last executing test programs:

4.069079127s ago: executing program 3 (id=1219):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f0006400303000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

3.75263412s ago: executing program 3 (id=1225):
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0)

3.507394815s ago: executing program 3 (id=1231):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x8008af26, &(0x7f0000001080))

3.412593304s ago: executing program 3 (id=1233):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000057c0)={[{@resuid={'resuid', 0x3d, 0xee01}}, {@background_gc_off}, {@nodiscard}, {@grpjquota={'grpjquota', 0x3d, ':-('}}, {@usrjquota={'usrjquota', 0x3d, '\\A'}}, {@jqfmt_vfsv1}, {@two_active_logs}, {@nouser_xattr}, {@grpjquota}, {@nodiscard}, {@inline_dentry}, {}, {@user_xattr}]}, 0x0, 0x551a, &(0x7f0000000280)="$eJzs3M1rI/UfB/BP2u22+/DbXxEP3nZgEVrYhKYPi96q7uIDdimrHjxpmqQh3SRTmjStPXnwKB78T0TBk0f/Bg+evYkHxZugZGYqW11Bbdq429cLJu+ZbyaffL9DKHwmJQFcWPPJzz+W4kZciYjpiLgeke2Xii2znsdzEXEzIqYe2UrF+O8DlyPiakTcGBXPa5aKpz69Pby19sMbP331zeyla599+e3kVg1M2vMR0d3N9w+6eaatPHeK8dqwnWV3dVhk/kT3YXGc5nnQ3MoqHNSOz6tludLKz0939/uj3O7U6qNstbez8d1e/ob9Yeu4TvaCndpedtxobmXZ7qdZto7yeR0e5X/bjvqDvE6jqPdBVj4Gg+PMx5uHzXw9uw+zrPcGxXheN200D0c5LLJ4u6innUY2j63TXOn/tjfbvf3DZNjc67fTXrJWqb5Qqd4pV/fSRnPQXC3Xuo07q8lCqzM6rTxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXFYu928ur9d5JOI1kY5cvt3v6g3ekn2+lekr9iMVmurLy4mNyqJm9tbCabD+7d29h8+727795/aeP1V4qT/jStZGF5aXm5XF0qL1cXL9D6Pyom/fj1l053JeBf8KkD+Mf0/8AknF3/v/cg4uz7/9D/j8UT1f9e9P7/DNYPp6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sL6b+fy1bGc+P75WjP+vGHqmOC5FxFRE/PoY03H5RM3pos7MX5w/84c5fF2KrMLoPWaL7WpErBfbL/8/66sAAAAAT68vPrz5Sd6t5w/zk54Q56dU3LSZuv7+2CpGzMx/P6ZqU6OHZ8dULPt8X4rDMVXLbmDNjalYfsvt0riq/S3TJ2LukSjFXOyc61wAAIDzcrITON8uBAAAgPP08aQnwGSU4virzDj+B/7ZPIovBK+cOAIAAACeQKVJTwAAAAA4c1n/7/f/AAAA4OmW//4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793aYRw3EA/93BFfpPRV2gq/QN3rtAR6j61MeKAboEI9AVugAz0LeMEEGUs4NCRKJE+O4U9PlIh7HFfbER92BbMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCl/8168ff3lz/n5uz25ykzGgAAAOCUbbNetG9mqf4+t3/MTZ9zvYqIOiJOzd1H8eYoc5Rzmkc+3zzow7+INuH2Oyb5ehcRX/N1/anrXwEAAAAu12a5mqfZenqZDd0h+pQWbeoP3wvlVRHRzK4KpdXxs1BS5P/3OH4VSmsXsKaFwtKS27hU2rO0j/th1W56r6hSUT99f7GxAwAAPRodFf3OQgAAAOjTj6E7wDCquNvKPGwFTlKRt/feHtUAAACAV6gaugMAAABA59r5v/P/AAAA4LKl8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0rZZLzbL1fwl93w70bbbn6fciAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7Yn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC/63S//J6bGmWTutLF0PJKsXTW2rhp7DxpHD8bbvwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLnfn6jqOIAgL+Z2dkCaqzV9FBjNPGgFykLgtyMB03jwf9Ak6YsWFn8AT0IISa9eNL0zMXo0RgTSb3xP3CGhAveOKwJJp4186t9IpKt1Zml+/kkb953Z4Z53zebkH5nXgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0xm/txlmxma/itN536/7VtaK//UBfuLF1Z6loRZy0mfTj4YX4Q7LYXSIAAADMjqyp70MId/PtlaJP58v6P2/OKWr+b5+q4qaef7Dub/qm9i/az9fvPbcz0Hw1TnHRs+uj4bG/p9L7/2Y53Z5uguv/dEavvPPls5es/ELSdzefHefl/Uy+vnnz7X4ZzrWVMQCwV0ebvg6an4eKftBlYgDMjF5UeDf1fzbfbU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbRhvhiea+NcQwlKvipN63+37V9ce1t/YurPUtFPXrm3F1ywukYcQzq6PhsdanMu0u3T5yvnV0Wh4sf3gxRDCPq/z/r+dxZv1Pzz/wQQnh9DJ/RH8R0Faf9nTks9+g7lWxuroPyQAAA6svG5FXX83314p9iULIfzx3W79Xxx7JYrDhPX/vQ9P3YrHiuv/QWsznAbpI48ub1z4dPnS5SuvrV9YPTc8N/z49eODNwYnTp88eXq5fFay7IkJAAAA+9OvW1z/pwvR+/9D1bEj9fl7qf8/+2bwRTxWNrP1/6PtvvTrOhMAAIDZ9sxLv/+WPGR/0u+Hz1c3Ni4Oqu3O5+PVtoNU92yubnH9ny10nRUAAADQhvFm8pf1/2eiOEz4/v/J75//Mb5mFkI4XL//P7r2yehMe9OZam38xnLXcwQAAKBbh+sWv//Py/X/6c6ShzSE8OrLVVz/GcCJ6v/snS9/iMeK1/+faG+KUyldrO5H2S+G0FvsOiMAAAAOmq+i+FDdimL/l3x75aOfjrzXt/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoG1/BgAA//9TJj43")
lsetxattr$system_posix_acl(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000080), 0x24, 0x0)

3.272423147s ago: executing program 2 (id=1235):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000180)='syzkaller\x00', 0x1}, 0x90)

3.040234768s ago: executing program 2 (id=1240):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x40045109, &(0x7f0000001b80))

2.843041447s ago: executing program 2 (id=1244):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@name={'name', 0x3d, '-'}}, {@name={'name', 0x3d, '_'}}]})

2.570516967s ago: executing program 2 (id=1250):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0x20, 0x1410, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0)

2.362732228s ago: executing program 2 (id=1253):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000082, &(0x7f0000000240)={[{@utf8no}, {@utf8no}, {@shortname_win95}, {@rodir}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fat=@sys_immutable}, {@shortname_mixed}, {@fat=@check_strict}, {@uni_xlateno}, {@numtail}, {@uni_xlate}, {@shortname_win95}, {@utf8no}, {@shortname_mixed}]}, 0x25, 0x358, &(0x7f0000000480)="$eJzs3T9oXHUcAPDv9aW5JFhzg1B0Ot0EKU3EQaeEUqGYQSuH/xYPm/ondxZyeBCHXG5RipPiIujk1kHHzuIg4ubgagWpiovdCg0+ubt3/+/sBbxY8fMZwpfv7/d9v+97eeS9hOSXVxuxc+lkXL5162YsLeViYePcRtzORSFORBIdBzHRB4uT8wDAPe52msYfacfdZ3+00o08+wHgv6v9/H/9VD+RP0Lx1fvm0RIAMGczfv//7MTslbm1BQDM0djz/5Gh4ZEf8y/0fiegY3n+DQIA/7jnX3r5mc2tiIvF4lJE9f16qV6Kp/rjm5fjzajEdpyN1TiM6LwodN4WWh+fvrB1/myx5ZdClFoV9VJEtVEvdd4UNpN2fT7WYjUKWX3aq09a9Wvt+mJEHDTa60c1Vy+djJVs/R9XYjvWYzUeGKuPuLB1fr2YHaBU7dY3Ipqx1D2JVv9nYjW+fy2uRCUuRau23//+WrF4Lt0aqq9fy7fnAQAAAAAAAAAAAAAAAAAAAADAPJwp9hR6+9+k1Ub9vYujEwpD++OUOsPZ/kDNzv5Aab67O8/VZHR/oOH9eeqlhTjxr545AAAAAAAAAAAAAAAAAAAA3Dtqe4tRrlS2d2t77+4MBo2BzNvffvH1cnSHFrLSt5J+VWTJoeN0Jw4cOYneEmmvPE2G5mRBEtGdfFC+dr3X8eCcfO8sxspbQX5sKJf1VK5UTj3886eTqv5sBQftTBJjl2U4yGXrDwxV728lliLicFrV9GD9LnNupGk6rXz/k9FMthVD48htzBB8c/ONBx+vnX6infkqW+nRx1ZfuPHx57/tlCvR7FyZSmVxt3aYznDkyEWMDyUD908uu865CXfC5KDZzzR3a3vl5IffX3zow+9GJieT7590MPPO9LW+HM0sdoJcRKF7Ef6u1ZMTbv7JwSt3enfv0T9xpz/bKF/f/+nXWasGvkjYqAMAAAAAAAAAAAAAAAAAAI5F/49+RwbSNG1MrXryubk3BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHqP///weC5lhmluBOI8aH8tu7tamLLx/rqQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D/2VwAAAP//wGN9HA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1.621010232s ago: executing program 0 (id=1265):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2810000, &(0x7f0000001040)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c757466383d302c696f636861727365743d63703835322c73686f72746e616d653d77696e6e742c636f6465706167653d3836342c726f6469722c696f636861727365743d6370313235352c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c756e695f786c6174653d312c696f636861727365743d63703836392c756e695f786c6174653d312c0046f954b34e928130540b869af3eb807a3d9ce5fe5e0ed041428df48def2bfeca21208d9306c189e802ed568ca7cfb350a22affe1c05814ee212429036aab67b7fd2a98f56aebe178ee6dcca902f725acec54ff5da88197f1ac16873f2e03de4b3ea3841a9424f41847"], 0x2d, 0x33c, &(0x7f0000001980)="$eJzs3U1oXFUUAOAzfUkmCdRkIRRdje4EKU3Eha4SSoViFlod/Ns42NSfvLGQwYG4yDQbxaXiRtCVuy502bW4EHHnwq0VpCpu7K7Q4pOZ9zLz5ic1FSf15/sW4XDuPXPPe7lkXkJy8/JabJ2fjQvXr1+L+flKzKydXosblViOY5FE7lIAAP8lN7Isfstyfz77g8X9aG7KfQEA09N7/3/1+CBRvZvdAABH4ZDf/z81MXtxam0BAFM09v7/4NDwyI/5Z/q/EwAA/Hs988KLT65vRJyr1eYjmu+26+16PD4YX78Qr0cam3EqluJWRP6gkD8tdD8+cXbjzKla10/LUe9WtOsRzU67nj8prCe9+mqsxFIsF/VZvz7p1q/06msRcanTWz+alXZ9NhaL9b9fjM1YjaW4N69/dlAfcXbjzGqteIF6c7++E7EX8/sX0e3/ZCzFt6/ExUjjfHRrB/3vrtRqp7ONofr25WpvHgAAAAAAAAAAAAAAAAAAAAAATMPJWt9y//ybrNlpv3NudMLy0Pk49Xy4OB9oLz8fKKvun+7zXjJ6PtDw+Tzt+kwcu6tXDgAAAAAAAAAAAAAAAAAAAP8crZ25aKTp5nZr5+2tctApZd78+rMvF2J0zhvJIBMz+csNzSlyUapKol+e9cuzZGhOESQRg8mXr/Q7Ls+p9q9irLwbVMeGKkVPjTQ9/sCPH0+q+n2QSWLstgwHlWL90lDznjx1m6qtRroweWj19lXp1SzLDupn96PxqqhEzIx94v6O4Ktrr933SOvEo73MF8WhDw89vPTc1Q8//WWrkUZxa9J0brt1K/vLayWl/VMp7nNlwk6YHOwNMnvbrZ1G8t2vz9///jcjk5PJ+ycrZ946eK3PRzNzedBt8zBXOjth808OXrrZ3713fjNPfLLWuLL7w8+HrSp9kXBQBwAAAAAAAAAAAAAAAAAAHInS34rfgceenl5HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD0Bv//vxTsjWUOE9zsxPhQdXO7deDiC0d6qQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/I/9EQAA//8hAXfe")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)

1.4993727s ago: executing program 2 (id=1268):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f00000018c0)={{}, 0x0, 0x8, @inherit={0x90, 0x0}, @subvolid})

1.233335592s ago: executing program 3 (id=1274):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}]}]}, 0x54}}, 0x0)

1.121947894s ago: executing program 1 (id=1277):
r0 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r0, 0x114, 0x271b, 0x0, &(0x7f00000000c0))

889.192135ms ago: executing program 4 (id=1278):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="2400000020000103000000000000000080000000000000000000000008000d"], 0x24}}, 0x0)

888.429095ms ago: executing program 0 (id=1279):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1f, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "5642000800000000001000"})

835.603916ms ago: executing program 4 (id=1280):
r0 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0x81785501, &(0x7f0000000080)={{0x0, 0x0, 0xfffffffd}, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})

833.296517ms ago: executing program 1 (id=1281):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000070000000090a010400000000000000000100000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021340011800a0001006c696d6974000000240002800c000240000000000000008108000340fffffffd0c0001400000000000000007"], 0xb8}}, 0x0)

755.394101ms ago: executing program 4 (id=1282):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e6d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf01860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e748fafa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f0844307df70f532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fda0f0a04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0001002d8c38a967c1bbe09315c298774009d8c6a16c7da308bcc87dc3addb08141bdee5d2780cfef663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd805deb28c13c1ed1c0d9cae846bcbfa8cce7b893ebc68578af7dc7d5e87d44ff80800000034c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c568cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7dcf050000000000001491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c78974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000400000000000a5accf93bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9c46136a5755c47287eb00000000000000c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b179509bd9f263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a378700000000000000000000000000631ffc86fe0c8124536afbfc6300ee2c00000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e35776e37c2b7772d0873369ba559e4a9ce9a7878a9a46f2a68adae0f3f5c0715b169ff053d8f5ab73d5f738b0edc71a287418ba45a14fd1ab423d9c392d010af2cf1356c6f78d563822afd3e8fb693ef3e1f1c02289e94b15a0a2a58e9c77a6d388004396baf8af32d0bd7fef1597b20e2eec0273012e344628a8ea5bd0a9da43078b95af7186d5bf36a2e31c0ee3e1ec6accd94b7e3b47e52681128c5b6fb2afbffaa52d53080f7ef112fdffffffffffffff0c1f7b4673fc5202bcc1159ba59b9b5c996079b6c2b9cc011470ce48b53c7339135e0a1e7c90b91a84cfaf95af6edc881ca69cb3d869fcd87a294447e3eb627923970281e28528348f9d0157c80ffd70dd45fc9ae550e191e9f88a1f15c2d997c217bb6d5d24e88d07837851b391ffcf3aa2183952ef4d68757c7511179f0984960b907016a4ad6ba19f89794b545f983e94a980f83794c277dd644651d721a0d0546b3e69b8530d9391068d67cfb4fe879c23933ec59d3e728113fdf3a28800512b9cef65523490caa4f5ec30ad6ded9879843ade683b3263197964e752ca77b966ae22e73a0cbbe549306e49d0e11662cf8bcccd8198ef44911ed6b86792086cc6c758d8c4a872041e58685d4134a5ee5063b4bb7e8035442b1cba567cfee96b3b858c9086c907ddddd16414545f1b94b34f081f3e6248699060d62f236b5204993cf42c180f757938a62b5f302cae4a4a7be523be2db61b74bab36d0e63e4469969482ada533c54bdc9c2ad0b7dce02c869e6c853f92d24823036f8b5f4a6f6f89e1a9cd003c714814277f32bd6d535dcc08c992f2938b2e265ff6bfbf38694255c367867d64c50b6f7f2fd131b5b30059ea2ed6bd2b887f808dee79a76d600883085436d79381d7a4a09c4d73f8046c72b206ae3b76429c719f80ab8ff65494f35a75916d81ce89b94ed2e07540d855ebb2e78bfbb354e29d6b905f2573bec68e340472006f3738f004c24edd7c538ad9f25bda4c443bc816a8fb38081adbf5a80f5cd6fde3aadd56a9283dfdcbf7fdd1b44e717c0b405b3261f19b1c38df6331df8e84619ef307875c893a8f0a436ccfb6319000000000000000000000000001f1c8231baae9e6b907826aa7431ee8ee9deb4db6dca3e4fa3df5cd4015a3771c25bff7d305689ff0a71d821fc6ee9d2d0069a6f4cb434e8183796f89825de4d251bbf526adcf572bd39c9817a51b50859c77eebd37709f0d65667a71700006103120886e81241c7186011c6949a9ef5eadb3ca1ba74d055196c80fe796f3550eef858d924ba6a93ea687720ffe78f1e2c98686d85575fbabee88e97d4dea9b7d8416d62f962b9202528fcc38eea7d2b4efca4e14fcbcc15e8"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x13, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f00800fee0050000000000002f77fbac141416e000030a44079f03b180006000000000845013f2325f003901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xffffff23}, 0x2c)

674.534221ms ago: executing program 1 (id=1283):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000040)=0xfffffffc, 0x4)

