699bdb325258577e88716d6dc4799e94e12b9016cc794c77b710f7f9404fc4a661469ffe068c10da1e10742d87dc3592cc6aa3", 0x8f}, {&(0x7f0000001a40)="5d645b621b3df9832ef948269b0c42fed99cb5c76d7a2c3542d3864f3a20d4efd53d529529f85be060f4127f3df148a9db497578309e1a879280827e54f212a1bd279f9c4874ed96d2a2494e934827417c9f889e169a3553958e6d34b4d6322937da6b79494cb80787c15bf37a25db05868d", 0x72}, {&(0x7f0000001b80)="261da59eb4ad27b5ec672f90a6e88ccee949372709f2d90284bbaf305a012b8a275f6b1f76e72f39e69f068d2eeaeb52f48a7d", 0x33}, {&(0x7f0000000540)="01", 0x1}], 0x5}}], 0x1, 0x0)

15.653982316s ago: executing program 4 (id=4488):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x20, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f00000002c0), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r0, &(0x7f0000000840)="fb7168e088f5907b1f755902261e305060", 0x20000000}, 0x20)

15.593361655s ago: executing program 4 (id=4489):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0/bus\x00', 0x5)

15.530288309s ago: executing program 4 (id=4490):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810500000200000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

1.274897326s ago: executing program 1 (id=4534):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)

1.054354302s ago: executing program 1 (id=4535):
r0 = fanotify_init(0x200, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r0, 0x455, 0x8000003, r1, 0x0)
fanotify_mark(r0, 0x41, 0x8000038, r1, 0x0)

992.382078ms ago: executing program 1 (id=4536):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)
r1 = dup2(r0, r0)
fcntl$setstatus(r0, 0x4, 0x40c00)
read$FUSE(r1, &(0x7f00000080c0)={0x2020}, 0x2020)

934.026852ms ago: executing program 1 (id=4537):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet(0x2b, 0x801, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x8)
poll(&(0x7f0000000140)=[{r0, 0x816c}], 0x1, 0x1004)

11.741728ms ago: executing program 1 (id=4538):
r0 = io_uring_setup(0x4822, &(0x7f0000000480))
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r1, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "750a65a3c93199cd485a10497ead5ac3e112baf740f0853a3660ea0ca01c5078a94a0bb37a8dbd611d75f7d309540c18a222bcb970c5d34d2369ea9659f976", 0x1}, 0x60)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=4539):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000001c0)={0x0}, 0x20)

kernel console output (not intermixed with test programs):

294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.315168][   T29] audit: type=1326 audit(1725045808.692:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.432067][   T29] audit: type=1326 audit(1725045808.692:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.540527][   T29] audit: type=1326 audit(1725045808.692:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.574656][ T9979] BTRFS info (device loop2): last unmount of filesystem 64dbad8a-a882-4124-98a3-c725ae0f110a
[  449.587554][T13849] loop1: detected capacity change from 0 to 8
[  449.640665][   T29] audit: type=1326 audit(1725045808.692:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.731040][T13849] SQUASHFS error: lzo decompression failed, data probably corrupt
[  449.759395][   T29] audit: type=1326 audit(1725045808.692:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  449.795840][T13849] SQUASHFS error: Failed to read block 0x91: -5
[  449.810922][T13849] SQUASHFS error: Unable to read metadata cache entry [8f]
[  449.823325][T13855] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  449.848809][T13849] SQUASHFS error: Unable to read inode 0x11f
[  449.860542][   T29] audit: type=1326 audit(1725045808.692:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  450.008001][   T29] audit: type=1326 audit(1725045808.692:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  450.132146][   T29] audit: type=1326 audit(1725045808.692:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13834 comm="syz.3.3168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff764179eb9 code=0x7ffc0000
[  450.259215][T13857] loop5: detected capacity change from 0 to 4096
[  450.336173][T13857] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512).
[  450.453024][T13857] ntfs3: loop5: Failed to initialize $Extend/$ObjId.
[  450.960003][T13868] loop5: detected capacity change from 0 to 64
[  451.113537][T13853] loop3: detected capacity change from 0 to 32768
[  451.122303][T13853] XFS: noikeep mount option is deprecated.
[  451.186701][T13853] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  451.385360][T13853] XFS (loop3): Ending clean mount
[  451.421723][T13853] XFS (loop3): Quotacheck needed: Please wait.
[  451.472294][T13882] program syz.1.3185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  451.606891][T13880] loop5: detected capacity change from 0 to 4096
[  451.648288][T13880] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512).
[  451.712251][T13853] XFS (loop3): Quotacheck: Done.
[  451.837216][T13853] XFS (loop3): User initiated shutdown received.
[  451.883925][T13853] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:453).  Shutting down filesystem.
[  451.909802][T13853] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  452.029561][T13899] tun0: tun_chr_ioctl cmd 1074025680
[  452.094835][T11017] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  452.451059][T13910] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3198'.
[  452.839782][ T1172] IPVS: starting estimator thread 0...
[  452.948929][T13926] IPVS: using max 16 ests per chain, 38400 per kthread
[  452.988098][T13890] loop1: detected capacity change from 0 to 32768
[  453.104837][T13890] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  453.180684][ T5409] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  453.322818][T13890] XFS (loop1): Ending clean mount
[  453.373530][T13890] XFS (loop1): Quotacheck needed: Please wait.
[  453.390791][ T5409] usb 5-1: Using ep0 maxpacket: 16
[  453.406086][ T5409] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.458105][ T5409] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.482474][ T5409] usb 5-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  453.500556][ T5409] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.523794][T13890] XFS (loop1): Quotacheck: Done.
[  453.531420][ T5409] usb 5-1: config 0 descriptor??
[  453.764634][T12208] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  454.029039][ T5409] playstation 0003:054C:05C4.0011: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.4-1/input0
[  454.079827][T13957] PM: Enabling pm_trace changes system date and time during resume.
[  454.079827][T13957] PM: Correct system time has to be restored manually after resume.
[  454.200678][ T5409] playstation 0003:054C:05C4.0011: Invalid byte count transferred, expected 16 got 0
[  454.210217][ T5409] playstation 0003:054C:05C4.0011: Failed to retrieve DualShock4 pairing info: -22
[  454.260525][ T5409] playstation 0003:054C:05C4.0011: Failed to get MAC address from DualShock4
[  454.320521][ T5409] playstation 0003:054C:05C4.0011: Failed to create dualshock4.
[  454.354653][ T5409] playstation 0003:054C:05C4.0011: probe with driver playstation failed with error -22
[  454.425858][ T5409] usb 5-1: USB disconnect, device number 12
[  454.507492][T13965] loop1: detected capacity change from 0 to 256
[  454.581642][T13965] exfat: Deprecated parameter 'namecase'
[  454.587665][T13965] exfat: Deprecated parameter 'utf8'
[  454.646878][T13965] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  454.935512][T13982] loop5: detected capacity change from 0 to 64
[  455.443164][T14001] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  456.003300][T14011] loop4: detected capacity change from 0 to 4096
[  456.073599][T14011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  456.203640][T14021] loop5: detected capacity change from 0 to 16
[  456.243869][T14021] erofs: (device loop5): mounted with root inode @ nid 36.
[  456.334294][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  456.334376][   T29] audit: type=1800 audit(1725045815.922:1301): pid=14021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3245" name="file1" dev="loop5" ino=86 res=0 errno=0
[  456.373624][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.171043][T14045] tipc: Started in network mode
[  457.201754][T14045] tipc: Node identity str_len:, cluster identity 4711
[  457.208630][T14045] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  457.604252][T14017] loop1: detected capacity change from 0 to 40427
[  457.640990][T14017] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  457.670935][T14017] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  457.705505][T14017] F2FS-fs (loop1): invalid crc value
[  457.741577][T14017] F2FS-fs (loop1): Found nat_bits in checkpoint
[  457.938336][T14017] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  457.955956][T14017] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  457.995648][   T29] audit: type=1800 audit(1725045817.582:1302): pid=14017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3243" name="bus" dev="loop1" ino=10 res=0 errno=0
[  458.081674][T14065] loop3: detected capacity change from 0 to 1024
[  458.098186][T14037] loop2: detected capacity change from 0 to 32768
[  458.133520][T14065] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  458.174859][T14037] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  458.255484][T14080] loop5: detected capacity change from 0 to 2048
[  458.287484][T14065] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3264: Invalid block bitmap block 0 in block_group 0
[  458.299509][T14083] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  458.365617][T14083] NILFS (loop5): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  458.378532][T14065] Quota error (device loop3): write_blk: dquota write failed
[  458.383281][T14037] XFS (loop2): Ending clean mount
[  458.389568][T14083] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=2)
[  458.410579][T14065] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  458.421499][T14083] Remounting filesystem read-only
[  458.433473][ T2949] NILFS (loop5): discard dirty page: offset=4096, ino=6
[  458.438845][T14065] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.3264: Failed to acquire dquot type 0
[  458.466252][ T2949] NILFS (loop5): discard dirty block: blocknr=39, size=1024
[  458.498023][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.518067][T14065] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.3264: Freeing blocks not in datazone - block = 0, count = 4096
[  458.536062][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.555020][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.593919][ T2949] NILFS (loop5): discard dirty page: offset=0, ino=2
[  458.604122][T14065] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.3264: Invalid inode bitmap blk 0 in block_group 0
[  458.630426][ T2949] NILFS (loop5): discard dirty block: blocknr=18, size=1024
[  458.637778][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.643977][  T742] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8
[  458.657546][T14065] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  458.680983][ T9979] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  458.684731][  T742] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:5: Failed to release dquot type 0
[  458.699691][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.721274][T14065] EXT4-fs (loop3): 1 orphan inode deleted
[  458.729634][ T2949] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  458.742588][T14065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  458.766833][T14080] NILFS (loop5): mounting fs with errors
[  458.857496][T14065] EXT4-fs error (device loop3): __ext4_get_inode_loc:4436: comm syz.3.3264: Invalid inode table block 12884901889 in block_group 0
[  458.920785][T14065] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5810: Corrupt filesystem
[  458.962625][T14083] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  459.001079][T14083] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4)
[  459.021845][T14083] Remounting filesystem read-only
[  459.027046][  T742] NILFS (loop5): discard dirty page: offset=0, ino=6
[  459.055682][  T742] NILFS (loop5): discard dirty block: blocknr=35, size=1024
[  459.100615][  T742] NILFS (loop5): discard dirty block: blocknr=36, size=1024
[  459.129557][ T2959] EXT4-fs error (device loop3): __ext4_get_inode_loc:4436: comm kworker/u8:10: Invalid inode table block 12884901889 in block_group 0
[  459.158745][  T742] NILFS (loop5): discard dirty block: blocknr=37, size=1024
[  459.192625][  T742] NILFS (loop5): discard dirty block: blocknr=38, size=1024
[  459.221806][T11593] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[  459.233874][T11017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.256158][T11593] NILFS (loop5): discard dirty page: offset=0, ino=5
[  459.271610][T11593] NILFS (loop5): discard dirty block: blocknr=41, size=1024
[  459.278987][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.317623][T14088] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3274'.
[  459.340753][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.349746][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.399832][T11593] NILFS (loop5): discard dirty page: offset=0, ino=4
[  459.431634][T11593] NILFS (loop5): discard dirty block: blocknr=40, size=1024
[  459.439003][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.492519][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.536268][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.571131][T11593] NILFS (loop5): discard dirty page: offset=0, ino=3
[  459.577914][T11593] NILFS (loop5): discard dirty block: blocknr=42, size=1024
[  459.610593][T11593] NILFS (loop5): discard dirty block: blocknr=43, size=1024
[  459.632574][T11593] NILFS (loop5): discard dirty block: blocknr=44, size=1024
[  459.657059][T11593] NILFS (loop5): discard dirty block: blocknr=18446744073709551615, size=1024
[  459.836487][   T29] audit: type=1326 audit(1725045819.422:1303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14101 comm="syz.0.3277" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b0b79eb9 code=0x0
[  459.885342][T14099] loop1: detected capacity change from 0 to 4096
[  461.048663][T14148] loop2: detected capacity change from 0 to 128
[  461.091328][T14152] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3299'.
[  461.115767][T14142] loop4: detected capacity change from 0 to 4096
[  461.147764][   T29] audit: type=1800 audit(1725045820.732:1304): pid=14148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3296" name="bus" dev="loop2" ino=1048707 res=0 errno=0
[  461.229785][ T5409] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  461.421505][ T5409] usb 2-1: Using ep0 maxpacket: 16
[  461.432973][ T5409] usb 2-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice=93.b9
[  461.460575][ T5409] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.488440][ T5409] usb 2-1: Product: syz
[  461.497712][ T5409] usb 2-1: Manufacturer: syz
[  461.523616][ T5409] usb 2-1: SerialNumber: syz
[  461.544987][ T5409] usb 2-1: config 0 descriptor??
[  461.585838][T14159] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3304'.
[  461.787954][ T5409] speedtch 2-1:0.0: speedtch_bind: wrong device class 141
[  461.804483][ T5409] speedtch 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  461.865802][T14168] loop2: detected capacity change from 0 to 512
[  461.906972][T14168] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  461.958456][T14168] EXT4-fs (loop2): 1 truncate cleaned up
[  461.981429][T14168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  462.062341][T14144] loop1: detected capacity change from 0 to 64
[  462.069325][T14151] loop3: detected capacity change from 0 to 32768
[  462.103384][T14144] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  462.122810][T14151] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  462.189399][T14144] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  462.226542][ T5409] usb 2-1: USB disconnect, device number 19
[  462.303047][T14151] XFS (loop3): Ending clean mount
[  462.312078][ T9979] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.332342][T14151] XFS (loop3): Quotacheck needed: Please wait.
[  462.487189][T14151] XFS (loop3): Quotacheck: Done.
[  462.522140][ T5296] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  462.588896][T11017] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  462.741612][ T5296] usb 5-1: Using ep0 maxpacket: 16
[  462.748891][ T5296] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  462.780446][ T5296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  462.804451][ T5296] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  462.828301][ T5296] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.860450][ T5296] usb 5-1: Product: syz
[  462.871991][ T5296] usb 5-1: Manufacturer: syz
[  462.876634][ T5296] usb 5-1: SerialNumber: syz
[  462.911479][ T5296] usb 5-1: config 0 descriptor??
[  462.923936][ T5296] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  462.962070][ T5296] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  463.062868][T14203] netlink: 87 bytes leftover after parsing attributes in process `syz.2.3320'.
[  463.188071][T14205] loop1: detected capacity change from 0 to 47
[  463.209515][T14188] loop5: detected capacity change from 0 to 32768
[  463.230026][T14188] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3312 (14188)
[  463.284265][T14188] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  463.305039][T14188] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  463.325249][T14188] BTRFS info (device loop5): using free-space-tree
[  463.547313][ T5296] em28xx 5-1:0.0: chip ID is em2800
[  463.752765][ T5296] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  463.791793][ T5296] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  463.798824][ T5296] em28xx 5-1:0.0: No AC97 audio processor
[  463.861139][ T5296] usb 5-1: USB disconnect, device number 13
[  463.868205][ T5296] em28xx 5-1:0.0: Disconnecting em28xx
[  463.875915][T11593] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  463.962161][ T5296] em28xx 5-1:0.0: Freeing device
[  464.065888][T14208] loop2: detected capacity change from 0 to 32768
[  464.119860][T14208] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3322 (14208)
[  464.193240][T14208] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  464.227140][T14208] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  464.250907][T14208] BTRFS info (device loop2): using free-space-tree
[  464.619736][T14260] loop1: detected capacity change from 0 to 16
[  464.665463][T14260] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  464.822930][T14264] loop3: detected capacity change from 0 to 64
[  464.911544][ T9979] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  466.369159][T14299] loop3: detected capacity change from 0 to 2048
[  466.481983][T14299] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  466.568635][T14308] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  466.795403][T11017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  467.131346][T14319] can0: slcan on ttyS3.
[  467.262144][T14322] can0 (unregistered): slcan off ttyS3.
[  467.826813][T14347] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  468.133108][T14361] loop5: detected capacity change from 0 to 8
[  468.195797][T14363] tap0: tun_chr_ioctl cmd 2148553947
[  468.248211][T14366] loop2: detected capacity change from 0 to 1024
[  468.298876][T14366] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  468.331091][T14366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.417202][ T9979] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.783638][T14383] loop5: detected capacity change from 0 to 2048
[  468.840601][T14383] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  468.844266][T14388] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3389'.
[  468.960526][T14392] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  468.960900][T14383] syz.5.3386: attempt to access beyond end of device
[  468.960900][T14383] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  469.045293][T14394] loop1: detected capacity change from 0 to 1024
[  469.077562][T14383] syz.5.3386: attempt to access beyond end of device
[  469.077562][T14383] loop5: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  469.127344][T14383] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0)
[  469.304450][T14402] netlink: 1036 bytes leftover after parsing attributes in process `syz.3.3395'.
[  469.330595][T14402] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  469.700212][T14417] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3402'.
[  469.755584][T14420] netlink: 'syz.1.3403': attribute type 1 has an invalid length.
[  469.790445][T14420] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3403'.
[  469.824481][T14420] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3403'.
[  470.897005][T14448] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3418'.
[  471.169301][T14429] loop3: detected capacity change from 0 to 32768
[  471.210744][T14429] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  471.394983][T14429] XFS (loop3): Ending clean mount
[  471.625852][T11017] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  471.658992][T14482] sch_tbf: burst 5729 is lower than device lo mtu (65550) !
[  472.562311][T14505] loop4: detected capacity change from 0 to 2048
[  472.635938][T14505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  472.695312][T14505] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  472.822047][   T29] audit: type=1800 audit(1725045832.402:1305): pid=14505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3441" name="bus" dev="loop4" ino=18 res=0 errno=0
[  472.904261][T14521] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3447'.
[  472.940637][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  473.707496][T14554] loop1: detected capacity change from 0 to 1024
[  473.825558][T14557] netlink: 'syz.4.3465': attribute type 10 has an invalid length.
[  473.871609][T14557] netlink: 55 bytes leftover after parsing attributes in process `syz.4.3465'.
[  474.201160][T14575] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  474.924240][T14606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3488'.
[  474.970725][T14606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3488'.
[  475.037367][T14606] macvlan2: entered promiscuous mode
[  475.062876][T14609] loop4: detected capacity change from 0 to 1024
[  475.072118][T14606] macvlan2: entered allmulticast mode
[  475.090088][T14606] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  475.328926][T14615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3492'.
[  475.370604][ T5409] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  475.596780][ T5409] usb 2-1: Using ep0 maxpacket: 8
[  475.619977][ T5409] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  475.640338][ T5409] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  475.687995][ T5409] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  475.715923][ T5409] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  475.756071][T14599] loop2: detected capacity change from 0 to 32768
[  475.762749][ T5409] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  475.762786][ T5409] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.870773][T14599] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  475.982124][ T5409] usb 2-1: GET_CAPABILITIES returned 0
[  475.999071][ T5409] usbtmc 2-1:16.0: can't read capabilities
[  476.075532][T14640] loop4: detected capacity change from 0 to 2048
[  476.135529][T14640] NILFS (loop4): invalid segment: Checksum error in segment payload
[  476.160684][T14640] NILFS (loop4): trying rollback from an earlier position
[  476.161237][T14599] XFS (loop2): Ending clean mount
[  476.195438][ T5296] usb 2-1: USB disconnect, device number 20
[  476.227328][T14640] NILFS (loop4): recovery complete
[  476.253687][T14649] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  476.344039][T14652] loop3: detected capacity change from 0 to 256
[  476.376846][T14652] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  476.412668][ T9979] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  476.818363][T14659] hsr0: entered promiscuous mode
[  476.964643][T14662] loop1: detected capacity change from 0 to 256
[  476.989668][T14662] exfat: Deprecated parameter 'utf8'
[  477.023758][T14662] exfat: Deprecated parameter 'namecase'
[  477.110913][T14662] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  477.380917][T14671] loop2: detected capacity change from 0 to 64
[  477.470224][T14673] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3516'.
[  477.513161][T14673] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3516'.
[  477.994985][T14687] loop2: detected capacity change from 0 to 512
[  478.055420][T14687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.083229][T14660] loop4: detected capacity change from 0 to 32768
[  478.106768][T14660] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3510 (14660)
[  478.132975][T14687] ext4 filesystem being mounted at /287/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.156626][T14660] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  478.195710][T14660] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  478.212351][T14687] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  478.222076][T14660] BTRFS info (device loop4): using free-space-tree
[  478.231235][T14687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  478.252995][T14687] EXT4-fs error (device loop2): __ext4_remount:6491: comm syz.2.3523: Abort forced by user
[  478.289449][T14687] EXT4-fs (loop2): Remounting filesystem read-only
[  478.363778][T14665] loop3: detected capacity change from 0 to 32768
[  478.404938][ T9979] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.451574][    T9] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  478.454855][T14665] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  478.504772][   T29] audit: type=1800 audit(1725045838.092:1306): pid=14660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3510" name="bus" dev="loop4" ino=263 res=0 errno=0
[  478.596991][T14665] XFS (loop3): Ending clean mount
[  478.629021][ T9805] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  478.642609][    T9] usb 1-1: config 0 has no interfaces?
[  478.659281][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0001, bcdDevice= 0.00
[  478.693605][T14725] loop1: detected capacity change from 0 to 256
[  478.702396][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.752265][    T9] usb 1-1: config 0 descriptor??
[  478.819551][T11017] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  478.982065][ T5296] usb 1-1: USB disconnect, device number 23
[  479.616549][T14749] loop5: detected capacity change from 0 to 1024
[  479.862878][   T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  480.108748][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  480.159033][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.206853][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  480.223655][   T25] usb 5-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  480.234612][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.252004][   T25] usb 5-1: config 0 descriptor??
[  480.672774][T14745] loop1: detected capacity change from 0 to 32768
[  480.713300][   T25] redragon 0003:0C45:760B.0012: hidraw0: USB HID v0.00 Device [HID 0c45:760b] on usb-dummy_hcd.4-1/input0
[  480.720255][T14745] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3538 (14745)
[  480.773460][T14745] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  480.808226][T14745] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  480.834683][T14745] BTRFS info (device loop1): using free-space-tree
[  480.907330][   T25] usb 5-1: USB disconnect, device number 14
[  481.474150][T12208] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  481.672062][   T25] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  481.769526][T14818] input: syz0 as /devices/virtual/input/input30
[  481.874064][   T25] usb 6-1: Using ep0 maxpacket: 32
[  481.913208][   T25] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  481.936904][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  481.979949][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  482.027362][   T25] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  482.079003][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.133926][   T25] usb 6-1: config 0 descriptor??
[  482.160213][T14811] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  482.171076][   T25] hub 6-1:0.0: USB hub found
[  482.251048][T14826] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  482.293190][  T936] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  482.408245][   T25] hub 6-1:0.0: 2 ports detected
[  482.525188][  T936] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  482.545787][  T936] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.548600][T14834] 9p: Unknown access argument us: -22
[  482.577346][  T936] usb 1-1: Product: syz
[  482.593871][  T936] usb 1-1: Manufacturer: syz
[  482.598571][  T936] usb 1-1: SerialNumber: syz
[  482.614837][   T25] hub 6-1:0.0: hub_hub_status failed (err = -71)
[  482.625584][  T936] usb 1-1: config 0 descriptor??
[  482.635071][   T25] hub 6-1:0.0: config failed, can't get hub status (err -71)
[  482.652205][   T25] usbhid 6-1:0.0: can't add hid device: -71
[  482.668991][   T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  482.722947][   T25] usb 6-1: USB disconnect, device number 20
[  482.861079][ T5296] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  482.957808][T14848] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  483.004868][T14850] netlink: 'syz.4.3580': attribute type 1 has an invalid length.
[  483.032545][T14850] netlink: 9352 bytes leftover after parsing attributes in process `syz.4.3580'.
[  483.051201][T14850] netlink: 'syz.4.3580': attribute type 1 has an invalid length.
[  483.060045][T14850] netlink: 'syz.4.3580': attribute type 2 has an invalid length.
[  483.064798][ T5296] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  483.086238][ T5296] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  483.127992][ T5296] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  483.154736][ T5296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.172343][T14854] loop2: detected capacity change from 0 to 16
[  483.178174][T14837] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  483.205082][ T5296] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  483.207649][T14854] erofs: (device loop2): mounted with root inode @ nid 36.
[  483.472445][  T936] usb 1-1: f81604_write: reg: 105 data: f2 failed: -EPROTO
[  483.479740][  T936] f81604 1-1:0.0: Setting termination of CH#1 failed: -EPROTO
[  483.484772][T14864] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3587'.
[  483.516429][T14862] loop2: detected capacity change from 0 to 1024
[  483.523030][  T936] f81604 1-1:0.0: probe with driver f81604 failed with error -71
[  483.542201][  T936] usb 1-1: USB disconnect, device number 24
[  483.663221][    T9] usb 2-1: USB disconnect, device number 21
[  483.880730][ T5409] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  483.901039][  T742] hfsplus: b-tree write err: -5, ino 4
[  483.992057][   T59] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  484.093409][ T5409] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  484.121298][ T5409] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  484.151512][ T5409] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  484.174539][ T5409] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.190699][   T59] usb 4-1: Using ep0 maxpacket: 8
[  484.200306][   T59] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  484.216043][T14866] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  484.226911][   T59] usb 4-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  484.265607][ T5409] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  484.293025][   T59] usb 4-1: config 0 has no interface number 0
[  484.299220][   T59] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  484.317807][   T59] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 24624, setting to 1024
[  484.370620][   T59] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  484.428842][   T59] usb 4-1: config 0 interface 52 has no altsetting 0
[  484.449642][   T59] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  484.458204][T14890] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available
[  484.466153][   T59] usb 4-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  484.466188][   T59] usb 4-1: Product: syz
[  484.466219][   T59] usb 4-1: Manufacturer: syz
[  484.466239][   T59] usb 4-1: SerialNumber: syz
[  484.490659][   T59] usb 4-1: config 0 descriptor??
[  484.583587][ T5253] usb 6-1: USB disconnect, device number 21
[  484.694493][T14895] netlink: 'syz.1.3601': attribute type 29 has an invalid length.
[  484.717149][T14895] netlink: 'syz.1.3601': attribute type 29 has an invalid length.
[  484.743616][T14895] netlink: 'syz.1.3601': attribute type 29 has an invalid length.
[  484.757606][   T59] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input31
[  484.980645][   T59] usb 4-1: USB disconnect, device number 13
[  484.980714][    C0] synaptics_usb 4-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  485.039522][T14902] program syz.2.3605 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  485.281412][    C1] sd 0:0:1:0: [sda] tag#6371 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  485.292086][    C1] sd 0:0:1:0: [sda] tag#6371 CDB: Read(6) 08 00 00 00 00 00
[  485.765223][T14919] loop2: detected capacity change from 0 to 1024
[  485.801900][T14919] hfsplus: part requires an argument
[  485.831791][T14919] hfsplus: unable to parse mount options
[  486.000729][ T5409] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  486.167198][T14926] loop5: detected capacity change from 0 to 2048
[  486.210514][ T5409] usb 4-1: Using ep0 maxpacket: 8
[  486.221116][ T5409] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  486.235087][T14926] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  486.244328][ T5409] usb 4-1: config 179 has no interface number 0
[  486.264702][ T5409] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  486.306747][ T5409] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  486.369631][ T5409] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  486.381981][T14926] UDF-fs: error (device loop5): udf_read_inode: (ino 1329) failed !bh
[  486.428076][ T5409] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  486.480605][ T5409] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  486.517346][ T5409] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  486.560538][ T5409] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.614953][T14913] loop4: detected capacity change from 0 to 32768
[  486.620088][T14922] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  486.641628][T14913] XFS: ikeep mount option is deprecated.
[  486.660467][T14913] XFS: noikeep mount option is deprecated.
[  486.715490][T14913] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  486.789042][T14916] loop1: detected capacity change from 0 to 32768
[  486.849640][T14916] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3612 (14916)
[  486.902369][T14913] XFS (loop4): Ending clean mount
[  486.941427][T14913] XFS (loop4): Quotacheck needed: Please wait.
[  486.959201][   T29] audit: type=1326 audit(1725045846.542:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14949 comm="syz.0.3625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b0b79eb9 code=0x0
[  486.992807][T14916] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  487.018708][T14916] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  487.038911][T14916] BTRFS info (device loop1): using free-space-tree
[  487.078119][ T5409] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input32
[  487.147977][T14944] loop2: detected capacity change from 0 to 4096
[  487.184336][T14913] XFS (loop4): Quotacheck: Done.
[  487.209765][T14944] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  487.268285][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  487.276624][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  487.291931][ T5409] usb 4-1: USB disconnect, device number 14
[  487.300879][ T5409] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  487.335778][ T9805] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  487.336284][T14944] ntfs3: loop2: Inode r=b is not in use!
[  487.403275][T14944] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  487.458583][T14944] ntfs3: loop2: Failed to load $Extend (-116).
[  487.484781][T14944] ntfs3: loop2: Failed to initialize $Extend.
[  487.737054][T14916] BTRFS info (device loop1): balance: start -f -d -m
[  487.757857][ T5236] Bluetooth: hci0: command 0x0406 tx timeout
[  487.765254][ T5236] Bluetooth: hci2: command 0x0405 tx timeout
[  487.834172][T14970] loop3: detected capacity change from 0 to 128
[  487.879080][T14916] BTRFS info (device loop1): balance: canceled
[  487.938956][T14974] loop2: detected capacity change from 0 to 64
[  488.029159][T12208] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  488.293247][T14942] loop5: detected capacity change from 0 to 40427
[  488.305176][T14942] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  488.360800][T14942] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  488.381521][T14983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3631'.