591.601726ms ago: executing program 0 (id=1284):
r0 = socket(0x2000000015, 0x80005, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)

530.229321ms ago: executing program 4 (id=1285):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc9)

451.218568ms ago: executing program 0 (id=1286):
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000280)={0x1, @pix={0x0, 0x0, 0x50565559}})

450.068137ms ago: executing program 1 (id=1287):
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r0, r0}, &(0x7f0000000180)=""/95, 0x5f, &(0x7f0000000340)={&(0x7f0000000300)={'sha512-generic\x00'}})

329.965837ms ago: executing program 4 (id=1288):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file1\x00', 0x208400, &(0x7f0000000500)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c636f6465706167653d69736f383835392d392c747970653d8806e6d92c007c3da50838b213e45c60dfa80dde3ce87abe5e338e4e6a59adcbbcd8c1298ca6754466db1a8a1278dabca7f2fe40cf27dc1fb941304798bf42ba7569909de3630242504efec00c875fa448eb7bdaa7ba31d37ec3e7d64cd77624a0da2b05469cfb6ff12378569cc8b28d1168e0b17c24be8bc7e84cc44764d86c47497b7f98bc4582fe16504124539d5e1c09b9294efa2dd7"], 0x1, 0x2e5, &(0x7f00000001c0)="$eJzs3U9rE08cx/HPbJI27a/0t/0jghelWtBLsepBvEQkV++eRG1SKIaKbQX1YisexQfg3afgg/Ci+AT05MkH0IOwMpPJZtPsbpLSJE19vyBhMzsz+x1mNzvfRRsB+Gfdq/74dPOXfRmpoIKkO1IgqSwVJZ3T+fKL7b2tvUa9ltdRwbWwL6NmS9NVZ2O7ntbUtnMtvNB+KmouWZZkunvGMUVRdPdnXoXC6GLB+JiMmQ6kaX8duv3lEcc1LPvSxXHHMGrJCTaHOtRLzY8xHADAKeDv/4G/Tcy5IqMgkFb9bf9M3f8Pxx3AybrV6CqKchsk7v9udRcZO7//u13tfM8lWnZ/0MoS+wmmdOTzlJpnVscC0/TKKl0swczmVlFrGweqBXqripeotuzea81Tt6VHtCspuWmO7N5Kuj/bHI1bUR7VCmlzq1GfthuJ+FsRLA12xDwzfdUyX8w389CE+qhavP4rRsZOk5up8MhMBSUb//XsHv9zrWwt+YFVKpWgo8qCO8gFfwSvxyjLPXLPhfZDg/04grw43bEX1flYoTm69R6tltJahfGnjFbLHa0K/kxY23jWyH2UMhytIZoP5oFZ0W99VjWx/g9sfKtKXJl5X/XG1fRnRnM8U+k1i65m2HXnaF8ul+IIvOmBxwYp62lZhvd6otua3331+mmh0ajv2I3HKRvP53aMLym9k1LrDH+joJw62m+XRNabKOq352iYwV870Q7t90dcYi+ftMr2KotLglFP06Ru/BmwVfWr8k7IydmIIilj19C+p3CK7JrWpLuPxT4XkTg77LrLNPM/t5L3qzqXoNi3MGednp9kqqPH9TiD61wKLrr32YEyuP6OeCMjZ3Q51+Wr0pVEoVHuEUMf5xlhqvquRzz/BwAAAAAAAAAAAAAAAAAAmDTJf/R/MKT/aTDuMQIAAAAAAAAAAAAAAAAAAAAAMOmO9fu/aX8j3v3+bziS3/8FcDL+BgAA//9Id3lt")
listxattr(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)

239.580837ms ago: executing program 1 (id=1289):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x4}}]}, &(0x7f0000000300)='GPL\x00', 0x3, 0xff7, &(0x7f0000001e00)=""/4087}, 0x90)

239.463735ms ago: executing program 0 (id=1290):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
prctl$PR_GET_SECUREBITS(0x1b)

133.203551ms ago: executing program 3 (id=1291):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002780)=ANY=[@ANYRES16=0x0, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRESDEC, @ANYRES8=0x0, @ANYRESOCT, @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b892438cdddda3da4c78d940655fbd68a286059c5766f98f85fb413503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27ab80ff9afa5000443de8c748e1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826d49e35134a94e27f115c8195a0f152cbd840ffdb008356c72319cceb43ccb1280556efdf0fdf582fd3cfc830dff1787f000000b7400f5aef57b6dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabcee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a9968104bf02481022af426853287e521a4e3cfe480f984efcea1359ff932ebd3bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d59bc12f637c36690f5ca91ee999ec138f6ce66522e652939a37435edb78f9ae18489f9d2b73c81609399f0d123f1721171bd72c012623f04d8965d3e5785d057c15798ab36af821c9b308731422ba3858b9895ace14068ea58f8cb6060c205caf209a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8b010e2232d1b2e6ca603b466b2c82afff4a8cc469e8664d54769fc97df122b3ff8c34354dad46f900eaf6e72e538c0595caa056984ab8974af7cdae5bde6a12f412fe2a876aa191e78e91fbf780e2f4a20f57d41376b29f990ce63aa6edf622d2203fee37df269abf869d13b175852b775fff70491d1e5d1311b7eef954a101ddb98c5ba2b312528485ece7aff23cc6fee599daea0fca71a5970cf0fc82b49640cc3fabbc401dead4f83aa0c4072a9e98ab5afb790be17961fc073e2f8f800000000000000005089d6db5ad893ee9b22b9250d01980952d0a3e0076c877556fa43f90cb574fd6ad67398ac4d9f8ff4e3ef09f99220928602523adc2289b51328ac152bd7edc66d4e962cbc2d2b0c5f8e48384eff563a10787b0199642385e811504e7168804114842d51f42dd6937515fa64b2fd14ef427072c6556b99171bd00165a9aada7173f001679ac791ee67188c670f583f7b1f8df68b97f4dcb5652f2b13aa941b7ff56c48fb7162e91ef53c70938a92e4bf55d65319f74766a309722f767fc8f3db2a194a2f098336601be2edcbcc9b562f2fc64e2deff9a16e84f1e8bc5fb82c91f4d10e34f5a093fc4fcbdb89342274857c8e6aa8864b3214f51b9e515bf645235007cede80ff5931bff340780a3b43bc0466340c195a515f779d0333dd467bb665508d9c89e18e86d1975e273f937e3bd1", @ANYRESDEC, @ANYRES32=0x0], 0x1, 0x1f6, &(0x7f0000000680)="$eJzslU1rE0EYx3+zO2kazaFnTwWD7UXbbEH8BvYD+AEM6VqLG1+6AU0oGL304kH8EgU/hQdB7x5EBC/1oKCHiqeKrMzOM9MNicRKeyjMH5bnZZ6XeZ7ZeeZ2/iCvA78PdrosUELR5KNSaGBJWd3hnKU/hBaCL9rKbdG/FPpZaD4Yvntm2eGdTpal2/lgBqMUzLLJCiwj6Rk30lOSOcuZod8+HdcophpHwD/VcyKMyTax1I9tSZNez8c09Wk24stpb74mef7LffEY/42t1DI/m+O/xNeTrqvGaZ97pWO/mn87piJ2/fnwwrbZL0nbMcaxuDcmbspZY6JjeeXI+MqvP4n4XgrvD3a6hrkpU8zoNuznrkRpY4TXFZsLGkagYgofR5fTEpaAlX7v/ko+GF7e6nU20830bpKsXV19c15OoXgMW1m6qirbMJcaN5cAc08blXVzdT4drY+oQMnWpEDOgXK8c3HDeflixbEBUaUsR4/ivvL566KL6XGDS8wDD0dqERJst1qYaJpbprR1FLEIbV3ZJxwSMV8uXOneyzZ2USjntof2Mdr71LyQiGASpWvXfPm7QltC14XuCd0X6t4u9ybpMsI3kZZHMMejTr+/XT5elvO6xOuSBZ85kqzuNXQNb9UJCAgICAgICDgj+BMAAP//duk56A==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)

83.530887ms ago: executing program 0 (id=1292):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x1a, 0x1, 0x0, 0x0, {0x81}, [@FRA_SRC={0x14, 0x2, @remote}]}, 0x30}}, 0x0)

80.553975ms ago: executing program 4 (id=1293):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$nci(r0, 0x0, 0x4)

0s ago: executing program 1 (id=1294):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000005d40)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000005c80)="39fea2b767dc7891723dd0b1032f7180b021dc14b054e9bff95257151bb97a057d327042ec6c4000825e74949d2e096555c9af11a03ec1871d572290e162178c0e13bae06109ce42a233b93aac8ad0b69bf46725d3cea55c174a7bfd7faa0627d3da3a04d36401c20d7c172bc46f", 0x6e}}, 0x0)

kernel console output (not intermixed with test programs):