[  488.447686][T14942] F2FS-fs (loop5): Found nat_bits in checkpoint
[  488.711106][T14942] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  488.745020][T14942] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  488.860521][   T29] audit: type=1800 audit(1725045848.442:1308): pid=14942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3622" name="file2" dev="loop5" ino=10 res=0 errno=0
[  488.916067][T14942] syz.5.3622: attempt to access beyond end of device
[  488.916067][T14942] loop5: rw=0, sector=53328, nr_sectors = 8 limit=40427
[  489.045068][T14942] syz.5.3622: attempt to access beyond end of device
[  489.045068][T14942] loop5: rw=0, sector=53328, nr_sectors = 8 limit=40427
[  489.127801][T14942] syz.5.3622: attempt to access beyond end of device
[  489.127801][T14942] loop5: rw=0, sector=53328, nr_sectors = 8 limit=40427
[  489.200257][T15008] macvlan3: entered promiscuous mode
[  489.261097][T15008] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  489.290325][T11593] syz-executor: attempt to access beyond end of device
[  489.290325][T11593] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  489.341521][T11593] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  489.366124][T15016] loop3: detected capacity change from 0 to 1024
[  489.662263][  T742] hfsplus: b-tree write err: -5, ino 4
[  490.341999][T15038] loop3: detected capacity change from 0 to 64
[  490.988076][T15010] loop4: detected capacity change from 0 to 40427
[  491.008231][T15010] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  491.037824][T15010] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  491.068416][T15010] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x1fffff
[  491.101832][T15010] F2FS-fs (loop4): invalid crc value
[  491.116424][T15056] loop5: detected capacity change from 0 to 2048
[  491.138354][T15010] F2FS-fs (loop4): Found nat_bits in checkpoint
[  491.145953][T15056] udf: Unknown parameter 'dont_appraise'
[  491.274382][T15056] loop5: detected capacity change from 0 to 1024
[  491.299558][T15064] netlink: 'syz.0.3668': attribute type 10 has an invalid length.
[  491.312739][T15064] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3668'.
[  491.392340][T15010] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  491.399452][T15010] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  491.463600][T15067] ALSA: mixer_oss: invalid OSS volume '
'
[  491.478330][ T2959] hfsplus: b-tree write err: -5, ino 4
[  491.623863][ T9805] syz-executor: attempt to access beyond end of device
[  491.623863][ T9805] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  491.674053][ T9805] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  491.724467][T15064] team0: Port device macvlan2 removed
[  491.751953][  T936] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  491.802651][T15064] net veth1_virt_wifi virt_wifi0 (unregistering): left allmulticast mode
[  491.833171][T15064] net veth1_virt_wifi virt_wifi0 (unregistering): left promiscuous mode
[  491.960196][T15064] team0: Port device vlan2 removed
[  491.979671][  T936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  492.012468][  T936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.050006][  T936] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  492.105328][  T936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.131860][  T936] usb 2-1: config 0 descriptor??
[  492.596064][  T936] pyra 0003:1E7D:2CF6.0013: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  492.797189][  T936] pyra 0003:1E7D:2CF6.0013: couldn't init struct pyra_device
[  492.830593][  T936] pyra 0003:1E7D:2CF6.0013: couldn't install mouse
[  492.869611][  T936] pyra 0003:1E7D:2CF6.0013: probe with driver pyra failed with error -71
[  492.911668][  T936] usb 2-1: USB disconnect, device number 22
[  493.127119][T15093] loop4: detected capacity change from 0 to 4096
[  493.170531][T15094] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  493.275726][   T29] audit: type=1804 audit(1725045852.852:1309): pid=15093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3684" name="/newroot/329/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  493.433198][T15081] loop5: detected capacity change from 0 to 40427
[  493.467798][T15081] F2FS-fs (loop5): Found nat_bits in checkpoint
[  493.646808][T15081] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  493.659930][T15088] loop3: detected capacity change from 0 to 32768
[  493.696185][T15088] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3679 (15088)
[  493.748396][T15088] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  493.787322][T15088] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  493.809511][T15088] BTRFS info (device loop3): using free-space-tree
[  493.828312][T11593] syz-executor: attempt to access beyond end of device
[  493.828312][T11593] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  493.863045][   T29] audit: type=1326 audit(1725045853.452:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15109 comm="syz.2.3687" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7face0979eb9 code=0x0
[  493.875561][T15106] loop4: detected capacity change from 0 to 4096
[  493.892149][T11593] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  493.918674][T15106] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  493.955115][T15125] loop1: detected capacity change from 0 to 256
[  493.981501][T15125] exfat: Deprecated parameter 'utf8'
[  494.000726][T15125] exfat: Deprecated parameter 'namecase'
[  494.039113][T15106] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  494.068399][T15125] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  494.285660][T11017] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  496.601771][T15179] netlink: 'syz.3.3709': attribute type 21 has an invalid length.
[  496.786038][T15162] loop2: detected capacity change from 0 to 32768
[  496.805420][T15184] loop1: detected capacity change from 0 to 256
[  496.860720][T15162] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3703 (15162)
[  496.863510][T15184] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  496.936738][T15162] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  496.940720][T15184] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  496.994363][T15162] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  497.030904][T15162] BTRFS info (device loop2): using free-space-tree
[  497.100159][T15191] loop5: detected capacity change from 0 to 1024
[  497.189148][T15191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  497.374355][T11593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.476255][ T9979] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  498.363197][   T59] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  498.561513][   T59] usb 5-1: Using ep0 maxpacket: 32
[  498.569165][   T59] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  498.600880][   T59] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  498.650801][   T59] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  498.682378][T15241] loop2: detected capacity change from 0 to 1024
[  498.685665][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  498.728326][   T59] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  498.764748][   T59] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  498.802591][   T59] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  498.819989][T15219] loop3: detected capacity change from 0 to 32768
[  498.831935][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.841824][T15219] XFS: attr2 mount option is deprecated.
[  498.850490][T15241] syz.2.3728: attempt to access beyond end of device
[  498.850490][T15241] loop2: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  498.885026][   T59] usb 5-1: config 0 descriptor??
[  498.891637][T15219] XFS: ikeep mount option is deprecated.
[  498.897417][T15219] XFS: noikeep mount option is deprecated.
[  498.960697][ T5245] Bluetooth: hci0: command 0x0406 tx timeout
[  499.008757][T15219] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  499.099382][T15256] netlink: 104 bytes leftover after parsing attributes in process `syz.5.3732'.
[  499.131108][   T59] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  499.255501][T15219] XFS (loop3): Ending clean mount
[  499.288538][T15219] XFS (loop3): Quotacheck needed: Please wait.
[  499.401930][T15264] loop5: detected capacity change from 0 to 64
[  499.412692][ T5296] usb 5-1: USB disconnect, device number 15
[  499.436613][ T5296] usblp0: removed
[  499.447957][T15219] XFS (loop3): Quotacheck: Done.
[  499.502681][T15264] hfs: request for non-existent node 131072 in B*Tree
[  499.541641][T15264] hfs: request for non-existent node 131072 in B*Tree
[  499.727766][   T29] audit: type=1326 audit(1725045859.312:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15275 comm="syz.1.3741" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0822f79eb9 code=0x0
[  499.904767][T15283] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3743'.
[  500.093298][T11017] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  500.305629][T15292] loop2: detected capacity change from 0 to 2048
[  500.363223][T15292] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  501.036391][ T1256] ieee802154 phy0 wpan0: encryption failed: -22
[  501.043250][ T1256] ieee802154 phy1 wpan1: encryption failed: -22
[  501.079364][T15311] netlink: 'syz.1.3754': attribute type 10 has an invalid length.
[  501.122661][T15312] serio: Serial port ttynull
[  501.178397][T15281] loop5: detected capacity change from 0 to 32768
[  501.249847][T15281] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3742 (15281)
[  501.283250][T15311] team0: Port device wlan1 added
[  501.309938][T15314] netlink: 'syz.1.3754': attribute type 10 has an invalid length.
[  501.349286][T15281] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  501.384636][T15317] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  501.388204][T15281] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  501.433603][T15314] batman_adv: batadv0: Adding interface: team0
[  501.468652][T15314] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  501.497471][T15281] BTRFS info (device loop5): using free-space-tree
[  501.522570][T15314] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  501.743844][T15320] batadv0: entered promiscuous mode
[  501.772120][T15320] macsec2: entered promiscuous mode
[  501.777605][T15320] macsec2: entered allmulticast mode
[  501.816471][T15320] batadv0: entered allmulticast mode
[  501.847112][T15345] loop1: detected capacity change from 0 to 1024
[  501.901291][T11593] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  501.989496][   T63] hfsplus: b-tree write err: -5, ino 4
[  502.105816][T15350] loop3: detected capacity change from 0 to 64
[  502.243189][ T5245] Bluetooth: hci2: unexpected event for opcode 0x2005
[  503.593639][T15349] loop2: detected capacity change from 0 to 32768
[  503.690865][T15392] loop4: detected capacity change from 0 to 512
[  503.691055][T15349] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  503.719550][T15392] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  503.753290][T15349] XFS (loop2): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  503.836038][T15349] XFS (loop2): Quotacheck needed: Please wait.
[  503.902611][T15392] EXT4-fs (loop4): 1 truncate cleaned up
[  503.909797][T15392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.047394][T15349] XFS (loop2): Quotacheck: Done.
[  504.139471][ T9979] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  504.173635][T15408] loop5: detected capacity change from 0 to 1024
[  504.624568][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.739818][    C0] vkms_vblank_simulate: vblank timer overrun
[  505.309124][T15445] loop2: detected capacity change from 0 to 256
[  505.335852][T15445] MINIX-fs: mounting file system with errors, running fsck is recommended
[  505.423785][T15445] Trying to free block not in datazone
[  505.442731][T15445] Trying to free block not in datazone
[  505.600562][ T5409] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  505.682161][T15463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3812'.
[  505.701388][T15463] netlink: 136 bytes leftover after parsing attributes in process `syz.1.3812'.
[  505.765001][T15465] netlink: 'syz.5.3813': attribute type 1 has an invalid length.
[  505.800599][T15465] netlink: 9324 bytes leftover after parsing attributes in process `syz.5.3813'.
[  505.805360][T15457] loop3: detected capacity change from 0 to 4096
[  505.813352][ T5409] usb 1-1: Using ep0 maxpacket: 8
[  505.838512][ T5409] usb 1-1: New USB device found, idVendor=046d, idProduct=0896, bcdDevice=3a.11
[  505.849659][T15457] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  505.860010][T15465] netlink: 'syz.5.3813': attribute type 1 has an invalid length.
[  505.876001][ T5409] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.900509][ T5409] usb 1-1: Product: syz
[  505.908488][T15465] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3813'.
[  505.919120][T15469] loop4: detected capacity change from 0 to 2048
[  505.923581][ T5409] usb 1-1: Manufacturer: syz
[  505.943913][ T5409] usb 1-1: SerialNumber: syz
[  505.971880][ T5409] usb 1-1: config 0 descriptor??
[  505.984234][ T5409] gspca_main: vc032x-2.14.0 probing 046d:0896
[  506.006527][T15469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  506.301184][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.316591][ T5245] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  506.329048][ T5245] Bluetooth: hci2: Injecting HCI hardware error event
[  506.343440][ T5246] Bluetooth: hci2: hardware error 0x00
[  506.561417][T15489] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3826'.
[  506.572236][T15489] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3826'.
[  506.602602][T15489] gtp0: entered promiscuous mode
[  506.613121][T15489] gtp0: entered allmulticast mode
[  506.679427][ T5409] gspca_vc032x: reg_r err -71
[  506.690592][ T5409] vc032x 1-1:0.0: probe with driver vc032x failed with error -71
[  506.710246][ T5409] usb 1-1: USB disconnect, device number 25
[  506.930176][T15500] netlink: 'syz.5.3829': attribute type 9 has an invalid length.
[  506.957693][T15500] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3829'.
[  507.015050][T15504] loop1: detected capacity change from 0 to 1024
[  507.042343][T15504] EXT4-fs: Ignoring removed nobh option
[  507.048061][T15504] EXT4-fs: Ignoring removed orlov option
[  507.069096][T15504] EXT4-fs: Ignoring removed nomblk_io_submit option
[  507.142079][T15504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  507.565358][T12208] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.605735][T15520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3838'.
[  507.625151][T15522] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.3836'.
[  507.636642][T15520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  507.652071][T15520] batman_adv: batadv0: Removing interface: batadv_slave_0
[  507.663890][T15522] netlink: get zone limit has 8 unknown bytes
[  507.721996][T15520] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  507.728584][T15525] loop4: detected capacity change from 0 to 2048
[  507.773710][T15520] batman_adv: batadv0: Removing interface: batadv_slave_1
[  507.807105][T15526] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  507.946800][T15526] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  507.990515][T15526] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4)
[  508.007855][T15526] Remounting filesystem read-only
[  508.028975][ T9805] NILFS (loop4): discard dirty page: offset=0, ino=5
[  508.061502][ T9805] NILFS (loop4): discard dirty block: blocknr=41, size=1024
[  508.068861][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.114885][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.124213][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.136935][ T9805] NILFS (loop4): discard dirty page: offset=0, ino=4
[  508.144323][ T9805] NILFS (loop4): discard dirty block: blocknr=40, size=1024
[  508.152108][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.162141][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.171388][ T9805] NILFS (loop4): discard dirty block: blocknr=18446744073709551615, size=1024
[  508.198525][T15538] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.3846'.
[  508.400987][ T5246] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  508.630535][ T5246] Bluetooth: hci4: command 0x0405 tx timeout
[  508.878170][T15568] mac80211_hwsim hwsim24 wlan0: entered promiscuous mode
[  508.902737][T15566] mac80211_hwsim hwsim24 wlan0: left promiscuous mode
[  509.141411][T15578] netlink: 'syz.5.3863': attribute type 1 has an invalid length.
[  509.167894][T15578] netlink: 'syz.5.3863': attribute type 2 has an invalid length.
[  509.530670][ T5409] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  509.740490][ T5409] usb 5-1: Using ep0 maxpacket: 16
[  509.778010][ T5409] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  509.797872][ T5409] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  509.808338][ T5409] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  509.850533][ T5409] usb 5-1: config 1 has no interface number 1
[  509.869926][ T5409] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  509.915786][ T5409] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  509.949556][ T5409] usb 5-1: config 1 interface 2 has no altsetting 0
[  509.969482][ T5409] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  510.001111][T15602] loop3: detected capacity change from 0 to 256
[  510.008710][ T5409] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.018093][ T5409] usb 5-1: Product: syz
[  510.022514][ T5409] usb 5-1: Manufacturer: syz
[  510.027127][ T5409] usb 5-1: SerialNumber: syz
[  510.214231][T15577] loop1: detected capacity change from 0 to 32768
[  510.267483][ T5409] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  510.296111][ T5409] usb 5-1: 2:1 : format type 39 is not supported yet
[  510.303180][ T5409] usb 5-1: selecting invalid altsetting 0
[  510.310322][T15577] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  510.341769][ T5409] usb 5-1: USB disconnect, device number 16
[  510.435606][T15577] XFS (loop1): Ending clean mount
[  510.582425][T12208] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  511.094868][T15627] __nla_validate_parse: 3 callbacks suppressed
[  511.094892][T15627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3881'.