ddresses unique to avoid problems!
[   73.567396][ T5240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.579412][ T5240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.589328][ T5240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.606616][ T5240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.632555][ T5240] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.650020][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.662611][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.674634][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.687922][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.698137][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.714697][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.730964][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.741844][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.754164][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.794566][ T5240] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.824844][ T5240] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.848024][ T5240] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.866649][ T5240] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.901073][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.914782][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.931633][ T5243] Bluetooth: hci1: command tx timeout
[   73.937732][ T5243] Bluetooth: hci2: command tx timeout
[   73.948916][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.959687][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.970327][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.981733][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.992336][ T5239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.004282][ T5243] Bluetooth: hci4: command tx timeout
[   74.004305][ T5234] Bluetooth: hci0: command tx timeout
[   74.009827][ T5248] Bluetooth: hci3: command tx timeout
[   74.023714][ T5239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.035266][ T5239] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.055599][ T5323] netlink: 'syz.0.8': attribute type 30 has an invalid length.
[   74.070027][ T5239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.080024][ T5239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.087221][ T5283] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   74.089394][ T5239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.105208][ T5239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.185797][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.211024][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.284127][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.286771][ T5283] usb 3-1: Using ep0 maxpacket: 32
[   74.298758][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.319536][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.343941][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.349678][ T5283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.373142][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.390734][ T5283] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   74.430995][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.471559][ T5283] usb 3-1: config 0 descriptor??
[   74.482778][ T1060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.508416][ T5283] hub 3-1:0.0: USB hub found
[   74.527477][ T1060] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.592586][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.650020][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.672038][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.701869][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.704694][ T5331] usb usb8: usbfs: process 5331 (syz.3.4) did not claim interface 0 before use
[   74.726516][ T5283] hub 3-1:0.0: 1 port detected
[   74.913954][ T5335] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.924987][ T5283] hub 3-1:0.0: hub_hub_status failed (err = -71)
[   74.952997][ T5283] hub 3-1:0.0: config failed, can't get hub status (err -71)
[   74.990340][ T5283] usbhid 3-1:0.0: can't add hid device: -71
[   75.026798][ T5283] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   75.109035][ T5283] usb 3-1: USB disconnect, device number 2
[   75.676646][ T5364] netlink: 288 bytes leftover after parsing attributes in process `syz.2.25'.
[   75.737358][ T5366] hfsplus: unable to find HFS+ superblock
[   75.939826][ T5372] loop1: detected capacity change from 0 to 256
[   75.996984][ T5248] Bluetooth: hci1: command tx timeout
[   76.002802][ T5248] Bluetooth: hci2: command tx timeout
[   76.078019][ T5243] Bluetooth: hci3: command tx timeout
[   76.083591][ T5243] Bluetooth: hci4: command tx timeout
[   76.091764][ T5248] Bluetooth: hci0: command tx timeout
[   76.148755][ T5380] netlink: 'syz.0.33': attribute type 1 has an invalid length.
[   76.226416][ T5382] netlink: 8 bytes leftover after parsing attributes in process `syz.0.37'.
[   76.674311][ T5398] netlink: 20 bytes leftover after parsing attributes in process `syz.1.39'.
[   76.703116][ T5398] netlink: 1 bytes leftover after parsing attributes in process `syz.1.39'.
[   76.821662][ T5404] cgroup: name respecified
[   77.448436][ T5422] tmpfs: Bad value for 'mpol'
[   77.496585][ T5393] loop0: detected capacity change from 0 to 40427
[   77.542458][ T5393] F2FS-fs (loop0): Invalid log sectors per block(3) log sectorsize(10)
[   77.579637][ T5393] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   77.641186][ T5429] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.728236][ T5393] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[   77.981023][ T5393] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   78.002722][ T5393] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   78.191655][ T5416] loop4: detected capacity change from 0 to 32768
[   78.261412][ T5416] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.46 (5416)
[   78.306937][ T5455] netlink: 16 bytes leftover after parsing attributes in process `syz.2.65'.
[   78.319076][ T5416] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   78.330061][ T5416] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[   78.338995][ T5416] BTRFS info (device loop4): using free-space-tree
[   78.771823][ T5452] loop1: detected capacity change from 0 to 32768
[   78.783539][ T5452] =======================================================
[   78.783539][ T5452] WARNING: The mand mount option has been deprecated and
[   78.783539][ T5452]          and is ignored by this kernel. Remove the mand
[   78.783539][ T5452]          option from the mount to silence this warning.
[   78.783539][ T5452] =======================================================
[   78.896296][ T5478] netlink: 76 bytes leftover after parsing attributes in process `syz.2.66'.
[   79.023699][ T5452] ERROR: (device loop1): dbAllocNext: Corrupt dmap page
[   79.023699][ T5452] 
[   79.218968][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   79.766575][ T5283] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   79.957263][ T5283] usb 3-1: Using ep0 maxpacket: 8
[   80.013841][ T5283] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.049252][ T5283] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[   80.096550][ T5283] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   80.131353][ T5283] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   80.190787][ T5283] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[   80.210509][ T5283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   80.234599][ T5283] usb 3-1: SerialNumber: syz
[   80.264833][ T5497] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   80.427177][ T5283] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[   80.475454][ T5283] usb-storage 3-1:1.0: USB Mass Storage device detected
[   80.476168][ T5488] loop3: detected capacity change from 0 to 32768
[   80.519425][ T5283] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[   80.564599][ T5283] scsi host1: usb-storage 3-1:1.0
[   80.575825][ T5488] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   80.596759][ T5488] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   80.732951][ T5488] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[   80.758748][ T5283] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   80.765833][ T5283] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   80.775599][ T5282] usb 3-1: USB disconnect, device number 3
[   80.909853][ T5283] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 144ms
[   80.935525][ T5541] sctp: [Deprecated]: syz.1.92 (pid 5541) Use of struct sctp_assoc_value in delayed_ack socket option.
[   80.935525][ T5541] Use struct sctp_sack_info instead
[   80.961965][ T5283] gfs2: fsid=syz:syz.0: jid=0: Done
[   80.982849][ T5488] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   80.985331][ T5543] loop4: detected capacity change from 0 to 1024
[   81.111310][ T5543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.138903][ T5548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.94'.
[   81.361879][ T5543] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 623: comm syz.4.93: Attempting to read directory block (623) that is past i_size (638464)
[   81.429081][ T5531] loop0: detected capacity change from 0 to 32768
[   81.453396][ T5531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.89 (5531)
[   81.604512][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.649205][ T5560] trusted_key: encrypted_key: keylen parameter is missing
[   81.868273][ T5531] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   81.879959][ T5531] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   81.888789][ T5531] BTRFS info (device loop0): using free-space-tree
[   81.935578][ T5571] netlink: 'syz.3.106': attribute type 63 has an invalid length.
[   81.943633][ T5571] netlink: 5 bytes leftover after parsing attributes in process `syz.3.106'.
[   82.139318][    T8] cfg80211: failed to load regulatory.db
[   82.437428][ T5594] xt_TCPMSS: Only works on TCP SYN packets
[   82.720797][ T5606] 9pnet_virtio: no channels available for device syz
[   82.750145][ T5608] netlink: 'syz.3.115': attribute type 1 has an invalid length.
[   82.872027][ T5614] netlink: 'syz.1.118': attribute type 11 has an invalid length.
[   82.933419][ T5231] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   83.086983][ T5619] netlink: 'syz.2.121': attribute type 1 has an invalid length.
[   83.451126][ T5604] loop4: detected capacity change from 0 to 32768
[   83.499315][ T5604] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   83.667233][ T5604] XFS (loop4): Ending clean mount
[   83.810756][ T5240] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   83.827747][ T5641] loop1: detected capacity change from 0 to 1024
[   84.286671][   T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   84.476420][   T25] usb 1-1: Using ep0 maxpacket: 8
[   84.477639][ T5623] loop3: detected capacity change from 0 to 32768
[   84.484299][   T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   84.545778][   T25] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   84.577111][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   84.587381][ T5623] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   84.596421][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   84.609358][   T25] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[   84.618578][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.629383][   T25] usb 1-1: config 0 descriptor??
[   84.639907][   T25] hso 1-1:0.0: Can't find BULK IN endpoint
[   84.825000][ T5674] loop4: detected capacity change from 0 to 1024
[   84.833848][ T5676] netlink: 'syz.2.139': attribute type 32 has an invalid length.
[   84.896225][   T25] usb 1-1: USB disconnect, device number 2
[   85.138750][ T5623] XFS (loop3): Ending clean mount
[   85.181656][ T5623] XFS (loop3): Quotacheck needed: Please wait.
[   85.191528][ T5654] loop1: detected capacity change from 0 to 32768
[   85.204836][ T5654] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.133 (5654)
[   85.253655][ T5685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.142'.
[   85.266426][ T5654] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   85.291994][ T5654] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   85.304339][ T5654] BTRFS info (device loop1): disk space caching is enabled
[   85.315670][ T5685] netlink: 20 bytes leftover after parsing attributes in process `syz.4.142'.
[   85.326704][ T5654] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   85.331719][ T5623] XFS (loop3): Quotacheck: Done.
[   85.456765][    T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   85.517624][ T5229] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   85.696490][    T8] usb 3-1: Using ep0 maxpacket: 16
[   85.704731][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   85.711394][ T5654] BTRFS info (device loop1): rebuilding free space tree
[   85.717047][    T8] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   85.786475][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[   85.802248][ T5711] netlink: 'syz.0.148': attribute type 15 has an invalid length.
[   85.804045][ T5654] BTRFS info (device loop1): disabling free space tree
[   85.826570][ T5654] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   85.833695][    T8] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   85.836937][ T5654] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   85.852076][    T8] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   85.916981][    T8] usb 3-1: Manufacturer: syz
[   85.960827][    T8] usb 3-1: config 0 descriptor??
[   86.006793][ T5715] netlink: 160 bytes leftover after parsing attributes in process `syz.3.143'.
[   86.018762][ T5715] netlink: 160 bytes leftover after parsing attributes in process `syz.3.143'.
[   86.028138][ T5715] netlink: 96 bytes leftover after parsing attributes in process `syz.3.143'.
[   86.031839][ T5717] loop0: detected capacity change from 0 to 256
[   86.185063][    T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   86.195851][ T5239] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   86.224575][    T8] usb 3-1: USB disconnect, device number 4
[   86.578062][ T5733] xt_CT: You must specify a L4 protocol and not use inversions on it
[   86.645191][ T5736] netlink: 28 bytes leftover after parsing attributes in process `syz.3.158'.
[   86.706466][ T5736] netlink: 44 bytes leftover after parsing attributes in process `syz.3.158'.
[   86.777698][ T5738] loop0: detected capacity change from 0 to 4096
[   87.022296][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   87.129750][   T29] audit: type=1326 audit(1724332813.346:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000
[   87.152313][   T29] audit: type=1326 audit(1724332813.356:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000
[   87.177179][   T29] audit: type=1326 audit(1724332813.406:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000
[   87.199681][   T29] audit: type=1326 audit(1724332813.406:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000
[   87.222162][   T29] audit: type=1326 audit(1724332813.406:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5751 comm="syz.2.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd06bf79e79 code=0x7ffc0000
[   87.228017][ T5738] ntfs3: loop0: ino=21, The size of extended attributes must not exceed 64KiB
[   87.244157][    C1] vkms_vblank_simulate: vblank timer overrun
[   87.295404][ T5748] loop1: detected capacity change from 0 to 4096
[   87.308725][ T5748] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[   87.347883][   T25] usb 5-1: Using ep0 maxpacket: 8
[   87.364229][   T25] usb 5-1: unable to get BOS descriptor or descriptor too short
[   87.374393][   T25] usb 5-1: config 0 has an invalid interface number: 125 but max is 0
[   87.401414][   T25] usb 5-1: config 0 has no interface number 0
[   87.416026][   T25] usb 5-1: config 0 interface 125 has no altsetting 0
[   87.454383][   T25] usb 5-1: string descriptor 0 read error: -22
[   87.461943][   T25] usb 5-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd
[   87.462801][ T5748] ntfs3: loop1: failed to convert "c46c" to cp863
[   87.471154][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.481887][   T25] usb 5-1: config 0 descriptor??
[   87.487569][ T5282] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   87.494518][   T25] hub 5-1:0.125: bad descriptor, ignoring hub
[   87.512054][   T25] hub 5-1:0.125: probe with driver hub failed with error -5
[   87.526120][   T25] usb 5-1: Found UVC 0.00 device <unnamed> (17dc:0202)
[   87.576705][   T25] usb 5-1: No valid video chain found.
[   87.682472][ T5761] loop0: detected capacity change from 0 to 2048
[   87.755550][ T5282] usb 4-1: Using ep0 maxpacket: 32
[   87.776851][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   87.797769][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   87.837027][ T5282] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   87.846162][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.864861][ T5282] usb 4-1: config 0 descriptor??
[   87.881924][ T5761] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.169: bad orphan inode 8192
[   87.894402][ T5282] hub 4-1:0.0: USB hub found
[   87.920069][ T5761] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.946724][   T25] usb 5-1: USB disconnect, device number 2
[   88.050498][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.122622][ T5282] hub 4-1:0.0: 1 port detected
[   88.219730][ T5776] netlink: 28 bytes leftover after parsing attributes in process `syz.1.175'.
[   88.330692][ T5282] hub 4-1:0.0: hub_hub_status failed (err = -71)
[   88.376544][ T5282] hub 4-1:0.0: config failed, can't get hub status (err -71)
[   88.426989][ T5282] usbhid 4-1:0.0: can't add hid device: -71
[   88.457506][ T5282] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[   88.560853][ T5282] usb 4-1: USB disconnect, device number 2
[   88.583935][ T5789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.182'.
[   88.604260][ T5789] netlink: 16 bytes leftover after parsing attributes in process `syz.2.182'.
[   88.776759][ T5796] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[   89.132470][ T5808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'.
[   89.172108][ T5808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'.
[   89.683374][ T5800] loop1: detected capacity change from 0 to 32768
[   89.808918][ T5834] loop3: detected capacity change from 0 to 64
[   89.881619][ T5834] hfs: unable to locate alternate MDB
[   89.916587][ T5834] hfs: continuing without an alternate MDB
[   89.995732][ T5800] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.187 (5800)
[   90.039035][ T5831] loop0: detected capacity change from 0 to 32768
[   90.139009][ T5841] loop2: detected capacity change from 0 to 1024
[   90.161849][ T5841] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   90.263969][ T5841] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.359259][ T5831] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.203 (5831)
[   90.369694][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.410384][ T5800] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   90.443565][ T5831] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.466553][ T5800] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   90.475544][ T5831] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   90.489505][ T5800] BTRFS info (device loop1): using free-space-tree
[   90.515895][ T5831] BTRFS info (device loop0): using free-space-tree
[   90.769417][ T5886] loop4: detected capacity change from 0 to 512
[   90.904738][ T5800] BTRFS info (device loop1): checking UUID tree
[   90.918183][ T5886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02d, mo2=0002]
[   90.926275][ T5886] System zones: 1-12
[   90.933979][ T5886] EXT4-fs (loop4): orphan cleanup on readonly fs
[   90.945497][ T5886] EXT4-fs error (device loop4): __ext4_iget:4982: inode #11: block 393240: comm syz.4.216: invalid block
[   90.992359][ T5886] EXT4-fs (loop4): Remounting filesystem read-only
[   91.067865][ T5886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   91.148101][ T5239] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   91.259324][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   91.261437][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.312614][ T5904] loop3: detected capacity change from 0 to 736
[   91.532269][ T5904] rock: directory entry would overflow storage
[   91.545617][ T5904] rock: sig=0x5850, size=36, remaining=14
[   91.995847][ T5923] UBIFS error (pid: 5923): cannot open "", error -22
[   92.093412][ T5930] netlink: 'syz.2.235': attribute type 21 has an invalid length.
[   92.123015][ T5930] netlink: 'syz.2.235': attribute type 6 has an invalid length.
[   92.136623][ T5930] netlink: 132 bytes leftover after parsing attributes in process `syz.2.235'.
[   92.236036][ T5936] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   93.197906][ T5973] Illegal XDP return value 4294967274 on prog  (id 13) dev N/A, expect packet loss!
[   93.249159][ T5282] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   93.294445][ T5917] loop4: detected capacity change from 0 to 32768
[   93.322127][ T5917] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   93.448243][ T5282] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   93.502823][ T5282] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[   93.544661][ T5282] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[   93.569478][ T5991] loop2: detected capacity change from 0 to 128
[   93.579559][ T5282] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.591855][ T5917] XFS (loop4): Ending clean mount
[   93.604768][ T5917] XFS (loop4): Quotacheck needed: Please wait.
[   93.629834][ T5282] usb 4-1: config 0 descriptor??
[   93.707897][ T5917] XFS (loop4): Quotacheck: Done.
[   93.883311][ T5226] sysv_free_block: flc_count > flc_size
[   93.894937][ T5226] sysv_free_block: flc_count > flc_size
[   93.897108][ T5240] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   93.904963][ T5226] sysv_free_block: flc_count > flc_size
[   93.929928][ T5226] sysv_free_block: flc_count > flc_size
[   93.936304][ T5226] sysv_free_block: flc_count > flc_size
[   93.956754][ T5226] sysv_free_block: flc_count > flc_size
[   93.962370][ T5226] sysv_free_block: flc_count > flc_size
[   93.975331][ T5226] sysv_free_block: flc_count > flc_size
[   94.000907][ T5226] sysv_free_block: flc_count > flc_size
[   94.020166][ T5226] sysv_free_block: flc_count > flc_size
[   94.046035][ T5226] sysv_free_inode: inode 0,1,2 or nonexistent inode
[   94.077665][ T5282] Bluetooth: Can't get state to change to load configuration err
[   94.099893][ T5282] Bluetooth: Loading sysconfig file failed
[   94.107344][ T5282] ath3k 4-1:0.0: probe with driver ath3k failed with error -16
[   94.126734][ T5282] usb 4-1: USB disconnect, device number 3
[   94.134112][ T5998] loop1: detected capacity change from 0 to 128
[   94.669253][ T6021] netlink: 12 bytes leftover after parsing attributes in process `syz.2.275'.
[   94.689989][ T6021] netlink: 40 bytes leftover after parsing attributes in process `syz.2.275'.
[   94.796738][ T5282] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   94.990832][ T5282] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[   95.000175][ T5281] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   95.015091][ T5282] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.038545][ T5282] usb 2-1: Product: syz
[   95.042789][ T5282] usb 2-1: Manufacturer: syz
[   95.096427][ T5282] usb 2-1: SerialNumber: syz
[   95.123928][ T6043] loop3: detected capacity change from 0 to 512
[   95.132752][ T5282] usb 2-1: config 0 descriptor??
[   95.156720][ T6043] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.241931][ T6043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   95.268242][ T6043] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.290902][ T5281] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   95.303089][ T5281] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 59391, setting to 1024
[   95.319620][ T6050] loop2: detected capacity change from 0 to 256
[   95.326053][ T5281] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99
[   95.328265][ T6050] exfat: Deprecated parameter 'utf8'
[   95.348941][ T5282] hso 2-1:0.0: Can't find BULK IN endpoint
[   95.355454][ T5282] usb-storage 2-1:0.0: USB Mass Storage device detected
[   95.363017][ T5281] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.379106][ T5281] usb 1-1: config 0 descriptor??
[   95.385399][ T6025] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   95.393313][   T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   95.409841][ T5281] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[   95.420679][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   95.429387][ T6050] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   95.533394][ T6054] netlink: 'syz.3.287': attribute type 5 has an invalid length.
[   95.541821][ T6054] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.287'.
[   95.555059][ T6050] overlay: filesystem on ./file0 not supported
[   95.575375][   T47] usb 2-1: USB disconnect, device number 2
[   95.600123][   T25] usb 5-1: Using ep0 maxpacket: 32
[   95.614836][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7
[   95.640103][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[   95.655757][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[   95.684748][   T25] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[   95.707430][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.737837][ T5281] usb 1-1: USB disconnect, device number 3
[   95.751252][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.288'.
[   95.761824][   T25] usb 5-1: Product: syz
[   95.766055][   T25] usb 5-1: Manufacturer: syz
[   95.774767][   T25] usb 5-1: SerialNumber: syz
[   95.828383][   T25] usb 5-1: config 0 descriptor??
[   96.091077][ T5281] usb 5-1: USB disconnect, device number 3
[   96.492565][ T6068] loop2: detected capacity change from 0 to 32768
[   96.566014][ T6068] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.992234][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.306'.
[   97.026845][ T6068] XFS (loop2): Ending clean mount
[   97.026853][ T6101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.306'.
[   97.072966][ T6068] XFS (loop2): Quotacheck needed: Please wait.
[   97.117965][ T6105] netlink: 292 bytes leftover after parsing attributes in process `syz.4.308'.
[   97.136547][ T6105] netlink: 144 bytes leftover after parsing attributes in process `syz.4.308'.
[   97.166140][ T6103] loop3: detected capacity change from 0 to 4096
[   97.341961][ T6068] XFS (loop2): Quotacheck: Done.
[   97.555042][ T5226] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.624975][ T6126] loop4: detected capacity change from 0 to 1024
[   97.632642][ T6126] EXT4-fs: Ignoring removed oldalloc option
[   97.642081][ T6126] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   97.670614][ T6126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.892846][ T6133] IPv6: sit1: Disabled Multicast RS
[   97.914596][ T5240] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.031945][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.3.324'.
[   99.281352][ T6166] loop1: detected capacity change from 0 to 32768
[   99.379622][ T6166] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.450865][ T6148] loop3: detected capacity change from 0 to 32768
[   99.542249][ T6195] loop0: detected capacity change from 0 to 1024
[   99.677439][ T6148] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.738843][ T6195] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.781835][ T6166] XFS (loop1): Ending clean mount
[   99.903408][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.914266][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.045862][ T6175] loop4: detected capacity change from 0 to 32768
[  100.248433][ T6148] XFS (loop3): Ending clean mount
[  100.265145][ T6148] XFS (loop3): Quotacheck needed: Please wait.
[  100.397104][ T6148] XFS (loop3): Quotacheck: Done.
[  100.538392][ T6223] loop0: detected capacity change from 0 to 1024
[  100.585279][ T6219] loop2: detected capacity change from 0 to 4096
[  100.621156][ T6219] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  100.709635][ T5229] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.724746][ T6223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.972216][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.997174][ T6237] loop1: detected capacity change from 0 to 1764
[  101.106549][ T6239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.366'.
[  101.167435][ T6239] bridge1: the hash_elasticity option has been deprecated and is always 16
[  101.368757][ T6253] loop1: detected capacity change from 0 to 256
[  101.679170][ T6252] loop2: detected capacity change from 0 to 4096
[  101.720612][ T6252] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  101.814022][   T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  101.841528][ T6252] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  101.863177][ T6269] bridge1: the hash_elasticity option has been deprecated and is always 16
[  101.879387][ T6252] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22.
[  101.896429][ T6252] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  101.996449][   T25] usb 5-1: Using ep0 maxpacket: 8
[  102.004887][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  102.045618][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  102.107999][   T25] usb 5-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  102.155536][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.197543][   T25] usb 5-1: config 0 descriptor??
[  102.228956][   T25] qmi_wwan 5-1:0.0: bogus CDC Union: master=10, slave=0
[  102.256618][   T25] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  102.435336][   T25] usb 5-1: USB disconnect, device number 4
[  102.655084][ T6295] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  103.106590][ T6281] loop0: detected capacity change from 0 to 32768
[  103.152483][ T6281] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.382 (6281)
[  103.197201][ T6281] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.226006][ T6281] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  103.257713][ T6281] BTRFS info (device loop0): using free-space-tree
[  103.500089][ T6341] loop4: detected capacity change from 0 to 512
[  103.513547][ T6341] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  103.810125][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.928833][ T6316] loop1: detected capacity change from 0 to 32768
[  103.936078][ T6316] XFS: ikeep mount option is deprecated.
[  103.965041][ T6341] EXT4-fs (loop4): failed to open journal device unknown-block(2940,205839) -6
[  104.051931][ T6341] loop4: detected capacity change from 0 to 512
[  104.059566][ T6341] EXT4-fs (loop4): unable to read superblock
[  104.165683][ T6316] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  104.308493][ T6367] netlink: 209840 bytes leftover after parsing attributes in process `syz.3.411'.
[  104.421080][ T6369] ceph: No source
[  104.491695][ T6371] QAT: failed to copy from user cfg_data.
[  104.682942][ T6316] XFS (loop1): Ending clean mount
[  105.319268][ T6316] XFS (loop1): Quotacheck needed: Please wait.
[  105.374747][ T6316] XFS (loop1): Quotacheck: Done.
[  105.624774][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  105.801271][ T6410] loop3: detected capacity change from 0 to 8
[  105.810060][ T6410] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  105.863744][ T6410] cramfs: Error -3 while decompressing!
[  105.870476][    T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  105.897087][ T6410] cramfs: ffffffff950c9788(18)->ffff88806d956000(4096)
[  105.917994][ T6410] cramfs: Error -3 while decompressing!
[  105.924371][ T6410] cramfs: ffffffff950c9788(18)->ffff88806d956000(4096)
[  106.004457][   T29] audit: type=1800 audit(1724332832.226:7): pid=6410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.431" name="file1" dev="loop3" ino=324 res=0 errno=0
[  106.076707][    T8] usb 3-1: Using ep0 maxpacket: 32
[  106.089422][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  106.120149][    T8] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[  106.143877][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.167158][    T8] usb 3-1: config 0 descriptor??
[  106.391314][    T8] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -22
[  106.635509][   T47] usb 3-1: USB disconnect, device number 5
[  106.638789][ T6435] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.443'.
[  107.040085][ T6421] infiniband syz2: set down
[  107.064748][ T6421] infiniband syz2: added ipvlan1
[  107.198898][ T6421] RDS/IB: syz2: added
[  107.215277][ T6421] smc: adding ib device syz2 with port count 1
[  107.252323][ T6421] smc:    ib device syz2 port 1 has pnetid 
[  107.271904][ T6448] loop4: detected capacity change from 0 to 4096
[  107.356172][ T6450] IPv6: Can't replace route, no match found
[  107.588520][ T6456] netlink: 'syz.3.453': attribute type 21 has an invalid length.
[  107.601660][ T6456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.453'.
[  107.694216][ T6462] netlink: 'syz.0.456': attribute type 1 has an invalid length.
[  108.307142][   T47] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  108.405365][ T6487] netlink: 'syz.2.468': attribute type 8 has an invalid length.
[  108.413672][ T6487] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.468'.
[  108.522371][ T6491] sctp: [Deprecated]: syz.2.470 (pid 6491) Use of int in max_burst socket option.
[  108.522371][ T6491] Use struct sctp_assoc_value instead
[  108.526470][   T47] usb 1-1: Using ep0 maxpacket: 32
[  108.674515][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  108.688833][   T47] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[  108.707526][   T47] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  108.726458][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  108.746467][   T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  108.756711][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  108.766656][   T47] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  108.777071][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  108.790957][   T47] usb 1-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  108.823562][   T47] usb 1-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  108.842208][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.860625][   T47] usb 1-1: Product: syz
[  108.864950][   T47] usb 1-1: Manufacturer: syz
[  108.879904][   T47] usb 1-1: SerialNumber: syz
[  108.909619][   T47] usb 1-1: config 0 descriptor??
[  108.931396][ T6496] loop4: detected capacity change from 0 to 4096
[  108.940426][ T6474] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  109.233687][   T47] cxacru 1-1:0.0: submit of read urb for cm 0x90 failed (-8)
[  109.264111][   T47] cxacru 1-1:0.0: usbatm_usb_probe: invalid endpoint 02!
[  109.296733][   T47] cxacru 1-1:0.0: probe with driver cxacru failed with error -22
[  109.339567][   T47] usb 1-1: USB disconnect, device number 4
[  109.500428][ T6501] loop3: detected capacity change from 0 to 32768
[  109.514863][ T6501] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.475 (6501)
[  109.542195][ T6501] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  109.560414][ T6501] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  109.583720][ T6501] BTRFS info (device loop3): using free-space-tree
[  109.764357][ T6524] loop1: detected capacity change from 0 to 512
[  109.800193][ T6524] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.983364][ T6524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.997143][ T6524] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.144226][ T5229] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.174121][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.658670][ T6548] loop4: detected capacity change from 0 to 1024
[  110.971240][ T2991] hfsplus: b-tree write err: -5, ino 4
[  111.126158][ T6538] loop2: detected capacity change from 0 to 32768
[  111.160096][ T6538] XFS: ikeep mount option is deprecated.
[  111.166053][ T6538] XFS: ikeep mount option is deprecated.
[  111.208783][ T6538] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.424883][ T6573] netlink: 'syz.0.497': attribute type 4 has an invalid length.
[  111.513266][ T6573] netlink: 60 bytes leftover after parsing attributes in process `syz.0.497'.
[  111.654024][ T6538] XFS (loop2): Ending clean mount
[  111.753308][ T5226] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  111.851745][ T6552] loop1: detected capacity change from 0 to 32768
[  111.996656][   T47] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  112.090315][ T6552] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.218076][   T47] usb 5-1: config 0 has an invalid interface number: 122 but max is 0
[  112.228961][   T47] usb 5-1: config 0 has no interface number 0
[  112.235124][   T47] usb 5-1: config 0 interface 122 has no altsetting 0
[  112.255450][   T47] usb 5-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67
[  112.267118][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.275751][   T47] usb 5-1: Product: syz
[  112.291728][   T47] usb 5-1: Manufacturer: syz
[  112.301946][   T47] usb 5-1: SerialNumber: syz
[  112.313140][   T47] usb 5-1: config 0 descriptor??
[  112.505070][ T6552] XFS (loop1): Ending clean mount
[  112.609929][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.726508][ T5227] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  112.768674][ T5282] usb 5-1: USB disconnect, device number 5
[  112.775046][ T5282] dvb-usb: generic DVB-USB module successfully deinitialized and disconnected.
[  112.933351][ T5227] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  112.956454][ T5227] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  112.987210][ T5227] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.006429][ T5227] usb 1-1: config 1 interface 0 has no altsetting 1
[  113.052520][ T6603] loop3: detected capacity change from 0 to 32768
[  113.082321][ T5227] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  113.092442][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.101251][ T5227] usb 1-1: Product: syz
[  113.105469][ T5227] usb 1-1: Manufacturer: syz
[  113.110222][ T5227] usb 1-1: SerialNumber: syz
[  113.129173][ T5227] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  113.136023][ T5227] cdc_ncm 1-1:1.0: bind() failure
[  113.233312][ T6603] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  113.296628][ T6608] loop2: detected capacity change from 0 to 32768
[  113.303787][ T6608] btrfs: Deprecated parameter 'usebackuproot'
[  113.310541][ T6608] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  113.323528][ T6608] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.511 (6608)
[  113.371056][ T6603] XFS (loop3): Ending clean mount
[  113.388749][ T6608] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  113.435455][   T25] usb 1-1: USB disconnect, device number 5
[  113.436821][ T6608] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  113.516976][ T6608] BTRFS info (device loop2): disk space caching is enabled
[  113.534117][ T6608] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  113.571438][ T5229] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  113.818374][   T69] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0
[  113.900913][ T6608] BTRFS error (device loop2): failed to load root extent
[  113.913508][ T6608] BTRFS warning (device loop2): try to load backup roots slot 1
[  113.947288][ T6652] kAFS: unparsable volume name
[  113.952613][ T6655] netlink: 'syz.4.522': attribute type 23 has an invalid length.
[  113.979447][ T6608] BTRFS info (device loop2 state M): disabling free space tree
[  113.987871][ T6608] BTRFS info (device loop2 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  114.023243][ T6608] BTRFS info (device loop2 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  114.275467][ T6608] BTRFS info (device loop2 state M): use  compression, level 0
[  114.287137][ T6664] netlink: 'syz.3.517': attribute type 1 has an invalid length.
[  114.294936][ T6664] nbd: couldn't find a device at index 20
[  114.618746][ T5226] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  114.944675][ T5234] Bluetooth: Unknown BR/EDR signaling command 0x11
[  114.951797][ T5234] Bluetooth: Wrong link type (-22)
[  114.960543][ T5234] Bluetooth: hci4: link tx timeout
[  114.966066][ T5234] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  115.658970][ T6717] loop3: detected capacity change from 0 to 1764
[  115.687799][ T6717] grow_buffers: requested out-of-range block 18446744072509557520 for device loop3
[  115.746528][ T6717] isofs_fill_super: bread failed, dev=loop3, iso_blknum=1547486600, block=-1199994096
[  116.180056][   T25] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  116.386453][   T25] usb 3-1: Using ep0 maxpacket: 16
[  116.399309][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.449112][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  116.532845][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  116.580594][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  116.627467][   T25] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  116.663122][   T25] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  116.686439][   T25] usb 3-1: Manufacturer: syz
[  116.697519][ T6757] loop1: detected capacity change from 0 to 2048
[  116.709495][   T25] usb 3-1: config 0 descriptor??
[  116.749333][ T6757] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  116.773081][ T6735] loop3: detected capacity change from 0 to 40427
[  116.779894][ T6757] NILFS (loop1): mounting unchecked fs
[  116.779950][ T6757] NILFS (loop1): recovery required for readonly filesystem
[  116.779967][ T6757] NILFS (loop1): write access will be enabled during recovery