[  511.183851][T15633] binder: 15632:15633 ioctl c018620c 200005c0 returned -1
[  511.186921][T15620] loop2: detected capacity change from 0 to 32768
[  511.213570][T15620] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3878 (15620)
[  511.312640][T15620] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  511.347661][T15620] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  511.370310][T15635] loop1: detected capacity change from 0 to 1024
[  511.407991][T15620] BTRFS info (device loop2): using free-space-tree
[  511.441350][T15640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3886'.
[  511.573801][T15663] loop4: detected capacity change from 0 to 128
[  511.579220][T15635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.604238][T15663] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  511.635869][T15663] ext4 filesystem being mounted at /367/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  511.787098][T15635] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  511.883005][ T9805] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  511.885045][T15635] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 16384 with max blocks 17 with error 28
[  511.956958][ T9979] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  511.994049][T15635] EXT4-fs (loop1): This should not happen!! Data will be lost
[  511.994049][T15635] 
[  512.017361][T15635] EXT4-fs (loop1): Total free blocks count 0
[  512.057256][T15635] EXT4-fs (loop1): Free/Dirty block details
[  512.091798][T15635] EXT4-fs (loop1): free_blocks=68451041280
[  512.097831][T15635] EXT4-fs (loop1): dirty_blocks=32
[  512.101872][ T1172] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  512.139203][T15635] EXT4-fs (loop1): Block reservation details
[  512.196548][T15635] EXT4-fs (loop1): i_reserved_data_blocks=2
[  512.366337][ T1172] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  512.396821][T12208] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  512.410601][ T1172] usb 4-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00
[  512.447374][ T1172] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.524656][ T1172] usb 4-1: config 0 descriptor??
[  512.573222][ T1172] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  512.839406][ T5409] usb 4-1: USB disconnect, device number 15
[  513.443605][T15705] loop2: detected capacity change from 0 to 4096
[  513.502310][T15705] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  513.734141][T15705] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  513.787127][T15705] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  514.095398][ T2959] ntfs3: loop2: ino=1a, ntfs3_write_inode failed, -22.
[  514.111149][ T9979] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22.
[  514.215384][T15690] loop5: detected capacity change from 0 to 32768
[  514.344874][T15690] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  514.425040][T15690] XFS (loop5): Ending clean mount
[  514.436178][T15690] XFS (loop5): Quotacheck needed: Please wait.
[  514.554729][T15690] XFS (loop5): Quotacheck: Done.
[  514.647927][T11593] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  515.065305][T15746] mac80211_hwsim hwsim35 wlan1: entered allmulticast mode
[  515.079881][T15755] netlink: 'syz.4.3930': attribute type 5 has an invalid length.
[  515.087996][T15755] netlink: 'syz.4.3930': attribute type 4 has an invalid length.
[  515.137611][T15755] netlink: 'syz.4.3930': attribute type 5 has an invalid length.
[  515.177787][T15755] netlink: 'syz.4.3930': attribute type 1 has an invalid length.
[  515.205961][T15755] netlink: 'syz.4.3930': attribute type 1 has an invalid length.
[  515.240170][T15755] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.441265][T15768] devtmpfs: Bad value for 'usrquota_block_hardlimit'
[  515.531617][ T5253] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  515.580348][T15773] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3938'.
[  515.626688][T15771] loop2: detected capacity change from 0 to 4096
[  515.647854][T15771] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  515.752482][T15771] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[  515.759642][ T5253] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  515.769626][T15771] ntfs3: loop2: ino=1e, "file1" attr_set_size
[  515.800452][ T5253] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.823355][ T2959] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22.
[  515.832901][ T5253] usb 4-1: config 0 descriptor??
[  515.848461][ T5253] cp210x 4-1:0.0: cp210x converter detected
[  515.852749][ T9979] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[  515.868865][ T9979] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  515.886337][ T9979] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[  515.903723][ T2933] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22.
[  516.268892][ T5253] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  516.291910][ T5253] cp210x 4-1:0.0: GPIO initialisation failed: -524
[  516.471240][   T59] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  516.697878][   T59] usb 3-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  516.737993][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.848775][   T59] usb 3-1: config 0 descriptor??
[  516.911742][T15779] loop5: detected capacity change from 0 to 32768
[  517.157878][T15779] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  517.320257][   T59] gs_usb 3-1:0.0: Configuring for 1 interfaces
[  517.367546][T15779] XFS (loop5): Ending clean mount
[  517.404779][T15779] XFS (loop5): Quotacheck needed: Please wait.
[  517.615324][T15795] loop1: detected capacity change from 0 to 131072
[  517.648219][T15795] F2FS-fs (loop1): invalid crc value
[  517.662782][ T5253] usb 4-1: cp210x converter now attached to ttyUSB0
[  517.669644][T15779] XFS (loop5): Quotacheck: Done.
[  517.672739][ T5253] usb 4-1: USB disconnect, device number 16
[  517.686274][ T5253] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  517.698982][ T5253] cp210x 4-1:0.0: device disconnected
[  517.715392][T15795] F2FS-fs (loop1): Found nat_bits in checkpoint
[  517.723661][   T59] gs_usb 3-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[  517.809269][T15795] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  517.832338][   T59] usb 3-1: USB disconnect, device number 18
[  517.840174][T15795] F2FS-fs (loop1): access invalid blkaddr:150994944
[  517.848046][T15795] CPU: 1 UID: 0 PID: 15795 Comm: syz.1.3949 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  517.858845][T15795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  517.868944][T15795] Call Trace:
[  517.872264][T15795]  <TASK>
[  517.875214][T15795]  dump_stack_lvl+0x241/0x360
[  517.879943][T15795]  ? __pfx_dump_stack_lvl+0x10/0x10
[  517.885172][T15795]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  517.891106][T15795]  ? __pfx_f2fs_lookup_read_extent_cache_block+0x10/0x10
[  517.898151][T15795]  ? __filemap_get_folio+0x946/0xc10
[  517.903482][T15795]  __f2fs_is_valid_blkaddr+0xe16/0x1460
[  517.909083][T15795]  f2fs_get_read_data_page+0x410/0x750
[  517.914589][T15795]  ? __pfx_f2fs_get_read_data_page+0x10/0x10
[  517.920612][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  517.926284][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  517.931961][T15795]  f2fs_find_data_page+0x92/0x370
[  517.937027][T15795]  __f2fs_find_entry+0x619/0xcc0
[  517.942035][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  517.947702][T15795]  ? f2fs_prepare_lookup+0x487/0x590
[  517.953032][T15795]  ? __pfx___f2fs_find_entry+0x10/0x10
[  517.958548][T15795]  ? d_alloc_parallel+0x14a8/0x1600
[  517.963790][T15795]  f2fs_lookup+0x310/0xa60
[  517.968264][T15795]  ? __pfx_f2fs_lookup+0x10/0x10
[  517.973338][T15795]  ? __pfx_d_alloc_parallel+0x10/0x10
[  517.978753][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  517.984433][T15795]  ? __init_waitqueue_head+0xae/0x150
[  517.989850][T15795]  __lookup_slow+0x28e/0x3f0
[  517.994496][T15795]  ? __pfx___lookup_slow+0x10/0x10
[  517.999659][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  518.005329][T15795]  ? try_to_unlazy+0x35c/0x5b0
[  518.010150][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  518.015826][T15795]  lookup_slow+0x53/0x70
[  518.020221][T15795]  walk_component+0x2e1/0x410
[  518.024952][T15795]  path_lookupat+0x16f/0x450
[  518.029595][T15795]  filename_lookup+0x256/0x610
[  518.034406][T15795]  ? __pfx_filename_lookup+0x10/0x10
[  518.039759][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  518.045430][T15795]  ? strncpy_from_user+0x1a4/0x2e0
[  518.050587][T15795]  ? getname_flags+0x1e3/0x540
[  518.055390][T15795]  user_path_at+0x3a/0x60
[  518.059757][T15795]  bpf_obj_get_user+0xb9/0x4d0
[  518.064562][T15795]  ? __pfx_bpf_obj_get_user+0x10/0x10
[  518.069974][T15795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  518.075651][T15795]  __sys_bpf+0x639/0x810
[  518.079933][T15795]  ? __pfx___sys_bpf+0x10/0x10
[  518.084745][T15795]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  518.090764][T15795]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  518.097128][T15795]  ? do_syscall_64+0x100/0x230
[  518.101924][T15795]  __x64_sys_bpf+0x7c/0x90
[  518.106378][T15795]  do_syscall_64+0xf3/0x230
[  518.110915][T15795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.116842][T15795] RIP: 0033:0x7f0822f79eb9
[  518.121279][T15795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.141010][T15795] RSP: 002b:00007f0823c91038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  518.149460][T15795] RAX: ffffffffffffffda RBX: 00007f0823115f80 RCX: 00007f0822f79eb9
[  518.157453][T15795] RDX: 0000000000000018 RSI: 00000000200004c0 RDI: 0000000000000007
[  518.165444][T15795] RBP: 00007f0822fe793e R08: 0000000000000000 R09: 0000000000000000
[  518.173436][T15795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  518.181427][T15795] R13: 0000000000000000 R14: 00007f0823115f80 R15: 00007ffc9557bfd8
[  518.189447][T15795]  </TASK>
[  518.201911][T11593] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  518.237645][T15827] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  518.265326][T15830] binder: 15829:15830 ioctl c018620c 200005c0 returned -1
[  518.497558][T15835] NILFS (loop4): device size too small
[  518.770669][T15848] netlink: 'syz.4.3968': attribute type 1 has an invalid length.
[  518.790026][T15848] netlink: 9312 bytes leftover after parsing attributes in process `syz.4.3968'.
[  518.809749][T15847] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  518.832209][T15847] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  518.859868][T15848] netlink: 'syz.4.3968': attribute type 1 has an invalid length.
[  519.039070][T15855] tap0: tun_chr_ioctl cmd 1074025677
[  519.045085][T15855] tap0: linktype set to 773
[  519.987974][T15879] netlink: 'syz.0.3981': attribute type 4 has an invalid length.
[  520.273516][T15885] loop1: detected capacity change from 0 to 2048
[  520.320540][T15885] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  520.340850][T15885] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  520.945669][T15893] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3987'.
[  521.187493][T15911] netlink: 'syz.5.3994': attribute type 1 has an invalid length.
[  521.214504][T15881] loop3: detected capacity change from 0 to 40427
[  521.220763][T15911] netlink: 'syz.5.3994': attribute type 2 has an invalid length.
[  521.239038][T15911] netlink: 16074 bytes leftover after parsing attributes in process `syz.5.3994'.
[  521.256647][T15881] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  521.284080][T15881] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  521.349663][T15881] F2FS-fs (loop3): Found nat_bits in checkpoint
[  521.519585][T15881] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  521.540997][T15881] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  521.650022][T15881] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  521.712667][T15881] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  522.147248][T15941] loop4: detected capacity change from 0 to 256
[  522.238585][T15941] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  522.667162][T15956] loop1: detected capacity change from 0 to 256
[  522.851214][T15956] syz.1.4015: attempt to access beyond end of device
[  522.851214][T15956] loop1: rw=2049, sector=256, nr_sectors = 100 limit=256
[  522.851306][T15962] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4018'.
[  522.889044][T15964] loop2: detected capacity change from 0 to 512
[  522.922693][T15964] EXT4-fs: Ignoring removed bh option
[  522.971591][T15964] EXT4-fs error (device loop2): __ext4_iget:4985: inode #15: block 1803188595: comm syz.2.4019: invalid block
[  523.062288][T15964] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4019: couldn't read orphan inode 15 (err -117)
[  523.137870][T15964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  523.352381][ T9979] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.799280][T15970] loop4: detected capacity change from 0 to 32768
[  523.816891][T15970] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4020 (15970)
[  523.846512][T15970] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  523.884564][T15970] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  523.913970][T15970] BTRFS info (device loop4): using free-space-tree
[  524.367587][ T9805] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  524.658605][T16026] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  524.782005][T16028] loop3: detected capacity change from 0 to 1024
[  524.800799][T16030] loop1: detected capacity change from 0 to 24
[  524.915373][T16028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  524.971428][T16028] ext4 filesystem being mounted at /291/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.001508][T16038] program syz.0.4043 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  525.250519][    C0] vkms_vblank_simulate: vblank timer overrun
[  525.287631][T11017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.539208][T16042] loop4: detected capacity change from 0 to 40427
[  526.570994][T16042] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  526.596922][T16042] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  526.620057][T16042] F2FS-fs (loop4): invalid crc value
[  526.635083][T16056] loop3: detected capacity change from 0 to 32768
[  526.653613][T16042] F2FS-fs (loop4): Found nat_bits in checkpoint
[  526.656307][T16056] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4048 (16056)
[  526.717104][T16056] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  526.748056][T16056] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  526.842687][T16094] loop1: detected capacity change from 0 to 512
[  526.857357][T16094] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  526.890273][T16042] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  526.947815][T16042] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  526.964938][T16056] BTRFS info (device loop3): rebuilding free space tree
[  526.990727][T16094] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.4063: iget: bad i_size value: -67835469387268086
[  527.036480][T16094] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4063: couldn't read orphan inode 15 (err -117)
[  527.108664][T16094] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  527.116365][T16056] BTRFS info (device loop3): disabling free space tree
[  527.145922][T16109] loop5: detected capacity change from 0 to 512
[  527.150560][T16056] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  527.168717][T16094] ext2 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.183529][T16056] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  527.199296][T16109] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.4067: invalid block
[  527.214956][T16109] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.4067: invalid indirect mapped block 4294967295 (level 1)
[  527.216552][ T9805] syz-executor: attempt to access beyond end of device
[  527.216552][ T9805] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  527.259290][T16109] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.4067: invalid indirect mapped block 4294967295 (level 1)
[  527.266734][T16107] loop2: detected capacity change from 0 to 4096
[  527.285351][T16109] EXT4-fs (loop5): 2 truncates cleaned up
[  527.310040][T16109] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.323977][ T9805] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  527.328127][T16107] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  527.353576][T16056] BTRFS info (device loop3 state M): max_inline set to 0
[  527.367558][T16094] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4063: Directory hole found for htree leaf block 0
[  527.409431][T16107] ntfs3: loop2: failed to convert "c46c" to cp775
[  527.534612][T11017] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  527.561870][T16109] EXT4-fs error (device loop5): ext4_get_parent:1858: inode #11: comm syz.5.4067: bad parent inode number: 3
[  527.679804][T12208] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  527.812416][T16120] Bluetooth: hci0: load_link_keys: too big key_count value 16384
[  527.842550][T11593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.261429][T16134] program syz.1.4079 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  528.322179][   T59] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  528.530895][   T59] usb 1-1: Using ep0 maxpacket: 8
[  528.539169][   T59] usb 1-1: config 0 has an invalid interface number: 151 but max is 1
[  528.600884][   T59] usb 1-1: config 0 has no interface number 1
[  528.607070][   T59] usb 1-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  528.667696][   T59] usb 1-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  528.701611][T16142] syz.2.4082 uses obsolete (PF_INET,SOCK_PACKET)
[  528.718281][   T59] usb 1-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024
[  528.773171][   T59] usb 1-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  528.804018][   T59] usb 1-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  528.819628][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  528.898916][   T59] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  528.932894][   T59] usb 1-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  528.948553][   T59] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.987810][   T59] usb 1-1: Product: syz
[  529.003731][   T59] usb 1-1: Manufacturer: syz
[  529.011224][   T59] usb 1-1: SerialNumber: syz
[  529.039363][   T59] usb 1-1: config 0 descriptor??