[  116.846489][ T6735] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288)
[  116.861652][ T6757] NILFS (loop1): norecovery option specified, skipping roll-forward recovery
[  116.869810][ T6735] F2FS-fs (loop3): heap/no_heap options were deprecated
[  116.888845][ T5247] udevd[5247]: incorrect nilfs2 checksum on /dev/loop1
[  116.908972][ T6735] F2FS-fs (loop3): invalid crc value
[  116.923808][ T6735] F2FS-fs (loop3): Found nat_bits in checkpoint
[  116.946047][   T25] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  116.967761][   T25] usb 3-1: USB disconnect, device number 6
[  116.979231][ T6757] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state
[  117.045113][ T5243] Bluetooth: hci4: command 0x0406 tx timeout
[  117.100212][ T6735] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  117.161979][ T6735] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0
[  117.329024][ T6777] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (72)
[  117.343278][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.4.581'.
[  117.620201][ T5227] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  117.838768][ T5227] usb 1-1: Using ep0 maxpacket: 32
[  117.857410][ T5227] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  117.882661][ T5227] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  117.913673][ T5227] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  117.939678][ T5227] usb 1-1: config 1 has no interface number 0
[  117.945869][ T5227] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  118.005054][ T5227] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  118.045350][ T5227] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  118.092523][ T5227] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  118.136390][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.259416][ T5227] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  118.423496][ T6787] loop4: detected capacity change from 0 to 32768
[  118.431528][ T6787] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.586 (6787)
[  118.472012][ T5227] snd_usb_pod 1-1:1.1: cannot start listening: -90
[  118.479424][ T6787] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.495261][ T6816] bridge2: the hash_elasticity option has been deprecated and is always 16
[  118.505420][ T5227] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  118.517108][ T5227] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -90
[  118.536638][ T6787] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  118.591290][ T6787] BTRFS info (device loop4): using free-space-tree
[  118.691410][ T1853] usb 1-1: USB disconnect, device number 6
[  118.825702][ T6787] BTRFS error (device loop4): balance: invalid convert metadata profile single
[  118.850840][ T6839] netlink: 12 bytes leftover after parsing attributes in process `syz.1.601'.
[  118.938662][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  119.107514][ T6848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'.
[  119.678506][ T6874] Cannot find add_set index 0 as target
[  119.868924][ T6880] 
@�: renamed from veth0_vlan (while UP)
[  119.989787][ T6887] netlink: 84 bytes leftover after parsing attributes in process `syz.1.625'.
[  120.579337][ T6917] rdma_rxe: rxe_newlink: failed to add ipvlan1
[  120.640081][ T6923] loop0: detected capacity change from 0 to 256
[  120.723926][ T6923] FAT-fs (loop0): Directory bread(block 64) failed
[  120.734716][ T6923] FAT-fs (loop0): Directory bread(block 65) failed
[  120.748307][ T6923] FAT-fs (loop0): Directory bread(block 66) failed
[  120.754926][ T6923] FAT-fs (loop0): Directory bread(block 67) failed
[  120.761815][ T6923] FAT-fs (loop0): Directory bread(block 68) failed
[  120.772561][ T6923] FAT-fs (loop0): Directory bread(block 69) failed
[  120.779436][ T6923] FAT-fs (loop0): Directory bread(block 70) failed
[  120.786023][ T6923] FAT-fs (loop0): Directory bread(block 71) failed
[  120.792791][ T6923] FAT-fs (loop0): Directory bread(block 72) failed
[  120.799460][ T6923] FAT-fs (loop0): Directory bread(block 73) failed
[  120.972171][ T6932] loop1: detected capacity change from 0 to 1024
[  120.989389][ T6932] EXT4-fs: Ignoring removed oldalloc option
[  120.996769][ T6932] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  121.081956][ T6932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.120528][ T6932] 9pnet: Unknown protocol version 9
[  121.171440][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.226704][ T6945] netlink: 'syz.4.649': attribute type 4 has an invalid length.
[  121.234423][ T6945] netlink: 224 bytes leftover after parsing attributes in process `syz.4.649'.
[  121.465208][ T6953] ɶƣ0GCTw
�: entered promiscuous mode
[  121.722720][ T6961] rdma_rxe: rxe_newlink: failed to add ipvlan1
[  121.859317][ T6973] netlink: 12 bytes leftover after parsing attributes in process `syz.0.666'.
[  122.726050][ T6980] loop2: detected capacity change from 0 to 32768
[  122.745963][ T6980] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.667 (6980)
[  122.781933][ T6980] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  122.803689][ T6980] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  122.831326][ T6980] BTRFS info (device loop2): using free-space-tree
[  122.846579][ T5227] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  122.953950][ T7017] SET target dimension over the limit!
[  122.996540][    T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  123.072873][ T5227] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  123.091051][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.127277][ T5227] usb 1-1: Product: syz
[  123.131515][ T5227] usb 1-1: Manufacturer: syz
[  123.136151][ T5227] usb 1-1: SerialNumber: syz
[  123.139100][ T5226] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  123.196514][    T8] usb 5-1: Using ep0 maxpacket: 8
[  123.207566][ T5227] r8152-cfgselector 1-1: Unknown version 0x0000
[  123.207599][ T5227] r8152-cfgselector 1-1: config 0 descriptor??
[  123.211494][    T8] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[  123.211527][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.211552][    T8] usb 5-1: config 0 has no interface number 0
[  123.211591][    T8] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  123.211619][    T8] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  123.211651][    T8] usb 5-1: config 0 interface 52 has no altsetting 0
[  123.214093][    T8] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  123.214127][    T8] usb 5-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  123.214178][    T8] usb 5-1: Product: syz
[  123.214196][    T8] usb 5-1: SerialNumber: syz
[  123.245013][    T8] usb 5-1: config 0 descriptor??
[  123.655491][    T8] r8152-cfgselector 1-1: USB disconnect, device number 7
[  123.674913][ T1853] usb 5-1: USB disconnect, device number 6
[  123.751922][ T7034] bridge1: the hash_elasticity option has been deprecated and is always 16
[  123.897405][ T7038] loop2: detected capacity change from 0 to 512
[  123.919555][ T7038] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.936640][ T7038] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.997040][ T7038] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  124.026240][ T7038] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  124.095116][ T7038] EXT4-fs (loop2): 1 truncate cleaned up
[  124.115916][ T7038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.151343][ T7038] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.581101][ T7065] loop3: detected capacity change from 0 to 1024
[  124.612157][ T7065] EXT4-fs: Ignoring removed oldalloc option
[  124.647340][ T7065] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  124.647653][ T7068] bridge1: the hash_elasticity option has been deprecated and is always 16
[  124.738923][ T7065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.834992][ T7065] 9pnet: Unknown protocol version 9
[  124.955582][ T5229] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.105520][ T7086] loop4: detected capacity change from 0 to 32768
[  126.166123][ T7086] 
[  126.166123][ T7086]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  126.166123][ T7086] 
[  126.245127][ T7095] loop1: detected capacity change from 0 to 32768
[  126.272902][ T7095] btrfs: Deprecated parameter 'usebackuproot'
[  126.280593][ T7086] ialloc: diAlloc returned -5!
[  126.295967][ T7095] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  126.332461][ T7094] loop3: detected capacity change from 0 to 32768
[  126.339886][ T7095] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.712 (7095)
[  126.343863][ T7091] loop0: detected capacity change from 0 to 32768
[  126.384372][ T5240] 
[  126.384372][ T5240]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  126.384372][ T5240] 
[  126.426485][ T7095] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  126.430830][ T7094] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.708 (7094)
[  126.438052][ T7095] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  126.481478][ T7095] BTRFS info (device loop1): disk space caching is enabled
[  126.494567][ T7095] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  126.514960][ T5240] 
[  126.514960][ T5240]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  126.514960][ T5240] 
[  126.533818][ T7094] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  126.545810][ T7094] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  126.563255][ T7094] BTRFS info (device loop3): using free-space-tree
[  127.044605][   T11] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0
[  127.169506][ T7095] BTRFS error (device loop1): failed to load root extent
[  127.177498][ T7095] BTRFS warning (device loop1): try to load backup roots slot 1
[  127.301233][ T5229] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  127.332013][ T7095] BTRFS info (device loop1 state M): disabling free space tree
[  127.359922][ T7095] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  127.376568][ T7095] BTRFS info (device loop1 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  127.474019][ T7095] BTRFS info (device loop1 state M): use  compression, level 0
[  127.649524][ T5239] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  128.420722][ T7202] loop2: detected capacity change from 0 to 512
[  128.451566][ T7202] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  128.475387][ T7202] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  128.522566][ T7202] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  128.544286][ T7202] System zones: 0-2, 18-18, 34-34
[  128.578278][ T7202] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  128.619918][ T7202] EXT4-fs (loop2): 1 truncate cleaned up
[  128.633110][ T7202] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.669791][ T7202] EXT4-fs error (device loop2): ext4_generic_delete_entry:2678: inode #2: block 3: comm syz.2.747: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  128.703540][ T7202] EXT4-fs error (device loop2) in ext4_delete_entry:2749: Corrupt filesystem
[  128.966468][   T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  128.981468][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.038460][ T7193] loop4: detected capacity change from 0 to 32768
[  129.129328][ T7193] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.741 (7193)
[  129.190028][ T7193] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  129.203382][ T7193] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  129.213675][ T7193] BTRFS info (device loop4): using free-space-tree
[  129.278811][ T7227] loop0: detected capacity change from 0 to 512
[  129.352602][ T7213] loop1: detected capacity change from 0 to 32768
[  129.436482][   T25] usb 4-1: Using ep0 maxpacket: 16
[  129.448252][   T25] usb 4-1: config 253 has an invalid interface number: 157 but max is 3
[  129.495763][ T7227] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.755: corrupted in-inode xattr: bad e_name length
[  129.516979][   T25] usb 4-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  129.535585][ T7227] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.755: couldn't read orphan inode 15 (err -117)
[  129.556425][   T25] usb 4-1: config 253 has an invalid interface number: 213 but max is 3
[  129.570955][ T7227] EXT4-fs (loop0): mounted filesystem 00000004-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.578068][ T7249] loop2: detected capacity change from 0 to 8
[  129.584853][   T25] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  129.609283][ T7213] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  129.609382][   T25] usb 4-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  129.645719][ T7249] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  129.653614][   T25] usb 4-1: config 253 has no interface number 0
[  129.666958][ T7249] cramfs: Error -3 while decompressing!
[  129.683492][ T7249] cramfs: ffffffff950cd788(18)->ffff888058ebf000(4096)
[  129.698623][   T25] usb 4-1: config 253 has no interface number 1
[  129.705071][   T25] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  129.736875][ T5231] EXT4-fs (loop0): unmounting filesystem 00000004-0000-0000-0000-000000000000.
[  129.752746][ T7249] cramfs: Error -3 while decompressing!
[  129.760415][ T7249] cramfs: ffffffff950cd788(18)->ffff888058ebf000(4096)
[  129.768057][   T25] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  129.780275][   T29] audit: type=1800 audit(1724332856.006:8): pid=7249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.758" name="file1" dev="loop2" ino=324 res=0 errno=0
[  129.801421][   T25] usb 4-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  129.816406][   T25] usb 4-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  129.883228][   T25] usb 4-1: config 253 interface 157 has no altsetting 0
[  129.885790][ T5240] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  129.905051][   T25] usb 4-1: config 253 interface 213 has no altsetting 0
[  129.932238][ T7213] XFS (loop1): Ending clean mount
[  129.950505][   T25] usb 4-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  129.965940][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.019096][   T25] usb 4-1: Product: syz
[  130.023409][   T25] usb 4-1: Manufacturer: syz
[  130.036434][   T25] usb 4-1: SerialNumber: syz
[  130.087933][ T7213] XFS (loop1): Quotacheck needed: Please wait.
[  130.238382][ T7213] XFS (loop1): Quotacheck: Done.
[  130.295162][ T7265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.772'.
[  130.336614][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.390479][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  130.402996][   T25] usb 4-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  130.478306][   T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  130.485887][   T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  130.496621][   T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  130.551888][   T25] usb 4-1: Found UVC 0.00 device syz (0b05:1791)
[  130.606628][   T25] usb 4-1: No valid video chain found.
[  130.612704][   T25] r8712u: register rtl8712_netdev_ops to netdev_ops
[  130.681155][   T25] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  130.711391][   T25] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  130.736107][   T25] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  130.771192][   T25] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  130.826450][   T25] usb 4-1: USB disconnect, device number 4
[  130.883389][ T7277] capability: warning: `syz.2.768' uses deprecated v2 capabilities in a way that may be insecure
[  130.970535][ T7280] loop1: detected capacity change from 0 to 512
[  131.017483][ T7280] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  131.036744][ T7280] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  131.129439][ T7280] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  131.172643][ T7280] System zones: 0-2, 18-18, 34-34
[  131.262764][ T7285] loop2: detected capacity change from 0 to 1024
[  131.279883][ T7280] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  131.283896][ T7270] loop0: detected capacity change from 0 to 32768
[  131.344655][ T7270] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.765 (7270)
[  131.361811][ T7280] EXT4-fs (loop1): 1 truncate cleaned up
[  131.377091][ T7270] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  131.387604][ T7280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.401289][ T7280] EXT4-fs error (device loop1): ext4_generic_delete_entry:2678: inode #2: block 3: comm syz.1.764: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  131.433024][ T7270] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  131.442167][ T7280] EXT4-fs error (device loop1) in ext4_delete_entry:2749: Corrupt filesystem
[  131.548193][ T7270] BTRFS info (device loop0): using free-space-tree
[  131.649507][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.681570][   T11] hfsplus: b-tree write err: -5, ino 4
[  131.957568][   T25] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  132.158657][   T25] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  132.181652][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.212598][   T25] usb 4-1: config 0 descriptor??
[  132.235210][   T25] gspca_main: cpia1-2.14.0 probing 0813:0001
[  132.264996][ T5231] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  132.521244][ T7333] loop1: detected capacity change from 0 to 1024
[  132.652163][   T25] gspca_cpia1: usb_control_msg 03, error -71
[  132.676913][   T25] gspca_cpia1: usb_control_msg 01, error -71
[  132.717328][   T25] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0)
[  132.757895][   T25] usb 4-1: USB disconnect, device number 5
[  132.794476][ T1060] hfsplus: b-tree write err: -5, ino 4
[  132.820316][ T7340] loop0: detected capacity change from 0 to 256
[  132.847862][ T7340] exfat: Deprecated parameter 'namecase'
[  132.863375][ T7340] exfat: Deprecated parameter 'utf8'
[  132.916472][ T7340] exfat: Deprecated parameter 'namecase'
[  132.922228][ T7340] exfat: Deprecated parameter 'utf8'
[  132.996048][ T7340] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  133.042130][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  133.050358][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  133.125819][ T7347] netlink: 'syz.2.794': attribute type 1 has an invalid length.
[  133.171735][ T7349] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  133.370414][ T7353] loop0: detected capacity change from 0 to 2048
[  133.511201][ T7362] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.577600][ T7353] NILFS (loop0): failed to count free inodes: err=-34
[  133.867654][ T7374] kAFS: unparsable volume name
[  133.947297][ T7313] syz.4.783: vmalloc error: size 2363392, failed to allocated page array size 4616, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  133.980211][ T7313] CPU: 1 UID: 0 PID: 7313 Comm: syz.4.783 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  133.990460][ T7313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  134.000571][ T7313] Call Trace:
[  134.003895][ T7313]  <TASK>
[  134.006869][ T7313]  dump_stack_lvl+0x241/0x360
[  134.011610][ T7313]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.016860][ T7313]  ? __pfx__printk+0x10/0x10
[  134.021519][ T7313]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  134.028040][ T7313]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  134.034608][ T7313]  warn_alloc+0x278/0x410
[  134.039003][ T7313]  ? __pfx_warn_alloc+0x10/0x10
[  134.043943][ T7313]  ? vb2_vmalloc_alloc+0xf2/0x340
[  134.049025][ T7313]  ? __get_vm_area_node+0x23d/0x270
[  134.054298][ T7313]  __vmalloc_node_range_noprof+0x6a2/0x1400
[  134.060275][ T7313]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  134.066320][ T7313]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.072711][ T7313]  ? vb2_vmalloc_alloc+0xf2/0x340
[  134.077795][ T7313]  ? __get_vm_area_node+0x23d/0x270
[  134.083051][ T7313]  __vmalloc_node_range_noprof+0x5bc/0x1400
[  134.089018][ T7313]  ? vb2_vmalloc_alloc+0xf2/0x340
[  134.094132][ T7313]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.100491][ T7313]  ? __kasan_kmalloc+0x98/0xb0
[  134.105270][ T7313]  ? vb2_vmalloc_alloc+0xb5/0x340
[  134.110317][ T7313]  vmalloc_user_noprof+0x74/0x80
[  134.115275][ T7313]  ? vb2_vmalloc_alloc+0xf2/0x340
[  134.120314][ T7313]  vb2_vmalloc_alloc+0xf2/0x340
[  134.125204][ T7313]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  134.130671][ T7313]  __vb2_queue_alloc+0xa0b/0x16f0
[  134.135744][ T7313]  vb2_core_create_bufs+0x825/0x1040
[  134.141147][ T7313]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  134.146891][ T7313]  ? __pfx___might_resched+0x10/0x10
[  134.152190][ T7313]  ? vb2_set_flags_and_caps+0x2f7/0x5e0
[  134.157746][ T7313]  vb2_create_bufs+0x60e/0xdd0
[  134.162564][ T7313]  ? __pfx_vb2_create_bufs+0x10/0x10
[  134.167856][ T7313]  ? __mutex_lock+0x2ef/0xd70
[  134.172546][ T7313]  ? vb2_set_flags_and_caps+0x2f7/0x5e0
[  134.178104][ T7313]  vb2_ioctl_create_bufs+0x2ba/0x400
[  134.183497][ T7313]  v4l_create_bufs+0x18b/0x2a0
[  134.188296][ T7313]  __video_do_ioctl+0xc26/0xde0
[  134.193170][ T7313]  ? __pfx___video_do_ioctl+0x10/0x10
[  134.198737][ T7313]  ? __might_fault+0xc6/0x120
[  134.203436][ T7313]  video_usercopy+0x89b/0x1180
[  134.208226][ T7313]  ? __pfx___video_do_ioctl+0x10/0x10
[  134.213607][ T7313]  ? __pfx_video_usercopy+0x10/0x10
[  134.218863][ T7313]  ? __fget_files+0x29/0x470
[  134.223478][ T7313]  ? __fget_files+0x3f6/0x470
[  134.228442][ T7313]  ? __fget_files+0x29/0x470
[  134.233051][ T7313]  v4l2_ioctl+0x18c/0x1e0
[  134.237405][ T7313]  ? __pfx_v4l2_ioctl+0x10/0x10
[  134.242285][ T7313]  __se_sys_ioctl+0xfc/0x170
[  134.246889][ T7313]  do_syscall_64+0xf3/0x230
[  134.251427][ T7313]  ? clear_bhb_loop+0x35/0x90
[  134.256205][ T7313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.262205][ T7313] RIP: 0033:0x7f1093b79e79
[  134.266633][ T7313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.286261][ T7313] RSP: 002b:00007f1094970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.294702][ T7313] RAX: ffffffffffffffda RBX: 00007f1093d15f80 RCX: 00007f1093b79e79
[  134.302947][ T7313] RDX: 0000000020000140 RSI: 00000000c100565c RDI: 0000000000000003
[  134.310931][ T7313] RBP: 00007f1093be7916 R08: 0000000000000000 R09: 0000000000000000
[  134.318910][ T7313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.326914][ T7313] R13: 0000000000000000 R14: 00007f1093d15f80 R15: 00007ffc60c80e28
[  134.334913][ T7313]  </TASK>
[  134.352911][ T7313] Mem-Info:
[  134.356117][ T7313] active_anon:4645 inactive_anon:0 isolated_anon:0
[  134.356117][ T7313]  active_file:1570 inactive_file:38214 isolated_file:0
[  134.356117][ T7313]  unevictable:768 dirty:286 writeback:0
[  134.356117][ T7313]  slab_reclaimable:8914 slab_unreclaimable:98922
[  134.356117][ T7313]  mapped:21677 shmem:1263 pagetables:791
[  134.356117][ T7313]  sec_pagetables:0 bounce:0
[  134.356117][ T7313]  kernel_misc_reclaimable:0
[  134.356117][ T7313]  free:1348597 free_pcp:2231 free_cma:0
[  134.425743][ T7379] nvme_fabrics: missing parameter 'transport=%s'
[  134.436925][ T7379] nvme_fabrics: missing parameter 'nqn=%s'
[  134.518604][ T7390] process 'syz.3.814' launched './file0' with NULL argv: empty string added
[  134.530644][ T7313] Node 0 active_anon:18460kB inactive_anon:0kB active_file:6280kB inactive_file:152820kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:86640kB dirty:1228kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10220kB pagetables:3144kB sec_pagetables:0kB all_unreclaimable? no
[  134.574905][ T7393] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  134.669000][ T7313] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:60kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  134.772307][ T7313] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  134.926501][ T7313] lowmem_reserve[]: 0 2559 2560 0 0
[  134.931872][ T7313] Node 0 DMA32 free:1432176kB boost:0kB min:34992kB low:43740kB high:52488kB reserved_highatomic:0KB active_anon:18312kB inactive_anon:0kB active_file:6280kB inactive_file:151496kB unevictable:1536kB writepending:1228kB present:3129332kB managed:2648716kB mlocked:0kB bounce:0kB free_pcp:1128kB local_pcp:236kB free_cma:0kB
[  134.950613][ T7407] netlink: 'syz.2.824': attribute type 21 has an invalid length.
[  135.076434][ T7313] lowmem_reserve[]: 0 0 1 0 0
[  135.081538][ T7313] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  135.201407][ T7313] lowmem_reserve[]: 0 0 0 0 0
[  135.209128][ T7313] Node 1 Normal free:3956068kB boost:0kB min:54892kB low:68612kB high:82332kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:60kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  135.308041][ T7313] lowmem_reserve[]: 0 0 0 0 0
[  135.326427][ T7313] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  135.345621][ T7313] Node 0 DMA32: 5*4kB (ME) 4*8kB (UE) 152*16kB (ME) 181*32kB (UME) 132*64kB (UME) 58*128kB (UME) 30*256kB (UME) 24*512kB (UME) 18*1024kB (UM) 4*2048kB (M) 332*4096kB (UM) = 1430612kB
[  135.416156][ T7313] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  135.432588][ T7418] loop1: detected capacity change from 0 to 4096
[  135.439470][ T7313] Node 1 Normal: 3*4kB (UM) 2*8kB (UM) 7*16kB (UM) 12*32kB (UM) 6*64kB (UM) 4*128kB (UM) 8*256kB (UM) 6*512kB (UM) 5*1024kB (UM) 2*2048kB (U) 962*4096kB (M) = 3956108kB
[  135.463577][ T7313] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  135.473419][ T5227] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  135.498245][ T7313] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  135.511504][ T7313] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  135.547179][ T7313] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  135.585917][ T7313] 41597 total pagecache pages
[  135.591725][ T7313] 0 pages in swap cache
[  135.596095][ T7313] Free swap  = 124996kB
[  135.634644][ T7313] Total swap = 124996kB
[  135.639148][ T7313] 2097051 pages RAM
[  135.642985][ T7313] 0 pages HighMem/MovableOnly
[  135.649005][ T7313] 402894 pages reserved
[  135.653581][ T7313] 0 pages cma reserved
[  135.678421][ T5227] usb 3-1: Using ep0 maxpacket: 32
[  135.706237][ T5227] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  135.726728][ T5227] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  135.769894][ T5227] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  135.805666][ T5227] usb 3-1: config 1 has no interface number 0
[  135.828393][ T5227] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  135.874665][ T5227] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  135.911984][ T5227] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  135.973834][ T5227] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  135.995239][ T7437] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.838'.
[  135.996427][ T5227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.089961][ T5227] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  136.303287][ T5227] snd_usb_pod 3-1:1.1: cannot start listening: -90
[  136.310118][ T5227] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  136.317815][ T5227] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -90
[  136.545614][ T5227] usb 3-1: USB disconnect, device number 7
[  136.646255][ T5234] Bluetooth: Unknown BR/EDR signaling command 0x11
[  136.654327][ T5234] Bluetooth: Wrong link type (-22)
[  136.660947][ T5234] Bluetooth: hci2: link tx timeout
[  136.666525][ T5234] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  136.757558][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  136.765999][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  136.877153][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  136.885616][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  137.791210][ T7463] loop3: detected capacity change from 0 to 32768
[  137.807054][ T7463] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.849 (7463)
[  137.849198][ T7463] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  137.859899][ T7463] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  137.896604][ T7463] BTRFS info (device loop3): using free-space-tree
[  137.965030][ T7507] loop2: detected capacity change from 0 to 512
[  137.977066][ T7507] EXT4-fs: Ignoring removed nomblk_io_submit option
[  138.003404][ T7507] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  138.043282][ T7463] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  138.092973][ T7507] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002]
[  138.136854][ T7507] System zones: 0-2, 18-18, 34-34
[  138.201629][ T7507] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  138.282956][ T7507] EXT4-fs (loop2): 1 truncate cleaned up
[  138.300815][ T7507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.353256][ T7507] EXT4-fs error (device loop2): ext4_empty_dir:3094: inode #12: block 13: comm syz.2.867: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1
[  138.470593][ T7507] EXT4-fs (loop2): Remounting filesystem read-only
[  138.506281][ T7507] EXT4-fs warning (device loop2): ext4_empty_dir:3096: inode #12: comm syz.2.867: directory missing '.'
[  138.531557][ T7489] loop4: detected capacity change from 0 to 32768
[  138.719354][ T5226] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.728887][ T5248] Bluetooth: hci2: command 0x0406 tx timeout
[  138.753206][ T7489] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  139.268427][ T7489] XFS (loop4): Ending clean mount
[  139.808090][ T5240] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  139.880404][ T7545] loop1: detected capacity change from 0 to 32768
[  139.892142][ T7545] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.875 (7545)
[  139.918119][   T47] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  139.949898][ T7545] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  139.975684][ T7545] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  140.049756][ T7545] BTRFS info (device loop1): using free-space-tree
[  140.186723][   T47] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  140.222194][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.328256][   T47] usb 3-1: config 0 descriptor??
[  140.360910][   T47] gspca_main: cpia1-2.14.0 probing 0813:0001
[  140.597180][ T5283] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  140.601032][ T5239] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  140.828084][   T47] gspca_cpia1: usb_control_msg 03, error -71
[  140.839827][   T47] gspca_cpia1: usb_control_msg 01, error -71
[  140.848003][ T5283] usb 4-1: Using ep0 maxpacket: 32
[  140.858645][ T5283] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  140.871693][   T47] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[  140.879547][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.910473][ T5283] usb 4-1: Product: syz
[  140.915106][   T47] usb 3-1: USB disconnect, device number 8
[  140.931276][ T5283] usb 4-1: Manufacturer: syz
[  140.946262][ T5283] usb 4-1: SerialNumber: syz
[  140.974878][ T5283] usb 4-1: config 0 descriptor??
[  141.242842][ T7603] loop1: detected capacity change from 0 to 256
[  141.416534][ T5283] peak_usb 4-1:0.0 can0: unable to request usb[type=0 value=0] err=-71
[  141.441371][ T5283] peak_usb 4-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71)
[  141.548992][ T5283] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -71
[  141.577063][ T5283] usb 4-1: USB disconnect, device number 6
[  141.697674][ T7615] netlink: 'syz.2.904': attribute type 8 has an invalid length.
[  141.736489][ T5227] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  141.820940][ T7595] loop4: detected capacity change from 0 to 32768
[  141.925154][ T7595] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.938559][ T5227] usb 1-1: Using ep0 maxpacket: 16
[  141.986981][ T5227] usb 1-1: config 253 has an invalid interface number: 157 but max is 3
[  141.995501][ T5227] usb 1-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  142.007184][ T5227] usb 1-1: config 253 has an invalid interface number: 213 but max is 3
[  142.015593][ T5227] usb 1-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  142.026790][ T5227] usb 1-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  142.035980][ T5227] usb 1-1: config 253 has no interface number 0
[  142.042656][ T5227] usb 1-1: config 253 has no interface number 1
[  142.049122][ T5227] usb 1-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  142.060513][ T5227] usb 1-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  142.072635][ T5227] usb 1-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  142.084468][ T5227] usb 1-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  142.098309][ T5227] usb 1-1: config 253 interface 157 has no altsetting 0
[  142.105304][ T5227] usb 1-1: config 253 interface 213 has no altsetting 0
[  142.159616][ T5227] usb 1-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  142.168881][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.186412][ T5227] usb 1-1: Product: syz
[  142.190657][ T5227] usb 1-1: Manufacturer: syz
[  142.195293][ T5227] usb 1-1: SerialNumber: syz
[  142.266661][    T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  142.388759][ T7595] XFS (loop4): Ending clean mount
[  142.419712][ T7595] XFS (loop4): Quotacheck needed: Please wait.
[  142.431328][ T5227] r8712u: register rtl8712_netdev_ops to netdev_ops
[  142.439483][ T5227] usb 1-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  142.460240][ T5227] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed
[  142.480677][ T5227] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  142.494135][ T7595] XFS (loop4): Quotacheck: Done.
[  142.499344][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  142.511283][ T5227] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  142.519479][    T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  142.539890][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.560173][ T5227] usb 1-1: Found UVC 0.00 device syz (0b05:1791)
[  142.578233][    T8] usb 2-1: config 0 descriptor??
[  142.584764][ T5227] usb 1-1: No valid video chain found.
[  142.600377][ T5240] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.606038][ T5227] r8712u: register rtl8712_netdev_ops to netdev_ops
[  142.609971][ T7641] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  142.643469][ T5227] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  142.714142][ T5227] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed
[  142.746507][ T5227] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  142.754130][ T5227] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  142.841238][    T8] ath6kl: Failed to submit usb control message: -71
[  142.872496][    T8] ath6kl: unable to send the bmi data to the device: -71
[  142.880294][    T8] ath6kl: Unable to send get target info: -71
[  142.909777][    T8] ath6kl: Failed to init ath6kl core: -71
[  142.916739][    T8] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  142.933673][ T5227] usb 1-1: USB disconnect, device number 8
[  142.944875][    T8] usb 2-1: USB disconnect, device number 3
[  143.303791][ T7663] netlink: 'syz.0.922': attribute type 1 has an invalid length.
[  143.466800][ T5283] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  143.661461][ T5283] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  143.678442][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.724666][ T5283] usb 5-1: config 0 descriptor??
[  143.739052][ T5283] gspca_main: cpia1-2.14.0 probing 0813:0001
[  143.936665][ T5227] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  144.046460][    T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  144.146582][ T5227] usb 1-1: Using ep0 maxpacket: 32
[  144.154445][ T5227] usb 1-1: config 0 has an invalid interface descriptor of length 3, skipping
[  144.160259][ T5283] gspca_cpia1: usb_control_msg 03, error -71
[  144.171414][ T5227] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.179561][ T5283] gspca_cpia1: usb_control_msg 01, error -71
[  144.193866][ T5227] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  144.199322][ T5283] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  144.225178][ T5227] usb 1-1: New USB device found, idVendor=110a, idProduct=1653, bcdDevice=c0.7b
[  144.232922][ T5283] usb 5-1: USB disconnect, device number 7
[  144.246644][    T8] usb 2-1: Using ep0 maxpacket: 16
[  144.268373][    T8] usb 2-1: config 253 has an invalid interface number: 157 but max is 3
[  144.282785][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.296478][    T8] usb 2-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  144.313758][ T5227] usb 1-1: config 0 descriptor??
[  144.329775][    T8] usb 2-1: config 253 has an invalid interface number: 213 but max is 3
[  144.356734][    T8] usb 2-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  144.369158][    T8] usb 2-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  144.385534][    T8] usb 2-1: config 253 has no interface number 0
[  144.392763][    T8] usb 2-1: config 253 has no interface number 1
[  144.404634][    T8] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  144.416429][   T47] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  144.419477][    T8] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  144.431534][ T7690] dvmrp0: entered allmulticast mode
[  144.441649][    T8] usb 2-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  144.460642][    T8] usb 2-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  144.501331][    T8] usb 2-1: config 253 interface 157 has no altsetting 0
[  144.514154][    T8] usb 2-1: config 253 interface 213 has no altsetting 0
[  144.541458][    T8] usb 2-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  144.551027][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.581630][    T8] usb 2-1: Product: syz
[  144.585867][    T8] usb 2-1: Manufacturer: syz
[  144.599650][ T5282] usb 1-1: USB disconnect, device number 9
[  144.614720][    T8] usb 2-1: SerialNumber: syz
[  144.646405][   T47] usb 4-1: Using ep0 maxpacket: 16
[  144.662626][   T47] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  144.677223][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.685292][   T47] usb 4-1: Product: syz
[  144.689881][   T47] usb 4-1: Manufacturer: syz
[  144.694539][   T47] usb 4-1: SerialNumber: syz
[  144.703896][   T47] usb 4-1: config 0 descriptor??
[  144.722013][   T47] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  144.810431][ T7697] netlink: 199356 bytes leftover after parsing attributes in process `syz.2.939'.
[  144.929916][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[  144.945406][    T8] usb 2-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  144.954440][    T8] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  144.967442][    T8] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  144.974972][    T8] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  145.010200][    T8] usb 2-1: Found UVC 0.00 device syz (0b05:1791)
[  145.019027][    T8] usb 2-1: No valid video chain found.
[  145.025082][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[  145.035421][    T8] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  145.050085][ T7698] loop4: detected capacity change from 0 to 8192
[  145.059568][    T8] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  145.066227][    T8] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  145.080365][    T8] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  145.082201][ T7698] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  145.096775][    T8] usb 2-1: USB disconnect, device number 4
[  145.141353][   T47] usb 4-1: clie_3_5_startup: get interface number failed: -71
[  145.154643][   T47] visor 4-1:0.0: probe with driver visor failed with error -71
[  145.195875][   T47] usb 4-1: USB disconnect, device number 7
[  145.437101][ T7707] netlink: 'syz.4.944': attribute type 10 has an invalid length.
[  145.452667][ T7707] netlink: 40 bytes leftover after parsing attributes in process `syz.4.944'.
[  145.469129][ T7707] team0: entered promiscuous mode
[  145.513044][ T7707] team_slave_0: entered promiscuous mode
[  145.536748][ T7707] team_slave_1: entered promiscuous mode
[  145.557067][ T7707] team0: entered allmulticast mode
[  145.572747][ T7707] team_slave_0: entered allmulticast mode
[  145.606596][ T7707] team_slave_1: entered allmulticast mode
[  145.619040][ T7707] bridge0: port 3(team0) entered blocking state
[  145.634445][ T7707] bridge0: port 3(team0) entered disabled state
[  145.657009][ T7707] bridge0: port 3(team0) entered blocking state
[  145.663714][ T7707] bridge0: port 3(team0) entered forwarding state
[  146.137212][ T7736] netlink: 'syz.2.957': attribute type 3 has an invalid length.
[  146.176486][ T7736] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.957'.
[  146.384879][ T7748] loop1: detected capacity change from 0 to 512
[  146.418006][ T7748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  146.489456][ T7748] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  146.634029][ T7748] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a85ec028, mo2=0002]
[  146.645362][ T7764] netlink: 16 bytes leftover after parsing attributes in process `syz.3.972'.
[  146.664232][ T7748] System zones: 0-2, 18-18, 34-34
[  146.717305][ T7748] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  146.760376][ T7748] EXT4-fs (loop1): 1 truncate cleaned up
[  146.770101][ T7748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.845449][ T7748] EXT4-fs error (device loop1): ext4_empty_dir:3094: inode #12: block 13: comm syz.1.964: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1
[  146.865238][ T1853] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  146.908772][ T7748] EXT4-fs (loop1): Remounting filesystem read-only
[  146.916081][ T7748] EXT4-fs warning (device loop1): ext4_empty_dir:3096: inode #12: comm syz.1.964: directory missing '.'