[  529.050301][T16126] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  529.064367][   T59] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  529.106548][   T59] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  529.135459][   T59] usb 1-1: invalid MIDI in EP 0
[  529.195127][T16151] loop3: detected capacity change from 0 to 4096
[  529.259179][   T59] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22
[  529.291576][   T59] usb 1-1: USB disconnect, device number 26
[  529.542756][T16165] loop4: detected capacity change from 0 to 512
[  529.588245][T16165] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.4092: casefold flag without casefold feature
[  529.607619][T16165] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4092: couldn't read orphan inode 15 (err -117)
[  529.629678][T16165] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.726456][T16165] EXT4-fs warning (device loop4): ext4_empty_dir:3096: inode #2: comm syz.4.4092: directory missing '.'
[  529.842607][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  530.253606][ T5253] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  530.470870][  T936] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  530.489726][ T5253] usb 2-1: New USB device found, idVendor=30c9, idProduct=0093, bcdDevice=18.c6
[  530.530553][ T5253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.539738][ T5253] usb 2-1: Product: syz
[  530.552725][ T5253] usb 2-1: Manufacturer: syz
[  530.574152][ T5253] usb 2-1: SerialNumber: syz
[  530.582362][ T5253] usb 2-1: config 0 descriptor??
[  530.613671][T16204] loop2: detected capacity change from 0 to 256
[  530.711616][  T936] usb 1-1: Using ep0 maxpacket: 8
[  530.726433][  T936] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  530.748800][  T936] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[  530.762611][  T936] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  530.832472][  T936] usb 1-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  530.850404][  T936] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  530.870790][  T936] usb 1-1: SerialNumber: syz
[  530.889168][T16179] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4097'.
[  530.891100][T16191] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  530.925039][  T936] hub 1-1:1.0: bad descriptor, ignoring hub
[  530.940956][  T936] hub 1-1:1.0: probe with driver hub failed with error -5
[  530.983782][   T59] usb 2-1: USB disconnect, device number 23
[  531.178688][T16191] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  531.385218][T16219] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4117'.
[  531.430156][T16220] loop4: detected capacity change from 0 to 2048
[  531.449394][T16220] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  531.513863][T16221] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  531.582236][T16223] loop5: detected capacity change from 0 to 16
[  531.609811][T16223] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  531.894064][  T936] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42
[  532.063133][  T936] usb 1-1: USB disconnect, device number 27
[  532.102763][  T936] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device
[  533.076213][T16264] loop2: detected capacity change from 0 to 128
[  533.129886][T16264] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  533.156240][T16271] loop4: detected capacity change from 0 to 256
[  533.185588][T16264] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  533.569828][T16282] syz.1.4144[16282] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  534.206702][T16271] loop4: detected capacity change from 0 to 32768
[  534.220786][ T5253] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  534.262516][T16271] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4140 (16271)
[  534.294222][T16271] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  534.324612][T16271] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  534.349854][T16271] BTRFS info (device loop4): using free-space-tree
[  534.374469][T16303] loop3: detected capacity change from 0 to 512
[  534.461445][ T5253] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  534.484603][ T5253] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  534.488721][T16271] BTRFS info (device loop4): rebuilding free space tree
[  534.501785][ T5253] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  534.528370][ T5253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  534.551634][ T5253] usb 3-1: SerialNumber: syz
[  534.575971][T16303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  534.658133][T16303] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  534.804329][ T5253] usb 3-1: 0:2 : does not exist
[  534.825645][ T9805] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  534.829193][T16303] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.4153: corrupted inode contents
[  534.859366][ T5253] usb 3-1: USB disconnect, device number 19
[  534.948589][T16303] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.4153: mark_inode_dirty error
[  535.106679][T16303] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.4153: corrupted inode contents
[  535.230539][T16303] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.4153: mark_inode_dirty error
[  535.415199][T16332] EXT4-fs error (device loop3): ext4_lookup:1808: inode #18: comm syz.3.4153: 'file0' linked to parent dir
[  535.460504][ T5253] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  535.617497][T16340] loop4: detected capacity change from 0 to 128
[  535.661571][ T5253] usb 1-1: Using ep0 maxpacket: 16
[  535.669142][ T5253] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.691389][ T5253] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  535.713674][ T5253] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  535.729989][T16326] loop1: detected capacity change from 0 to 32768
[  535.741657][ T5253] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.755314][ T5253] usb 1-1: config 0 descriptor??
[  535.845413][T11017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.871315][T16326] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  535.912096][ T9805] sysv_free_block: flc_count > flc_size
[  535.930472][ T9805] sysv_free_block: flc_count > flc_size
[  535.936248][ T9805] sysv_free_block: flc_count > flc_size
[  535.943869][ T9805] sysv_free_block: flc_count > flc_size
[  535.949624][ T9805] sysv_free_block: flc_count > flc_size
[  535.958605][ T9805] sysv_free_block: flc_count > flc_size
[  536.000823][ T9805] sysv_free_block: flc_count > flc_size
[  536.006519][ T9805] sysv_free_block: flc_count > flc_size
[  536.030829][T16326] XFS (loop1): Ending clean mount
[  536.034976][ T9805] sysv_free_block: flc_count > flc_size
[  536.077661][ T9805] sysv_free_block: flc_count > flc_size
[  536.097218][ T9805] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  536.198097][ T5253] corsair 0003:1B1C:1B02.0014: unknown main item tag 0x0
[  536.211789][ T5253] corsair 0003:1B1C:1B02.0014: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0
[  536.295402][T16365] loop3: detected capacity change from 0 to 512
[  536.341531][T16365] evm: overlay not supported
[  536.371637][T12208] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  536.663186][   T25] usb 1-1: USB disconnect, device number 28
[  536.864123][T16375] loop5: detected capacity change from 0 to 4096
[  536.946522][T16379] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  537.009720][   T29] audit: type=1800 audit(1725045896.592:1312): pid=16375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4177" name="file1" dev="loop5" ino=15 res=0 errno=0
[  537.080628][   T29] audit: type=1800 audit(1725045896.592:1313): pid=16375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4177" name="file1" dev="loop5" ino=15 res=0 errno=0
[  537.385975][T16361] loop2: detected capacity change from 0 to 40427
[  537.405071][T16388] netlink: 'syz.3.4183': attribute type 8 has an invalid length.
[  537.419034][T16361] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  537.429722][T16361] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  537.442361][T16388] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4183'.
[  537.461513][T16361] F2FS-fs (loop2): invalid crc value
[  537.503268][T16361] F2FS-fs (loop2): Found nat_bits in checkpoint
[  537.772508][T16361] F2FS-fs (loop2): Start checkpoint disabled!
[  537.831772][T16361] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  537.838972][T16361] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  537.917444][T16403] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4189'.
[  538.401490][ T2933] kworker/u8:8: attempt to access beyond end of device
[  538.401490][ T2933] loop2: rw=2049, sector=40960, nr_sectors = 56 limit=40427
[  538.435284][T16416] loop4: detected capacity change from 0 to 1024
[  538.450713][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.457667][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.558283][T16416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  538.572278][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.579190][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.601346][T16416] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.645793][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.669001][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.733264][ T2933] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  538.781176][   T29] audit: type=1804 audit(1725045898.362:1314): pid=16426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4195" name="/newroot/418/file1/file1" dev="loop4" ino=15 res=1 errno=0
[  538.825396][   T29] audit: type=1800 audit(1725045898.412:1315): pid=16416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4195" name="file1" dev="loop4" ino=15 res=0 errno=0
[  539.028850][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  539.965203][T16424] loop1: detected capacity change from 0 to 32768
[  540.299812][T16453] netlink: 'syz.0.4208': attribute type 11 has an invalid length.
[  540.956150][  T936] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  541.030632][   T59] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  541.191685][  T936] usb 5-1: Using ep0 maxpacket: 16
[  541.211753][  T936] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  541.233336][T16479] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4221'.
[  541.251614][  T936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  541.260580][   T59] usb 4-1: Using ep0 maxpacket: 16
[  541.284202][   T59] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.286270][  T936] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  541.322384][   T59] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  541.347827][  T936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.370624][   T59] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  541.377562][  T936] usb 5-1: Product: syz
[  541.396076][  T936] usb 5-1: Manufacturer: syz
[  541.397027][   T59] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  541.406237][  T936] usb 5-1: SerialNumber: syz
[  541.448521][   T59] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  541.465953][  T936] usb 5-1: config 0 descriptor??
[  541.475471][T16455] loop5: detected capacity change from 0 to 40427
[  541.491659][   T59] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  541.494058][  T936] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  541.507766][   T59] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.529096][T16455] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  541.544885][  T936] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  541.550518][   T59] usb 4-1: Product: syz
[  541.556115][   T59] usb 4-1: Manufacturer: syz
[  541.561940][T16455] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  541.584847][   T59] usb 4-1: SerialNumber: syz
[  541.601031][T16455] F2FS-fs (loop5): invalid crc value
[  541.623027][T16455] F2FS-fs (loop5): Found nat_bits in checkpoint
[  541.815381][T16455] F2FS-fs (loop5): Start checkpoint disabled!
[  541.840825][   T59] cdc_ncm 4-1:1.0: bind() failure
[  541.852695][T16455] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  541.867254][T16455] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  541.872294][   T59] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  541.920912][   T59] cdc_ncm 4-1:1.1: bind() failure
[  541.932750][T16455] syz.5.4209: attempt to access beyond end of device
[  541.932750][T16455] loop5: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  541.970226][   T59] usb 4-1: USB disconnect, device number 17
[  542.154589][  T936] em28xx 5-1:0.0: chip ID is em28178
[  542.366194][   T35] kworker/u8:2: attempt to access beyond end of device
[  542.366194][   T35] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  542.448493][   T35] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  542.461697][  T936] usb 5-1: USB disconnect, device number 17
[  542.471110][   T35] kworker/u8:2: attempt to access beyond end of device
[  542.471110][   T35] loop5: rw=2049, sector=41000, nr_sectors = 8 limit=40427
[  542.479528][  T936] em28xx 5-1:0.0: Disconnecting em28xx
[  542.523903][  T936] em28xx 5-1:0.0: Freeing device
[  542.546728][   T35] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  542.950041][T16517] loop2: detected capacity change from 0 to 8
[  543.583892][ T5409] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  543.732241][   T29] audit: type=1326 audit(1725045903.322:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16541 comm="syz.4.4250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f56aed79eb9 code=0x0
[  543.756560][T16542] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  543.794942][ T5409] usb 4-1: config 0 has no interfaces?
[  543.802945][ T5409] usb 4-1: New USB device found, idVendor=eb1a, idProduct=e350, bcdDevice=f8.fa
[  543.834695][ T5409] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  543.869501][ T5409] usb 4-1: config 0 descriptor??
[  543.941620][T16548] loop1: detected capacity change from 0 to 1024
[  544.080142][ T2959] hfsplus: b-tree write err: -5, ino 4
[  544.117555][   T59] usb 4-1: USB disconnect, device number 18
[  544.184274][T16557] loop1: detected capacity change from 0 to 16
[  544.197769][T16557] erofs: (device loop1): mounted with root inode @ nid 36.
[  544.343351][T16562] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.4258'.
[  544.364740][T16562] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.4258'.
[  544.754156][T16573] loop4: detected capacity change from 0 to 256
[  545.520894][T16599] netlink: 'syz.5.4274': attribute type 10 has an invalid length.
[  545.559893][T16599] syz_tun: entered promiscuous mode
[  545.617398][T16599] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  545.890727][   T59] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  545.938916][T16575] loop2: detected capacity change from 0 to 32768
[  545.996944][T16575] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  546.113780][   T59] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  546.152775][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.189249][   T59] usb 5-1: config 0 descriptor??
[  546.197431][T16575] XFS (loop2): Ending clean mount
[  546.244933][T16582] loop1: detected capacity change from 0 to 40427
[  546.277729][T16621] loop5: detected capacity change from 0 to 8192
[  546.345122][T16582] F2FS-fs (loop1): Found nat_bits in checkpoint
[  546.375468][T16628] loop3: detected capacity change from 0 to 1024
[  546.394813][T16621] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  546.444721][ T9979] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  546.472667][T16582] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  546.533004][T12208] syz-executor: attempt to access beyond end of device
[  546.533004][T12208] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  546.560579][T12208] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  546.659828][   T59] [drm:udl_init] *ERROR* Selecting channel failed
[  546.727089][   T59] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  546.754940][   T59] [drm] Initialized udl on minor 2
[  546.797803][   T59] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  546.839476][ T2933] hfsplus: b-tree write err: -5, ino 4
[  546.866097][T16631] loop5: detected capacity change from 0 to 512
[  546.884601][   T59] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  546.905002][T16631] EXT4-fs: Ignoring removed orlov option
[  546.927783][T16631] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  546.928682][ T5409] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  546.952947][   T59] usb 5-1: USB disconnect, device number 18
[  547.009143][ T5409] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  547.018644][T16631] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.4287: corrupted in-inode xattr: overlapping e_value 
[  547.062997][T16631] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4287: couldn't read orphan inode 15 (err -117)
[  547.192117][T16631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  547.328249][T16631] syz.5.4287 (pid 16631) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  547.546278][T16639] loop3: detected capacity change from 0 to 4096
[  547.569159][T11593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  547.602425][T16639] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  547.711811][T16639] ntfs3: loop3: ino=0, ntfs_iget5
[  547.752526][T16639] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  547.864140][T16654] vlan2: entered promiscuous mode
[  547.876987][T16654] macvtap0: entered promiscuous mode
[  547.896694][T16654] macvtap0: left promiscuous mode
[  548.117854][T16658] program syz.5.4297 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  548.185287][  T936] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  548.430216][  T936] usb 5-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=61.d7
[  548.447189][  T936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.468197][  T936] usb 5-1: Product: syz
[  548.489749][T16674] ip6gretap0: entered promiscuous mode
[  548.506229][  T936] usb 5-1: Manufacturer: syz
[  548.531756][  T936] usb 5-1: SerialNumber: syz
[  548.552013][T16674] ip6gretap0: left promiscuous mode
[  548.562059][  T936] usb 5-1: config 0 descriptor??