[  147.001829][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.068505][ T1853] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  147.101962][ T1853] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  147.136470][ T1853] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  147.163820][ T1853] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  147.197772][ T1853] usb 5-1: config 1 interface 1 has no altsetting 0
[  147.208974][ T1853] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  147.236566][ T1853] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.244646][ T1853] usb 5-1: Product: syz
[  147.274147][ T1853] usb 5-1: Manufacturer: syz
[  147.281447][ T1853] usb 5-1: SerialNumber: syz
[  147.549875][ T1853] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  147.567061][ T1853] usb 5-1: MIDIStreaming interface descriptor not found
[  147.685851][ T1853] usb 5-1: USB disconnect, device number 8
[  147.912832][ T7804] loop3: detected capacity change from 0 to 256
[  147.955158][ T7781] loop0: detected capacity change from 0 to 32768
[  147.969239][ T7781] btrfs: Deprecated parameter 'usebackuproot'
[  147.975383][ T7781] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  147.990881][ T7781] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.988 (7781)
[  148.056529][ T7781] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  148.101944][ T7781] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  148.167299][ T7781] BTRFS info (device loop0): disk space caching is enabled
[  148.174577][ T7781] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  148.382810][ T1121] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0
[  148.473418][ T7781] BTRFS error (device loop0): failed to load root extent
[  148.481824][ T7781] BTRFS warning (device loop0): try to load backup roots slot 1
[  148.627691][ T7781] BTRFS info (device loop0 state M): disabling free space tree
[  148.632017][ T7846] netlink: 'syz.2.1001': attribute type 11 has an invalid length.
[  148.635746][ T7781] BTRFS info (device loop0 state M): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  148.653821][ T7781] BTRFS info (device loop0 state M): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  148.700163][ T7781] BTRFS info (device loop0 state M): use  compression, level 0
[  148.777033][ T5227] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  148.856695][ T5231] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  149.075543][ T5227] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  149.091415][ T5227] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  149.116083][ T5227] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  149.126170][ T5227] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  149.147185][ T5227] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  149.157101][ T5227] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.259729][   T29] audit: type=1326 audit(1724332875.476:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000
[  149.290574][ T5227] usb 4-1: config 0 descriptor??
[  149.386476][   T29] audit: type=1326 audit(1724332875.486:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000
[  149.523939][   T29] audit: type=1326 audit(1724332875.486:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000
[  149.651307][   T29] audit: type=1326 audit(1724332875.486:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000
[  149.668940][ T5227] hdpvr 4-1:0.0: firmware version 0x15 dated m�ҝR(	ry|��A3j��e{��)�7}-S��8N������
[  149.721170][   T29] audit: type=1326 audit(1724332875.486:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7864 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b3579e79 code=0x7ffc0000
[  149.777871][ T7886] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  149.783912][   T47] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  149.869814][ T5227] hdpvr 4-1:0.0: device init failed
[  149.883247][ T5227] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  149.920369][ T5227] usb 4-1: USB disconnect, device number 8
[  149.966530][   T47] usb 5-1: Using ep0 maxpacket: 16
[  149.978180][   T47] usb 5-1: config 253 has an invalid interface number: 157 but max is 3
[  150.001787][   T47] usb 5-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  150.026502][   T47] usb 5-1: config 253 has an invalid interface number: 213 but max is 3
[  150.035260][ T7892] loop0: detected capacity change from 0 to 512
[  150.045558][   T47] usb 5-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  150.066751][   T47] usb 5-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  150.086519][ T7892] EXT4-fs (loop0): Test dummy encryption mode enabled
[  150.097168][   T47] usb 5-1: config 253 has no interface number 0
[  150.113825][   T47] usb 5-1: config 253 has no interface number 1
[  150.124003][   T47] usb 5-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  150.125278][ T7892] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  150.135631][   T47] usb 5-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  150.154822][   T47] usb 5-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  150.166703][   T47] usb 5-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  150.180149][   T47] usb 5-1: config 253 interface 157 has no altsetting 0
[  150.187259][   T47] usb 5-1: config 253 interface 213 has no altsetting 0
[  150.196832][   T47] usb 5-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  150.209912][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.218254][   T47] usb 5-1: Product: syz
[  150.224988][   T47] usb 5-1: Manufacturer: syz
[  150.230096][ T7892] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.1024: attempt to clear invalid blocks 2 len 1
[  150.243072][   T47] usb 5-1: SerialNumber: syz
[  150.300637][ T7892] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  150.433060][ T7871] loop1: detected capacity change from 0 to 32768
[  150.443733][ T7892] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1024: invalid indirect mapped block 1819239214 (level 0)
[  150.468890][   T47] r8712u: register rtl8712_netdev_ops to netdev_ops
[  150.475522][   T47] usb 5-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  150.500816][ T7892] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1024: invalid indirect mapped block 1819239214 (level 1)
[  150.536634][   T47] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[  150.543294][   T47] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  150.551209][   T47] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  150.554825][ T7892] EXT4-fs (loop0): 1 truncate cleaned up
[  150.568741][ T7892] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.606771][ T7904] loop2: detected capacity change from 0 to 4096
[  150.626793][ T7871] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.651650][ T7904] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  150.673415][   T47] usb 5-1: Found UVC 0.00 device syz (0b05:1791)
[  150.679919][   T47] usb 5-1: No valid video chain found.
[  150.686030][   T47] r8712u: register rtl8712_netdev_ops to netdev_ops
[  150.693010][   T47] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  150.703687][   T47] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[  150.710724][   T47] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  150.719024][   T47] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  150.742764][   T47] usb 5-1: USB disconnect, device number 9
[  150.744495][ T7904] ntfs3: loop2: failed to convert "c46c" to maccyrillic
[  150.793034][ T7911] loop3: detected capacity change from 0 to 128
[  150.802073][ T7892] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  150.832503][ T7871] XFS (loop1): Ending clean mount
[  150.872210][ T7911] befs: (loop3): invalid magic header
[  150.949180][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.001635][ T5239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.105542][ T7916] netlink: 'syz.3.1032': attribute type 10 has an invalid length.
[  151.125573][ T7916] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1032'.
[  151.137025][ T7916] team0: entered promiscuous mode
[  151.150674][ T7916] team_slave_0: entered promiscuous mode
[  151.166124][ T7916] team_slave_1: entered promiscuous mode
[  151.202700][ T7916] team0: entered allmulticast mode
[  151.215466][ T7916] team_slave_0: entered allmulticast mode
[  151.241542][ T7916] team_slave_1: entered allmulticast mode
[  151.287016][ T7916] bridge0: port 3(team0) entered blocking state
[  151.304862][ T7916] bridge0: port 3(team0) entered disabled state
[  151.342907][ T7916] bridge0: port 3(team0) entered blocking state
[  151.349440][ T7916] bridge0: port 3(team0) entered forwarding state
[  151.846509][ T5282] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  152.032326][ T7957] netlink: 'syz.2.1051': attribute type 10 has an invalid length.
[  152.040664][ T7957] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1051'.
[  152.050438][ T5282] usb 2-1: Using ep0 maxpacket: 16
[  152.057722][ T5282] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  152.068387][ T5282] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.080216][ T7957] team0: entered promiscuous mode
[  152.085354][ T5282] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  152.097603][ T7957] team_slave_0: entered promiscuous mode
[  152.105641][ T5282] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  152.120326][ T5227] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  152.124061][ T7959] ip6t_srh: unknown srh invflags 7D00
[  152.129453][ T7957] team_slave_1: entered promiscuous mode
[  152.142101][ T7957] team0: entered allmulticast mode
[  152.147840][ T7957] team_slave_0: entered allmulticast mode
[  152.154401][ T7957] team_slave_1: entered allmulticast mode
[  152.154807][ T5282] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  152.170692][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  152.179240][ T5282] usb 2-1: SerialNumber: syz
[  152.179678][ T7957] bridge0: port 3(team0) entered blocking state
[  152.190877][ T7957] bridge0: port 3(team0) entered disabled state
[  152.225878][ T7957] bridge0: port 3(team0) entered blocking state
[  152.232442][ T7957] bridge0: port 3(team0) entered forwarding state
[  152.319385][ T5227] usb 1-1: Using ep0 maxpacket: 16
[  152.342971][ T5227] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  152.360920][ T5227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.373476][ T5227] usb 1-1: Product: syz
[  152.381602][ T5227] usb 1-1: Manufacturer: syz
[  152.389077][ T5227] usb 1-1: SerialNumber: syz
[  152.429227][ T5227] usb 1-1: config 0 descriptor??
[  152.437432][ T5282] usb 2-1: USB disconnect, device number 5
[  152.461783][ T5227] visor 1-1:0.0: Sony Clie 3.5 converter detected
[  152.647384][ T7973] netlink: 'syz.2.1058': attribute type 4 has an invalid length.
[  152.869579][ T5227] usb 1-1: clie_3_5_startup: get interface number failed: -71
[  152.877864][ T5227] visor 1-1:0.0: probe with driver visor failed with error -71
[  152.893743][ T5227] usb 1-1: USB disconnect, device number 10
[  153.034958][ T7985] netlink: 'syz.3.1065': attribute type 1 has an invalid length.
[  153.116577][ T5283] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  153.308622][ T5283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  153.321818][ T5283] usb 5-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f
[  153.337933][ T7998] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  153.344027][ T7993] loop1: detected capacity change from 0 to 4096
[  153.346589][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.357643][ T7993] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  153.366509][ T7998] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  153.401931][ T5283] usb 5-1: config 0 descriptor??
[  153.468429][ T5283] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22
[  153.477707][ T5283] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[  153.485576][ T5283] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[  153.492381][ T5283] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22
[  153.589759][ T8004] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1075'.
[  153.599157][ T8004] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1075'.
[  153.771871][ T7993] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  153.805585][ T5283] usb 5-1: USB disconnect, device number 10
[  154.183428][ T8028] loop0: detected capacity change from 0 to 512
[  154.198096][ T8028] EXT4-fs (loop0): DAX unsupported by block device.
[  154.352651][ T8033] netlink: 260 bytes leftover after parsing attributes in process `syz.1.1087'.
[  154.436410][ T5283] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  154.600051][ T8031] loop3: detected capacity change from 0 to 8192
[  154.619694][ T8031] REISERFS warning (device loop3): super-6513 reiserfs_parse_options: quotafile must be on filesystem root.
[  154.659916][ T5283] usb 3-1: Using ep0 maxpacket: 16
[  154.692453][ T5283] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  154.712807][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.746379][ T5283] usb 3-1: Product: syz
[  154.771092][ T5283] usb 3-1: Manufacturer: syz
[  154.775762][ T5283] usb 3-1: SerialNumber: syz
[  154.795841][ T5283] usb 3-1: config 0 descriptor??
[  154.818880][ T5283] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  155.138189][ T8028] loop0: detected capacity change from 0 to 32768
[  155.226993][ T5283] usb 3-1: clie_3_5_startup: get interface number failed: -71
[  155.244870][ T5283] visor 3-1:0.0: probe with driver visor failed with error -71
[  155.249020][ T8028] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section errors: entry with count 0 (id clean_but_journal_not_empty)
[  155.249020][ T8028] errors (size 64):
[  155.249020][ T8028] clean_but_journal_not_empty     0               0
[  155.249020][ T8028] (unknown error 25442)           133476496583272 12315680807489264408
[  155.249020][ T8028] (unknown error 55044)           248102311844487 202532834100012515
[  155.249020][ T8028] 
[  155.256513][   T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  155.317972][ T8028] bcachefs: bch2_fs_get_tree() error: invalid_sb_errors
[  155.320819][ T5283] usb 3-1: USB disconnect, device number 9
[  155.599238][   T25] usb 2-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb
[  155.617319][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.674373][   T25] usb 2-1: config 0 descriptor??
[  155.709879][   T25] gspca_main: spca505-2.14.0 probing 0733:0430
[  155.787612][ T8046] loop4: detected capacity change from 0 to 40427
[  155.809758][ T8046] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  155.845125][ T8046] F2FS-fs (loop4): Found nat_bits in checkpoint
[  155.896963][ T8050] loop3: detected capacity change from 0 to 32768
[  156.033435][ T8058] loop0: detected capacity change from 0 to 16
[  156.073380][ T8046] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  156.079809][ T8058] erofs: (device loop0): mounted with root inode @ nid 36.
[  156.144065][ T8058] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  156.159051][   T25] gspca_spca505: reg write: error -71
[  156.164537][   T25] spca505 2-1:0.0: probe with driver spca505 failed with error -5
[  156.185198][   T25] usb 2-1: USB disconnect, device number 6
[  156.205406][ T8058] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851]
[  156.227916][ T8058] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  156.886862][ T8081] binder: 8079:8081 ioctl c018620c 200013c0 returned -22
[  157.001870][ T8087] netlink: 'syz.0.1113': attribute type 21 has an invalid length.
[  157.043276][ T8087] IPv6: NLM_F_CREATE should be specified when creating new route
[  157.091572][ T8087] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  157.098931][ T8087] IPv6: NLM_F_CREATE should be set when creating new route
[  157.106240][ T8087] IPv6: NLM_F_CREATE should be set when creating new route
[  157.113555][ T8087] IPv6: NLM_F_CREATE should be set when creating new route
[  157.202545][ T8092] netlink: 'syz.1.1116': attribute type 1 has an invalid length.
[  157.672670][ T8114] netlink: 'syz.4.1126': attribute type 32 has an invalid length.
[  157.832006][ T8120] loop2: detected capacity change from 0 to 2048
[  157.935895][ T8120] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  157.964095][ T8128] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1133'.
[  157.997215][ T8128] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1133'.
[  158.056496][ T8128] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1133'.
[  158.277454][ T8142] netlink: 'syz.0.1140': attribute type 7 has an invalid length.
[  158.311060][ T8142] netlink: 'syz.0.1140': attribute type 8 has an invalid length.
[  158.329927][ T8144] tmpfs: Bad value for 'mpol'
[  158.985220][ T8180] loop1: detected capacity change from 0 to 256
[  159.038805][   T47] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  159.099218][ T8180] FAT-fs (loop1): Directory bread(block 64) failed
[  159.117031][ T8180] FAT-fs (loop1): Directory bread(block 65) failed
[  159.126916][ T8180] FAT-fs (loop1): Directory bread(block 66) failed
[  159.148058][ T8180] FAT-fs (loop1): Directory bread(block 67) failed
[  159.186527][ T8180] FAT-fs (loop1): Directory bread(block 68) failed
[  159.195195][ T8180] FAT-fs (loop1): Directory bread(block 69) failed
[  159.221868][ T8180] FAT-fs (loop1): Directory bread(block 70) failed
[  159.226461][   T47] usb 1-1: Using ep0 maxpacket: 8
[  159.255230][   T47] usb 1-1: New USB device found, idVendor=0c45, idProduct=628e, bcdDevice=e0.4e
[  159.256444][ T8180] FAT-fs (loop1): Directory bread(block 71) failed
[  159.264895][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.284372][ T8180] FAT-fs (loop1): Directory bread(block 72) failed
[  159.304624][   T47] usb 1-1: Product: syz
[  159.307188][ T8180] FAT-fs (loop1): Directory bread(block 73) failed
[  159.323492][   T47] usb 1-1: Manufacturer: syz
[  159.329786][   T47] usb 1-1: SerialNumber: syz
[  159.353346][   T47] usb 1-1: config 0 descriptor??
[  159.390435][   T47] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:628e
[  159.487285][ T8199] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1168'.
[  159.837901][   T47] gspca_sn9c20x: Write register 1001 failed -71
[  159.844232][   T47] gspca_sn9c20x: Device initialization failed
[  159.875906][   T47] gspca_sn9c20x 1-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[  159.918007][   T47] usb 1-1: USB disconnect, device number 11
[  160.024033][ T8220] netlink: 'syz.2.1178': attribute type 1 has an invalid length.
[  160.026173][ T8224] loop1: detected capacity change from 0 to 512
[  160.079589][ T8220] netlink: 'syz.2.1178': attribute type 3 has an invalid length.
[  160.093271][ T8220] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1178'.
[  160.104885][ T8220] NCSI netlink: No device for ifindex 0
[  160.114202][ T8224] EXT4-fs (loop1): Test dummy encryption mode enabled
[  160.187520][ T8224] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  160.303831][ T8224] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1179: attempt to clear invalid blocks 2 len 1
[  160.307666][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1186'.
[  160.347688][ T8224] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  160.385065][ T8224] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1179: invalid indirect mapped block 1819239214 (level 0)
[  160.471337][ T8224] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1179: invalid indirect mapped block 1819239214 (level 1)
[  160.508351][ T8244] loop4: detected capacity change from 0 to 256
[  160.543110][ T8224] EXT4-fs (loop1): 1 truncate cleaned up
[  160.550667][ T8224] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.674001][ T8224] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  160.678880][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1191'.
[  160.694278][ T8244] FAT-fs (loop4): Directory bread(block 64) failed
[  160.708563][ T8244] FAT-fs (loop4): Directory bread(block 65) failed
[  160.715591][ T8244] FAT-fs (loop4): Directory bread(block 66) failed
[  160.737961][ T8244] FAT-fs (loop4): Directory bread(block 67) failed
[  160.755214][ T8244] FAT-fs (loop4): Directory bread(block 68) failed
[  160.766445][ T8244] FAT-fs (loop4): Directory bread(block 69) failed
[  160.794697][ T5239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.833767][ T8244] FAT-fs (loop4): Directory bread(block 70) failed
[  160.847086][ T8244] FAT-fs (loop4): Directory bread(block 71) failed
[  160.853756][ T8244] FAT-fs (loop4): Directory bread(block 72) failed
[  160.893956][ T8244] FAT-fs (loop4): Directory bread(block 73) failed
[  160.985867][ T8261] tmpfs: Bad value for 'mpol'
[  161.238596][ T8270] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1201'.
[  161.274152][ T8270] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1201'.
[  161.327146][ T8275] netlink: 'syz.3.1204': attribute type 7 has an invalid length.
[  161.828791][ T8301] loop2: detected capacity change from 0 to 4096
[  161.867253][ T8301] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  161.907146][ T8305] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1218'.
[  161.929330][ T8305] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  161.967609][ T8307] netlink: 'syz.3.1219': attribute type 2 has an invalid length.
[  162.027087][ T8312] xt_hashlimit: invalid rate
[  162.122012][ T8301] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  162.527548][ T8331] loop0: detected capacity change from 0 to 64
[  162.849873][ T8345] netlink: 'syz.4.1238': attribute type 6 has an invalid length.
[  163.087890][ T8355] __nla_validate_parse: 2 callbacks suppressed
[  163.087914][ T8355] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1242'.
[  163.151042][ T8359] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1245'.
[  163.174801][ T8358] cgroup: name respecified
[  163.228467][ T8361] IPv6: sit1: Disabled Multicast RS
[  163.644620][ T8377] loop2: detected capacity change from 0 to 256
[  163.720643][ T8377] FAT-fs (loop2): Directory bread(block 64) failed
[  163.758698][ T8377] FAT-fs (loop2): Directory bread(block 65) failed
[  163.765398][ T8377] FAT-fs (loop2): Directory bread(block 66) failed
[  163.794059][ T8381] netlink: 'syz.0.1256': attribute type 1 has an invalid length.
[  163.831482][ T8377] FAT-fs (loop2): Directory bread(block 67) failed
[  163.841182][ T8381] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.1256'.
[  163.841960][ T8383] netlink: 'syz.4.1257': attribute type 3 has an invalid length.
[  163.857155][ T8377] FAT-fs (loop2): Directory bread(block 68) failed
[  163.866057][ T8381] nbd: couldn't find device at index 131082
[  163.886094][ T8383] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.1257'.
[  163.891431][ T8377] FAT-fs (loop2): Directory bread(block 69) failed
[  163.915801][ T8377] FAT-fs (loop2): Directory bread(block 70) failed
[  163.940749][ T8377] FAT-fs (loop2): Directory bread(block 71) failed
[  163.966931][ T8377] FAT-fs (loop2): Directory bread(block 72) failed
[  163.983887][ T8377] FAT-fs (loop2): Directory bread(block 73) failed
[  164.004477][ T8335] loop3: detected capacity change from 0 to 40427
[  164.174580][ T8335] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  164.213709][ T8335] F2FS-fs (loop3): Found nat_bits in checkpoint
[  164.249920][ T8400] netlink: 'syz.1.1264': attribute type 2 has an invalid length.
[  164.371624][ T8335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  164.421743][ T8407] loop0: detected capacity change from 0 to 256
[  164.670807][ T8407] FAT-fs (loop0): Directory bread(block 64) failed
[  164.697274][ T8407] FAT-fs (loop0): Directory bread(block 65) failed
[  164.720534][ T8407] FAT-fs (loop0): Directory bread(block 66) failed
[  164.753293][ T8407] FAT-fs (loop0): Directory bread(block 67) failed
[  164.773085][ T8407] FAT-fs (loop0): Directory bread(block 68) failed
[  164.779956][ T8407] FAT-fs (loop0): Directory bread(block 69) failed
[  164.787907][ T8407] FAT-fs (loop0): Directory bread(block 70) failed
[  164.794491][ T8407] FAT-fs (loop0): Directory bread(block 71) failed
[  164.801903][ T8407] FAT-fs (loop0): Directory bread(block 72) failed
[  164.811004][ T8407] FAT-fs (loop0): Directory bread(block 73) failed
[  165.652429][ T8449] loop4: detected capacity change from 0 to 64
[  165.832466][ T8415] loop2: detected capacity change from 0 to 32768
[  165.852334][ T8455] loop3: detected capacity change from 0 to 8
[  165.870726][ T8415] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1268 (8415)
[  165.954378][ T8455] ==================================================================
[  165.962508][ T8455] BUG: KASAN: slab-use-after-free in squashfs_readahead+0x210c/0x2680
[  165.970721][ T8455] Read of size 4 at addr ffff88801ffef4c0 by task syz.3.1291/8455
[  165.978614][ T8455] 
[  165.980953][ T8455] CPU: 0 UID: 0 PID: 8455 Comm: syz.3.1291 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  165.991229][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  166.001300][ T8455] Call Trace:
[  166.004640][ T8455]  <TASK>
[  166.007581][ T8455]  dump_stack_lvl+0x241/0x360
[  166.012292][ T8455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.017505][ T8455]  ? __pfx__printk+0x10/0x10
[  166.022106][ T8455]  ? _printk+0xd5/0x120
[  166.026271][ T8455]  ? __virt_addr_valid+0x183/0x530
[  166.031395][ T8455]  ? __virt_addr_valid+0x183/0x530
[  166.036520][ T8455]  print_report+0x169/0x550
[  166.041052][ T8455]  ? __virt_addr_valid+0x183/0x530
[  166.046169][ T8455]  ? __virt_addr_valid+0x183/0x530
[  166.051372][ T8455]  ? __virt_addr_valid+0x45f/0x530
[  166.056497][ T8455]  ? __phys_addr+0xba/0x170
[  166.061010][ T8455]  ? squashfs_readahead+0x210c/0x2680
[  166.066405][ T8455]  kasan_report+0x143/0x180
[  166.070928][ T8455]  ? squashfs_readahead+0x210c/0x2680
[  166.076324][ T8455]  squashfs_readahead+0x210c/0x2680
[  166.081550][ T8455]  ? squashfs_readahead+0x6f0/0x2680
[  166.086850][ T8455]  ? __pfx_squashfs_readahead+0x10/0x10
[  166.092423][ T8455]  ? blk_start_plug+0x70/0x1b0
[  166.097201][ T8455]  read_pages+0x17e/0x840
[  166.101539][ T8455]  ? percpu_ref_put+0x19/0x180
[  166.106322][ T8455]  ? __pfx_read_pages+0x10/0x10
[  166.111215][ T8455]  ? filemap_add_folio+0x26d/0x650
[  166.116339][ T8455]  ? __pfx_filemap_add_folio+0x10/0x10
[  166.121815][ T8455]  page_cache_ra_unbounded+0x6ce/0x7f0
[  166.127461][ T8455]  filemap_get_pages+0x543/0x2330
[  166.132516][ T8455]  ? __pfx_filemap_get_pages+0x10/0x10
[  166.137999][ T8455]  ? __pfx___might_resched+0x10/0x10
[  166.143393][ T8455]  ? unwind_next_frame+0x18e6/0x22d0
[  166.148698][ T8455]  filemap_read+0x457/0xfa0
[  166.153213][ T8455]  ? 0xffffffffa00038c0
[  166.157382][ T8455]  ? __pfx_filemap_read+0x10/0x10
[  166.162428][ T8455]  ? iov_iter_kvec+0x4e/0x180
[  166.167121][ T8455]  __kernel_read+0x532/0x9f0
[  166.171722][ T8455]  ? do_sys_openat2+0x13e/0x1d0
[  166.176589][ T8455]  ? __x64_sys_openat+0x247/0x2a0
[  166.181632][ T8455]  ? __pfx___kernel_read+0x10/0x10
[  166.186780][ T8455]  integrity_kernel_read+0xb0/0x100
[  166.191995][ T8455]  ? __pfx_integrity_kernel_read+0x10/0x10
[  166.197818][ T8455]  ? ima_calc_file_hash+0xab7/0x1b30
[  166.203142][ T8455]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  166.208705][ T8455]  ima_calc_file_hash+0xaef/0x1b30
[  166.213862][ T8455]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  166.220245][ T8455]  ? lockdep_hardirqs_on+0x99/0x150
[  166.225451][ T8455]  ? __pfx_ima_calc_file_hash+0x10/0x10
[  166.231010][ T8455]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  166.236942][ T8455]  ? __x64_sys_openat+0x247/0x2a0
[  166.242017][ T8455]  ? do_syscall_64+0xf3/0x230
[  166.246707][ T8455]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.252815][ T8455]  ? mark_lock+0x9a/0x360
[  166.257154][ T8455]  ? make_vfsgid+0x46/0x90
[  166.261578][ T8455]  ? generic_fillattr+0x59c/0x840
[  166.266620][ T8455]  ima_collect_measurement+0x526/0xb20
[  166.272103][ T8455]  ? __pfx_ima_collect_measurement+0x10/0x10
[  166.278108][ T8455]  ? squashfs_xattr_handler_get+0x585/0x900
[  166.284027][ T8455]  ? trace_contention_end+0x3c/0x120
[  166.289326][ T8455]  ? __mutex_lock+0x2ef/0xd70
[  166.294023][ T8455]  ? ima_get_hash_algo+0x156/0x4d0
[  166.299235][ T8455]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  166.304717][ T8455]  process_measurement+0x1357/0x1fb0
[  166.310026][ T8455]  ? __pfx_process_measurement+0x10/0x10
[  166.315676][ T8455]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  166.322118][ T8455]  ? __pfx_apparmor_file_open+0x10/0x10
[  166.327678][ T8455]  ? tomoyo_file_open+0x168/0x220
[  166.332802][ T8455]  ? inode_to_bdi+0x69/0xf0
[  166.337316][ T8455]  ? apparmor_current_getsecid_subj+0xde/0x1b0
[  166.343486][ T8455]  ima_file_check+0xf2/0x170
[  166.348095][ T8455]  ? __pfx_ima_file_check+0x10/0x10
[  166.353324][ T8455]  security_file_post_open+0xb9/0x280
[  166.358712][ T8455]  path_openat+0x2cd0/0x3590
[  166.363358][ T8455]  ? __pfx_path_openat+0x10/0x10
[  166.368336][ T8455]  do_filp_open+0x235/0x490
[  166.372848][ T8455]  ? __pfx_do_filp_open+0x10/0x10
[  166.377899][ T8455]  ? _raw_spin_unlock+0x28/0x50
[  166.382757][ T8455]  ? alloc_fd+0x5a1/0x640
[  166.387106][ T8455]  do_sys_openat2+0x13e/0x1d0
[  166.391823][ T8455]  ? __pfx_do_sys_openat2+0x10/0x10
[  166.397071][ T8455]  __x64_sys_openat+0x247/0x2a0
[  166.401954][ T8455]  ? __pfx___x64_sys_openat+0x10/0x10
[  166.407353][ T8455]  ? do_syscall_64+0x100/0x230
[  166.412153][ T8455]  ? do_syscall_64+0xb6/0x230
[  166.416875][ T8455]  do_syscall_64+0xf3/0x230
[  166.421397][ T8455]  ? clear_bhb_loop+0x35/0x90
[  166.426085][ T8455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.431995][ T8455] RIP: 0033:0x7ff64ed79e79
[  166.436419][ T8455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.456047][ T8455] RSP: 002b:00007ff64fb4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  166.464480][ T8455] RAX: ffffffffffffffda RBX: 00007ff64ef15f80 RCX: 00007ff64ed79e79
[  166.472466][ T8455] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  166.480477][ T8455] RBP: 00007ff64ede7916 R08: 0000000000000000 R09: 0000000000000000
[  166.488472][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  166.496475][ T8455] R13: 0000000000000000 R14: 00007ff64ef15f80 R15: 00007fffbdd17c18
[  166.504560][ T8455]  </TASK>
[  166.507587][ T8455] 
[  166.509912][ T8455] Allocated by task 8455:
[  166.514242][ T8455]  kasan_save_track+0x3f/0x80
[  166.518931][ T8455]  __kasan_kmalloc+0x98/0xb0
[  166.523541][ T8455]  __kmalloc_cache_noprof+0x19c/0x2c0
[  166.528928][ T8455]  squashfs_page_actor_init_special+0x64/0x440
[  166.535094][ T8455]  squashfs_readahead+0x188f/0x2680
[  166.540301][ T8455]  read_pages+0x17e/0x840
[  166.544640][ T8455]  page_cache_ra_unbounded+0x6ce/0x7f0
[  166.550112][ T8455]  filemap_get_pages+0x543/0x2330
[  166.555173][ T8455]  filemap_read+0x457/0xfa0
[  166.559702][ T8455]  __kernel_read+0x532/0x9f0
[  166.564312][ T8455]  integrity_kernel_read+0xb0/0x100
[  166.569547][ T8455]  ima_calc_file_hash+0xaef/0x1b30
[  166.574675][ T8455]  ima_collect_measurement+0x526/0xb20
[  166.580166][ T8455]  process_measurement+0x1357/0x1fb0
[  166.585488][ T8455]  ima_file_check+0xf2/0x170
[  166.590090][ T8455]  security_file_post_open+0xb9/0x280
[  166.595472][ T8455]  path_openat+0x2cd0/0x3590
[  166.600096][ T8455]  do_filp_open+0x235/0x490
[  166.604604][ T8455]  do_sys_openat2+0x13e/0x1d0
[  166.609293][ T8455]  __x64_sys_openat+0x247/0x2a0
[  166.614178][ T8455]  do_syscall_64+0xf3/0x230
[  166.618691][ T8455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.624587][ T8455] 
[  166.626914][ T8455] Freed by task 8455:
[  166.630890][ T8455]  kasan_save_track+0x3f/0x80
[  166.635598][ T8455]  kasan_save_free_info+0x40/0x50
[  166.640672][ T8455]  __kasan_slab_free+0x59/0x70
[  166.645442][ T8455]  kfree+0x196/0x3e0
[  166.649374][ T8455]  squashfs_readahead+0x195b/0x2680
[  166.654589][ T8455]  read_pages+0x17e/0x840
[  166.658928][ T8455]  page_cache_ra_unbounded+0x6ce/0x7f0
[  166.664415][ T8455]  filemap_get_pages+0x543/0x2330
[  166.669446][ T8455]  filemap_read+0x457/0xfa0
[  166.673951][ T8455]  __kernel_read+0x532/0x9f0
[  166.678549][ T8455]  integrity_kernel_read+0xb0/0x100
[  166.683761][ T8455]  ima_calc_file_hash+0xaef/0x1b30
[  166.688883][ T8455]  ima_collect_measurement+0x526/0xb20
[  166.694352][ T8455]  process_measurement+0x1357/0x1fb0
[  166.699752][ T8455]  ima_file_check+0xf2/0x170
[  166.704348][ T8455]  security_file_post_open+0xb9/0x280
[  166.709725][ T8455]  path_openat+0x2cd0/0x3590
[  166.714407][ T8455]  do_filp_open+0x235/0x490
[  166.718915][ T8455]  do_sys_openat2+0x13e/0x1d0
[  166.723602][ T8455]  __x64_sys_openat+0x247/0x2a0
[  166.728466][ T8455]  do_syscall_64+0xf3/0x230
[  166.732975][ T8455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.738876][ T8455] 
[  166.741201][ T8455] The buggy address belongs to the object at ffff88801ffef480
[  166.741201][ T8455]  which belongs to the cache kmalloc-96 of size 96
[  166.755109][ T8455] The buggy address is located 64 bytes inside of
[  166.755109][ T8455]  freed 96-byte region [ffff88801ffef480, ffff88801ffef4e0)
[  166.768836][ T8455] 
[  166.771169][ T8455] The buggy address belongs to the physical page:
[  166.777589][ T8455] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ffef
[  166.786355][ T8455] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  166.793467][ T8455] page_type: 0xfdffffff(slab)
[  166.798152][ T8455] raw: 00fff00000000000 ffff888015841280 dead000000000100 dead000000000122
[  166.806742][ T8455] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000
[  166.815321][ T8455] page dumped because: kasan: bad access detected
[  166.821741][ T8455] page_owner tracks the page as allocated
[  166.827458][ T8455] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1060, tgid 1060 (kworker/u8:6), ts 74422037414, free_ts 74364420339
[  166.848134][ T8455]  post_alloc_hook+0x1f3/0x230
[  166.852922][ T8455]  get_page_from_freelist+0x3131/0x3280
[  166.858484][ T8455]  __alloc_pages_noprof+0x29e/0x780
[  166.863700][ T8455]  alloc_slab_page+0x5f/0x120
[  166.868383][ T8455]  allocate_slab+0x5a/0x2f0
[  166.872892][ T8455]  ___slab_alloc+0xcd1/0x14b0
[  166.877575][ T8455]  __slab_alloc+0x58/0xa0
[  166.881903][ T8455]  __kmalloc_cache_noprof+0x1d5/0x2c0
[  166.887285][ T8455]  dst_cow_metrics_generic+0x56/0x1c0
[  166.892677][ T8455]  icmp6_dst_alloc+0x270/0x420
[  166.897529][ T8455]  ndisc_send_skb+0x32a/0x1380
[  166.902327][ T8455]  ndisc_send_ns+0xcc/0x160
[  166.906855][ T8455]  addrconf_dad_work+0xb45/0x16f0
[  166.911884][ T8455]  process_scheduled_works+0xa63/0x1850
[  166.917469][ T8455]  worker_thread+0x86d/0xd10
[  166.922068][ T8455]  kthread+0x2f0/0x390
[  166.926144][ T8455] page last free pid 5324 tgid 5324 stack trace:
[  166.932473][ T8455]  free_unref_folios+0xe8a/0x1850
[  166.937503][ T8455]  folios_put_refs+0x76e/0x860
[  166.942274][ T8455]  free_pages_and_swap_cache+0x2ea/0x690
[  166.947914][ T8455]  tlb_flush_mmu+0x3a3/0x680
[  166.952517][ T8455]  tlb_finish_mmu+0xd4/0x200
[  166.957122][ T8455]  exit_mmap+0x496/0xc40
[  166.961381][ T8455]  __mmput+0x115/0x390
[  166.965459][ T8455]  exit_mm+0x220/0x310
[  166.969529][ T8455]  do_exit+0x9b2/0x28e0
[  166.973689][ T8455]  do_group_exit+0x207/0x2c0
[  166.978285][ T8455]  __x64_sys_exit_group+0x3f/0x40
[  166.983314][ T8455]  x64_sys_call+0x26a8/0x26b0
[  166.988004][ T8455]  do_syscall_64+0xf3/0x230
[  166.992513][ T8455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.998490][ T8455] 
[  167.000816][ T8455] Memory state around the buggy address:
[  167.006461][ T8455]  ffff88801ffef380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  167.014521][ T8455]  ffff88801ffef400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  167.022582][ T8455] >ffff88801ffef480: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  167.030641][ T8455]                                            ^
[  167.036800][ T8455]  ffff88801ffef500: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  167.045122][ T8455]  ffff88801ffef580: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  167.053187][ T8455] ==================================================================
[  167.076613][ T8455] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  167.083870][ T8455] CPU: 1 UID: 0 PID: 8455 Comm: syz.3.1291 Not tainted 6.11.0-rc4-next-20240822-syzkaller #0
[  167.094058][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  167.104235][ T8455] Call Trace:
[  167.107535][ T8455]  <TASK>
[  167.110495][ T8455]  dump_stack_lvl+0x241/0x360
[  167.115218][ T8455]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.120545][ T8455]  ? __pfx__printk+0x10/0x10
[  167.125173][ T8455]  ? preempt_schedule+0xe1/0xf0
[  167.130067][ T8455]  ? vscnprintf+0x5d/0x90
[  167.134443][ T8455]  panic+0x349/0x880
[  167.138374][ T8455]  ? check_panic_on_warn+0x21/0xb0
[  167.143496][ T8455]  ? __pfx_panic+0x10/0x10
[  167.147929][ T8455]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  167.153930][ T8455]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  167.160275][ T8455]  ? print_report+0x502/0x550
[  167.164969][ T8455]  check_panic_on_warn+0x86/0xb0
[  167.169917][ T8455]  ? squashfs_readahead+0x210c/0x2680
[  167.175302][ T8455]  end_report+0x77/0x160
[  167.179551][ T8455]  kasan_report+0x154/0x180
[  167.184064][ T8455]  ? squashfs_readahead+0x210c/0x2680
[  167.189450][ T8455]  squashfs_readahead+0x210c/0x2680
[  167.194757][ T8455]  ? squashfs_readahead+0x6f0/0x2680
[  167.200052][ T8455]  ? __pfx_squashfs_readahead+0x10/0x10
[  167.205613][ T8455]  ? blk_start_plug+0x70/0x1b0
[  167.210401][ T8455]  read_pages+0x17e/0x840
[  167.214735][ T8455]  ? percpu_ref_put+0x19/0x180
[  167.219513][ T8455]  ? __pfx_read_pages+0x10/0x10
[  167.224370][ T8455]  ? filemap_add_folio+0x26d/0x650
[  167.229485][ T8455]  ? __pfx_filemap_add_folio+0x10/0x10
[  167.234952][ T8455]  page_cache_ra_unbounded+0x6ce/0x7f0
[  167.240426][ T8455]  filemap_get_pages+0x543/0x2330
[  167.245649][ T8455]  ? __pfx_filemap_get_pages+0x10/0x10
[  167.251129][ T8455]  ? __pfx___might_resched+0x10/0x10
[  167.256611][ T8455]  ? unwind_next_frame+0x18e6/0x22d0
[  167.261918][ T8455]  filemap_read+0x457/0xfa0
[  167.266437][ T8455]  ? 0xffffffffa00038c0
[  167.270612][ T8455]  ? __pfx_filemap_read+0x10/0x10
[  167.275668][ T8455]  ? iov_iter_kvec+0x4e/0x180
[  167.280359][ T8455]  __kernel_read+0x532/0x9f0
[  167.284956][ T8455]  ? do_sys_openat2+0x13e/0x1d0
[  167.289823][ T8455]  ? __x64_sys_openat+0x247/0x2a0
[  167.294882][ T8455]  ? __pfx___kernel_read+0x10/0x10
[  167.300019][ T8455]  integrity_kernel_read+0xb0/0x100
[  167.305228][ T8455]  ? __pfx_integrity_kernel_read+0x10/0x10
[  167.311045][ T8455]  ? ima_calc_file_hash+0xab7/0x1b30
[  167.316346][ T8455]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  167.322080][ T8455]  ima_calc_file_hash+0xaef/0x1b30
[  167.327205][ T8455]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  167.334155][ T8455]  ? lockdep_hardirqs_on+0x99/0x150
[  167.339361][ T8455]  ? __pfx_ima_calc_file_hash+0x10/0x10
[  167.344925][ T8455]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  167.350841][ T8455]  ? __x64_sys_openat+0x247/0x2a0
[  167.355888][ T8455]  ? do_syscall_64+0xf3/0x230
[  167.360582][ T8455]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.366688][ T8455]  ? mark_lock+0x9a/0x360
[  167.371036][ T8455]  ? make_vfsgid+0x46/0x90
[  167.375461][ T8455]  ? generic_fillattr+0x59c/0x840
[  167.380505][ T8455]  ima_collect_measurement+0x526/0xb20
[  167.386071][ T8455]  ? __pfx_ima_collect_measurement+0x10/0x10
[  167.392199][ T8455]  ? squashfs_xattr_handler_get+0x585/0x900
[  167.398131][ T8455]  ? trace_contention_end+0x3c/0x120
[  167.403430][ T8455]  ? __mutex_lock+0x2ef/0xd70
[  167.408126][ T8455]  ? ima_get_hash_algo+0x156/0x4d0
[  167.413246][ T8455]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  167.418715][ T8455]  process_measurement+0x1357/0x1fb0
[  167.424016][ T8455]  ? __pfx_process_measurement+0x10/0x10
[  167.429658][ T8455]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  167.436096][ T8455]  ? __pfx_apparmor_file_open+0x10/0x10
[  167.441654][ T8455]  ? tomoyo_file_open+0x168/0x220
[  167.446682][ T8455]  ? inode_to_bdi+0x69/0xf0
[  167.451277][ T8455]  ? apparmor_current_getsecid_subj+0xde/0x1b0
[  167.457444][ T8455]  ima_file_check+0xf2/0x170
[  167.462046][ T8455]  ? __pfx_ima_file_check+0x10/0x10
[  167.467263][ T8455]  security_file_post_open+0xb9/0x280
[  167.472651][ T8455]  path_openat+0x2cd0/0x3590
[  167.477263][ T8455]  ? __pfx_path_openat+0x10/0x10
[  167.482212][ T8455]  do_filp_open+0x235/0x490
[  167.486721][ T8455]  ? __pfx_do_filp_open+0x10/0x10
[  167.491761][ T8455]  ? _raw_spin_unlock+0x28/0x50
[  167.496630][ T8455]  ? alloc_fd+0x5a1/0x640
[  167.500972][ T8455]  do_sys_openat2+0x13e/0x1d0
[  167.505663][ T8455]  ? __pfx_do_sys_openat2+0x10/0x10
[  167.510880][ T8455]  __x64_sys_openat+0x247/0x2a0
[  167.515745][ T8455]  ? __pfx___x64_sys_openat+0x10/0x10
[  167.521130][ T8455]  ? do_syscall_64+0x100/0x230
[  167.525920][ T8455]  ? do_syscall_64+0xb6/0x230
[  167.530601][ T8455]  do_syscall_64+0xf3/0x230
[  167.535123][ T8455]  ? clear_bhb_loop+0x35/0x90
[  167.539811][ T8455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.545729][ T8455] RIP: 0033:0x7ff64ed79e79
[  167.550143][ T8455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.569759][ T8455] RSP: 002b:00007ff64fb4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  167.578270][ T8455] RAX: ffffffffffffffda RBX: 00007ff64ef15f80 RCX: 00007ff64ed79e79
[  167.586244][ T8455] RDX: 0000000000000000 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  167.594230][ T8455] RBP: 00007ff64ede7916 R08: 0000000000000000 R09: 0000000000000000
[  167.602208][ T8455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.610188][ T8455] R13: 0000000000000000 R14: 00007ff64ef15f80 R15: 00007fffbdd17c18
[  167.618173][ T8455]  </TASK>
[  167.621536][ T8455] Kernel Offset: disabled
[  167.625861][ T8455] Rebooting in 86400 seconds..