[  548.582356][  T936] ldusb 5-1:0.0: Interrupt in endpoint not found
[  548.704312][T16678] loop3: detected capacity change from 0 to 2048
[  548.713943][T16680] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4307'.
[  548.724571][T16676] netlink: 'syz.2.4305': attribute type 21 has an invalid length.
[  548.735324][T16676] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4305'.
[  548.755278][T16676] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4305'.
[  548.802412][T16678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  548.836759][  T936] usb 5-1: USB disconnect, device number 19
[  548.855500][   T29] audit: type=1804 audit(1725045908.442:1317): pid=16678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4306" name="/newroot/326/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  549.031526][T16686] loop1: detected capacity change from 0 to 512
[  549.061699][T11017] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.078070][T16688] loop2: detected capacity change from 0 to 512
[  549.102692][T16686] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  549.126002][T16688] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  549.180198][T16688] EXT4-fs (loop2): 1 truncate cleaned up
[  549.195186][T16688] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.224289][T16686] EXT4-fs (loop1): 1 truncate cleaned up
[  549.233816][T16686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.294438][T16696] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  549.368000][ T2933] bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
[  549.415584][ T2933] bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
[  549.483979][ T2933] bond0: (slave dummy0): link status definitely up, 0 Mbps full duplex
[  549.506447][T12208] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.527490][ T2933] bond0: active interface up!
[  549.572928][ T9979] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.877834][T16713] loop4: detected capacity change from 0 to 256
[  550.167905][T16719] program syz.5.4324 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  550.436300][T16729] loop5: detected capacity change from 0 to 512
[  550.469447][T16729] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  550.513770][T16729] EXT4-fs (loop5): orphan cleanup on readonly fs
[  550.544220][T16729] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #3: comm syz.5.4329: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  550.663479][T16729] EXT4-fs error (device loop5): ext4_quota_enable:7025: comm syz.5.4329: Bad quota inode: 3, type: 0
[  550.719601][T16729] EXT4-fs warning (device loop5): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  550.776030][T16729] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  550.811155][T16729] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  551.055935][T11593] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.205724][T16739] loop1: detected capacity change from 0 to 32768
[  552.263657][T16739] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4333 (16739)
[  552.381708][T16739] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  552.420603][T16739] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  552.447299][T16739] BTRFS info (device loop1): disk space caching is enabled
[  552.474275][T16739] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  552.607176][T16766] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  552.686610][T16766] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  552.739343][T16739] BTRFS info (device loop1): rebuilding free space tree
[  552.784329][T16766] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  552.848911][T16766] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  552.886702][T16739] BTRFS info (device loop1): disabling free space tree
[  552.942366][T16739] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  553.002072][T16739] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  553.447661][T12208] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  554.047226][T16766] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  554.085388][T16766] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  554.503681][T16803] loop3: detected capacity change from 0 to 32768
[  554.544298][T16766] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  554.550276][T16766] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  555.084488][   T29] audit: type=1326 audit(1725045914.672:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.106988][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.152975][T16836] loop4: detected capacity change from 0 to 512
[  555.168755][   T29] audit: type=1326 audit(1725045914.672:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.191224][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.222108][   T29] audit: type=1326 audit(1725045914.722:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.224684][T16836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  555.267115][   T29] audit: type=1326 audit(1725045914.722:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.278298][T16836] ext4 filesystem being mounted at /444/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  555.317731][   T29] audit: type=1326 audit(1725045914.722:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.340188][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.353437][   T29] audit: type=1326 audit(1725045914.722:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f56aed79eb9 code=0x7ffc0000
[  555.398880][   T29] audit: type=1326 audit(1725045914.722:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f56aed79ef3 code=0x7ffc0000
[  555.456724][   T29] audit: type=1326 audit(1725045914.722:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f56aed7899f code=0x7ffc0000
[  555.483113][   T29] audit: type=1326 audit(1725045914.722:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f56aed79f47 code=0x7ffc0000
[  555.488867][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.506520][   T29] audit: type=1326 audit(1725045914.742:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16834 comm="syz.4.4358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f56aed78850 code=0x7ffc0000
[  555.962680][  T936] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  556.152086][  T936] usb 5-1: Using ep0 maxpacket: 8
[  556.159354][  T936] usb 5-1: config index 0 descriptor too short (expected 7382, got 27)
[  556.178805][  T936] usb 5-1: config 195 has an invalid descriptor of length 0, skipping remainder of the config
[  556.203540][  T936] usb 5-1: config 195 has 1 interface, different from the descriptor's value: 23
[  556.214170][  T936] usb 5-1: config 195 interface 0 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  556.236818][  T936] usb 5-1: config 195 interface 0 has no altsetting 0
[  556.248090][  T936] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  556.258410][  T936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.274452][  T936] usb 5-1: Product: syz
[  556.288902][  T936] usb 5-1: Manufacturer: syz
[  556.299099][  T936] usb 5-1: SerialNumber: syz
[  556.327619][  T936] hub 5-1:195.0: bad descriptor, ignoring hub
[  556.345475][  T936] hub 5-1:195.0: probe with driver hub failed with error -5
[  556.362395][  T936] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  556.545851][  T936] gspca_zc3xx: reg_w_i err -71
[  556.613127][T16888] loop1: detected capacity change from 0 to 512
[  556.623864][T16888] EXT4-fs error (device loop1): __ext4_fill_super:5435: inode #2: comm syz.1.4367: casefold flag without casefold feature
[  556.649323][T16888] EXT4-fs (loop1): get root inode failed
[  556.658083][T16888] EXT4-fs (loop1): mount failed
[  557.134819][T16912] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4371'.
[  557.182076][  T936] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  557.190508][  T936] gspca_zc3xx 5-1:195.0: probe with driver gspca_zc3xx failed with error -71
[  557.496346][  T936] usb 5-1: reset high-speed USB device number 20 using dummy_hcd
[  558.166837][T16939] loop1: detected capacity change from 0 to 256
[  558.176621][T16939] exfat: Deprecated parameter 'utf8'
[  558.190092][T16939] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  558.217527][T16939] Process accounting resumed
[  558.360807][  T936] usb 5-1: USB disconnect, device number 20
[  558.414149][T16945] bridge0: port 3(hsr_slave_0) entered blocking state
[  558.422345][T16945] bridge0: port 3(hsr_slave_0) entered disabled state
[  558.429378][T16945] hsr_slave_0: entered allmulticast mode
[  558.436728][T16945] hsr_slave_0: left allmulticast mode
[  558.727371][T16955] netlink: 'syz.1.4388': attribute type 22 has an invalid length.
[  559.295422][T16968] loop1: detected capacity change from 0 to 4096
[  559.338274][T16969] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  559.518521][T16975] loop1: detected capacity change from 0 to 128
[  559.542698][T16975] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  559.562944][T16975] ext4 filesystem being mounted at /301/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  559.636700][T16981] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4399'.
[  559.677685][T12208] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  559.862560][T16989] loop4: detected capacity change from 0 to 1024
[  560.311496][T17007] loop1: detected capacity change from 0 to 256
[  560.337322][T17007] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104b5, chksum : 0x6646eacc, utbl_chksum : 0xe619d30d)
[  560.337402][T17009] devtmpfs: Cannot change global quota limit on remount
[  562.482769][ T1256] ieee802154 phy0 wpan0: encryption failed: -22
[  562.489158][ T1256] ieee802154 phy1 wpan1: encryption failed: -22
[  563.137682][T17036] loop1: detected capacity change from 0 to 32768
[  563.188546][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  563.188571][   T29] audit: type=1800 audit(1725045922.772:1342): pid=17036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4426" name="bus" dev="loop1" ino=7 res=0 errno=0
[  563.208821][T17040] loop4: detected capacity change from 0 to 4096
[  563.250494][T17041] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  563.674895][T17053] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.4433'.
[  563.684710][T17053] openvswitch: netlink: Duplicate key (type 0).
[  564.126287][T17049] loop4: detected capacity change from 0 to 32768
[  564.144602][T17049] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  564.160511][T17049] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  564.195566][T17049] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  564.209135][ T5252] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  564.220935][ T5252] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  564.326161][ T5252] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 105ms
[  564.334026][ T5252] gfs2: fsid=syz:syz.0: jid=0: Done
[  564.339312][T17049] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  564.367999][T17068] syz.1.4439 (17068): /proc/17068/oom_adj is deprecated, please use /proc/17068/oom_score_adj instead.
[  564.516915][T17070] bond0: entered promiscuous mode
[  564.541808][T17070] bond_slave_0: entered promiscuous mode
[  564.552002][T17070] bond_slave_1: entered promiscuous mode
[  565.244594][T17086] input: syz1 as /devices/virtual/input/input33
[  566.098295][T17109] loop1: detected capacity change from 0 to 16
[  566.117742][T17109] erofs: (device loop1): mounted with root inode @ nid 36.
[  566.136677][T17109] syz.1.4458: attempt to access beyond end of device
[  566.136677][T17109] loop1: rw=0, sector=1049256, nr_sectors = 128 limit=16
[  566.361566][T17105] loop4: detected capacity change from 0 to 32768
[  566.374167][T17105] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  566.509856][T17105] XFS (loop4): Ending clean mount
[  566.609971][ T9805] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  566.900487][   T59] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  566.949613][T17131] loop4: detected capacity change from 0 to 1024
[  566.975220][T17131] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.998609][T17131] EXT4-fs (loop4): resizing filesystem from 512 to 0 blocks
[  567.006522][T17131] EXT4-fs warning (device loop4): ext4_resize_fs:2041: can't shrink FS - resize aborted
[  567.042043][ T9805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.090620][   T59] usb 2-1: Using ep0 maxpacket: 8
[  567.098018][   T59] usb 2-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[  567.115790][   T59] usb 2-1: config 167 has 1 interface, different from the descriptor's value: 202
[  567.135921][   T59] usb 2-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[  567.141041][T17136] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4466'.
[  567.147411][   T59] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.170286][   T59] usb 2-1: Product: syz
[  567.174607][   T59] usb 2-1: Manufacturer: syz
[  567.179235][   T59] usb 2-1: SerialNumber: syz
[  567.199232][   T59] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  567.217802][   T59] dvb-usb: bulk message failed: -22 (3/0)
[  567.261062][   T59] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  567.272808][   T59] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  567.293648][   T59] usb 2-1: media controller created
[  567.336086][   T59] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  567.373171][   T59] dvb-usb: bulk message failed: -22 (6/0)
[  567.379850][   T59] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  567.407365][   T59] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input34
[  567.430202][   T59] dvb-usb: schedule remote query interval to 150 msecs.
[  567.440540][   T59] dvb-usb: bulk message failed: -22 (3/0)
[  567.470522][   T59] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  567.544855][T17146] syzkaller0: tun_chr_ioctl cmd 35111
[  567.607814][ T1172] dvb-usb: bulk message failed: -22 (1/0)
[  567.617449][ T1172] dvb-usb: error while querying for an remote control event.
[  567.654820][ T1172] usb 2-1: USB disconnect, device number 24
[  567.719431][ T1172] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  568.962605][T17172] random: crng reseeded on system resumption
[  569.490784][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  569.689504][    T9] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  569.698954][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.712645][    T9] usb 2-1: Product: syz
[  569.716997][    T9] usb 2-1: Manufacturer: syz
[  569.721835][    T9] usb 2-1: SerialNumber: syz
[  569.731495][    T9] usb 2-1: config 0 descriptor??
[  569.959108][    T9] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[  570.363931][    T9] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  570.583610][  T936] usb 2-1: USB disconnect, device number 25
[  572.109551][T17196] tap0: tun_chr_ioctl cmd 1074025672
[  572.115051][T17196] tap0: ignored: set checksum enabled
[  573.297651][T17204] loop1: detected capacity change from 0 to 32768
[  573.322297][T17204] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4497 (17204)
[  573.369320][T17204] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  573.390740][T17204] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  573.399224][T17204] BTRFS info (device loop1): using free-space-tree
[  573.765684][T12208] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  575.403500][T17229] program syz.1.4502 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  576.439738][T17238] loop1: detected capacity change from 0 to 32768
[  576.472449][T17238] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  576.490518][T17238] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  576.507252][T17238] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  576.519329][ T5253] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  576.526405][ T5253] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  576.616206][ T5253] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 89ms
[  576.627226][ T5253] gfs2: fsid=syz:syz.0: jid=0: Done
[  576.633177][T17238] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  577.429601][T17252] loop1: detected capacity change from 0 to 2048
[  577.450990][T17252] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  577.463975][T17252] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  578.640358][    C0] sched: RT throttling activated
[  580.211263][T17256] loop1: detected capacity change from 0 to 262144
[  580.245115][T17256] F2FS-fs (loop1): Found nat_bits in checkpoint
[  580.317124][T17256] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  581.789332][T17264] loop1: detected capacity change from 0 to 4096
[  581.815648][T17265] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  582.570138][T17278] tun0: tun_chr_ioctl cmd 1074025677
[  582.576126][T17278] tun0: linktype set to 65534
[  582.779481][T17284] loop1: detected capacity change from 0 to 64
[  584.178888][T17300] loop1: detected capacity change from 0 to 1024
[  584.197911][T17300] hfsplus: request for non-existent node 3 in B*Tree
[  584.204725][T17300] hfsplus: request for non-existent node 3 in B*Tree
[  584.229773][   T29] audit: type=1800 audit(1725045943.812:1343): pid=17300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4531" name="bus" dev="loop1" ino=1025 res=0 errno=0
[  584.452196][T17306] loop1: detected capacity change from 0 to 128
[  584.465254][T17306] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  584.492035][T17306] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  584.626673][ T2949] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  623.918277][ T1256] ieee802154 phy0 wpan0: encryption failed: -22
[  623.924906][ T1256] ieee802154 phy1 wpan1: encryption failed: -22
[  685.353786][ T1256] ieee802154 phy0 wpan0: encryption failed: -22
[  685.360228][ T1256] ieee802154 phy1 wpan1: encryption failed: -22
[  707.111716][   T30] INFO: task kworker/0:7:5409 blocked for more than 143 seconds.
[  707.119763][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  707.128059][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  707.138050][   T30] task:kworker/0:7     state:D stack:14648 pid:5409  tgid:5409  ppid:2      flags:0x00004000
[  707.148802][   T30] Workqueue: events rfkill_global_led_trigger_worker
[  707.155640][   T30] Call Trace:
[  707.158931][   T30]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  707.163280][   T30]  __schedule+0x1800/0x4a60
[  707.167968][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.173768][   T30]  ? __pfx___schedule+0x10/0x10
[  707.178663][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  707.184746][   T30]  ? __pfx_lock_release+0x10/0x10
[  707.189840][   T30]  ? kick_pool+0x1bd/0x620
[  707.195895][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  707.201212][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.206887][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  707.281795][   T30]  ? schedule+0x90/0x320
[  707.286124][   T30]  schedule+0x14b/0x320
[  707.307584][   T30]  schedule_preempt_disabled+0x13/0x30
[  707.319721][   T30]  __mutex_lock+0x6a4/0xd70
[  707.324504][   T30]  ? __mutex_lock+0x527/0xd70
[  707.329222][   T30]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  707.335569][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  707.342081][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  707.348125][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  707.354540][   T30]  ? process_scheduled_works+0x945/0x1830
[  707.360354][   T30]  rfkill_global_led_trigger_worker+0x27/0xd0
[  707.366464][   T30]  ? process_scheduled_works+0x945/0x1830
[  707.373280][   T30]  process_scheduled_works+0xa2e/0x1830
[  707.378866][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  707.384917][   T30]  ? assign_work+0x364/0x3d0
[  707.389521][   T30]  worker_thread+0x86d/0xd10
[  707.394267][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  707.401744][   T30]  ? __kthread_parkme+0x169/0x1d0
[  707.406822][   T30]  ? __pfx_worker_thread+0x10/0x10
[  707.412054][   T30]  kthread+0x2f2/0x390
[  707.416162][   T30]  ? __pfx_worker_thread+0x10/0x10
[  707.421386][   T30]  ? __pfx_kthread+0x10/0x10
[  707.426015][   T30]  ret_from_fork+0x4d/0x80
[  707.432122][   T30]  ? __pfx_kthread+0x10/0x10
[  707.436750][   T30]  ret_from_fork_asm+0x1a/0x30
[  707.441627][   T30]  </TASK>
[  707.444683][   T30] INFO: task syz-executor:11017 blocked for more than 143 seconds.
[  707.452675][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  707.461807][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  707.470588][   T30] task:syz-executor    state:D stack:20624 pid:11017 tgid:11017 ppid:1      flags:0x00004002
[  707.480856][   T30] Call Trace:
[  707.484188][   T30]  <TASK>
[  707.487141][   T30]  __schedule+0x1800/0x4a60
[  707.493171][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.498882][   T30]  ? __pfx___schedule+0x10/0x10
[  707.508414][   T30]  ? __pfx_lock_release+0x10/0x10
[  707.516556][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  707.523926][   T30]  ? schedule+0x90/0x320
[  707.528246][   T30]  schedule+0x14b/0x320
[  707.532596][   T30]  schedule_preempt_disabled+0x13/0x30
[  707.538095][   T30]  __mutex_lock+0x6a4/0xd70
[  707.543078][   T30]  ? kobject_put+0x446/0x480
[  707.547715][   T30]  ? __mutex_lock+0x527/0xd70
[  707.554039][   T30]  ? rfkill_unregister+0xd0/0x230
[  707.559106][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  707.564393][   T30]  ? __pfx_device_del+0x10/0x10
[  707.569270][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.575078][   T30]  rfkill_unregister+0xd0/0x230
[  707.579966][   T30]  hci_unregister_dev+0x366/0x510
[  707.586493][   T30]  vhci_release+0x83/0xd0
[  707.590945][   T30]  ? __pfx_vhci_release+0x10/0x10
[  707.596032][   T30]  __fput+0x24c/0x8a0
[  707.600076][   T30]  task_work_run+0x251/0x310
[  707.604801][   T30]  ? __pfx_task_work_run+0x10/0x10
[  707.609945][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.617162][   T30]  ? kmem_cache_free+0x145/0x350
[  707.625284][   T30]  do_exit+0xa2f/0x27f0
[  707.629487][   T30]  ? __pfx_do_exit+0x10/0x10
[  707.637347][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  707.648220][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  707.658090][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  707.665621][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.676497][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  707.682108][   T30]  do_group_exit+0x207/0x2c0
[  707.686769][   T30]  __x64_sys_exit_group+0x3f/0x40
[  707.691953][   T30]  x64_sys_call+0x2634/0x2640
[  707.696678][   T30]  do_syscall_64+0xf3/0x230
[  707.702317][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.708217][   T30] RIP: 0033:0x7ff764179eb9
[  707.712709][   T30] RSP: 002b:00007ffe83d6e258 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  707.721243][   T30] RAX: ffffffffffffffda RBX: 00007ff7641e7801 RCX: 00007ff764179eb9
[  707.729297][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  707.738377][   T30] RBP: 0000000000000002 R08: 00007ffe83d6bff7 R09: 00007ffe83d6f510
[  707.746597][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe83d6f510
[  707.755228][   T30] R13: 00007ff7641e77dc R14: 0000000000087066 R15: 00007ffe83d716c0
[  707.765440][   T30]  </TASK>
[  707.768645][   T30] INFO: task syz.5.4341:16755 blocked for more than 144 seconds.
[  707.776575][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  707.784627][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  707.795078][   T30] task:syz.5.4341      state:D stack:24672 pid:16755 tgid:16755 ppid:11593  flags:0x00004004
[  707.805407][   T30] Call Trace:
[  707.808710][   T30]  <TASK>
[  707.811731][   T30]  __schedule+0x1800/0x4a60
[  707.816268][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.823563][   T30]  ? __pfx___schedule+0x10/0x10
[  707.828492][   T30]  ? __pfx_lock_release+0x10/0x10
[  707.833774][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  707.839271][   T30]  ? schedule+0x90/0x320
[  707.843583][   T30]  schedule+0x14b/0x320
[  707.847742][   T30]  schedule_preempt_disabled+0x13/0x30
[  707.854716][   T30]  __mutex_lock+0x6a4/0xd70
[  707.859245][   T30]  ? kobject_put+0x446/0x480
[  707.863925][   T30]  ? __mutex_lock+0x527/0xd70
[  707.868609][   T30]  ? rfkill_unregister+0xd0/0x230
[  707.873799][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  707.878830][   T30]  ? __pfx_device_del+0x10/0x10
[  707.885174][   T30]  ? __pfx_nfc_genl_device_removed+0x10/0x10
[  707.891321][   T30]  rfkill_unregister+0xd0/0x230
[  707.896204][   T30]  nfc_unregister_device+0x96/0x2a0
[  707.901496][   T30]  virtual_ncidev_close+0x59/0x90
[  707.906552][   T30]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  707.913783][   T30]  __fput+0x24c/0x8a0
[  707.917810][   T30]  task_work_run+0x251/0x310
[  707.922523][   T30]  ? __pfx_task_work_run+0x10/0x10
[  707.927679][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  707.933614][   T30]  syscall_exit_to_user_mode+0x168/0x370
[  707.939272][   T30]  do_syscall_64+0x100/0x230
[  707.944926][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  707.950662][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.956606][   T30] RIP: 0033:0x7fb520179eb9
[  707.961133][   T30] RSP: 002b:00007ffe58c87db8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  707.969585][   T30] RAX: 0000000000000000 RBX: 00007fb520317a80 RCX: 00007fb520179eb9
[  707.978665][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  707.986820][   T30] RBP: 00007fb520317a80 R08: 0000000000000006 R09: 00007ffe58c880af
[  707.994915][   T30] R10: 00000000003ffd5c R11: 0000000000000246 R12: 0000000000086d60
[  708.003981][   T30] R13: 00007ffe58c87ec0 R14: 0000000000000032 R15: ffffffffffffffff
[  708.012104][   T30]  </TASK>
[  708.015150][   T30] INFO: task syz.0.4343:16766 blocked for more than 144 seconds.
[  708.023004][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  708.031987][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  708.040724][   T30] task:syz.0.4343      state:D stack:23184 pid:16766 tgid:16765 ppid:7280   flags:0x00004006
[  708.051010][   T30] Call Trace:
[  708.054395][   T30]  <TASK>
[  708.057353][   T30]  __schedule+0x1800/0x4a60
[  708.063377][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.069030][   T30]  ? __pfx___schedule+0x10/0x10
[  708.074036][   T30]  ? __pfx_lock_release+0x10/0x10
[  708.079240][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  708.084811][   T30]  ? schedule+0x90/0x320
[  708.089100][   T30]  schedule+0x14b/0x320
[  708.094535][   T30]  schedule_preempt_disabled+0x13/0x30
[  708.100003][   T30]  __mutex_lock+0x6a4/0xd70
[  708.104593][   T30]  ? __mutex_lock+0x527/0xd70
[  708.109275][   T30]  ? nfc_rfkill_set_block+0x50/0x310
[  708.114649][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  708.119696][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.126405][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  708.131709][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.137369][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  708.143428][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  708.149812][   T30]  nfc_rfkill_set_block+0x50/0x310
[  708.156684][   T30]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  708.162607][   T30]  rfkill_set_block+0x1f3/0x440
[  708.167497][   T30]  rfkill_fop_write+0x5bb/0x790
[  708.172566][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.178236][   T30]  ? common_file_perm+0x1a6/0x210
[  708.184399][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[  708.189782][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.195552][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.201424][   T30]  ? rw_verify_area+0x1d2/0x6b0
[  708.206383][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[  708.213217][   T30]  vfs_write+0x2a4/0xc90
[  708.217478][   T30]  ? __pfx_vfs_write+0x10/0x10
[  708.222327][   T30]  ? do_futex+0x33b/0x560
[  708.226665][   T30]  ? __fget_files+0x29/0x470
[  708.231356][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.237019][   T30]  ? __fget_files+0x3f6/0x470
[  708.243155][   T30]  ? __fget_files+0x29/0x470
[  708.247781][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.253511][   T30]  ksys_write+0x1a0/0x2c0
[  708.257846][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.263590][   T30]  ? __pfx_ksys_write+0x10/0x10
[  708.268809][   T30]  ? do_syscall_64+0x100/0x230
[  708.274698][   T30]  ? do_syscall_64+0xb6/0x230
[  708.279386][   T30]  do_syscall_64+0xf3/0x230
[  708.283958][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.289893][   T30] RIP: 0033:0x7f12b0b79eb9
[  708.294710][   T30] RSP: 002b:00007f12b09f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  708.306505][   T30] RAX: ffffffffffffffda RBX: 00007f12b0d15f80 RCX: 00007f12b0b79eb9
[  708.314853][   T30] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000005
[  708.324065][   T30] RBP: 00007f12b0be793e R08: 0000000000000000 R09: 0000000000000000
[  708.332285][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  708.340266][   T30] R13: 0000000000000000 R14: 00007f12b0d15f80 R15: 00007fff468dcd88
[  708.348325][   T30]  </TASK>
[  708.351435][   T30] INFO: task syz-executor:17033 blocked for more than 144 seconds.
[  708.359333][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  708.367050][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  708.376658][   T30] task:syz-executor    state:D stack:26784 pid:17033 tgid:17033 ppid:1      flags:0x00004004
[  708.386924][   T30] Call Trace:
[  708.390202][   T30]  <TASK>
[  708.394252][   T30]  __schedule+0x1800/0x4a60
[  708.398802][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.404551][   T30]  ? __pfx___schedule+0x10/0x10
[  708.409440][   T30]  ? __pfx_lock_release+0x10/0x10
[  708.417214][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  708.422805][   T30]  ? schedule+0x90/0x320
[  708.427065][   T30]  schedule+0x14b/0x320
[  708.431557][   T30]  schedule_preempt_disabled+0x13/0x30
[  708.437048][   T30]  __mutex_lock+0x6a4/0xd70
[  708.441819][   T30]  ? __mutex_lock+0x527/0xd70
[  708.446593][   T30]  ? rfkill_register+0x34/0x8c0
[  708.453020][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  708.458077][   T30]  ? __init_waitqueue_head+0xae/0x150
[  708.463565][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.469237][   T30]  ? device_initialize+0x266/0x460
[  708.474532][   T30]  rfkill_register+0x34/0x8c0
[  708.479239][   T30]  hci_register_dev+0x407/0x8b0
[  708.485231][   T30]  vhci_create_device+0x35b/0x6a0
[  708.490381][   T30]  vhci_write+0x3d1/0x490
[  708.494752][   T30]  vfs_write+0xa74/0xc90
[  708.499050][   T30]  ? __pfx_vhci_write+0x10/0x10
[  708.503960][   T30]  ? __pfx_vfs_write+0x10/0x10
[  708.508741][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.515480][   T30]  ksys_write+0x1a0/0x2c0
[  708.519815][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.525574][   T30]  ? __pfx_ksys_write+0x10/0x10
[  708.530645][   T30]  ? exc_page_fault+0x590/0x8c0
[  708.535569][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.542425][   T30]  ? do_syscall_64+0xb6/0x230
[  708.547123][   T30]  do_syscall_64+0xf3/0x230
[  708.551812][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.558045][   T30] RIP: 0033:0x7f45f1b78960
[  708.562549][   T30] RSP: 002b:00007ffe503b4178 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  708.572092][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f45f1b78960
[  708.580420][   T30] RDX: 0000000000000002 RSI: 00007ffe503b418a RDI: 00000000000000ca
[  708.588405][   T30] RBP: 00007f45f1d16a38 R08: 0000000000000000 R09: 00007f45f284d6c0
[  708.596441][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  708.605496][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  708.613588][   T30]  </TASK>
[  708.616645][   T30] INFO: task syz-executor:17037 blocked for more than 144 seconds.
[  708.624845][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  708.633752][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  708.642649][   T30] task:syz-executor    state:D stack:26784 pid:17037 tgid:17037 ppid:1      flags:0x00000004
[  708.653005][   T30] Call Trace:
[  708.656314][   T30]  <TASK>
[  708.659245][   T30]  __schedule+0x1800/0x4a60
[  708.665291][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.671147][   T30]  ? __pfx___schedule+0x10/0x10
[  708.676051][   T30]  ? __pfx_lock_release+0x10/0x10
[  708.681247][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  708.686758][   T30]  ? schedule+0x90/0x320
[  708.692498][   T30]  schedule+0x14b/0x320
[  708.696665][   T30]  schedule_preempt_disabled+0x13/0x30
[  708.702388][   T30]  __mutex_lock+0x6a4/0xd70
[  708.706938][   T30]  ? __mutex_lock+0x527/0xd70
[  708.711735][   T30]  ? rfkill_register+0x34/0x8c0
[  708.716614][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  708.723141][   T30]  ? __init_waitqueue_head+0xae/0x150
[  708.728551][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.734274][   T30]  ? device_initialize+0x266/0x460
[  708.739402][   T30]  rfkill_register+0x34/0x8c0
[  708.744153][   T30]  hci_register_dev+0x407/0x8b0
[  708.749028][   T30]  vhci_create_device+0x35b/0x6a0
[  708.755490][   T30]  vhci_write+0x3d1/0x490
[  708.759862][   T30]  vfs_write+0xa74/0xc90
[  708.764230][   T30]  ? __pfx_vhci_write+0x10/0x10
[  708.769105][   T30]  ? __pfx_vfs_write+0x10/0x10
[  708.773972][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.779646][   T30]  ksys_write+0x1a0/0x2c0
[  708.785064][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.790796][   T30]  ? __pfx_ksys_write+0x10/0x10
[  708.795669][   T30]  ? exc_page_fault+0x590/0x8c0
[  708.800628][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.806311][   T30]  ? do_syscall_64+0xb6/0x230
[  708.812516][   T30]  do_syscall_64+0xf3/0x230
[  708.817046][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.823081][   T30] RIP: 0033:0x7f4071d78960
[  708.827536][   T30] RSP: 002b:00007ffc146f71f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  708.836009][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4071d78960
[  708.845145][   T30] RDX: 0000000000000002 RSI: 00007ffc146f720a RDI: 00000000000000ca
[  708.853238][   T30] RBP: 00007f4071f16a38 R08: 0000000000000000 R09: 00007f4072a4d6c0
[  708.861456][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  708.869490][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  708.878770][   T30]  </TASK>
[  708.881916][   T30] INFO: task syz-executor:17038 blocked for more than 145 seconds.
[  708.889819][   T30]       Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  708.897593][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  708.907318][   T30] task:syz-executor    state:D stack:26040 pid:17038 tgid:17038 ppid:1      flags:0x00004004
[  708.917573][   T30] Call Trace:
[  708.920919][   T30]  <TASK>
[  708.923852][   T30]  __schedule+0x1800/0x4a60
[  708.928385][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.935552][   T30]  ? __pfx___schedule+0x10/0x10
[  708.940527][   T30]  ? __pfx_lock_release+0x10/0x10
[  708.945591][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  708.951176][   T30]  ? schedule+0x90/0x320
[  708.955444][   T30]  schedule+0x14b/0x320
[  708.959633][   T30]  schedule_preempt_disabled+0x13/0x30
[  708.966247][   T30]  __mutex_lock+0x6a4/0xd70
[  708.970990][   T30]  ? __mutex_lock+0x527/0xd70
[  708.975700][   T30]  ? rfkill_register+0x34/0x8c0
[  708.980671][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  708.985724][   T30]  ? __init_waitqueue_head+0xae/0x150
[  708.992199][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  708.997842][   T30]  ? device_initialize+0x266/0x460
[  709.003079][   T30]  rfkill_register+0x34/0x8c0
[  709.007780][   T30]  hci_register_dev+0x407/0x8b0
[  709.012776][   T30]  vhci_create_device+0x35b/0x6a0
[  709.017909][   T30]  vhci_write+0x3d1/0x490
[  709.023708][   T30]  vfs_write+0xa74/0xc90
[  709.028001][   T30]  ? __pfx_vhci_write+0x10/0x10
[  709.032933][   T30]  ? __pfx_vfs_write+0x10/0x10
[  709.037732][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.043472][   T30]  ksys_write+0x1a0/0x2c0
[  709.047810][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.054630][   T30]  ? __pfx_ksys_write+0x10/0x10
[  709.059484][   T30]  ? exc_page_fault+0x590/0x8c0
[  709.064412][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.070119][   T30]  ? do_syscall_64+0xb6/0x230
[  709.074861][   T30]  do_syscall_64+0xf3/0x230
[  709.079377][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.086941][   T30] RIP: 0033:0x7f6844778960
[  709.091472][   T30] RSP: 002b:00007fffccf97098 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  709.099984][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f6844778960
[  709.108059][   T30] RDX: 0000000000000002 RSI: 00007fffccf970aa RDI: 00000000000000ca
[  709.117393][   T30] RBP: 00007f6844916a38 R08: 0000000000000000 R09: 00007f684544d6c0
[  709.125483][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  709.133514][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  709.142988][   T30]  </TASK>
[  709.146029][   T30] 
[  709.146029][   T30] Showing all locks held in the system:
[  709.153834][   T30] 1 lock held by khungtaskd/30:
[  709.158687][   T30]  #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  709.168657][   T30] 2 locks held by getty/4989:
[  709.174838][   T30]  #0: ffff88803099d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  709.184721][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  709.195400][   T30] 3 locks held by kworker/0:7/5409:
[  709.202119][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  709.213295][   T30]  #1: ffffc90002f8fd00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  709.226941][   T30]  #2: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  709.239428][   T30] 1 lock held by syz-executor/9805:
[  709.244698][   T30]  #0: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[  709.254929][   T30] 1 lock held by syz-executor/11017:
[  709.260203][   T30]  #0: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[  709.271889][   T30] 1 lock held by syz-executor/12208:
[  709.277169][   T30]  #0: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[  709.287381][   T30] 2 locks held by syz.5.4341/16755:
[  709.294076][   T30]  #0: ffff88806327b100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0
[  709.304128][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[  709.314352][   T30] 2 locks held by syz.0.4343/16766:
[  709.319541][   T30]  #0: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a9/0x790
[  709.331020][   T30]  #1: ffff88806327b100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x310
[  709.340891][   T30] 2 locks held by syz.2.4346/16772:
[  709.346101][   T30]  #0: ffffffff8fcf12f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  709.355496][   T30]  #1: ffffffff8ec0b628 (nfsd_mutex){+.+.}-{3:3}, at: nfsd_nl_listener_set_doit+0x12d/0x1a90
[  709.366467][   T30] 2 locks held by syz-executor/17033:
[  709.372080][   T30]  #0: ffff8880335ff918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.382750][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.393480][   T30] 2 locks held by syz-executor/17037:
[  709.398862][   T30]  #0: ffff88805c0d5118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.408987][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.419664][   T30] 2 locks held by syz-executor/17038:
[  709.425847][   T30]  #0: ffff88807c5b0918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.436082][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.446677][   T30] 2 locks held by syz-executor/17087:
[  709.452611][   T30]  #0: ffff88806d470918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.462751][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.473574][   T30] 2 locks held by syz-executor/17262:
[  709.478954][   T30]  #0: ffff8880244fc918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.489577][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.499627][   T30] 2 locks held by syz-executor/17321:
[  709.505566][   T30]  #0: ffff888032c36118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.516630][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.526767][   T30] 2 locks held by syz-executor/17323:
[  709.532904][   T30]  #0: ffff888068341918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.543761][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.553809][   T30] 2 locks held by syz-executor/17325:
[  709.559172][   T30]  #0: ffff888029f95118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.569828][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.580457][   T30] 2 locks held by syz-executor/17329:
[  709.585853][   T30]  #0: ffff88805f9dd118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.596590][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.606895][   T30] 2 locks held by syz-executor/17331:
[  709.612794][   T30]  #0: ffff88805f308918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.623500][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.633895][   T30] 2 locks held by syz-executor/17334:
[  709.639261][   T30]  #0: ffff8880705df918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.649610][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.660184][   T30] 2 locks held by syz-executor/17335:
[  709.665968][   T30]  #0: ffff888033264118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.676596][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.687158][   T30] 2 locks held by syz-executor/17337:
[  709.692961][   T30]  #0: ffff888032d98118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.703477][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.714127][   T30] 2 locks held by syz-executor/17339:
[  709.719496][   T30]  #0: ffff88805e6a6118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.729870][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.740224][   T30] 2 locks held by syz-executor/17341:
[  709.746286][   T30]  #0: ffff88805ea86918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0
[  709.756961][   T30]  #1: ffffffff8ff630c8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[  709.767440][   T30] 
[  709.769778][   T30] =============================================
[  709.769778][   T30] 
[  709.778755][   T30] NMI backtrace for cpu 1
[  709.783085][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  709.794123][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  709.804172][   T30] Call Trace:
[  709.807442][   T30]  <TASK>
[  709.810368][   T30]  dump_stack_lvl+0x241/0x360
[  709.815053][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  709.820252][   T30]  ? __pfx__printk+0x10/0x10
[  709.824847][   T30]  ? vprintk_emit+0x667/0x7c0
[  709.829525][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  709.834567][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  709.839543][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  709.845022][   T30]  ? _printk+0xd5/0x120
[  709.849175][   T30]  ? __pfx__printk+0x10/0x10
[  709.853758][   T30]  ? __wake_up_klogd+0xcc/0x110
[  709.858606][   T30]  ? __pfx__printk+0x10/0x10
[  709.863190][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.868823][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  709.873846][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  709.879829][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  709.885829][   T30]  watchdog+0xff4/0x1040
[  709.890108][   T30]  ? watchdog+0x1ea/0x1040
[  709.894550][   T30]  ? __pfx_watchdog+0x10/0x10
[  709.899244][   T30]  kthread+0x2f2/0x390
[  709.903334][   T30]  ? __pfx_watchdog+0x10/0x10
[  709.908026][   T30]  ? __pfx_kthread+0x10/0x10
[  709.912636][   T30]  ret_from_fork+0x4d/0x80
[  709.917067][   T30]  ? __pfx_kthread+0x10/0x10
[  709.921680][   T30]  ret_from_fork_asm+0x1a/0x30
[  709.926478][   T30]  </TASK>
[  709.931080][   T30] Sending NMI from CPU 1 to CPUs 0:
[  709.936319][    C0] NMI backtrace for cpu 0
[  709.936334][    C0] CPU: 0 UID: 0 PID: 2949 Comm: kworker/u8:9 Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  709.936364][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  709.936381][    C0] Workqueue: bat_events batadv_nc_worker
[  709.936420][    C0] RIP: 0010:trace_irq_disable+0x2/0x120
[  709.936455][    C0] Code: 68 68 7e 01 00 00 00 48 8b 3c 24 eb 1b 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 56 <53> 66 90 65 8b 05 d0 e5 68 7e 83 f8 08 73 3f 89 c3 48 89 d8 48 c1
[  709.936474][    C0] RSP: 0018:ffffc90009e179f0 EFLAGS: 00000046
[  709.936493][    C0] RAX: 0000000000000000 RBX: 1ffff920013c2f44 RCX: 0000000000000000
[  709.936510][    C0] RDX: 0000000000000000 RSI: ffffffff8c0ad560 RDI: ffffffff81575b66
[  709.936526][    C0] RBP: ffffc90009e17ab0 R08: ffff88806ff8dd03 R09: 1ffff1100dff1ba0
[  709.936545][    C0] R10: dffffc0000000000 R11: ffffed100dff1ba1 R12: dffffc0000000000
[  709.936563][    C0] R13: 1ffff920013c2f48 R14: ffffc90009e17a40 R15: 0000000000000201
[  709.936583][    C0] FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
[  709.936602][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  709.936619][    C0] CR2: 000056042e566220 CR3: 000000000e734000 CR4: 0000000000350ef0
[  709.936638][    C0] Call Trace:
[  709.936647][    C0]  <NMI>
[  709.936657][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  709.936689][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  709.936726][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  709.936756][    C0]  ? nmi_handle+0x2a/0x5a0
[  709.936793][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  709.936823][    C0]  ? nmi_handle+0x151/0x5a0
[  709.936846][    C0]  ? nmi_handle+0x2a/0x5a0
[  709.936870][    C0]  ? trace_irq_disable+0x2/0x120
[  709.936900][    C0]  ? default_do_nmi+0x63/0x160
[  709.936932][    C0]  ? exc_nmi+0x123/0x1f0
[  709.936962][    C0]  ? end_repeat_nmi+0xf/0x53
[  709.937003][    C0]  ? __local_bh_enable_ip+0x106/0x200
[  709.937034][    C0]  ? trace_irq_disable+0x2/0x120
[  709.937065][    C0]  ? trace_irq_disable+0x2/0x120
[  709.937097][    C0]  ? trace_irq_disable+0x2/0x120
[  709.937127][    C0]  </NMI>
[  709.937135][    C0]  <TASK>
[  709.937144][    C0]  __local_bh_enable_ip+0x106/0x200
[  709.937176][    C0]  ? batadv_nc_purge_paths+0x312/0x3b0
[  709.937213][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  709.937242][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.937277][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  709.937312][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  709.937354][    C0]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[  709.937395][    C0]  batadv_nc_purge_paths+0x312/0x3b0
[  709.937443][    C0]  batadv_nc_worker+0x328/0x610
[  709.937477][    C0]  ? batadv_nc_worker+0xcb/0x610
[  709.937514][    C0]  ? process_scheduled_works+0x945/0x1830
[  709.937545][    C0]  process_scheduled_works+0xa2e/0x1830
[  709.937599][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  709.937638][    C0]  ? assign_work+0x364/0x3d0
[  709.937672][    C0]  worker_thread+0x86d/0xd10
[  709.937717][    C0]  ? __kthread_parkme+0x169/0x1d0
[  709.937753][    C0]  ? __pfx_worker_thread+0x10/0x10
[  709.937785][    C0]  kthread+0x2f2/0x390
[  709.937822][    C0]  ? __pfx_worker_thread+0x10/0x10
[  709.937853][    C0]  ? __pfx_kthread+0x10/0x10
[  709.937890][    C0]  ret_from_fork+0x4d/0x80
[  709.937924][    C0]  ? __pfx_kthread+0x10/0x10
[  709.937959][    C0]  ret_from_fork_asm+0x1a/0x30
[  709.938006][    C0]  </TASK>
[  709.938420][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  710.276617][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc5-syzkaller-00176-g20371ba12063 #0
[  710.287128][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  710.297185][   T30] Call Trace:
[  710.300464][   T30]  <TASK>
[  710.303397][   T30]  dump_stack_lvl+0x241/0x360
[  710.308092][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  710.313300][   T30]  ? __pfx__printk+0x10/0x10
[  710.317893][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  710.323895][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.329544][   T30]  ? vscnprintf+0x5d/0x90
[  710.333893][   T30]  panic+0x349/0x860
[  710.337797][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.343448][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  710.349619][   T30]  ? __pfx_panic+0x10/0x10
[  710.354037][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  710.359418][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.365066][   T30]  ? __irq_work_queue_local+0x137/0x410
[  710.370633][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.376284][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  710.381666][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  710.387832][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  710.394002][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.399650][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  710.405823][   T30]  watchdog+0x1033/0x1040
[  710.410176][   T30]  ? watchdog+0x1ea/0x1040
[  710.414615][   T30]  ? __pfx_watchdog+0x10/0x10
[  710.419309][   T30]  kthread+0x2f2/0x390
[  710.423397][   T30]  ? __pfx_watchdog+0x10/0x10
[  710.428089][   T30]  ? __pfx_kthread+0x10/0x10
[  710.432712][   T30]  ret_from_fork+0x4d/0x80
[  710.437148][   T30]  ? __pfx_kthread+0x10/0x10
[  710.441757][   T30]  ret_from_fork_asm+0x1a/0x30
[  710.446555][   T30]  </TASK>
[  710.449812][   T30] Kernel Offset: disabled
[  710.454136][   T30] Rebooting in 86400 seconds..